Use Tailscale's DERP servers
Close another port, and hopefully get a little more reliability in weird network configurations
This commit is contained in:
parent
4e07e1c8dc
commit
94b229abd0
2 changed files with 4 additions and 12 deletions
|
@ -77,7 +77,7 @@ derp:
|
|||
server:
|
||||
# If enabled, runs the embedded DERP server and merges it into the rest of the DERP config
|
||||
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
|
||||
enabled: true
|
||||
enabled: false
|
||||
|
||||
# Region ID to use for the embedded DERP server.
|
||||
# The local DERP prevails if the region ID collides with other region ID coming from
|
||||
|
@ -95,7 +95,8 @@ derp:
|
|||
stun_listen_addr: 0.0.0.0:3478
|
||||
|
||||
# List of externally available DERP maps encoded in JSON
|
||||
urls: []
|
||||
urls:
|
||||
- https://controlplane.tailscale.com/derpmap/default
|
||||
|
||||
# Locally available DERP map files encoded in YAML
|
||||
#
|
||||
|
|
|
@ -76,22 +76,13 @@ resource "linode_firewall" "casey" {
|
|||
}
|
||||
|
||||
inbound {
|
||||
label = "allow-inbound-headscale"
|
||||
label = "allow-inbound-tailscale"
|
||||
action = "ACCEPT"
|
||||
protocol = "UDP"
|
||||
ports = "41641"
|
||||
ipv4 = ["0.0.0.0/0"]
|
||||
ipv6 = ["::/0"]
|
||||
}
|
||||
|
||||
inbound {
|
||||
label = "allow-inbound-stun"
|
||||
action = "ACCEPT"
|
||||
protocol = "UDP"
|
||||
ports = "3478"
|
||||
ipv4 = ["0.0.0.0/0"]
|
||||
ipv6 = ["::/0"]
|
||||
}
|
||||
}
|
||||
|
||||
resource "linode_rdns" "casey_reverse_ipv4" {
|
||||
|
|
Loading…
Reference in a new issue