finish headscale setup

1 files changed, 8 insertions, 6 deletions

diff --git a/roles/vpn/templates/config.yml.j2 b/roles/vpn/templates/config.yml.j2
index 5105dcd..4eb5359 100644
--- a/roles/vpn/templates/config.yml.j2
+++ b/roles/vpn/templates/config.yml.j2
@@ -10,13 +10,13 @@
 #
 # https://myheadscale.example.com:443
 #
-server_url: http://127.0.0.1:8080
+server_url: https://nijika.simponic.xyz:443
 
 # Address to listen to / bind to on the server
 #
 # For production:
 # listen_addr: 0.0.0.0:8080
-listen_addr: 127.0.0.1:8080
+listen_addr: 0.0.0.0:443
 
 # Address to listen to /metrics, you may want
 # to keep this endpoint private to your internal
@@ -48,6 +48,8 @@ noise:
   # using the new Noise-based protocol.
   private_key_path: /var/lib/headscale/noise_private.key
 
+private_key_path: /var/lib/headscale/private.key
+
 # List of IP prefixes to allocate tailaddresses from.
 # Each prefix consists of either an IPv4 or IPv6 address,
 # and the associated prefix length, delimited by a slash.
@@ -158,10 +160,10 @@ db_path: /var/lib/headscale/db.sqlite
 acme_url: https://acme-v02.api.letsencrypt.org/directory
 
 # Email to register with ACME provider
-acme_email: ""
+acme_email: "elizabeth.hunt@simponic.xyz"
 
 # Domain name to request a TLS certificate for:
-tls_letsencrypt_hostname: ""
+tls_letsencrypt_hostname: "nijika.simponic.xyz"
 
 # Path to store certificates and metadata needed by
 # letsencrypt
@@ -231,7 +233,7 @@ dns_config:
   #     - 8.8.8.8
 
   # Search domains to inject.
-  domains: []
+  domains: ['simponic.xyz']
 
   # Extra DNS records
   # so far only A-records are supported (on the tailscale side)
@@ -252,7 +254,7 @@ dns_config:
   # `base_domain` must be a FQDNs, without the trailing dot.
   # The FQDN of the hosts will be
   # `hostname.user.base_domain` (e.g., _myhost.myuser.example.com_).
-  base_domain: example.com
+  base_domain: nijika.simponic.xyz
 
 # Unix socket used for the CLI to connect without authentication
 # Note: for production you will want to set this to something like: