fix empty acl error and begin work on webserver deployments with nginx

1 files changed, 1 insertions, 32 deletions

diff --git a/roles/vpn/files/config/config.yml b/roles/vpn/files/config/config.yml
index 17ab98b..3942feb 100644
--- a/roles/vpn/files/config/config.yml
+++ b/roles/vpn/files/config/config.yml
@@ -149,37 +149,6 @@ db_path: /var/lib/headscale/db.sqlite
 # in the 'db_ssl' field. Refers to https://www.postgresql.org/docs/current/libpq-ssl.html Table 34.1.
 # db_ssl: false
 
-### TLS configuration
-#
-## Let's encrypt / ACME
-#
-# headscale supports automatically requesting and setting up
-# TLS for a domain with Let's Encrypt.
-#
-# URL to ACME directory
-acme_url: https://acme-v02.api.letsencrypt.org/directory
-
-# Email to register with ACME provider
-acme_email: "elizabeth.hunt@simponic.xyz"
-
-# Domain name to request a TLS certificate for:
-tls_letsencrypt_hostname: "headscale.simponic.xyz"
-
-# Path to store certificates and metadata needed by
-# letsencrypt
-# For production:
-tls_letsencrypt_cache_dir: /var/lib/headscale/cache
-
-# Type of ACME challenge to use, currently supported types:
-# HTTP-01 or TLS-ALPN-01
-# See [docs/tls.md](docs/tls.md) for more information
-tls_letsencrypt_challenge_type: HTTP-01
-# When HTTP-01 challenge is chosen, letsencrypt must set up a
-# verification endpoint, and it will be listening on:
-# :http = port 80
-tls_letsencrypt_listen: ":http"
-
-## Use already defined certificates:
 tls_cert_path: ""
 tls_key_path: ""
 
@@ -191,7 +160,7 @@ log:
 # Path to a file containg ACL policies.
 # ACLs can be defined as YAML or HUJSON.
 # https://tailscale.com/kb/1018/acls/
-acl_policy_path: ""
+acl_policy_path: "/etc/headscale/acl.yml"
 
 ## DNS
 #