Headscale 部署私有 DERP 中继服务器(20230401版)

本文最后更新于 673 天前, 如有失效请评论区留言.

本文将会介绍如何让 Headscale 使用自定义的 DERP Servers

Derper 是什么?

可以阅读 米开朗基杨 - 中继协议简介

实操

构建derper

go install tailscale.com/cmd/derper@latest

可以参考我写的基于 Caddy2 部署私有 DERP 中继服务器(20230401版),本文与之最大区别是,derper不再使用caddy转发流量,而是直接使用443端口

启动derper

[Unit]
Description=derper

[Service]
StartLimitInterval=5
StartLimitBurst=10
ExecStart=/root/go/bin/derper -hostname <你的域名> -a ":443" -certdir /root/.cache/tailscale/derper-certs -verify-clients
Restart=always
RestartSec=15

[Install]
WantedBy=multi-user.target

启动derper

systemctl enable derper.service --now
创建定时重启derper(已废弃, 早已修复, 新版本不需要了, 仅为存档记录)
[Unit]
Description=derper timer

[Timer]
# 每小时执行一次
OnActiveSec=1h
# 错过执行, 立刻执行
Persistent=true

[Install]
WantedBy=timers.target

启动derper.timer

# 如果wantedby为timers.target, 不需要设置开机启动, 默认就是开机启动
systemctl start derper.timer
# 其他情况
systemctl enable derper.timer --now

查看生效

systemctl list-timers --no-pager
NEXT                        LEFT          LAST                        PASSED        UNIT                         ACTIVATES
Mon 2022-09-05 23:21:29 CST 59min left    Mon 2022-09-05 22:15:12 CST 6min ago      derper.timer                 derper.service

配置Headscale

可以参考

# If you plan to somehow use headscale, please deploy your own DERP infra: https://tailscale.com/kb/1118/custom-derp-servers/
regions:
  900:
    regionid: 900
    regioncode: custom
    regionname: My Region
    nodes:
      - name: 900a
        regionid: 900
        hostname: myderp.mydomain.no
        ipv4: 123.123.123.123
        ipv6: "2604:a880:400:d1::828:b001"
        stunport: 0
        stunonly: false
        derpport: 0

我的参考示例

regions:
  900:
    regionid: 900
    regioncode: dev
    regionname: china
    nodes:
      - name: 900a
        regionid: 900
        hostname: <自定义域名>
        stunport: 0
        stunonly: false
        derpport: 0

修改配置

paths:
    - /etc/headscale/derp.yaml
  # paths: []

重启服务

systemctl restart headscale

测试

tailscale netcheck

	* Nearest DERP: bj
	* DERP latency:
		-  bj: 32.9ms  (bj)

Comments