@tailscale Hello headscale users! Did anyone get headscale working in a non standard port? E.g. https://hs.example.com:8443 ? For me It does not work and I think the tailscale clients still send some of the requests to the default port 443

  • Sheldon Cooper@toot.ioOP
    link
    fedilink
    arrow-up
    2
    ·
    8 months ago

    @iso Thanks a lot! Are you using letsencrypt for tls or a reverse proxy? If letsencrypt, did you have to setup firewall rules for port 80 like mention here: https://headscale.net/tls/#http-01.
    > Keep in mind, however, that Let’s Encrypt will only connect to port 80 for the validation callback, so if you change tls_letsencrypt_listen you will also need to configure something else (e.g. a firewall rule) to forward the traffic from port 80 to the ip:port combination specified in tls_letsencrypt_listen.

    • isoA
      link
      fedilink
      arrow-up
      2
      ·
      8 months ago

      Yeah forgot to mention that. I have redirected vpn.mycompany.com:80 to port 5049 with Traefik.

      • Sheldon Cooper@toot.ioOP
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        @iso I guess that is the difference for me. I have port 80 and 443 handled by caddy web server and I see the requests in caddy log instead of headscale. I will try to setup reverseproxy in caddy to redirect back to headscale.