Initial commit

Signed-off-by: Jacob Kiers <code@kiers.eu>

cloudron-headscale/.dockerignore

@@ -0,0 +1,7 @@
+.dockerignore
+.git
+.gitignore
+docker-compose.yml
+node_modules
+helpers/*
+runner/*

cloudron-headscale/.gitignore

@@ -0,0 +1,5 @@
+.env
+runner/.env
+secrets.txt
+.tags
+.vscode/*

cloudron-headscale/CloudronManifest.json

@@ -0,0 +1,17 @@
+{
+  "version": "0.0.1",
+  "id": "com.github.juanfont.headscale",
+  "icon": "file://logo.png",
+  "healthCheckPath": "/",
+  "httpPort": 8000,
+  "addons": {
+    "localstorage": {}
+  },
+  "manifestVersion": 2,
+  "website": "https://github.com/juanfont/headscale",
+  "title": "Headscale",
+  "author": "Headscale developers",
+  "tagline": "Self-hosted tailscale control plane",
+  "tags": [ "golang", "vpn", "wireguard" ],
+  "documentationUrl": "https://github.com/juanfont/headscale/tree/main/docs"
+}

cloudron-headscale/Dockerfile

@@ -0,0 +1,19 @@
+FROM cloudron/base:4.0.0@sha256:31b195ed0662bdb06a6e8a5ddbedb6f191ce92e8bee04c03fb02dd4e9d0286df
+
+ENV HS_VERSION 0.20.0
+EXPOSE 8000
+
+RUN curl --proto '=https' --tlsv1.2 -sSfL \
+        https://github.com/juanfont/headscale/releases/download/v${HS_VERSION}/headscale_${HS_VERSION}_linux_amd64 \ 
+        -o /bin/headscale \
+    && chmod +x /bin/headscale
+
+RUN sed -e 's,^logfile=.*$,logfile=/run/supervisord.log,' -i /etc/supervisor/supervisord.conf
+COPY supervisor-headscale-server.conf /etc/supervisor/conf.d/
+
+
+COPY start.sh /app/pkg/
+
+WORKDIR /app/data
+
+CMD [ "/app/pkg/start.sh" ]

cloudron-headscale/README.md

@@ -0,0 +1,5 @@
+# Cloudron Headscale
+
+This is the repository to create a headscale server for cloudron.
+
+

cloudron-headscale/start.sh

@@ -0,0 +1,50 @@
+#!/bin/sh
+
+set -x
+
+random_string() {
+        LC_CTYPE=C tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c32
+}
+
+
+if [ ! -e /app/data/config.yaml ]; then
+        cat <<-EOF > "/app/data/config.yaml"
+---
+server_url: $CLOUDRON_APP_ORIGIN
+listen_addr: 0.0.0.0:8000
+
+disable_check_updates: true
+
+db_type: sqlite3
+db_path: /app/data/db.sqlite
+
+## Use already defined certificates:
+tls_cert_path: ""
+tls_key_path: ""
+
+# Path to a file containg ACL policies.
+# ACLs can be defined as YAML or HUJSON.
+# https://tailscale.com/kb/1018/acls/
+acl_policy_path: ""
+
+private_key_path: /app/data/private.key
+noise:
+  private_key_path: /app/data/noise_private.key
+EOF
+fi
+
+
+if [ ! -e /app/data/README.md ]; then
+        cat <<-'EOF' > "/app/data/README.md"
+# Hey there!
+
+Configuration for headscale is stored in the file called ``. After you have made changes to it you can restart just drone-server by running `supervisorctl restart drone-server`.
+
+To work with drone you need to configure a provider in your `.env` file. See https://docs.drone.io/server/overview/ for instructions.
+EOF
+fi
+
+echo "=> Ensure permissions"
+chown -R cloudron:cloudron /run /app/data
+
+exec /usr/bin/supervisord --configuration /etc/supervisor/supervisord.conf --nodaemon -i headscale-server

cloudron-headscale/supervisor-headscale-server.conf

@@ -0,0 +1,10 @@
+[program:headscale-server]
+command=/bin/headscale --config /app/data/config.yaml serve
+directory=/app/data
+user=cloudron
+autostart=true
+autorestart=true
+stdout_logfile=/dev/stdout
+stdout_logfile_maxbytes=0
+stderr_logfile=/dev/stderr
+stderr_logfile_maxbytes=0