Add option to serve Headplane via TLS

[optimist555]

Description

I run the reverse proxy on a separate machine on LAN and would like the traffic between Headplane and my reverse proxy to be protected for traffic analysis with TLS. I run a local CA on another host and an ACME client on teh docker host, and pass certificates via bind mounts to the headscale container. I would like the same to apply for Headplane. Maybe even have an option to generate self signed cert, or use existing certificate passed via bind mount, or internal certbot, acme.sh or similar packaged with the container.

[tale]

Realistically this will be a "pass your own certificate" style configuration but yes, I can do this.

[optimist555]

Yes that would probably be the most viable option. Headscale and headplane would be able to use the same cert if they are on the same host though. Thanks for considering this.

…

-------- Original Message --------

On 17 Dec 2025, 02:17, Aarnav Tale wrote: tale left a comment [(tale/headplane#403)](#403 (comment)) Realistically this will be a "pass your own certificate" style configuration but yes, I can do this. — Reply to this email directly, [view it on GitHub](#403 (comment)), or [unsubscribe](https://github.com/notifications/unsubscribe-auth/AVV2AYFC3YKYAIRZMTLKO434CCVMDAVCNFSM6AAAAACPICWPSWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTMNRTGE2DKMRUHA). You are receiving this because you authored the thread.Message ID: ***@***.***>