Headscale is an open-source implementation of WireGuard VPN. It allows you to set up and manage your own WireGuard network. In this tutorial, we will show you how to install Headscale on NixOS Latest.
Before we install Headscale, make sure that your NixOS Latest system is up-to-date with the latest patches and updates.
Headscale requires Go and WireGuard to run. We will first install these dependencies.
Open the terminal and update the package repository:
$ sudo nix-channel --update
Install Go and WireGuard from the Nix package manager:
$ sudo nix-env -iA nixpkgs.go nixpkgs.wireguard
Clone the Headscale repository from Github:
$ git clone https://github.com/juanfont/headscale.git
Change the directory to the Headscale repository:
$ cd headscale
Build and install the Headscale binary:
$ make install
This command will compile the Headscale binary and install it in /usr/local/bin.
Headscale is designed to work with an existing WireGuard installation. If you don't have WireGuard already configured, you can follow the instructions here.
Otherwise, you can use the wg command-line tool to create a new configuration:
$ sudo wg genkey | sudo tee /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key
$ sudo wg set wg0 private-key /etc/wireguard/private.key
$ sudo wg set wg0 listen-port 51820
$ sudo wg-quick up wg0
Initialize Headscale with the following command:
$ headscale init
This command will create a new configuration file config.hjson in the current directory.
Now start the Headscale server:
$ headscale serve
You can now add new nodes to your WireGuard network by registering them with the Headscale server. Generate the WireGuard keys for each node and register them with the Headscale server:
$ wg genkey | tee my_node.key | wg pubkey > my_node.pub
$ headscale node register -name my_node -key my_node.pub -admin
You can replace my_node with the name of your node.
In this tutorial, we showed you how to install and configure Headscale on NixOS Latest. By following these steps, you should now have a working WireGuard network with Headscale.
If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!
Alternatively, for the best virtual desktop, try Shells!
