Adding on from my previous post, I wanted to access to other machines in my home network that I can't install tailscale on (IP cameras, etc). To solve for this, I made sure the "Network Type" was set to "bridge". I went in to the console for the Tailscale docker container and ran the following (my home network is 192.168.1.0/24 - change this to match your network):
tailscale up --advertise-routes=192.168.1.0/24
After running this, I logged in to the Tailscale admin portal at https://login.tailscale.com/admin/machines and for my unraid box clicked the ... on the menu on the far right and click "Enable subnet routes"
Back in the docker console I ran: vi /etc/sysctl.d/00-alpine.conf
I added a line: net.ipv4.ip_forward=1 then saved the file.
I ran the command: echo 0 | tee /proc/sys/net/ipv4/conf/tailscale0/rp_filter
I ran the command: iptables -t nat -A POSTROUTING -j MASQUERADE
I could then hit my internal IPs from an iPhone on LTE e.g. http://192.168.1.145 let me hit my IP cams web interface
I rebooted and the settings persisted, so it seems to be a permanent setup now.