Everything posted by dsmith44
-
[Support] Tailscale Support Thread
That's spot on. Security will be down to the ACLs you have setup in tailscale, which I think by default is any<>any, but doesn't have to be. This is a bit of a rabbit hole though, and not something we can really provide support on here. Tailscale ACL documentation
-
[Support] Tailscale Support Thread
The domain must be the one you setup in the tailscale admin portal, under DNS->Tailnet name. Nothing else will work.
-
[Support] Tailscale Support Thread
If you don't use Tailscale ssh then you will connect to the host and not the container, as the container is running in host networking mode. This is how I run it, so I can just ssh to my unraid server using the tailscale ip address.
-
[Support] Tailscale Support Thread
Hi @ubermetroid & @Cyborg What are you trying to do here? If you open a console to the docker container, and have enabled HTTPS certs and magic DNS in you tailnet it will issue a cert. /app # ./tailscale cert unraid.not-mine.ts.net Wrote public cert to unraid.not-mine.ts.net.crt Wrote private key to unraid.not-mine.ts.net.key /app # What you are to do with this though I don't know, as it will just have unraid.not-mine.ts.net as a hostname. If you tried to use this for unraid itself you will get errors if you ever connect to it without using the full tailscale address. So while this works it's totally unsupported as has no sensible use case I can see.
-
[Support] Tailscale Support Thread
I have pushed 1.34.0==1.34 but have not changed latest tag and won't for a while due to usual .0,.1,.2 in quick sucession.
-
[Support] Tailscale Support Thread
The purpose of this container is to allow access to unraid itself over tailscale and as such uses host based networking. If you did manage to get this working you would be somewhat on your own.
-
[Support] Tailscale Support Thread
latest = 1.32.3 = 1.32 Largely a security fix for Windows versions
-
[Support] Tailscale Support Thread
latest = 1.32.2 = 1.32
-
[Support] Tailscale Support Thread
If you can connect with 100.x.x.x:port then tailscale is working, so not sure this is the right place to ask I'm afraid.
-
[Support] Tailscale Support Thread
That's not quite true. The tailscale daemon runs in the container, but as the container is set to use host networking it's using the unraid network stack. @RyanRoberts210 try using the tailscale ip addresses directly instead of discovery, that should work to my mind.
-
[Support] Tailscale Support Thread
1.30 = 1.30.2 = latest new version pushed
-
[Support] Tailscale Support Thread
What do you mean by 'I can't access anytbing'? Can you ping the IP address of the unraid box over tailscale ( the 100.x.x.x adress ) ?
-
[Support] Tailscale Support Thread
On that subject get a cheap USB serial adapter and connect it to something else I have mine connected to a pinhole, then I always have a serial console.
-
[Support] Tailscale Support Thread
I don’t think there is a Slackware build provided by tailscale. So if you want - get golang installed, compile from source (https://github.com/tailscale/tailscale) and setup, that will probably work. How you get it to start at boot, not stop with array etc I don’t know. Would probably warrant a plug-in being written or put in a feature request Dean
-
[Support] Tailscale Support Thread
Maybe - You are on your own however I think that if you are running tailscale in host mode, the default, then any other containers running in host mode should be able to connect to tailscale ip addresses. However I have never tested this, won't be testing it, and certainly won't be support it as a use case. Sorry.
-
[Support] Tailscale Support Thread
I'm sorry, this isn't really a tailscale docker issue. I would suggest talking to nextcloud maintainers and/or wider unraid community. This is behaving exactly as planned. However a few comments. Unraid isn't using the tailscale cert, so it exists in the docker container data in /mnt/user/appdata tailscale somewhere, but unraid won't be picking that up. You may not want it to anyway as then _only_ the unraid.<server-alias>.ts.net will ever be valid. If you do, I'd look into putting something inti /boot/config/go to put the certs in the right place, but you'd have to ask elsewhere for where that is.
-
[Support] Tailscale Support Thread
Are the routes enabled in the tailscale admin console? If not they won't work. https://tailscale.com/kb/1019/subnets/ If they are I'd check the networking mode of the docker container. From your description I think you will need to ensure it's running in host mode, ie. using the network stack of the main unraid server. To be honest this is unsupported config for this container. If you read back in the history, and is really just there via the additional flags for people that need it, understand it and can troubleshoot. I'm just not setup to do network troublshooting. My advice for exit nodes it not to run them in docker, put tailscale on a firewall/raspberry pi/anything else. Inside docker, in unraid, is always going to be complicated to diagnose without intimate knowledge of how docker networking interacts with underlying unraid config, linux kernel and tailscale.
-
[Support] Tailscale Support Thread
latest = 1.28.0 = 1.28
-
[Support] Tailscale Support Thread
As I have said before.... Please note I normally skip 1.xx.0 releases as there are often bug fix releases shortly afterwards. In any event I will wait at least two weeks after a 1.xx.0 release before updating latest, or normally even pushing a build. I have now added this to the front page of this support article. However I have now pushed dev-1.28.0, but this is untested, so use at your own risk.
-
[Support] Tailscale Support Thread
1.26.1 == 1.26 == latest - New version pushed.
-
[Support] Tailscale Support Thread
There quite open about how it all works, and from my understanding their piece just facilitates the setup of connections, they never see the keys. https://tailscale.com/blog/how-tailscale-works/
-
[Support] Tailscale Support Thread
I have uploaded version 1.26.0 but have not updated latest tag, I'll wait a week or so. https://hub.docker.com/layers/unraid-tailscale/deasmi/unraid-tailscale/1.26/images/sha256-d5e42c4cefaefbf2cd0fd714960ad992532b1c80793ca469c0911fbc7750fc43?context=explore
-
[Support] Tailscale Support Thread
I am not entirely clear this is anything to do with tailscale, as the address of the server over tailscale is going to start 100.x.x.x not 10. or 192. If you are running a container in bridge mode and it listens on port 8080 for example then you should be able to connect to http://100.x.x.x:8080 from any tailscale connected device.
-
[Support] Tailscale Support Thread
Thank you for spotting. With the XML changes needed for the new version I'd uploaded an invalid file. I'm hoping now fixed and will re-appear.
-
[Support] Tailscale Support Thread
A quick update for people on two open issues. Firstly the TSL certificate issues, this all seems happily fixed now. I'm also happy to report that the download feature can now be used as well. I will be pushing these features as latest tag as well as 1.24.2-downloads, as there is already a 1.24.2. Latest now has this supported pease use that ongoing. Please see instructions at the top of this thread. @martial @hvddrift @plantsandbinary @Rocka374 @wolfNZ I think you were all looking for a soltion to the certificate issue, hope this helps. @FoxyNC Your downloads can now work ! I'd also like to thank https://github.com/hugochinchilla for beta testing the downloads