@tailscale Hello headscale users! Did anyone get headscale working in a non standard port? E.g. https://hs.example.com:8443 ? For me It does not work and I think the tailscale clients still send some of the requests to the default port 443

    • Sheldon Cooper@toot.ioOP
      link
      fedilink
      arrow-up
      2
      ·
      8 months ago

      @iso Thanks a lot! Are you using letsencrypt for tls or a reverse proxy? If letsencrypt, did you have to setup firewall rules for port 80 like mention here: https://headscale.net/tls/#http-01.
      > Keep in mind, however, that Let’s Encrypt will only connect to port 80 for the validation callback, so if you change tls_letsencrypt_listen you will also need to configure something else (e.g. a firewall rule) to forward the traffic from port 80 to the ip:port combination specified in tls_letsencrypt_listen.

      • isoA
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        Yeah forgot to mention that. I have redirected vpn.mycompany.com:80 to port 5049 with Traefik.

        • Sheldon Cooper@toot.ioOP
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          @iso I guess that is the difference for me. I have port 80 and 443 handled by caddy web server and I see the requests in caddy log instead of headscale. I will try to setup reverseproxy in caddy to redirect back to headscale.