blob: 14a6b221adcafa06a4941b85cea222679496c690 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
---
headscale_url: 'https://{{ headscale_host }}'
headscale_base_domain: '{{ headscale_nodes_domain }}'
headscale_base: '/etc/docker/compose/headscale'
headscale_port: '8080'
headscale_metrics_port: '5577'
headscale_listen_addr: '0.0.0.0:{{ headscale_port }}'
headscale_metrics_listen_addr: '0.0.0.0:{{ headscale_metrics_port }}'
headscale_dns_for_connected_clients:
# - '{{ mesh.lucina.gateway }}'
- '{{ mesh.liz.gateway }}'
- '1.0.0.1'
- '8.8.8.8'
vpn_proxy_filter_container_name: 'headscale-proxy'
proxy_base: '/etc/docker/compose/proxy'
generate_api_key: '{{ homelab_build }}'
api_key_expiration: '2y'
generate_auth_key: '{{ homelab_build }}'
auth_key_expiration: '2y'
auth_key_user: 'pocketmonsters'
oauth_user_suffix: '{{ idm_domain }}'
# being in this list just means you'll have access to your own devices.
# the vpn_users oauth claim decides whether or not you're authorized to actually
# use the vpn.
vpn_users:
- liz
- lucina
- riley
# but... there's no way to membership sync the groups that i know of... D:
vpn_admins:
- liz
- lucina
|
