From d2e823a3d65126bebafb46e034ff7e40801d0fd6 Mon Sep 17 00:00:00 2001
From: Jory Irving <jory@jory.dev>
Date: Wed, 18 Sep 2024 10:47:01 -0600
Subject: [PATCH] feat(headscale): update config for 0.23

---
 .../apps/network/headscale/app/externalsecret.yaml | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/kubernetes/utility/apps/network/headscale/app/externalsecret.yaml b/kubernetes/utility/apps/network/headscale/app/externalsecret.yaml
index bbf1cf59ea..e96bf149a5 100644
--- a/kubernetes/utility/apps/network/headscale/app/externalsecret.yaml
+++ b/kubernetes/utility/apps/network/headscale/app/externalsecret.yaml
@@ -24,6 +24,7 @@ spec:
           noise:
             private_key_path: /var/lib/headscale/noise_private.key
           prefixes:
+            # These are the Tailscale defaults
             v6: fd7a:115c:a1e0::/48
             v4: 100.64.0.0/10
           derp:
@@ -33,24 +34,23 @@ spec:
               - https://controlplane.tailscale.com/derpmap/default
             auto_update_enabled: true
             update_frequency: 24h
-          disable_check_updates: false
+          disable_check_updates: true
           ephemeral_node_inactivity_timeout: 30m
           database:
             type: sqlite
             sqlite:
               path: /var/lib/headscale/db.sqlite
+              write_ahead_log: true
           # TODO: Remove after 0.23.0
           db_type: sqlite3
           db_path: /var/lib/headscale/db.sqlite
-          dns_config:
-            # Whether to prefer using Headscale provided DNS or use local.
-            override_local_dns: true
+          dns:
+            magic_dns: true
+            base_domain: headscale.internal
             # List of DNS servers to expose to clients.
             nameservers:
               - 10.69.1.1
-            domains: []
-            magic_dns: true
-            base_domain: ${SECRET_DOMAIN}
+            search_domains: []
           log:
             level: info
           oidc: