Update headscale config to support 0.23.0

ansible/roles/headscale/files/headscale.yml

@@ -63,9 +63,11 @@ noise:
 # IPv6: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#LL81C52-L81C71
 # IPv4: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#L33
 # Any other range is NOT supported, and it will cause unexpected issues.
-ip_prefixes:
+prefixes:
-  - fd7a:115c:a1e0::/48
+  v6: fd7a:115c:a1e0::/48
-  - 100.64.0.0/10
+  v4: 100.64.0.0/10
+
+  allocation: sequential
 
 # DERP is a relay system that Tailscale uses when a direct
 # connection cannot be established.
@@ -129,10 +131,25 @@ ephemeral_node_inactivity_timeout: 30m
 node_update_check_interval: 20s
 
 # SQLite config
-db_type: sqlite3
+database:
+  type: sqlite
 
-# For production:
+  gorm:
-db_path: /var/lib/headscale/db.sqlite
+    # Enable prepared statements.
+    prepare_stmt: true
+
+    # Enable parameterized queries.
+    parameterized_queries: true
+
+    # Skip logging "record not found" errors.
+    skip_err_record_not_found: true
+
+    # Threshold for slow queries in milliseconds.
+    slow_threshold: 3000
+
+  sqlite:
+    path: /var/lib/headscale/db.sqlite
+    write_ahead_log: true
 
 # # Postgres config
 # If using a Unix socket to connect to Postgres, set the socket path in the 'host' field and leave 'port' blank.
@@ -189,7 +206,9 @@ log:
 # Path to a file containg ACL policies.
 # ACLs can be defined as YAML or HUJSON.
 # https://tailscale.com/kb/1018/acls/
-acl_policy_path: /etc/headscale/acls.json
+policy:
+  mode: file
+  path: /etc/headscale/acls.json
 
 ## DNS
 #
@@ -200,13 +219,13 @@ acl_policy_path: /etc/headscale/acls.json
 # - https://tailscale.com/kb/1081/magicdns/
 # - https://tailscale.com/blog/2021-09-private-dns-with-magicdns/
 #
-dns_config:
+dns:
   # Whether to prefer using Headscale provided DNS or use local.
   override_local_dns: false
 
   # List of DNS servers to expose to clients.
   nameservers:
-    - 1.1.1.1
+    global: []
 
   # NextDNS (see https://tailscale.com/kb/1218/nextdns/).
   # "abc123" is example NextDNS ID, replace with yours.
@@ -252,7 +271,7 @@ dns_config:
   # `base_domain` must be a FQDNs, without the trailing dot.
   # The FQDN of the hosts will be
   # `hostname.user.base_domain` (e.g., _myhost.myuser.example.com_).
-  base_domain: headscale.jakehoward.tech
+  base_domain: hs.sys.theorangeone.net
 
 # Unix socket used for the CLI to connect without authentication
 # Note: for production you will want to set this to something like: