Commit graph

7 commits

Author SHA1 Message Date
7c8d224c4a
Add headscale ACLs
Tags are managed entirely server side, so there's no priv esc issues.

This lets my devices do what they want, and server style devices can't do anything.
2024-04-20 15:46:21 +01:00
0dcc3f7c30
Use regular version of nginx on Arch
`nginx-mainline` requires modules be recompiled each time, and isn't handled automatically. It's still a very new and maintained release.
2024-02-29 19:46:32 +00:00
8a1e21c79d
Ensure headscale sees the correct IP 2024-02-29 17:41:29 +00:00
29cac09b48
Remove explicit port for headscale 2024-02-01 18:32:53 +00:00
0c6528f9ca
Restrict access to headscale OIDC and API 2024-01-31 21:40:43 +00:00
53c758a781
Monitor headscale with prometheus 2024-01-27 17:40:02 +00:00
2ceeaf091d
Deploy headscale 2024-01-27 14:18:37 +00:00