mchlwong/derp
1
1
Fork 0
mirror of https://github.com/mchlwong/derp.git synced 2024-09-20 06:55:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
Tailscale custom DERP server Dockerfile and configs.
5 commits 1 branch 0 tags 33 KiB
Dockerfile 100%
Go to file
mchlwong bdb29a2aa9 Update README
2022-04-24 22:52:41 +08:00
.gitignore first commit 2021-11-14 19:33:19 +08:00
Dockerfile Add HEALTHCHECK 2022-04-23 22:58:56 +08:00
README.md Update README 2022-04-24 22:52:41 +08:00

README.md

About this repo

Tailscale custom DERP server Dockerfile and configs.

Build command

docker build --no-cache --tag derp:version .

Docker command

Adding "-verify-clients" makes the container unhealthy (tls handshake failure) more frequently (from in days to in minutes!), so it is not recommended right now. In case you want to use "-verify-clients", add "-e DERP_DERP_VERIFY_CLIENTS=true" and "-v /var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock".

docker run -d \
--name derp \
--restart=always \
-e DERP_DOMAIN=your.domain.name \
-p 10443:443 \
-p 3478:3478/tcp \
-p 3478:3478/udp \
-v /etc/letsencrypt/live/your.domain.name/fullchain.pem:/cert/your.domain.name.crt:ro \
-v /etc/letsencrypt/live/your.domain.name/privkey.pem:/cert/your.domain.name.key:ro \
derp:latest

Tailscale admin ACLs

"derpMap": {
  "OmitDefaultRegions": true,
  "Regions": { "900": {
    "RegionID": 900,
    "RegionCode": "myderp",
    "Nodes": [{
        "Name": "1",
        "RegionID": 900,
        "HostName": "your.domain.name",
        "DERPPort": 10443
    }]
  }}
}