Tailscale: Difference between revisions
m Divided Troubleshooting section into subsections. Capitalized Tailscale. |
|||
| Line 30: | Line 30: | ||
$ sudo tailscale cert ${MACHINE_NAME}.${TAILNET_NAME} | $ sudo tailscale cert ${MACHINE_NAME}.${TAILNET_NAME} | ||
}} | }} | ||
As an alternative, you can set up [https://wiki.nixos.org/wiki/Caddy Caddy] to create and manage SSL certs automatically as [https://tailscale.com/kb/1190/caddy-certificates Caddy recognizes Tailscale urls]. After replacing <code><MACHINE_NAME></code>, <code><TAILNET_NAME></code>, <code><port></code> with your tailscale machine name, tailscale tailnet name, and the port of the local service you want to forward, you can add the following to your <code>configuration.nix</code>:<syntaxhighlight lang="nixos"> | |||
services.caddy = { | |||
enable = true; | |||
virtualHosts."<MACHINE_NAME>.<TAILNET_NAME>".extraConfig = '' | |||
reverse_proxy 127.0.0.1:<port> | |||
''; | |||
}; | |||
# Allow the Caddy user(and service) to edit certs | |||
services.tailscale.permitCertUid = "caddy"; | |||
</syntaxhighlight> | |||
{{Expansion| | {{Expansion| | ||