EDACerton
-
Posts
358 -
Joined
-
Last visited
-
Days Won
1
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by EDACerton
-
-
On 4/27/2024 at 5:38 AM, Masterwishx said:
@EDACerton Very like this plugin and tailscale , but becouse UI isn't opened using cool UI headscale-admin, but interesting if this plugin can be adopted for using with Netbird ?
Will be cool to have Also Netbird plugin in Unraid 🙂
You're welcome to use my plugin as a starting point, but this isn't something that I intend to work on.
-
1
-
-
Just now, jbrodriguez said:
sorry to have brought you in @EDACerton🙏, i was really referring to the underlying app, tailscale itself, which isn't fully open source (https://tailscale.com/opensource#faqs)
There's a misconception here. The base tailscale/tailscaled binaries that are installed via the plugin are open-source (they come from the repo that I linked, I've even submitted PRs for them to make things work better on Unraid).
The Mac/Windows/iOS GUIs aren't open-source, nor is the control server (although there is Headscale as an alternative there, which does work with the plugin). None of those components are installed on Unraid.
-
On 4/13/2024 at 9:58 AM, jbrodriguez said:
P.S.: not sure about community app rules 🤷♂️, however there are some other plugins in the community apps that are not open source (tailscale comes to mind)
FYI -- the Tailscale comment here is not accurate, all components are open source:
- unraid-tailscale (main plugin): https://github.com/dkaser/unraid-tailscale
- unraid-tailscale-utils (script package): https://github.com/dkaser/unraid-tailscale-utils
- unraid-plugin-diagnostics (custom diagnostics generator): https://github.com/dkaser/unraid-plugin-diagnostics
- tailscale: https://github.com/tailscale/tailscale
-
1
-
On 4/8/2024 at 10:12 PM, 01111000 said:
LAN IP
Did you configure a subnet router for that network? By default, if you're trying to remotely connect to a Tailscale device, you have to use the Tailscale IP, not the local IP. If you configure a subnet router, however, you can use the local IP remotely as well.
-
6 hours ago, Secluded said:
Hi Hoopster, thank you for the advice! ☺️ Yeah, using a docker version seems a feasible way.
While I still would like to let the plugin developer know this problem, and to see if this can be fixed from the developer side.
I will try swtiching to the docker version if this won't be fixed for the plugin version.
Adding a "delay start" isn't something that I plan to add to the plugin settings.
Reason: using arbitrary delay values to solve race conditions is generally bad and should be avoided.
Secondary reason: the User Scripts plugin can do what you're trying to accomplish, and since this is technically not a Tailscale problem I'd rather not start trying to build fixes into the plugin for other plugins/containers.
Ideally, you'd want to build something smart that would run "At startup of array" which would:
- Wait for the container you want to be started (hint), then
- Restart Tailscale using the script at /usr/local/emhttp/plugins/tailscale/restart.sh
Alternately, you could just build a simple wait by doing this in an "at startup of array" script (change the 60 seconds as needed):
sleep 60 /usr/local/emhttp/plugins/tailscale/restart.sh -
On 4/7/2024 at 3:31 PM, 01111000 said:
I must be overlooking something simple but I’d like to access my server while on the go via IP Address when I’m using the VPN. While Tailscale does connect, I cannot access any of the local services running on my server via IP. Where do I configure local access?
Are you trying to use the Tailscale IP or the LAN IP?
-
10 hours ago, marklevark said:
Hello!
I used the script on the help tab to get an HTTPS cert working for my webgui. All good.Now I'm trying to copy the cert over to some docker containers to get HTTPS on more of my services, following the steps on the help tab. I'm new to this kinda thing, so bear with me, but once copied over, how do I get the certs working? The instructions end and that's where I (a newbie) gets lost.
Thanks in advance!
This isn’t something that I can really help with, you’d have to refer to the documentation for the containers to see how to replace the certificate that each uses.
-
On 4/5/2024 at 3:02 PM, dopeytree said:
This plugin seems to be averaging around 42% cpu which seems a bit on the high side.
It's a newish 13-600H with aes chip built in etc.
I run tailscale on my pfsense router but added this plugin as a backup.
What do others see cpu wise?
Tailscale CPU load is usually traffic-dependent; how much are you sending via Tailscale?
Otherwise, diagnostics would be helpful to see if there's something else going on.
-
On 4/5/2024 at 9:32 AM, icarus69 said:
Bump
I think I posted to you on Reddit as well... it looks like your server can't contact the Tailscale control servers.
-
6 hours ago, Roncore said:
Quick, and probably a dumb question. I see people posting their Tailscale settings from within Unraid, and I do not see this option under settings, nor under settings/Network Settings. I thought it was because I was running 6.12.5, but I went ahead and upgraded to 6.12.9 this morning, and I still do not have tailscale settings anywhere in the Unraid Gui. Any ideas?
First screenshot is a picture on this thread, second screenshot is a picture from my Unraid.
You don’t have the Tailscale plugin installed. You’re probably running the docker container.
-
1
-
-
1 hour ago, rama3124 said:
Thank you, the device came up as connected as soon as I ran tailscale up. Now I can access all my docker containers when adding the port numbers but can't get the Unraid webgui up. I saw this is a common issue when enabling subnets but I can't get the webgui up even when I put in the tailscale IP address
Did you run the restart command? That's necessary to get the WebGUI to start listening on the Tailscale IP.
-
6 hours ago, Rykzon said:
Hello!
I have some experience with tailscale but just started to try out this plugin.
I have a working custom network setup with traefik and some containers behind that. This is working just fine locally, via wireguard and public internet. Traefik listens on the unraid host IP:443.
I was trying to migrate some currently public containers to tailscale.
Basic connectivity is working fine. I have setup my public dns to point to the unraid tailscale IP instead of my public ip, connection works when in tailnet.
I have setup everything to allow direct connections whenever possible, this seems to work as far as I can observe.
Sadly when using the plugin I am mostly extremely limited in bandwidth >1Mbps, sometimes after restarting tailscale it works fine but then breaks down again. Much much worse than straight internet or locally, everything using the same traefik configuration.
Using the tailscale container provides better bandwidth but I would like to avoid that.
Right now I can only assume that some unraid internal networking is screwing with me.
Tower-tailscale-diag-20240401-163235.zip 172.31 kB · 1 download
There's nothing in the Tailscale logs that indicates an issue.
I'd recommend trying to get some tailscale status output from both the server and a client while you're seeing a slow transfer, that might shed some light on the problem.
-
1
-
-
5 hours ago, rama3124 said:
I gave this a go after all and when I stopped the docker container and approved the plugin, the new unraid instance didn't show as online in my tailscale admin console. I have SSH access so I can just delete the plugin and restart the tailscale container but is there a way to complete setup for the plugin through command line?
Run this from SSH:
tailscale upThen, once you've logged in and you see the device in the Tailscale console:
/usr/local/emhttp/plugins/tailscale/restart.sh -
3 hours ago, Laov said:
Random reoccurring issue. Tailscale does not allow SMB share access after 1st server boot. Tailscale DNS name is pingable yet SMB shares are not accessible. Restarting tailscale solves the issue. Is there any way to reboot tailscale plugin with user scripts?
/usr/local/emhttp/plugins/tailscale/restart.sh -
22 minutes ago, rama3124 said:
That sounds very complicated, it seems like my best bet is just to wait till I've got local access. Once I have, do I just delete the docker container and install the plugin? No other setup steps or configuration required?
Yep, that's it. Install plugin, sign in to Tailscale through the WebGUI,
-
Just now, rama3124 said:
It seems like the general consensus is to use the plugin now rather than the docker container. I currently don't have local access to my server, is it still possible to change to the plugin while maintaining tailscale connection?
I'm assuming the answer is no since it seems I have to delete the docker container first (losing tailscale connection) before adding the plugin but I thought I'd check
You are correct, switching from the docker to the plugin will require disconnecting Tailscale... the two fight each other if they are running at the same time.
If you *really* wanted to try to do it remotely (not that I would recommend it), it might be possible if you get creative with the Tailscale admin console:
- Turn on device approval for your tailnet (Settings -> Device Management).
- Install the plugin and log in, but don't approve it yet.
- Stop the docker container (this will drop your connection to the server, but you should get it back in the next step)
- Approve the plugin connection in the Tailscale console.
The catch to this being (of course) that if anything goes wrong you've just lost your remote connection until you have local access again. Managing remote connections in-band is always a fun process
-
(Stopping by because I saw the Tailscale mention and decided to check the diagnostics to make sure it wasn't a plugin issue)
The good news: your server restarts a lot faster than you think.
The bad news: your server is definitely restarting.
Given that there's nothing in the syslog indicating why the reboot is happening, I would go back to what JorgeB indicated previously -- this seems like a hardware problem.
-
8 hours ago, aeryk said:
Hi, how do I refresh the auth token? It says "The Tailscale key will expire in 24 days on Sat, 20 Apr 2024 21:20:48 GMT."
But other than the "Erase" button, I don't see a Re-auth button or something. I'd prefer not to lose settings and risk subnet issues (sometimes it doesn't pick up on those on Tailscale side to approve)
There used to be a button in the Tailscale web interface to do the reauth, but it looks like that is gone. I'll have to get in touch with the Tailscale folks on that one.
In the meantime, you could disable key expiration via the Tailscale admin console, or use the CLI to do a reauth:
tailscale up --force-reauth
-
1
-
-
16 hours ago, rama3124 said:
Hi
Do I still need to add tailscale0 to listening interfaces under network settings and modify the go file? Or has this since been resolved in a more recently release? TIA
This has never been required with the plugin.
-
Just now, guybrush2012 said:
I don't understand this restriction. The apps have nothing to do with the subscription. These are Docker containers. 😞
That’s because in most cases it’s not a restriction (as you mention, particularly for Docker containers).
For plugin developers, the Unraid version is more important.
-
On 3/17/2024 at 12:55 PM, exwebjunkie said:
So when you did this, did the IP's / "machines" for each docker show up in the machines section of tailscale - assume I would need this to be able to get their tailscape IPs?
I followed all the advice but I only see my main NAS show up - nothing else - can connect to it via the tailscale IP but can't connect to anything else or see anything else..
This is normal. Docker containers don't show up independently in the Tailscale console; they're just treated as a part of the server.
If you're using a bridge Docker network (the usual default), you can just connect to tailscaleIP:dockerPort just like you would with the local IP.
If you're using br0/etc. networks in Docker (so that your containers get a separate IP address on your LAN), you'll have to do extra work to make them available via Tailscale. There are generally two ways to do this:
- Use a subnet router to make the LAN IPs accessible over Tailscale (this is what basically everyone in that situation does), or
- Configure Tailscale "sidecars" for each of your br0 containers.
-
On 3/10/2024 at 7:03 AM, jfr07 said:
I've tried re-installing the plugin and rebooting, but still the following message appears:
"Viewing: Cannot access this device’s Tailscale IP. Make sure you are connected to your tailnet, and that your policy file allows access."
So far I've only successfully advertised my Unraid as Exit Node, but that's it.
Also, when I try to open [TailScale IP]:5252 in my Unraid's Firefox, it only shows 3 loading / animation dots. Is it a sign of misconfiguration?
Vault-tailscale-diag-20240310-175701.zip 118.93 kB · 0 downloads
Your Tailscale state appears to be corrupt.
- Delete the server from the Tailscale admin console.
- Erase the plugin configuration (there’s a button in the plugin settings, I think it’s in advanced mode.)
- Log back in to Tailscale via the plugin.
-
On 3/9/2024 at 10:36 AM, betweenchaosandshape said:
Thank you for doing this. I installed the Tailscale plugin, but I can't access my Unraid server for some reason. I have my phone, my laptop, and my Unraid server logged into my Tailscale account. All three are connected and showing connected in the web console. I can ping my phone from my computer, and vice versa. But I can't ping or get to the web UI for Unraid from either device. I tried to leave all of the settings on the defaults. Not using an exit node or any subnet routes. I only want devices connected to Tailscale to be able to communicate with each other. Do you see anything obvious in the diagnostic logs that gives you an idea what I'm doing wrong?
SERENITY-tailscale-diag-20240309-072301.zip 160.8 kB · 0 downloads
I can see incoming pings and WebGUI traffic in the Tailscale log.
I'd probably have to see Tailscale logs from your clients to see if there's anything interesting there. It might just be easier to reset the config on your server, though. Here's what I'd recommend if you want to try that:
- Delete the Unraid server from the Tailscale admin console.
- Erase the plugin configuration (there’s a button in the plugin settings, I think it’s in advanced mode.)
- Reboot your Unraid server.
- Log back in to Tailscale via the plugin.
-
On 3/8/2024 at 4:04 PM, forlorn-daughter-in-law4915 said:
I installed the plugin today and things are working... for the most part.
I have pihole and ngnix proxy manager set up for local dns, and my unraid dashboard runs on port 180. Ngnix dashboard runs on unraids default dashboard port 80. Pihole ip is set up as primary dns server on my router.
If i connect via tailscale through my phone i can access all my services either via ip:port or my dns entries e.g sonarr.home, except for the unraid dashboard. It works using unraid.home but not by ip:180 directly. tailscale-ip:180 does not work either.
Trying to resolve the issue as it would be nice to be able to access unraid remotely in the case where docker service is not running.
Does anyone have an idea whats wrong with my setup here? Likely its some misconfiguration on my part with nginx 🙃
Unraid-tailscale-diag-20240308-213458.zip 189 kB · 0 downloads
From the Tailscale side, everything looks fine.
If you've been accessing the WebGUI from your phone, you might be accidentally crashing the WebGUI. There's been a known issue with the WebGUI and mobile devices (in particular Android devices)... essentially, if a tab with the WebGUI gets left open (even in the background), it eventually causes problems for the server.
QuoteMar 8 20:59:11 Unraid nginx: 2024/03/08 20:59:11 [alert] 9049#9049: worker process 16775 exited on signal 6
Mar 8 21:00:45 Unraid nginx: 2024/03/08 21:00:45 [alert] 9049#9049: worker process 21513 exited on signal 6
Mar 8 21:00:47 Unraid nginx: 2024/03/08 21:00:47 [alert] 9049#9049: worker process 26056 exited on signal 6
Mar 8 21:00:47 Unraid nginx: 2024/03/08 21:00:47 [alert] 9049#9049: worker process 26107 exited on signal 6
Mar 8 21:02:21 Unraid nginx: 2024/03/08 21:02:21 [alert] 9049#9049: worker process 26112 exited on signal 6
Mar 8 21:02:23 Unraid nginx: 2024/03/08 21:02:23 [alert] 9049#9049: worker process 30348 exited on signal 6
Mar 8 21:03:57 Unraid nginx: 2024/03/08 21:03:57 [alert] 9049#9049: worker process 30384 exited on signal 6
Mar 8 21:03:59 Unraid nginx: 2024/03/08 21:03:59 [alert] 9049#9049: worker process 2003 exited on signal 6
Mar 8 21:05:31 Unraid nginx: 2024/03/08 21:05:31 [alert] 9049#9049: worker process 2057 exited on signal 6
Mar 8 21:05:33 Unraid nginx: 2024/03/08 21:05:33 [alert] 9049#9049: worker process 6588 exited on signal 6
Mar 8 21:05:35 Unraid nginx: 2024/03/08 21:05:35 [alert] 9049#9049: worker process 6687 exited on signal 6
Mar 8 21:05:35 Unraid nginx: 2024/03/08 21:05:35 [alert] 9049#9049: worker process 6725 exited on signal 6
Mar 8 21:05:37 Unraid nginx: 2024/03/08 21:05:37 [alert] 9049#9049: worker process 6727 exited on signal 6
Mar 8 21:05:39 Unraid nginx: 2024/03/08 21:05:39 [alert] 9049#9049: worker process 6874 exited on signal 6
Mar 8 21:05:39 Unraid nginx: 2024/03/08 21:05:39 [alert] 9049#9049: worker process 6974 exited on signal 6
Mar 8 21:07:13 Unraid nginx: 2024/03/08 21:07:13 [alert] 9049#9049: worker process 6976 exited on signal 6
Mar 8 21:07:15 Unraid nginx: 2024/03/08 21:07:15 [alert] 9049#9049: worker process 11399 exited on signal 6
Mar 8 21:08:49 Unraid nginx: 2024/03/08 21:08:49 [alert] 9049#9049: worker process 11621 exited on signal 6
[Plugin] Tailscale
in Plugin Support
Posted
You have to switch to the editing mode by clicking the "Viewing" button in the web interface.
Alternately, you can use the Tailscale CLI to enable exit node.