Headscale is a self-hosted implementation of the Tailscale distributed private network. It helps you create a secure and private VPN network that allows you to connect to your devices, services, and applications securely. In this tutorial, we will show you how to install Headscale on Ubuntu Server Latest.
Before you start, make sure you have the following prerequisites:
The first step is to update your server to make sure you have the latest security patches and software updates.
sudo apt update
sudo apt upgrade
Headscale requires several dependencies to build and run correctly. Use the following command to install them:
sudo apt-get install build-essential iproute2 wireguard-tools wireguard-dkms sqlite libsqlite3-dev iptables go git
To install Headscale, you need to clone the source code from the GitHub repository and build it with the following commands:
cd ~
git clone https://github.com/juanfont/headscale.git
cd headscale
make
The above commands will clone the repository, move to the cloned directory, and build the application using the make command.
To configure Headscale, you need to create a configuration file. Copy the sample configuration file with the following command:
cd ~
cp headscale/cmd/headscale/headscale.conf.example headscale.conf
Next, open the configuration file using any text editor:
nano headscale.conf
Update the values in the [headscale] section with your own domain name, API key, and the email address associated with your Tailscale account.
[headscale]
dirserverurl = https://dir.tailscale.com
hostname = mydomain.com
apikey = myapikey
adminauthkey = ABCDEF123456
email_domain = mydomain.com
In the [web] section, change the listen line to the IP address and port 0.0.0.0:443:
[web]
listen = 0.0.0.0:443
templatesdir = /go/src/headscale/cmd/headscale/templates/
Save the configuration file using Ctrl+X and Y.
To run Headscale as a background service, create a Systemd service file by running the following command:
sudo nano /etc/systemd/system/headscale.service
Paste the following contents into the file:
[Unit]
Description=headscale
After=network.target
[Service]
User=<username>
Group=<username>
ExecStart=/root/headscale/bin/headscale -config /root/headscale.conf
Restart=always
[Install]
WantedBy=multi-user.target
Replace <username> with your actual username. Save the changes and exit the editor.
Now reload the Systemd daemon and start the Headscale service:
sudo systemctl daemon-reload
sudo systemctl start headscale
sudo systemctl enable headscale
You need to open the ports that Headscale uses in your firewall. Add the following firewall rules:
sudo ufw allow 443/tcp
sudo ufw allow 41641/udp
sudo ufw reload
You can now verify that Headscale is running correctly by accessing its web interface using your domain name:
https://mydomain.com
You should see the Headscale login page. Use your Tailscale account credentials to log in, and you’ll have access to your private network.
That's it. You’ve successfully installed and configured Headscale on Ubuntu Server Latest. You can now create a private network and access your devices, services, and applications securely from anywhere.
If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!
Alternatively, for the best virtual desktop, try Shells!