使用 headscale 自建 tailscale 控制中心

version: '3.5'
services:
  headscale:
    image: headscale/headscale:latest
    volumes:
      - ./config:/etc/headscale/
      - ./data:/var/lib/headscale
    ports:
      - 27896:8080
    command: headscale serve
    restart: unless-stopped

wget https://github.com/juanfont/headscale/raw/main/config-example.yaml -O ./config/config.yaml

---
# headscale will look for a configuration file named `config.yaml` (or `config.json`) in the following order:
#
# - `/etc/headscale`
# - `~/.headscale`
# - current working directory

# The url clients will connect to.
# Typically this will be a domain like:
#
# https://myheadscale.example.com:443
#
server_url: http://你的地址:8080

# Address to listen to / bind to on the server
#
# For production:
# 这里要用 0.0.0.0
listen_addr: 0.0.0.0:8080
#listen_addr: 127.0.0.1:8080

......

# List of IP prefixes to allocate tailaddresses from.
# Each prefix consists of either an IPv4 or IPv6 address,
# and the associated prefix length, delimited by a slash.
# It must be within IP ranges supported by the Tailscale
# client - i.e., subnets of 100.64.0.0/10 and fd7a:115c:a1e0::/48.
# See below:
# IPv6: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#LL81C52-L81C71
# IPv4: https://github.com/tailscale/tailscale/blob/22ebb25e833264f58d7c3f534a8b166894a89536/net/tsaddr/tsaddr.go#L33
# Any other range is NOT supported, and it will cause unexpected issues.
ip_prefixes:
  # 注释这里是不使用 ipv6，我的 tailscale是 ipv4网段的设置
  #- fd7a:115c:a1e0::/48
  - 100.64.0.0/10

.....

docker-compose up -d

defaults write io.tailscale.ipn.macsys ControlURL http://ip:27896

tailscale login --login-server http://ip:27896