Installing Headscale on NixOS Latest

Headscale is an open-source implementation of WireGuard VPN. It allows you to set up and manage your own WireGuard network. In this tutorial, we will show you how to install Headscale on NixOS Latest.

Prerequisites

Before we install Headscale, make sure that your NixOS Latest system is up-to-date with the latest patches and updates.

Step 1: Install Dependencies

Headscale requires Go and WireGuard to run. We will first install these dependencies.

Open the terminal and update the package repository:

$ sudo nix-channel --update

Install Go and WireGuard from the Nix package manager:

$ sudo nix-env -iA nixpkgs.go nixpkgs.wireguard

Step 2: Clone the Repository

Clone the Headscale repository from Github:

$ git clone https://github.com/juanfont/headscale.git

Step 3: Build and Install Headscale

Change the directory to the Headscale repository:

$ cd headscale

Build and install the Headscale binary:

$ make install

This command will compile the Headscale binary and install it in /usr/local/bin.

Step 4: Configure WireGuard

Headscale is designed to work with an existing WireGuard installation. If you don't have WireGuard already configured, you can follow the instructions here.

Otherwise, you can use the wg command-line tool to create a new configuration:

$ sudo wg genkey | sudo tee /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key
$ sudo wg set wg0 private-key /etc/wireguard/private.key
$ sudo wg set wg0 listen-port 51820
$ sudo wg-quick up wg0

Step 5: Initialize Headscale

Initialize Headscale with the following command:

$ headscale init

This command will create a new configuration file config.hjson in the current directory.

Now start the Headscale server:

$ headscale serve

Step 6: Add New Nodes

You can now add new nodes to your WireGuard network by registering them with the Headscale server. Generate the WireGuard keys for each node and register them with the Headscale server:

$ wg genkey | tee my_node.key | wg pubkey > my_node.pub
$ headscale node register -name my_node -key my_node.pub -admin

You can replace my_node with the name of your node.

Conclusion

In this tutorial, we showed you how to install and configure Headscale on NixOS Latest. By following these steps, you should now have a working WireGuard network with Headscale.