Headscale - Is it ok to use the default config (just editing the address/domain name)? will that be secure enough? Also which ports to I need to forward to my raspberry pi headscale server?
Headscale - Is it ok to use the default config (just editing the address/domain name)? will that be secure enough? Also which ports to I need to forward to my raspberry pi headscale server?
That will work as long as your tls certificate is a wildcard cert (of the parent domain), otherwise your subdomains can be found via their certificate records. You probably know this, but caught me out initially, so figured I’ll mention it.
Absolutely! I should have said both the dns and certificate are subdomain wildcards. Thanks for clarifying.