Can Headscale be proxies behind cloudflare? (alien.top)

submitted 1 year ago by alex0708@alien.top to c/main@selfhosted.forum

1 comments fedilink hide all child comments

Like the title says. In my current setup I have a headscale server hosted in my DMZ. I use DDNS via cloudflare and have a dns-only A record pointed at my headscale server.

This setup is working at the moment, but I don’t love that it exposes my home network’s IP address via the A record. Is it possible to get headscale working while proxying through cloudflare? So far I haven’t been able to get clients to connect to the coordination server while proxying is enabled.

top 1 comments

sorted by: hot top controversial new old

[-] NikStalwart@alien.top 1 points 1 year ago

This is a case of RTFM. Specifically, TFM says:

Please note that we do not support nor encourage the use of reverse proxies and container to run Headscale.

Notwithstanding the above, there is community documentation to run headscale behind conventional reverse proxies.

However, per the headscale discord, cloudflare does not work because tailscale/headscale utilize a non-standard websocket negotiation.

If you want an alternative to headscale without publicly exposing your home IP too much, I highly recommend trying something like innernet.

What I like about innernet is that the control interface is only exposed within the VPN network, so there is no big deal that your IP is internet-facing — all non-WG connections to the open WG port are dropped, and WG connections require authentication.

this post was submitted on 26 Oct 2023

1 points (100.0% liked)

Self-Hosted Main

504 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

Service: Dropbox - Alternative: Nextcloud
Service: Google Reader - Alternative: Tiny Tiny RSS
Service: Blogger - Alternative: WordPress

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

Awesome-Selfhosted List of Software
Awesome-Sysadmin List of Software

founded 1 year ago

MODERATORS

communick@selfhosted.forum