From 6e9faa3e1300d3dfa6f7db9ab56818fd82803a85 Mon Sep 17 00:00:00 2001
From: 0x7fffff92 <40755502+0x7fffff92@users.noreply.github.com>
Date: Wed, 8 May 2024 14:45:53 +0800
Subject: [PATCH] make tailscale websocket compatible with cloudflare tunnel
 (#2)

Co-authored-by: 0x7fffff92 <0x7fffff92@example.com>
---
 .../helm-charts/headscale/templates/headscale_deploy.yaml    | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/third-party/headscale/config/user/helm-charts/headscale/templates/headscale_deploy.yaml b/third-party/headscale/config/user/helm-charts/headscale/templates/headscale_deploy.yaml
index 562fa5a7..fb117c09 100644
--- a/third-party/headscale/config/user/helm-charts/headscale/templates/headscale_deploy.yaml
+++ b/third-party/headscale/config/user/helm-charts/headscale/templates/headscale_deploy.yaml
@@ -126,7 +126,7 @@ spec:
             fieldRef:
               fieldPath: status.podIP 
       - name: frontend
-        image: nginx:stable-alpine3.17-slim
+        image: jboesl/docker-nginx-headers-more:latest
         imagePullPolicy: IfNotPresent
         volumeMounts:
         - name: nginx-config
@@ -469,8 +469,9 @@ data:
           proxy_pass http://headscale-server-svc:8080;
           proxy_method POST;
           proxy_http_version 1.1;
-          proxy_set_header Upgrade $http_upgrade;
+          proxy_set_header Upgrade 'tailscale-control-protocol';
           proxy_set_header Connection '$connection_upgrade';
+          more_set_headers 'Upgrade: $http_upgrade';
         }
         location / {
           proxy_pass http://headscale-server-svc:8080;