Skip to content

Commit

Permalink
Set title for code listings
Browse files Browse the repository at this point in the history
  • Loading branch information
nblock committed Dec 17, 2024
1 parent 0acb2b5 commit bbc93a9
Show file tree
Hide file tree
Showing 7 changed files with 16 additions and 16 deletions.
2 changes: 1 addition & 1 deletion docs/ref/acls.md
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ process. Headscale logs the result of ACL policy processing after each reload.

Here are the ACL's to implement the same permissions as above:

```json
```json title="acl.json"
{
// groups are collections of users having a common scope. A user can be in multiple groups
// groups cannot be composed of groups
Expand Down
6 changes: 3 additions & 3 deletions docs/ref/dns.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ hostname and port combination "http://hostname-in-magic-dns.myvpn.example.com:30

=== "Static entries, via `dns.extra_records`"

```yaml
```yaml title="config.yaml"
dns:
...
extra_records:
Expand All @@ -48,7 +48,7 @@ hostname and port combination "http://hostname-in-magic-dns.myvpn.example.com:30

=== "Dynamic entries, via `dns.extra_records_path`"

```json
```json title="extra-records.json"
[
{
"name": "grafana.myvpn.example.com",
Expand Down Expand Up @@ -93,7 +93,7 @@ hostname and port combination "http://hostname-in-magic-dns.myvpn.example.com:30
The motivating example here was to be able to access internal monitoring services on the same host without
specifying a port, depicted as NGINX configuration snippet:

```
```nginx title="nginx.conf"
server {
listen 80;
listen [::]:80;
Expand Down
8 changes: 4 additions & 4 deletions docs/ref/integration/reverse-proxy.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ Running headscale behind a cloudflare proxy or cloudflare tunnel is not supporte

Headscale can be configured not to use TLS, leaving it to the reverse proxy to handle. Add the following configuration values to your headscale config file.

```yaml
```yaml title="config.yaml"
server_url: https://<YOUR_SERVER_NAME> # This should be the FQDN at which headscale will be served
listen_addr: 0.0.0.0:8080
metrics_listen_addr: 0.0.0.0:9090
Expand All @@ -35,7 +35,7 @@ tls_key_path: ""
The following example configuration can be used in your nginx setup, substituting values as necessary. `<IP:PORT>` should be the IP address and port where headscale is running. In most cases, this will be `http://localhost:8080`.

```Nginx
```nginx title="nginx.conf"
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
Expand Down Expand Up @@ -113,7 +113,7 @@ spec:

The following Caddyfile is all that is necessary to use Caddy as a reverse proxy for headscale, in combination with the `config.yaml` specifications above to disable headscale's built in TLS. Replace values as necessary - `<YOUR_SERVER_NAME>` should be the FQDN at which headscale will be served, and `<IP:PORT>` should be the IP address and port where headscale is running. In most cases, this will be `localhost:8080`.

```
```none title="Caddyfile"
<YOUR_SERVER_NAME> {
reverse_proxy <IP:PORT>
}
Expand All @@ -127,7 +127,7 @@ For a slightly more complex configuration which utilizes Docker containers to ma

The following minimal Apache config will proxy traffic to the headscale instance on `<IP:PORT>`. Note that `upgrade=any` is required as a parameter for `ProxyPass` so that WebSockets traffic whose `Upgrade` header value is not equal to `WebSocket` (i. e. Tailscale Control Protocol) is forwarded correctly. See the [Apache docs](https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html) for more information on this.

```
```apache title="apache.conf"
<VirtualHost *:443>
ServerName <YOUR_SERVER_NAME>
Expand Down
8 changes: 4 additions & 4 deletions docs/ref/oidc.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ Known limitations:

In your `config.yaml`, customize this to your liking:

```yaml
```yaml title="config.yaml"
oidc:
# Block further startup until the OIDC provider is healthy and available
only_start_if_oidc_is_available: true
Expand Down Expand Up @@ -56,7 +56,7 @@ oidc:
In order to integrate headscale with Azure Active Directory, we'll need to provision an App Registration with the correct scopes and redirect URI. Here with Terraform:
```hcl
```hcl title="terraform.hcl"
resource "azuread_application" "headscale" {
display_name = "Headscale"

Expand Down Expand Up @@ -127,7 +127,7 @@ output "headscale_client_secret" {

And in your headscale `config.yaml`:

```yaml
```yaml title="config.yaml"
oidc:
issuer: "https://login.microsoftonline.com/<tenant-UUID>/v2.0"
client_id: "<client-id-from-terraform>"
Expand Down Expand Up @@ -162,7 +162,7 @@ However if you don't have a domain, or need to add users outside of your domain,
8. Click `Save` at the bottom of the form
9. Take note of the `Client ID` and `Client secret`, you can also download it for reference if you need it.
10. Edit your headscale config, under `oidc`, filling in your `client_id` and `client_secret`:
```yaml
```yaml title="config.yaml"
oidc:
issuer: "https://accounts.google.com"
client_id: ""
Expand Down
2 changes: 1 addition & 1 deletion docs/ref/remote-cli.md
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ headscale apikeys expire --prefix "<PREFIX>"

=== "Minimal YAML configuration file"

```yaml
```yaml title="config.yaml"
cli:
address: <HEADSCALE_ADDRESS>:<PORT>
api_key: <API_KEY_FROM_PREVIOUS_STEP>
Expand Down
4 changes: 2 additions & 2 deletions docs/ref/tls.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

Headscale can be configured to expose its web service via TLS. To configure the certificate and key file manually, set the `tls_cert_path` and `tls_cert_path` configuration parameters. If the path is relative, it will be interpreted as relative to the directory the configuration file was read from.

```yaml
```yaml title="config.yaml"
tls_cert_path: ""
tls_key_path: ""
```
Expand All @@ -15,7 +15,7 @@ The certificate should contain the full chain, else some clients, like the Tails
To get a certificate automatically via [Let's Encrypt](https://letsencrypt.org/), set `tls_letsencrypt_hostname` to the desired certificate hostname. This name must resolve to the IP address(es) headscale is reachable on (i.e., it must correspond to the `server_url` configuration parameter). The certificate and Let's Encrypt account credentials will be stored in the directory configured in `tls_letsencrypt_cache_dir`. If the path is relative, it will be interpreted as relative to the directory the configuration file was read from.

```yaml
```yaml title="config.yaml"
tls_letsencrypt_hostname: ""
tls_letsencrypt_listen: ":http"
tls_letsencrypt_cache_dir: ".cache"
Expand Down
2 changes: 1 addition & 1 deletion docs/setup/install/official.md
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ systemd.
1. In `/etc/headscale/config.yaml`, override the default `headscale` unix socket with a path that is writable by the
`headscale` user or group:

```yaml
```yaml title="config.yaml"
unix_socket: /var/run/headscale/headscale.sock
```

Expand Down

0 comments on commit bbc93a9

Please sign in to comment.