{"id":3348,"date":"2026-05-21T14:17:45","date_gmt":"2026-05-21T06:17:45","guid":{"rendered":"https:\/\/jir.idv.tw\/wordpress\/?p=3348"},"modified":"2026-05-21T14:20:27","modified_gmt":"2026-05-21T06:20:27","slug":"%e7%94%a8%e5%9f%ba%e6%96%bctailscale%e9%96%8b%e7%99%bc%e5%a5%97%e4%bb%b6%ef%bc%8c%e6%9e%b6%e8%a8%adheadscale%e5%9c%a8%e8%87%aa%e5%b7%b1%e7%9a%84%e4%b8%bb%e6%a9%9f%e7%ae%a1%e8%bd%84vpn%e5%90%a7","status":"publish","type":"post","link":"https:\/\/jir.idv.tw\/wordpress\/?p=3348","title":{"rendered":"\u7528\u57fa\u65bctailscale\u958b\u767c\u5957\u4ef6\uff0c\u67b6\u8a2dheadscale\u5728\u81ea\u5df1\u7684\u4e3b\u6a5f\u7ba1\u8f44VPN\u5427"},"content":{"rendered":"

Tailscale \u672c\u8eab\u662f\u500b\u5f88\u597d\u7528\u7684 VPN \u5de5\u5177\uff0c\u57fa\u65bc WireGuard \u5354\u8b70\uff0c\u8a2d\u5b9a\u7c21\u55ae\u3001\u9023\u7dda\u7a69\u5b9a\uff0c\u628a\u6211\u7684\u4e0d\u540c\u5be6\u9ad4\u5730\u5340\u7684\u7db2\u8def\u8a2d\u5099\uff0c\u53ef\u4ee5\u96c6\u4e2d\u4e00\u8d77\u8de8\u7db2\u6bb5\u4f7f\u7528\u5f7c\u6b64\u7684\u529f\u80fd\u548c\u8cc7\u6e90\u3002
\n\u4f46\u5b98\u65b9\u7684 Tailscale \u6709\u5e7e\u500b\u554f\u984c\uff1a
\n\u8a2d\u5099\u8cc7\u8a0a\u548c\u9023\u7dda\u72c0\u614b\u6703\u7d93\u904e Tailscale \u7684server\uff0c\u514d\u8cbb\u7248\u6709\u8a2d\u5099\u6578\u91cf\u9650\u5236(\u96d6\u7136\u4e00\u822c\u4f7f\u7528\u8005\u5f88\u96e3\u8d85\u904e\u9019\u500b\u514d\u8cbb\u6578\u91cf)\u3002
\n\u7121\u6cd5\u5b8c\u5168\u638c\u63a7\u81ea\u5df1\u7684\u7db2\u8def\uff0c\u6240\u4ee5\u6211\u66fe\u7d93\u9047\u5230\u5e7d\u9748\u5ba2\u6236\u7aef\u88dd\u7f6e\uff1a WPAD.tailXXX.ts.net<\/strong> \u7522\u751f\u5927\u91cf\u67e5\u8a62 \u5167\u7db2DNS\u4f3a\u670d\u5668 \u7684\u7671\u7613\u884c\u70ba(tailscale\u958b\u767c\u5718\u968a\u8aaa\u5b83\u5f8c\u53f0\u770b\u4e0d\u51fa\u7570\u5e38\u4f86\u6e90)\u3002<\/p>\n

\u56e0\u70ba\u6709\u4e00\u4e9b\u4f7f\u7528\u689d\u4ef6\u7684\u4fbf\u5229\u6027\uff0c\u9084\u662f\u6703\u9700\u8981\u7528\u9019\u500bVPN\u5de5\u5177\u4f86\u8dd1\u5167\u7db2\u548c\u8de8\u8a2d\u5099\u3002
\n\u9019\u5e7e\u5929\u767c\u73fe Headscale \u662f\u57fa\u65bc Tailscale \u7684\u958b\u6e90\u81ea\u67b6\u66ff\u4ee3\u54c1\uff0c\u53ef\u4ee5\u7528\u540c\u6a23\u7684 Tailscale \u5ba2\u6236\u7aef\u8edf\u9ad4\uff0c\u5728\u81ea\u5df1\u7684\u4f3a\u670d\u5668\u9054\u5230\u4e00\u6a23\u7684\u529f\u80fd\u3002
\n\u7f3a\u9ede\uff1a
\n\u9700\u8981\u6709\u81ea\u5df1\u7684\u7db2\u57df\u548c\u6301\u7e8c\u5c0d\u5916\u7684\u7db2\u9801\u4e3b\u6a5f\uff0c\u6240\u4ee5\u4ecd\u6709\u4e00\u5b9a\u7684IP\u66b4\u9732\u98a8\u96aa\u7d66\u7121\u804a\u4eba\u58eb\u627e\u5f31\u9ede\u3002<\/p>\n

\u4e0b\u8f09\u4f4d\u7f6e\uff1a
\nhttps:\/\/github.com\/juanfont\/headscale<\/a>
\n\u67b6\u8a2d\u8aaa\u660e\u6587\u4ef6\uff1a
\nhttps:\/\/headscale.net\/stable\/<\/a><\/p>\n

\u4ee5\u6211\u7684\u7db2\u8def\u74b0\u5883\uff0c\u56e0\u70ba\u672c\u4f86\u5c31\u6709\u9019\u500b\u7db2\u8a8c\u7684\u7db2\u9801\u4e3b\u6a5f\uff0c\u6240\u4ee5\u67b6\u8a2d\u4e5f\u6bd4\u8f03\u55ae\u7d14\uff1a
\n\u5229\u7528 Apache reverse proxy \u529f\u80fd\uff0c\u900f\u904e\u73fe\u6709 443 port \u904b\u4f5c\uff0c\u4e0d\u9700\u8981\u984d\u5916\u958b port
\n\u9700\u8981 Let’s Encrypt \u6191\u8b49\u8ffd\u52a0\u65b0\u7684\u7db2\u57df
\nModSecurity \u9632\u8b77\u9700\u8981\u91dd\u5c0d headscale vhost \u7279\u5225\u95dc\u9589\uff0c\u907f\u514d\u6514\u622a TS2021 \u5354\u8b70
\nProxyPass \u9700\u8981\u6539 upgrade=any \u624d\u80fd\u6b63\u78ba\u8655\u7406 tailscale \u7684\u9023\u7dda\u5354\u8b70
\nFail2ban \u76e3\u63a7 headscale \u884c\u70ba\u548c\u5c01\u9396<\/p>\n

HEADSCALE SERVER\u4e3b\u6a5f\u7aef\u8a2d\u5b9a\uff1a
\n1).
\n\u6211\u7684\u7db2\u57df\u76ee\u524d\u662fcloudflare\u670d\u52d9\u3002
\n\u6240\u4ee5\u8981\u5230\u90a3\u88cf\u958b\u4e00\u500b\u5c08\u7528\u5b50\u7db2\u57df\uff0c\u4f8b\u5982 hs.jir.idv.tw\uff0c\u7136\u5f8c\u8981\u628aProxy \u8a2d\u6210 DNS only\uff08\u7070\u8272\u96f2\uff09\u72c0\u614b\u624d\u80fd\u6b63\u5e38\u4f7f\u7528\u3002
\nA\u548cAAAA record\u7684\u6d6e\u52d5IP\u7684\u66f4\u65b0\u8a2d\u5b9a\u597d\uff0c\u61c9\u8a72\u65b0\u589e\u7684\u7db2\u57df\u5c31\u80fdPING\u5230\u6307\u5b9a\u7684\u4e3b\u6a5f\u4f7f\u7528\u3002<\/p>\n

2).
\nSSL\u7533\u8acb\u6191\u8b49\u5982\u679c\u662f Certbot + Let’s Encrypt\uff0c\u53ea\u8981\u591a\u52a0\u4e00\u500b -d hs.jir.idv.tw \u5c31\u80fd\u4e00\u8d77\u7533\u8acb\u548c\u6301\u7e8c\u7dad\u8b77\u66f4\u65b0\u3002
\n#\u770b\u76ee\u524d\u7684\u6191\u8b49\u72c0\u6cc1\uff1a
\nsudo certbot certificates
\n#\u628a hs.jir.idv.tw \u52a0\u9032\u73fe\u6709\u6191\u8b49\uff1a
\nsudo certbot certonly --apache \\
\n -d jir.idv.tw \\
\n -d linux.jir.idv.tw \\
\n -d hs.jir.idv.tw
\n#\u5982\u7121\u932f\u8aa4\uff0c\u78ba\u8a8d\u65b0\u52a0\u5165\u7db2\u57df\uff1a
\nsudo certbot certificates<\/code><\/p>\n

3).
\n\u6211\u7684\u662f\u8dd1Apache\uff0c\u6240\u4ee5\u5728 vhost \u8a2d\u5b9a\u65b0\u589e\u4e00\u500b\u8a2d\u5b9a\u6a94\u3002
\nsudo nano \/etc\/apache2\/sites-available\/headscale.conf<\/code>
\n
\n# HTTP \u2192 \u5f37\u5236\u8f49 HTTPS
\n
\n ServerName hs.jir.idv.tw
\n RewriteEngine On
\n RewriteRule ^(.*)$ https:\/\/hs.jir.idv.tw$1 [R=301,L]
\n<\/VirtualHost>
\n# HTTPS reverse proxy \u2192 headscale
\n
\n ServerName hs.jir.idv.tw
\n SSLEngine on
\n SSLCertificateFile \/etc\/letsencrypt\/live\/jir.idv.tw\/fullchain.pem
\n SSLCertificateKeyFile \/etc\/letsencrypt\/live\/jir.idv.tw\/privkey.pem
\n ProxyPreserveHost On
\n ProxyPass \/ http:\/\/127.0.0.1:8080\/ upgrade=any
\n ProxyPassReverse \/ http:\/\/127.0.0.1:8080\/
\n RequestHeader set X-Forwarded-Proto \"https\"
\n
\n SecRuleEngine Off
\n <\/IfModule>
\n<\/VirtualHost>
\n<\/code>
\n#\u555f\u7528\u65b0\u8a2d\u5b9a\u6a94\uff1a
\nsudo a2enmod proxy proxy_http proxy_wstunnel rewrite headers
\nsudo a2ensite headscale.conf
\nsudo apache2ctl configtest
\nsudo systemctl reload apache2
\nsudo systemctl status apache2<\/code><\/p>\n

4).
\n#\u4e0b\u8f09\u548c\u5b89\u88dd\u5957\u4ef6\uff1a
\nwget https:\/\/github.com\/juanfont\/headscale\/releases\/download\/v0.28.0\/headscale_0.28.0_linux_amd64.deb
\nsudo apt install headscale_0.28.0_linux_amd64.deb<\/code>
\n#\u7de8\u8f2f\u8a2d\u5b9a\u6a94\u6848\uff1a
\nsudo nano \/etc\/headscale\/config.yaml<\/code>
\n
\nserver_url: https:\/\/hs.jir.idv.tw<\/p>\n

listen_addr: 127.0.0.1:8080
\nmetrics_listen_addr: 127.0.0.1:9090
\ngrpc_listen_addr: 127.0.0.1:50443
\ngrpc_allow_insecure: false<\/p>\n

noise:
\n private_key_path: \/var\/lib\/headscale\/noise_private.key<\/p>\n

prefixes:
\n v4: 100.64.0.0\/10
\n v6: fd7a:115c:a1e0::\/48
\n allocation: sequential<\/p>\n

derp:
\n server:
\n enabled: false
\n region_id: 999
\n region_code: \"headscale\"
\n region_name: \"Headscale Embedded DERP\"
\n verify_clients: true
\n stun_listen_addr: \"0.0.0.0:3478\"
\n private_key_path: \/var\/lib\/headscale\/derp_server_private.key
\n automatically_add_embedded_derp_region: true
\n ipv4: 198.51.100.1
\n ipv6: 2001:db8::1
\n urls:
\n - https:\/\/controlplane.tailscale.com\/derpmap\/default
\n paths: []
\n auto_update_enabled: true
\n update_frequency: 3h<\/p>\n

disable_check_updates: false
\nephemeral_node_inactivity_timeout: 30m<\/p>\n

database:
\n type: sqlite
\n debug: false
\n gorm:
\n prepare_stmt: true
\n parameterized_queries: true
\n skip_err_record_not_found: true
\n slow_threshold: 1000
\n sqlite:
\n path: \/var\/lib\/headscale\/db.sqlite
\n write_ahead_log: true
\n wal_autocheckpoint: 1000<\/p>\n

acme_url: https:\/\/acme-v02.api.letsencrypt.org\/directory
\nacme_email: \"\"
\ntls_letsencrypt_hostname: \"\"
\ntls_letsencrypt_cache_dir: \/var\/lib\/headscale\/cache
\ntls_letsencrypt_challenge_type: HTTP-01
\ntls_letsencrypt_listen: \":http\"
\ntls_cert_path: \"\"
\ntls_key_path: \"\"<\/p>\n

log:
\n level: info
\n format: text<\/p>\n

policy:
\n mode: file
\n path: \"\"<\/p>\n

dns:
\n #magic_dns: true
\n magic_dns: false
\n #base_domain: example.com
\n base_domain: headscale.internal
\n #override_local_dns: true
\n override_local_dns: false
\n nameservers:
\n global:
\n - 1.1.1.1
\n - 1.0.0.1
\n - 2606:4700:4700::1111
\n - 2606:4700:4700::1001
\n split: {}
\n search_domains: []
\n extra_records: []<\/p>\n

unix_socket: \/var\/run\/headscale\/headscale.sock
\nunix_socket_permission: \"0770\"<\/p>\n

logtail:
\n enabled: false<\/p>\n

randomize_client_port: false<\/p>\n

taildrop:
\n enabled: true
\n<\/code>
\n#\u555f\u52d5 headscale
\nbashsudo systemctl enable headscale
\nsudo systemctl start headscale
\nsudo systemctl status headscale<\/code><\/p>\n

#\u555f\u7528\u5f8c\u6e2c\u8a66\u4e00\u4e0b headscale \u6709\u6c92\u6709\u6b63\u5e38\u56de\u61c9\uff0c\u6b63\u5e38\u6703\u6709\u4e00\u500bJSON\u683c\u5f0f\u7684pass\u8a0a\u606f\uff1a
\ncurl -v https:\/\/hs.jir.idv.tw\/health<\/code><\/p>\n

5).
\n#\u5efa\u7acb\u4e00\u500b user\u5e33\u865f\uff0c\u56e0\u70ba\u6211\u662f\u81ea\u5df1\u8981\u7528\uff0c\u6240\u4ee5\u4e00\u500b\u5e33\u865f\u5c31\u53ef\u4ee5\uff1a
\nsudo headscale users create headscaleaccount
\nsudo headscale users list<\/code><\/p>\n

#\u7522\u751f\u8a3b\u518a\u7528\u7684 preauth key\uff0cUSER 1\u7522\u751f\u7684\u6578\u503c\u8981\u8a18\u4e0b\u4f86\uff0c\u7b49\u4e00\u4e0b 24 \u5c0f\u6642\u5167\u53ef\u4ee5\u7528\u9019\u500b key \u5728\u591a\u53f0\u8a2d\u5099\u8a3b\u518a\u6642\u7528\u5230\u3002
\nsudo headscale preauthkeys create --user 1 --reusable --expiration 24h
\nsudo headscale preauthkeys list<\/code><\/p>\n

#\u78ba\u8a8d\u8a2d\u5099\u6709\u8a3b\u518a\u9032\u4f86
\nsudo headscale nodes list<\/code><\/p>\n

#\u67e5\u554f\u984c\u53ef\u4ee5\u78ba\u8a8d\u4ea4\u63e1\u662f\u5361\u5728APACHE\u9084\u662fHEADSCALE
\nsudo tail -50 \/var\/log\/apache2\/error.log
\nsudo tail -50 \/var\/log\/apache2\/access.log
\nsudo journalctl -u headscale -n 50 --no-pager<\/code><\/p>\n

TAILSCALE CLIENT\u5ba2\u6236\u7aef\u8a2d\u5b9a\uff1a
\n\u525b\u525b\u7522\u751f\u7684KEY\u503c\u5047\u8a2d\u662fXXXXXXXXXXXXXXXXXXXX\uff0c\u4ee5\u4e0b\u6703\u7528\u5230\u3002
\n\u5982\u679c\u539f\u4f86\u5c31\u5df2\u7d93\u5b89\u88ddtailscale\u5ba2\u6236\u7aef\u7a0b\u5f0f\uff0c\u6211\u662f\u628a\u820a\u7684\u8a2d\u5b9a\u6a94\u522a\u9664\u6389\uff0c\u6539\u6210\u73fe\u5728\u65b0\u7684\u3002
\n*** WIN10\/11<\/strong>
\n\u6253\u958bPOWER SHELL\uff0c\u8981admin\u72c0\u614b\uff1a
\nPS C:\\> tailscale logout
\nPS C:\\> Stop-Service tailscale
\nPS C:\\> Remove-Item -Recurse -Force \"C:\\ProgramData\\Tailscale\"
\nPS C:\\> Start-Service tailscale
\nPS C:\\> tailscale up --login-server=https:\/\/hs.jir.idv.tw --authkey=XXXXXXXXXXXXXXXXXXXX --accept-dns=false --hostname=win-pc1
\nPS C:\\> tailscale status<\/code><\/p>\n

*** LINUX<\/strong>
\nsudo tailscale logout
\nsudo systemctl stop tailscaled
\nsudo rm -rf \/var\/lib\/tailscale\/
\nsudo systemctl start tailscaled
\nsudo tailscale up \\
\n --login-server=https:\/\/hs.jir.idv.tw \\
\n --authkey=XXXXXXXXXXXXXXXXXXXX \\
\n --accept-dns=false \\
\n --hostname=linux-pc2
\ntailscale status<\/code><\/p>\n

*** Synology NAS<\/strong>
\n\u56e0\u70ba\u5957\u4ef6\u7ba1\u7406\u662f\u9810\u8a2d\u8dd1\u7db2\u9801\u5230tailscale\u7db2\u5740\uff0c\u9700\u8981\u624b\u52d5\u958bSSH\uff0c\u7528PUTTY\u8dd1CMD\u6307\u4ee4\u4f86\u52a0\u5165\u3002<\/p>\n

\u984c\u5916\u8a71\uff0c\u6211\u7684NAS\u592a\u4e45\u9060\u4ee5\u524d\u7684\u7248\u672c\u7522\u54c1\u4e86\uff0c\u96d6\u7136\u5df2\u7d93\u662fDSM7.0\u7248\u672c\uff0c\u5b83\u5167\u90e8\u7684tailscale\u7dad\u8b77\u5957\u4ef6\u592a\u820a\uff0c\u6703\u8aaa\u4e0d\u80fd\u7528\u3002
\n\u6240\u4ee5\u8981\u624b\u52d5\u66f4\u65b0\u65b0\u7248\u672c\uff0c\u9047\u5230\u4e00\u9ede\u5c0f\u56f0\u96e3\uff0c\u9084\u597dAI\u80fd\u7d66\u51fa\u9069\u7528\u7684\u89e3\u7b54\u4f86\u89e3\u6c7a…@@
\nuname -m
\ncat \/proc\/cpuinfo | grep -i \"hardware\\|model\\|cpu\" # \u6216 cat \/etc\/synoinfo.conf | grep \"unique\\|platform\\|upnpmodel\"<\/code>
\n\u524d\u5f80 https:\/\/pkgs.tailscale.com\/stable\/#spks<\/a> \u627e\u5c0d\u61c9 NAS \u67b6\u69cb\u7684 .spk\u6a94\u6848\u3002
\n\u50cf\u6211\u9019\u53f0\u8001\u6a5f\u5668\u662f STi SoC (Hardware: STi SoC)\uff0c\u5c0d\u61c9\u7684\u662f Synology \u7684 monaco \u67b6\u69cb\uff1a
\ncd \/tmp
\nwget https:\/\/pkgs.tailscale.com\/stable\/tailscale-monaco-1.98.2-700098002-dsm7.spk
\nsudo synosystemctl stop pkgctl-Tailscale
\nsudo synopkg install \/tmp\/tailscale-monaco-1.98.2-700098002-dsm7.spk
\nsudo synosystemctl start pkgctl-Tailscale
\nsudo tailscale version
\n#\u78ba\u5b9a\u7248\u672c\u5df2\u7d93\u66f4\u65b0\u5230\u6700\u65b0\u7248\u5f8c\uff0c\u5c31\u53ef\u4ee5\u52a0\u5165\u81ea\u5df1\u7684
\nsudo tailscale logout
\nsudo synosystemctl stop pkgctl-Tailscale
\nsudo rm -rf \/var\/lib\/tailscale\/
\nsudo synosystemctl start pkgctl-Tailscale
\nsudo tailscale up --login-server=https:\/\/hs.jir.idv.tw --authkey=XXXXXXXXXXXXXXXXXXXX --accept-dns=false --hostname=nas-1
\nsudo tailscale status<\/code><\/p>\n

*** ANDROID<\/strong>
\n\u61c9\u7528\u7a0b\u5f0f\u8cc7\u8a0a\uff0c\u5148\u628atailscale app\u6e05\u9664\u6389\u767b\u5165\u7d00\u9304\uff0c\u5982\u679c\u662f\u7b2c\u4e00\u6b21\u5b89\u88dd\u4f7f\u7528\uff0c\u53ef\u4ee5\u8df3\u4e0b\u4e00\u6b65\u3002
\n\u6253\u958b tailscale app\uff0c\u53f3\u4e0a\u89d2 \u8a2d\u5b9a \uff0c\u627eACCOUNT\u9078\u300cAdd another account\u300d\u8f38\u5165 https:\/\/hs.jir.idv.tw \u3002
\n\u7136\u5f8c\u7528 authkey\u7684\u6578\u503c \u8f38\u5165\u5f8c\u5b8c\u6210\u767b\u5165\u6b65\u9a5f\u3002<\/p>\n

\u7136\u5f8c\uff0c\u6211\u7684\u5b89\u5353\u624b\u6a5f\u4e0d\u77e5\u9053\u662f\u4e0d\u662f\u7279\u4f8b\u9084\u662f\u54ea\u8a2d\u5b9a\u6709\u932f\u8aa4\uff0c\u7e3d\u4e4b\u8f38\u5165\u7db2\u5740\u5f8c\uff0c\u4e00\u76f4\u4e0d\u51fa\u73fe\u8f38\u5165\u6388\u6b0a\u78bc\u7684\u8a0a\u606f\u9078\u9805\u3002
\n\u5f04\u4e86\u4e00\u7ffb\uff0c\u624d\u7559\u610f\u5230\u5f8c\u53f0\u770b\u5230\u4ed6\u5df2\u7d93\u767c\u51fa\u4ea4\u63e1\u7684\u8a0a\u606f\uff0c\u5728\u7b49\u6838\u767c\u7684\u6a23\u5b50\u3002
\n\u7e3d\u4e4b\u6211\u81ea\u5df1TRY\u7684\u89e3\u6cd5\uff0c\u5728\u8f38\u5165\u7db2\u5740\u5f8c\uff0c\u5047\u8a2d\u8df3\u56de\u5230LOGIN\u7684\u756b\u9762\uff0c\u9019\u6642\u5019\u624b\u6a5f\u5148\u90fd\u4e0d\u8981\u52d5\u4e5f\u4e0d\u8981\u5207\u63db\u3002
\n\u5148\u5230HEADSCALE\u4e3b\u6a5f\u5f8c\u53f0\u67e5\u76ee\u524d\u9019\u53f0\u4ea4\u63e1\u7684\u8a0a\u606f\uff1a
\nsudo tail -20 \/var\/log\/apache2\/access.log<\/code><\/p>\n

#\u627e\u5230\u6700\u5f8c\u4e00\u7b46\u4ea4\u63e1\u9700\u6c42\u7684 KEY \u503c\uff0c\u4f8b\u5982\uff1agFUcqABLOg1VB\uff0c\u76f4\u63a5\u7531\u5f8c\u53f0\u6838\u767c\u5f8c\u3002
\nheadscale nodes register --key gFUcqABLOg1VB --user headscaleaccount<\/code><\/p>\n

\u6838\u767c\u7684\u7576\u4e0b\uff0c\u624b\u6a5f\u756b\u9762\u61c9\u8a72\u6703\u8df3\u51fa\u4e00\u500b\u9023\u7dda\u6210\u529f\u7684\u8a0a\u606f\uff0c\u7136\u5f8c\u5de6\u4e0a\u89d2\u7684\u9023\u7dda\u72c0\u614b\u5c31\u6703\u591a\u4e00\u7d44\u5b8c\u6210\u8a2d\u5b9a\u7684IP\u503c\u3002
\n\u53ea\u662f\u9019\u500b\u65b9\u6cd5\u6bd4\u8f03\u5947\u602a\u7684\u90e8\u5206\u662f\u4ed6\u4e0d\u6703\u6293\u5230\u624b\u6a5f\u7684hostname\uff0c\u6703\u986f\u793a\u6210\u985e\u4f3c\uff1ainvalid-xxxxxxx\u7684\u540d\u7a31\u3002
\n\u4e0d\u904e\u662f\u500b\u5c0f\u554f\u984c\uff0c\u6211\u5011\u627e\u51fa\u90a3\u53f0\u7684ID\u503c\uff0c\u7136\u5f8c\u7d66\u4ed6\u5b9a\u7fa9\u6211\u5011\u60f3\u8981\u986f\u793a\u7684\u540d\u7a31\u5c31\u53ef\u4ee5\u4e86\u3002
\nheadscale nodes list
\nheadscale nodes rename -i O android-1<\/code><\/p>\n

6).
\n\u6700\u5f8c\uff0c\u81ea\u5df1\u65d7\u4e0b\u7684\u8a2d\u5099\u90fd\u5b8c\u6210\u5171\u7528\u4e00\u500b\u7db2\u57df\u5f8c\uff0c\u6b63\u5e38\u60c5\u6cc1\u61c9\u8a72\u90fd\u80fdPING\u5230\u548c\u5171\u7528\u4e00\u500bA CLASS\u7db2\u6bb5\u4f86\u6e9d\u901a\u3002
\ntailscale ping 100.64.0.X
\nping 100.64.0.X<\/code>
\n\u6c92\u554f\u984c\u5c31\u80fd\u7528\u5176\u4ed6\u7684\u8edf\u9ad4\u6216APP\u4f86\u9054\u5230\u4e92\u806f\u529f\u80fd\u779c!!<\/p>\n

\u5176\u4ed6\u53c3\u8003\u6587\u7ae0\uff1a
\nhttps:\/\/kafeiou.pw\/tailscaleheadscale-%E8%87%AA%E6%9E%B6vpn%E5%85%A8%E7%B4%80%E9%8C%84\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Tailscale \u672c\u8eab\u662f\u500b\u5f88\u597d\u7528\u7684 VPN \u5de5\u5177\uff0c\u57fa\u65bc WireGuard \u5354\u8b70\uff0c\u8a2d\u5b9a\u7c21\u55ae\u3001\u9023\u7dda\u7a69\u5b9a\uff0c\u628a\u6211\u7684\u4e0d\u540c\u5be6\u9ad4\u5730\u5340\u7684\u7db2\u8def\u8a2d\u5099\uff0c\u53ef\u4ee5\u96c6\u4e2d\u4e00\u8d77\u8de8\u7db2\u6bb5\u4f7f\u7528\u5f7c\u6b64\u7684\u529f\u80fd\u548c\u8cc7\u6e90\u3002 \u4f46\u5b98\u65b9\u7684 Tailscale \u6709\u5e7e\u500b\u554f\u984c\uff1a \u8a2d\u5099\u8cc7\u8a0a\u548c\u9023\u7dda\u72c0\u614b\u6703\u7d93\u904e Tailscale \u7684server\uff0c\u514d\u8cbb\u7248\u6709\u8a2d\u5099\u6578\u91cf\u9650\u5236(\u96d6\u7136\u4e00\u822c\u4f7f\u7528\u8005\u5f88\u96e3\u8d85\u904e\u9019\u500b\u514d\u8cbb\u6578\u91cf)\u3002 \u7121\u6cd5\u5b8c\u5168\u638c\u63a7\u81ea\u5df1\u7684\u7db2\u8def\uff0c\u6240\u4ee5\u6211\u66fe\u7d93\u9047\u5230\u5e7d\u9748\u5ba2\u6236\u7aef\u88dd\u7f6e\uff1a WPAD.tailXXX.ts.net \u7522\u751f\u5927\u91cf\u67e5\u8a62 \u5167\u7db2DNS\u4f3a\u670d\u5668 \u7684\u7671\u7613\u884c\u70ba(tailscale\u958b\u767c\u5718\u968a\u8aaa\u5b83\u5f8c\u53f0\u770b\u4e0d\u51fa\u7570\u5e38\u4f86\u6e90)\u3002 \u56e0\u70ba\u6709\u4e00\u4e9b\u4f7f\u7528\u689d\u4ef6\u7684\u4fbf\u5229\u6027\uff0c\u9084\u662f\u6703\u9700\u8981\u7528\u9019\u500bVPN\u5de5\u5177\u4f86\u8dd1\u5167\u7db2\u548c\u8de8\u8a2d\u5099\u3002 \u9019\u5e7e\u5929\u767c\u73fe Headscale \u662f\u57fa\u65bc Tailscale \u7684\u958b\u6e90\u81ea\u67b6\u66ff\u4ee3\u54c1\uff0c\u53ef\u4ee5\u7528\u540c\u6a23\u7684 Tailscale \u5ba2\u6236\u7aef\u8edf\u9ad4\uff0c\u5728\u81ea\u5df1\u7684\u4f3a\u670d\u5668\u9054\u5230\u4e00\u6a23\u7684\u529f\u80fd\u3002 \u7f3a\u9ede\uff1a \u9700\u8981\u6709\u81ea\u5df1\u7684\u7db2\u57df\u548c\u6301\u7e8c\u5c0d\u5916\u7684\u7db2\u9801\u4e3b\u6a5f\uff0c\u6240\u4ee5\u4ecd\u6709\u4e00\u5b9a\u7684IP\u66b4\u9732\u98a8\u96aa\u7d66\u7121\u804a\u4eba\u58eb\u627e\u5f31\u9ede\u3002 \u4e0b\u8f09\u4f4d\u7f6e\uff1a https:\/\/github.com\/juanfont\/headscale \u67b6\u8a2d\u8aaa\u660e\u6587\u4ef6\uff1a https:\/\/headscale…. Read more (\u5b8c\u6574\u6587\u7ae0\u5167\u5bb9)\u7528\u57fa\u65bctailscale\u958b\u767c\u5957\u4ef6\uff0c\u67b6\u8a2dheadscale\u5728\u81ea\u5df1\u7684\u4e3b\u6a5f\u7ba1\u8f44VPN\u5427<\/span><\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-3348","post","type-post","status-publish","format-standard","hentry","category-4","content-layout-excerpt-thumb"],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3348","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3348"}],"version-history":[{"count":3,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3348\/revisions"}],"predecessor-version":[{"id":3351,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/3348\/revisions\/3351"}],"wp:attachment":[{"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3348"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3348"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jir.idv.tw\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3348"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}