CA Certificates missing #690

New Issue

Closed

opened 2025-12-29 02:22:06 +01:00 by adam · 15 comments

adam commented 2025-12-29 02:22:06 +01:00

Owner

Copy Link

Originally created by @sunny-logic on GitHub (Apr 12, 2024).

Bug description

Does the "v0.23.0-alpha5-debug" have the ca-certificates added because I see the below error which was reported in https://github.com/juanfont/headscale/issues/1462 and I believe was fixed in https://github.com/juanfont/headscale/pull/1463.

ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default

I can't use v0.22.3 because it's doesn't have an ARMv7 variant.

Environment

• Version of headscale used - "v0.23.0-alpha5-debug"
• OS (e.g. Linux, Mac, Cygwin, WSL, etc.) and version - Linux 5.10.103-v7+ #1529 SMP Tue Mar 8 12:21:37 GMT 2022 armv7l GNU/Linux
• Log output
  ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default

• Headscale is behind a (reverse) proxy
• Headscale runs in a container

To Reproduce

Use "v0.23.0-alpha5-debug"

Logs and attachments

Originally created by @sunny-logic on GitHub (Apr 12, 2024). <!-- Before posting a bug report, discuss the behaviour you are expecting with the Discord community to make sure that it is truly a bug. The issue tracker is not the place to ask for support or how to set up Headscale. Bug reports without the sufficient information will be closed. Headscale is a multinational community across the globe. Our language is English. All bug reports needs to be in English. --> ## Bug description <!-- A clear and concise description of what the bug is. Describe the expected bahavior and how it is currently different. If you are unsure if it is a bug, consider discussing it on our Discord server first. --> Does the "v0.23.0-alpha5-debug" have the ca-certificates added because I see the below error which was reported in https://github.com/juanfont/headscale/issues/1462 and I believe was fixed in https://github.com/juanfont/headscale/pull/1463. `ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default ` I can't use [v0.22.3](https://github.com/juanfont/headscale/releases/tag/v0.22.3) because it's doesn't have an ARMv7 variant. ## Environment <!-- Please add relevant information about your system. For example: - Version of headscale used - "v0.23.0-alpha5-debug" - Version of tailscale client - OS (e.g. Linux, Mac, Cygwin, WSL, etc.) and version - Linux 5.10.103-v7+ #1529 SMP Tue Mar 8 12:21:37 GMT 2022 armv7l GNU/Linux - Kernel version - The relevant config parameters you used - Log output `ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default ` --> - Version of headscale used - "v0.23.0-alpha5-debug" - OS (e.g. Linux, Mac, Cygwin, WSL, etc.) and version - `Linux 5.10.103-v7+ #1529 SMP Tue Mar 8 12:21:37 GMT 2022 armv7l GNU/Linux` - Log output `ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default ` <!-- We do not support running Headscale in a container nor behind a (reverse) proxy. If either of these are true for your environment, ask the community in Discord instead of filing a bug report. --> - [x] Headscale is behind a (reverse) proxy - [x] Headscale runs in a container ## To Reproduce <!-- Steps to reproduce the behavior. --> Use "v0.23.0-alpha5-debug" ## Logs and attachments <!-- Please attach files with: - Client netmap dump (see below) - ACL configuration - Headscale configuration Dump the netmap of tailscale clients: `tailscale debug netmap > DESCRIPTIVE_NAME.json` Please provide information describing the netmap, which client, which headscale version etc. -->

adam added the bug label 2025-12-29 02:22:06 +01:00

adam closed this issue 2025-12-29 02:22:06 +01:00

adam commented 2025-12-29 02:22:06 +01:00

Author

Owner

Copy Link

@ohdearaugustin commented on GitHub (Apr 21, 2024):

Does this problem appear with the let's encrypt certificate or your own certificate?

The container are not build with the Dockerfile anymore. We use the buildin from goreleaser

@ohdearaugustin commented on GitHub (Apr 21, 2024): Does this problem appear with the let's encrypt certificate or your own certificate? The container are not build with the Dockerfile anymore. We use the buildin from goreleaser

adam commented 2025-12-29 02:22:06 +01:00

Author

Owner

Copy Link

@sunny-logic commented on GitHub (Apr 22, 2024):

@ohdearaugustin -Thanks for the reply.
Yes, I am using let's encrypt certificate with Headscale docker.

@sunny-logic commented on GitHub (Apr 22, 2024): @ohdearaugustin -Thanks for the reply. Yes, I am using let's encrypt certificate with Headscale docker.

adam commented 2025-12-29 02:22:06 +01:00

Author

Owner

Copy Link

@ypurpl commented on GitHub (Apr 25, 2024):

I also have this error on a fresh install. I pulled from docker hub and have default config.yaml. I don't know what certificate im using but I changed the URL to 0.0.0.0:8080:8080 for external use

Logs:

2024-04-25 17:09:08 2024-04-25T21:09:08Z TRC DNS configuration loaded dns_config={"Nameservers":["1.1.1.1"],"Proxied":true,"Resolvers":[{"Addr":"1.1.1.1"}]}
2024-04-25 17:09:08 2024-04-25T21:09:08Z INF Opening database database=sqlite3 path=/var/lib/headscale/db.sqlite
2024-04-25 17:09:08 2024-04-25T21:09:08Z ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default
2024-04-25 17:09:08 2024-04-25T21:09:08Z WRN DERP map is empty, not a single DERP map datasource was loaded correctly or contained a region
2024-04-25 17:09:08 2024-04-25T21:09:08Z INF Setting up a DERPMap update worker frequency=86400000
2024-04-25 17:09:08 2024-04-25T21:09:08Z FTL home/runner/work/headscale/headscale/cmd/headscale/cli/server.go:26 > Error starting server error="initial DERPMap is empty, Headscale requires at least one entry"

@ypurpl commented on GitHub (Apr 25, 2024): I also have this error on a fresh install. I pulled from docker hub and have default config.yaml. I don't know what certificate im using but I changed the URL to 0.0.0.0:8080:8080 for external use Logs: ```shell 2024-04-25 17:09:08 2024-04-25T21:09:08Z TRC DNS configuration loaded dns_config={"Nameservers":["1.1.1.1"],"Proxied":true,"Resolvers":[{"Addr":"1.1.1.1"}]} 2024-04-25 17:09:08 2024-04-25T21:09:08Z INF Opening database database=sqlite3 path=/var/lib/headscale/db.sqlite 2024-04-25 17:09:08 2024-04-25T21:09:08Z ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default 2024-04-25 17:09:08 2024-04-25T21:09:08Z WRN DERP map is empty, not a single DERP map datasource was loaded correctly or contained a region 2024-04-25 17:09:08 2024-04-25T21:09:08Z INF Setting up a DERPMap update worker frequency=86400000 2024-04-25 17:09:08 2024-04-25T21:09:08Z FTL home/runner/work/headscale/headscale/cmd/headscale/cli/server.go:26 > Error starting server error="initial DERPMap is empty, Headscale requires at least one entry" ```

adam commented 2025-12-29 02:22:07 +01:00

Author

Owner

Copy Link

@ypurpl commented on GitHub (Apr 25, 2024):

Should I manually import the derp map locally as a temporary fix?

@ypurpl commented on GitHub (Apr 25, 2024): Should I manually import the derp map locally as a temporary fix?

adam commented 2025-12-29 02:22:07 +01:00

Author

Owner

Copy Link

@ypurpl commented on GitHub (Apr 25, 2024):

I also realized that I might be the extra backslash added at the end of the URL

@ypurpl commented on GitHub (Apr 25, 2024): I also realized that I might be the extra backslash added at the end of the URL

adam commented 2025-12-29 02:22:07 +01:00

Author

Owner

Copy Link

@sunny-logic commented on GitHub (Apr 28, 2024):

@ohdearaugustin - Sorry, It's not clear from your previous comment if this issue would this be fixed ?

The container are not build with the Dockerfile anymore. We use the buildin from goreleaser

@sunny-logic commented on GitHub (Apr 28, 2024): @ohdearaugustin - Sorry, It's not clear from your previous comment if this issue would this be fixed ? `The container are not build with the Dockerfile anymore. We use the buildin from goreleaser`

adam commented 2025-12-29 02:22:07 +01:00

Author

Owner

Copy Link

@ypurpl commented on GitHub (Apr 28, 2024):

do you mean https://github.com/juanfont/headscale/pkgs/container/headscale ?

@ypurpl commented on GitHub (Apr 28, 2024): do you mean https://github.com/juanfont/headscale/pkgs/container/headscale ?

adam commented 2025-12-29 02:22:07 +01:00

Author

Owner

Copy Link

@ypurpl commented on GitHub (Apr 28, 2024):

its updated the same as the docker hub image so guess not

@ypurpl commented on GitHub (Apr 28, 2024): its updated the same as the docker hub image so guess not

adam commented 2025-12-29 02:22:07 +01:00

Author

Owner

Copy Link

@sunny-logic commented on GitHub (Apr 29, 2024):

I can't use v0.22.3 because it's doesn't have an ARMv7 variant.
I cant use "v0.23.0-alpha5-debug" because it doesn't have the ca-certificates.

Are there any other options that would support ARMv7 ?

@sunny-logic commented on GitHub (Apr 29, 2024): I can't use [v0.22.3](https://github.com/juanfont/headscale/releases/tag/v0.22.3) because it's doesn't have an ARMv7 variant. I cant use "v0.23.0-alpha5-debug" because it doesn't have the ca-certificates. Are there any other options that would support ARMv7 ?

adam commented 2025-12-29 02:22:08 +01:00

Author

Owner

Copy Link

@ypurpl commented on GitHub (Apr 29, 2024):

oh is it the debug versions that don't have them?

@ypurpl commented on GitHub (Apr 29, 2024): oh is it the debug versions that don't have them?

adam commented 2025-12-29 02:22:08 +01:00

Author

Owner

Copy Link

@ypurpl commented on GitHub (Apr 29, 2024):

ok that solves my problem

@ypurpl commented on GitHub (Apr 29, 2024): ok that solves my problem

adam commented 2025-12-29 02:22:08 +01:00

Author

Owner

Copy Link

@sunny-logic commented on GitHub (Apr 30, 2024):

I've tried today to build a an image for the verion v0.22.3 because it's doesn't have an ARMv7 variant. I've used the Source code zip but encounter a certificate issue.

`=> [internal] load build context 0.4s
=> => transferring context: 9.81kB 0.3s
=> ERROR [stage-1 2/4] RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lis 6.7s

[stage-1 2/4] RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/* && apt-get clean:
2.600 Get:1 http://deb.debian.org/debian bullseye InRelease [116 kB]
2.809 Get:2 http://deb.debian.org/debian-security bullseye-security InRelease [48.4 kB]
2.809 Get:3 http://deb.debian.org/debian bullseye-updates InRelease [44.1 kB]
3.461 Err:1 http://deb.debian.org/debian bullseye InRelease
3.461 At least one invalid signature was encountered.
3.989 Err:2 http://deb.debian.org/debian-security bullseye-security InRelease
3.989 At least one invalid signature was encountered.
4.578 Err:3 http://deb.debian.org/debian bullseye-updates InRelease
4.578 At least one invalid signature was encountered.
4.609 Reading package lists...
4.738 W: GPG error: http://deb.debian.org/debian bullseye InRelease: At least one invalid signature was encountered.
4.738 E: The repository 'http://deb.debian.org/debian bullseye InRelease' is not signed.
4.738 W: GPG error: http://deb.debian.org/debian-security bullseye-security InRelease: At least one invalid signature was encountered.
4.738 E: The repository 'http://deb.debian.org/debian-security bullseye-security InRelease' is not signed.
4.738 W: GPG error: http://deb.debian.org/debian bullseye-updates InRelease: At least one invalid signature was encountered.
4.738 E: The repository 'http://deb.debian.org/debian bullseye-updates InRelease' is not signed.
Dockerfile:19
18 |
19 | >>> RUN apt-get update
20 | >>> && apt-get install -y ca-certificates
21 | >>> && rm -rf /var/lib/apt/lists/*
22 | >>> && apt-get clean
23 |
ERROR: failed to solve: process "/bin/sh -c apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/* && apt-get clean" did not complete successfully: exit code: 100
`

@sunny-logic commented on GitHub (Apr 30, 2024): I've tried today to build a an image for the verion [v0.22.3](https://github.com/juanfont/headscale/releases/tag/v0.22.3) because it's doesn't have an ARMv7 variant. I've used the [ Source code zip](https://github.com/juanfont/headscale/archive/refs/tags/v0.22.3.zip) but encounter a certificate issue. `=> [internal] load build context 0.4s => => transferring context: 9.81kB 0.3s => ERROR [stage-1 2/4] RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lis 6.7s > [stage-1 2/4] RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/* && apt-get clean: 2.600 Get:1 http://deb.debian.org/debian bullseye InRelease [116 kB] 2.809 Get:2 http://deb.debian.org/debian-security bullseye-security InRelease [48.4 kB] 2.809 Get:3 http://deb.debian.org/debian bullseye-updates InRelease [44.1 kB] 3.461 Err:1 http://deb.debian.org/debian bullseye InRelease 3.461 At least one invalid signature was encountered. 3.989 Err:2 http://deb.debian.org/debian-security bullseye-security InRelease 3.989 At least one invalid signature was encountered. 4.578 Err:3 http://deb.debian.org/debian bullseye-updates InRelease 4.578 At least one invalid signature was encountered. 4.609 Reading package lists... 4.738 W: GPG error: http://deb.debian.org/debian bullseye InRelease: At least one invalid signature was encountered. 4.738 E: The repository 'http://deb.debian.org/debian bullseye InRelease' is not signed. 4.738 W: GPG error: http://deb.debian.org/debian-security bullseye-security InRelease: At least one invalid signature was encountered. 4.738 E: The repository 'http://deb.debian.org/debian-security bullseye-security InRelease' is not signed. 4.738 W: GPG error: http://deb.debian.org/debian bullseye-updates InRelease: At least one invalid signature was encountered. 4.738 E: The repository 'http://deb.debian.org/debian bullseye-updates InRelease' is not signed. Dockerfile:19 18 | 19 | >>> RUN apt-get update \ 20 | >>> && apt-get install -y ca-certificates \ 21 | >>> && rm -rf /var/lib/apt/lists/* \ 22 | >>> && apt-get clean 23 | ERROR: failed to solve: process "/bin/sh -c apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/* && apt-get clean" did not complete successfully: exit code: 100 `

adam commented 2025-12-29 02:22:08 +01:00

Author

Owner

Copy Link

@tuxpeople commented on GitHub (May 15, 2024):

I can confirm the issue. When using docker.io/headscale/headscale:0.23.0-alpha10-debug with default config, Headscale can not download the derp map from Tailscale:

headscale     | 2024-05-15T09:50:31Z ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default
headscale     | 2024-05-15T09:50:31Z WRN DERP map is empty, not a single DERP map datasource was loaded correctly or contained a region

When building my own version like the following, it works:

FROM docker.io/headscale/headscale:0.23.0-alpha10-debug
RUN apt-get update \
  && apt-get install --no-install-recommends --yes ca-certificates \
  && rm -rf /var/lib/apt/lists/* \
  && apt-get clean

@tuxpeople commented on GitHub (May 15, 2024): I can confirm the issue. When using `docker.io/headscale/headscale:0.23.0-alpha10-debug` with default config, Headscale can not download the derp map from Tailscale: ``` headscale | 2024-05-15T09:50:31Z ERR Could not load DERP map from path error="Get \"https://controlplane.tailscale.com/derpmap/default\": tls: failed to verify certificate: x509: certificate signed by unknown authority" func=GetDERPMap url=https://controlplane.tailscale.com/derpmap/default headscale | 2024-05-15T09:50:31Z WRN DERP map is empty, not a single DERP map datasource was loaded correctly or contained a region ``` When building my own version like the following, it works: ```Dockerfile FROM docker.io/headscale/headscale:0.23.0-alpha10-debug RUN apt-get update \ && apt-get install --no-install-recommends --yes ca-certificates \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean ```

adam commented 2025-12-29 02:22:08 +01:00

Author

Owner

Copy Link

@ohdearaugustin commented on GitHub (May 18, 2024):

So just to summarize only the debug image has the problem with the CA.

The production image is working?

@ohdearaugustin commented on GitHub (May 18, 2024): So just to summarize only the debug image has the problem with the CA. The production image is working?

adam commented 2025-12-29 02:22:08 +01:00

Author

Owner

Copy Link

@ohdearaugustin commented on GitHub (May 18, 2024):

So I took a look at it.

The main problem is that the currently used basic container used for building the debug image:

5ad0aa44cb/.goreleaser.yml (L161-L165)

We are using a plain debian:12 docker image as base. This image doesn't include the ca-certificates. As we changed our container build pipeline to ko, which is included in goreleaser. We can't directly modify the base-images, without building an extra base image. This is definitely a drawback about using ko.

Therefore my solution is to change the base image also to distroless, as it includes the CAs per default and we won't need any changes. See PR #1950

Furthermore we also should change the Dockerfile.debug to be closer to real build process with ko. This will be a separate issue.

@ohdearaugustin commented on GitHub (May 18, 2024): So I took a look at it. The main problem is that the currently used basic container used for building the debug image: https://github.com/juanfont/headscale/blob/5ad0aa44cb3caa3d76ac3bfa4469c7f84a813f55/.goreleaser.yml#L161-L165 We are using a plain debian:12 docker image as base. This image doesn't include the ca-certificates. As we changed our container build pipeline to ko, which is included in goreleaser. We can't directly modify the base-images, without building an extra base image. This is definitely a drawback about using ko. Therefore my solution is to change the base image also to distroless, as it includes the CAs per default and we won't need any changes. See PR #1950 Furthermore we also should change the Dockerfile.debug to be closer to real build process with ko. This will be a separate issue.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

update_flake_lock_action

gh-pages

kradalby/release-v0.27.2

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/opencontainers/runc-1.3.3

copilot/investigate-headscale-issue-2788

copilot/investigate-visibility-issue-2788

copilot/investigate-issue-2833

copilot/debug-issue-2846

copilot/fix-issue-2847

dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.4.0

dependabot/go_modules/github.com/docker/docker-28.3.3incompatible

kradalby/cli-experiement3

doc/0.26.1

doc/0.25.1

doc/0.25.0

doc/0.24.3

doc/0.24.2

doc/0.24.1

doc/0.24.0

kradalby/build-docker-on-pr

topic/docu-versioning

topic/docker-kos

juanfont/fix-crash-node-id

juanfont/better-disclaimer

update-contributors

topic/prettier

revert-1893-add-test-stage-to-docs

add-test-stage-to-docs

remove-node-check-interval

fix-empty-prefix

fix-ephemeral-reusable

bug_report-debuginfo

autogroups

logs-to-stderr

revert-1414-topic/fix_unix_socket

rename-machine-node

port-embedded-derp-tests-v2

port-derp-tests

duplicate-word-linter

update-tailscale-1.36

warn-against-apache

ko-fi-link

more-acl-tests

fix-typo-standalone

parallel-nolint

tparallel-fix

rerouting

ssh-changelog-docs

oidc-cleanup

web-auth-flow-tests

kradalby-gh-runner

fix-proto-lint

remove-funding-links

go-1.19

enable-1.30-in-tests

0.16.x

cosmetic-changes-integration

tmp-fix-integration-docker

fix-integration-docker

configurable-update-interval

show-nodes-online

hs2021

acl-syntax-fixes

ts2021-implementation

fix-spurious-updates

unstable-integration-tests

mandatory-stun

embedded-derp

prtemplate-fix

v0.28.0-beta.1

v0.27.2-rc.1

v0.27.1

v0.27.0

v0.27.0-beta.2

v0.27.0-beta.1

v0.26.1

v0.26.0

v0.26.0-beta.2

v0.26.0-beta.1

v0.25.1

v0.25.0

v0.25.0-beta.2

v0.24.3

v0.25.0-beta.1

v0.24.2

v0.24.1

v0.24.0

v0.24.0-beta.2

v0.24.0-beta.1

v0.23.0

v0.23.0-rc.1

v0.23.0-beta.5

v0.23.0-beta.4

v0.23.0-beta3

v0.23.0-beta2

v0.23.0-beta1

v0.23.0-alpha12

v0.23.0-alpha11

v0.23.0-alpha10

v0.23.0-alpha9

v0.23.0-alpha8

v0.23.0-alpha7

v0.23.0-alpha6

v0.23.0-alpha5

v0.23.0-alpha4

v0.23.0-alpha4-docker-ko-test9

v0.23.0-alpha4-docker-ko-test8

v0.23.0-alpha4-docker-ko-test7

v0.23.0-alpha4-docker-ko-test6

v0.23.0-alpha4-docker-ko-test5

v0.23.0-alpha-docker-release-test-debug2

v0.23.0-alpha-docker-release-test-debug

v0.23.0-alpha4-docker-ko-test4

v0.23.0-alpha4-docker-ko-test3

v0.23.0-alpha4-docker-ko-test2

v0.23.0-alpha4-docker-ko-test

v0.23.0-alpha3

v0.23.0-alpha2

v0.23.0-alpha1

v0.22.3

v0.22.2

v0.23.0-alpha-docker-release-test

v0.22.1

v0.22.0

v0.22.0-alpha3

v0.22.0-alpha2

v0.22.0-alpha1

v0.22.0-nfpmtest

v0.21.0

v0.20.0

v0.19.0

v0.19.0-beta2

v0.19.0-beta1

v0.18.0

v0.18.0-beta4

v0.18.0-beta3

v0.18.0-beta2

v0.18.0-beta1

v0.17.1

v0.17.0

v0.17.0-beta5

v0.17.0-beta4

v0.17.0-beta3

v0.17.0-beta2

v0.17.0-beta1

v0.17.0-alpha4

v0.17.0-alpha3

v0.17.0-alpha2

v0.17.0-alpha1

v0.16.4

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.16.0-beta7

v0.16.0-beta6

v0.16.0-beta5

v0.16.0-beta4

v0.16.0-beta3

v0.16.0-beta2

v0.16.0-beta1

v0.15.0

v0.15.0-beta6

v0.15.0-beta5

v0.15.0-beta4

v0.15.0-beta3

v0.15.0-beta2

v0.15.0-beta1

v0.14.0

v0.14.0-beta2

v0.14.0-beta1

v0.13.0

v0.13.0-beta3

v0.13.0-beta2

v0.13.0-beta1

upstream/v0.12.4

v0.12.4

v0.12.3

v0.12.2

v0.12.2-beta1

v0.12.1

v0.12.0-beta2

v0.12.0-beta1

v0.11.0

v0.10.8

v0.10.7

v0.10.6

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.1

v0.6.0

v0.5.2

v0.5.1

v0.5.0

v0.4.0

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.2

v0.2.1

v0.2.0

v0.1.1

v0.1.0

Labels

Clear labels

CLI

DERP

DNS

Nix

OIDC

SSH

bug

database

documentation

duplicate

enhancement

faq

good first issue

grants

help wanted

might-come

needs design doc

needs investigation

no-stale-bot

out of scope

performance

policy 📝

pull-request

Mirrored from GitHub Pull Request

question

regression

routes

stale

tags

tailscale-feature-gap

well described ❤️

wontfix

No Label bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

adam

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/headscale#690