Headscale for YunoHost
This package allows you to install Headscale quickly and simply on a YunoHost server. If you don’t have YunoHost, please consult the guide to learn how to install it.
Overview
An open source, self-hosted implementation of the Tailscale control server.
What is Tailscale
Tailscale is a modern VPN built on top of Wireguard. It works like an overlay network between the computers of your networks - using NAT traversal.
Everything in Tailscale is Open Source, except the GUI clients for proprietary OS (Windows and macOS/iOS), and the control server.
The control server works as an exchange point of Wireguard public keys for the nodes in the Tailscale network. It assigns the IP addresses of the clients, creates the boundaries between each user, enables sharing machines between users, and exposes the advertised routes of your nodes.
A Tailscale network (tailnet) is private network which Tailscale assigns to a user in terms of private users or an organisation.
Design goal
Headscale aims to implement a self-hosted, open source alternative to the Tailscale control server. Headscale’s goal is to provide self-hosters and hobbyists with an open-source server they can use for their projects and labs. It implements a narrow scope, a single Tailnet, suitable for a personal use, or a small open-source organisation.
Features
- Full “base” support of Tailscale’s features
- Configurable DNS
- Node registration
- Single-Sign-On (via a dedicated Dex app)
- Pre authenticated key
- Taildrop (File Sharing)*
- Access control lists*
- MagicDNS
- Support for multiple IP ranges in the tailnet
- Dual stack (IPv4 and IPv6)
- Routing advertising (including exit nodes)
- Ephemeral nodes*
- Embedded DERP server*
*untested, cf. “Notes for admins” below.
Description adapted from Headscale’s README. See link to upstream app below.
Documentation and resources
- Official app website: https://headscale.net/
- Official user documentation: Docs · Tailscale Docs
- Official admin documentation: https://headscale.net/
- Upstream app code repository: GitHub - juanfont/headscale: An open source, self-hosted implementation of the Tailscale control server
- YunoHost documentation for this app: https://yunohost.org/app_headscale
- Report a bug: Issues · YunoHost-Apps/headscale_ynh · GitHub
Notes for admins 
Tweak Headscale’s configuration in /var/www/headscale/config.yaml. Restart the Headscale service after your alterations.
All features might not be compatible with YunoHost.
Feel free to experiment and report your use cases in YunoHost’s forum and chatrooms!
Some technical notes:
- Internal DERP server is not enabled
- The server is allowed to use the DERP servers operated by Tailscale
- The database used to store user and nodes information is SQLite. It should be fine for YunoHost’s current small-scale self-hosting mindset.
- Headscale will push DNS servers to its clients. The configuration includes FDN’s open resolvers. (French Data Network, associative ISP)
- The app is only a VPN server, and does not include the Tailscale client. Install it manually, cf. Headscale’s documentation.
To create users and connect clients, refer to Headscale’s documentation.
To call Headscale’s program, use sudo -u bash /var/www/headscale/headscale followed by its parameters.
Developer info
Please send your pull request to the testing branch.
To try the testing branch, please proceed like that.
sudo yunohost app install GitHub - YunoHost-Apps/headscale_ynh at testing --debug or sudo yunohost app upgrade headscale -u GitHub - YunoHost-Apps/headscale_ynh at testing --debug
More info regarding app packaging: Introduction to packaging | Yunohost Documentation
Solution, make the 
