Headscale - Is it ok to use the default config (just editing the address/domain name)? will that be secure enough? Also which ports to I need to forward to my raspberry pi headscale server?
You must log in or # to comment.
Thanks. enabled the acme service thingy in the config file. Took me some tries before I understood I had to add port 80:80 from the docker yaml in order for headscale to setup the certificate. I guess I need to keep forwarding both 8080 for Headscale and 80 for certificate renewal.
should I, or is there a reason, to setup fail2ban too?
Next one is the derp server… but that may be out of reach with my knowledge 😅
The headscale integrated one is mostly enough, you can choose to include the tailscale official ones with their URL as well.
