From da23533f1e3e226a9b3eea825e94a3b8332182e4 Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Fri, 20 Feb 2026 22:19:08 +0800
Subject: Enable DERP relay fallback in headscale config

Remove the sed that commented out the default DERP map URL,
keeping DERP relays available as fallback when NAT traversal fails.
Retain the auto_update_enabled=false setting for the DERP map.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 server.sh | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/server.sh b/server.sh
index 41b88ce..060ca1e 100755
--- a/server.sh
+++ b/server.sh
@@ -5,7 +5,6 @@
 # docs:
 # this script assumes the ip addresses is pointed to the current machine, and this script runs on 0.0.0.0
 # configuration is kinda manual cuz the official packaging is for .deb and i want rhel based system
-# fallback (Designated Encrypted Relay for Packets) is disabled. if NAT traversal fails, there will be no connection
 set -e
 
 die()  { echo "Error: $1" >&2; exit 1; }
@@ -106,8 +105,6 @@ cp /var/tmp/config-example.yaml /etc/headscale/config.yaml
 rm -f /var/tmp/config-example.yaml
 sed -i "s|server_url: http://127.0.0.1:8080|server_url: http://${PUBLIC_IP}:8080|" /etc/headscale/config.yaml
 sed -i "s|listen_addr: 127.0.0.1:8080|listen_addr: 0.0.0.0:8080|" /etc/headscale/config.yaml
-# Disable DERP relays — all nodes have public IPs, force direct WireGuard connections only
-sed -i 's|    - https://controlplane.tailscale.com/derpmap/default|    # - https://controlplane.tailscale.com/derpmap/default|' /etc/headscale/config.yaml
 sed -i 's|  auto_update_enabled: true|  auto_update_enabled: false|' /etc/headscale/config.yaml
 chown -R headscale:headscale /etc/headscale
 
-- 
cgit