Do not offer the option to be DERP insecure
Websockets, in which DERP is based, requires a TLS certificate. At the same time, if we use a certificate it must be valid... otherwise Tailscale wont connect (does not have an Insecure option). So there is no option to expose insecure here
This commit is contained in:
Juan Font Alonso
parent
758b1ba1cb
commit
df37d1a639
3 changed files with 8 additions and 15 deletions
|
|
@ -57,12 +57,9 @@ ip_prefixes:
|
|||
derp:
|
||||
server:
|
||||
# If enabled, runs the embedded DERP server and merges it into the rest of the DERP config
|
||||
# The Headscale server_url defined above MUST be using https, DERP requires TLS to be in place
|
||||
enabled: false
|
||||
|
||||
# Insecure mode is recommended only for tests. It indicates the tailscale clients
|
||||
# to use insecure connections to this server.
|
||||
insecure: false
|
||||
|
||||
# List of externally available DERP maps encoded in JSON
|
||||
urls:
|
||||
- https://controlplane.tailscale.com/derpmap/default
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue