#!/bin/bash echo loading start.sh replace_config_values() { echo replacing configuration values local config_template="/etc/headscale-example/config-example.yaml" local config_output="/etc/headscale/config.yaml" # Default values local DEFAULT_SERVER_URL="http://127.0.0.1:8080" local DEFAULT_LISTEN_ADDR="127.0.0.1:8080" local DEFAULT_METRICS_LISTEN_ADDR="127.0.0.1:9090" local DEFAULT_GRPC_LISTEN_ADDR="127.0.0.1:50443" local DEFAULT_GRPC_ALLOW_INSECURE="false" local DEFAULT_DB_TYPE="sqlite3" local DEFAULT_DB_PATH="/var/lib/headscale/db.sqlite" local DEFAULT_UNIX_SOCKET="/var/run/headscale/headscale.sock" local DEFAULT_UNIX_SOCKET_PERMISSION="0770" # Check if the output config file already exists if [[ -f "$config_output" ]]; then echo "$config_output already exists." return 0 fi # Ensure the template file exists if [[ ! -f "$config_template" ]]; then echo "Template file $config_template not found." return 1 fi # Function to replace or use default value replace_or_default() { local var_name=$1 local default_value=$2 local line=$3 local var_value eval var_value=\$$var_name if [ -z "$var_value" ]; then var_value=$default_value fi echo "${line/\$\{$var_name\}/$var_value}" } # Read the template and replace variables with defaults if not set while IFS='' read -r line || [[ -n "$line" ]]; do line=$(replace_or_default "SERVER_URL" "$DEFAULT_SERVER_URL" "$line") line=$(replace_or_default "LISTEN_ADDR" "$DEFAULT_LISTEN_ADDR" "$line") line=$(replace_or_default "METRICS_LISTEN_ADDR" "$DEFAULT_METRICS_LISTEN_ADDR" "$line") line=$(replace_or_default "GRPC_LISTEN_ADDR" "$DEFAULT_GRPC_LISTEN_ADDR" "$line") line=$(replace_or_default "GRPC_ALLOW_INSECURE" "$DEFAULT_GRPC_ALLOW_INSECURE" "$line") line=$(replace_or_default "DB_TYPE" "$DEFAULT_DB_TYPE" "$line") line=$(replace_or_default "DB_PATH" "$DEFAULT_DB_PATH" "$line") line=$(replace_or_default "UNIX_SOCKET" "$DEFAULT_UNIX_SOCKET" "$line") line=$(replace_or_default "UNIX_SOCKET_PERMISSION" "$DEFAULT_UNIX_SOCKET_PERMISSION" "$line") echo "$line" done < "$config_template" > "$config_output" echo "Config file generated at $config_output" } ensure_private_key_exists() { local key_path="/var/lib/headscale/derp_server_private.key" # Check if the file exists and is a valid private key if [[ -f "$key_path" ]] && openssl rsa -check -noout -in "$key_path" > /dev/null 2>&1; then echo "Valid private key already exists at $key_path." else # Generate a new 2048-bit RSA private key mkdir -p /var/lib/headscale openssl genpkey -algorithm RSA -out "$key_path" -pkeyopt rsa_keygen_bits:2048 if [[ $? -eq 0 ]]; then echo "New private key generated at $key_path." else echo "Failed to generate private key." return 1 fi fi } echo testgen derp private key ensure_private_key_exists ensure_noise_private_key_exists() { local key_path="/var/lib/headscale/noise_private.key" # Check if the file exists and is a valid private key if [[ -f "$key_path" ]] && openssl rsa -check -noout -in "$key_path" > /dev/null 2>&1; then echo "Valid Noise private key already exists at $key_path." else # Generate a new 2048-bit RSA private key mkdir -p /var/lib/headscale openssl genpkey -algorithm RSA -out "$key_path" -pkeyopt rsa_keygen_bits:2048 if [[ $? -eq 0 ]]; then echo "New Noise private key generated at $key_path." else echo "Failed to generate Noise private key." return 1 fi fi } echo testgen noise private key ensure_noise_private_key_exists # Run the function to replace variables and start headscale replace_config_values echo configuration implementation system finished. cat /etc/headscale/config.yaml # echo running headscales configtest # headscale configtest echo launching headscale. headscale serve