services:
headscale: # 服务端
container_name: headscale
restart: always
volumes:
- '/root/headscale/config:/etc/headscale/' # 按需更改自己的挂载目录
- '/root/headscale/data:/var/lib/headscale' # 按需更改自己的挂载目录
ports:
- '8034:8080' # 自己喜欢映射到哪个端口就用哪个端口,对应的防火墙请放行
- '9034:9090'
- '3400:3400/udp'
command: 'serve'
networks:
headscale: # 自己定义的网络名,提前用docker network create 命令创建,自行查阅官网说明创建即可
ipv4_address: 172.32.0.1 # 自己定义的静态ip地址,请注意:此地址为容器内地址
image: 'headscale/headscale:latest' # 用最新版本即可
# image: 'headscale/headscale:0.22.3'
cap_add:
- NET_ADMIN
- SYS_MODULE
sysctls:
- net.ipv4.ip_forward=1
headscale-ui:
image: ghcr.io/gurucomputing/headscale-ui:latest
restart: unless-stopped
container_name: headscale-ui
ports:
- '9443:443'
networks:
headscale: # 自己定义的网络名,提前用docker network create 命令创建,自行查阅官网说明创建即可
ipv4_address: 172.32.0.2 # 自己定义的静态ip地址,请注意:此地址为容器内地址
derp: # 中继端
image: ghcr.io/yangchuansheng/derper:latest
container_name: derp
networks:
headscale: # 自己定义的网络名,提前用docker network create 命令创建,自行查阅官网说明创建即可
ipv4_address: 172.32.0.3 # 自己定义的静态ip地址,请注意:此地址为容器内地址
environment:
DERP_DOMAIN: derp.beilove.cn # 替换为自己的域名
DERP_ADDR: :12345 # 注意,前面有个英文冒号
DERP_CERT_MODE: manual
ports:
- '12345:12345' # derp port, TCP
- '3478:3478/udp' # STUN port, UDP
volumes:
- '/root/headscale/tailscale:/var/run/tailscale'
- '/root/headscale/derp:/app/certs'
restart: unless-stopped
logging:
options:
max-size: 10M
client: # 客户端
image: tailscale/tailscale
container_name: tailscale
network_mode: 'host' # 用做连接各子网的客户端时,这样最简单
privileged: true
environment:
TS_EXTRA_ARGS: --netfilter-mode=off # 默认不开启路由转发,更灵活
volumes:
- '/root/headscale/tailscale:/var/run/tailscale' # 和derp共享同一个目录
- '/var/lib:/var/lib'
- '/dev/net/tun:/dev/net/tun'
cap_add:
- net_admin
- sys_module
command: tailscaled
restart: unless-stopped
# 声明已有网络
networks:
headscale:
external: true© 版权声明
THE END
暂无评论内容