[Plugin] Tailscale

EDACerton

By EDACerton
in Plugin Support

Recommended Posts

EDACerton Rookie

EDACerton

Posted
Posted (edited)

logo.png Tailscale

unraid-tailscale trunk unraid-tailscale

 

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. The service handles complex network configuration on your behalf so that you don't have to. Network connections between devices pierce through firewalls and routers as if they weren't there, allowing for direct connections without the need to manually configure port forwarding.
        
After installing, open the console and use the tailscale CLI to configure: https://tailscale.com/cli

Configuration

The plugin provides an option to "Enable IP Forwarding" via the Settings page. This is useful for running exit nodes or subnet routers.

 

Most users will simply need to run tailscale up and log in via their web browser. You may also want to disable key expiration for your server (either by using an auth key when connecting, or afterwards via the Tailscale admin console).

Contributing

Issue reports and pull requests are welcome on Github: https://github.com/dkaser/unraid-tailscale

Edited by EDACerton
Update
  • Like 6
  • Thanks 5
Link to comment
  • Replies 124
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

EDACerton
EDACerton

Tailscale   Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. The service handles complex networ

EDACerton
EDACerton

2023.05.25b Update Tailscale to 1.42.0 Add Tailscale web interface to Settings page Add page for Tailscale / plugin logs Switch Taildrop implementation to use native Unrai

EDACerton
EDACerton

Changelog https://github.com/dkaser/unraid-tailscale/releases

Posted Images

ptichalouf Rookie

ptichalouf

Posted
Posted (edited)

i use this cmd personaly, i hope this will help someone :) 

 

with this cmd before still in unraid terminal

 

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
sudo sysctl -p /etc/sysctl.d/99-tailscale.conf

 

 

tailscale up --advertise-exit-node --accept-routes --advertise-routes=192.168.1.0/24

Edited by ptichalouf
Link to comment
ADvorsky Newbie

ADvorsky

Posted
Posted

just for your info.... tailscales magic dns might break your docker containers.

/etc/resolv.conf gets copied to all freshly started contaieners from the host, which points to a dns not existing inside the container...

disabling magic dns resolved this issue.

Link to comment
EDACerton Rookie

EDACerton

Posted
  • Author
Posted (edited)
2 hours ago, ptichalouf said:

i use this cmd personaly, i hope this will help someone :) 

 

with this cmd before still in unraid terminal

 

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
sudo sysctl -p /etc/sysctl.d/99-tailscale.conf

 

 

tailscale up --advertise-exit-node --accept-routes --advertise-routes=192.168.1.0/24

 

For everyone else’s benefit — as a general rule, if you aren’t already familiar with the extra flags here (and know you need them), just run tailscale up.
 

FYI -- the first three commands won't survive reboot -- Unraid doesn't act like a traditional linux system, any changes that are made to /etc are lost when the system is rebooted.

 

Fortunately, in this case the impact would be fairly small -- Unraid already sets IPv4 forwarding, so the only thing that you should lose would be IPv6 via the exit node. If you want for that to persist, you would need to modify sysctl on boot using a technique such as https://forums.unraid.net/topic/61544-how-to-modify-etcsysctlconf-on-boot/. This is something that I might look as adding as an option in an update to the plugin.

 

 

Edited by EDACerton
  • Like 1
Link to comment
EDACerton Rookie

EDACerton

Posted
  • Author
Posted
9 minutes ago, ADvorsky said:

just for your info.... tailscales magic dns might break your docker containers.

/etc/resolv.conf gets copied to all freshly started contaieners from the host, which points to a dns not existing inside the container...

disabling magic dns resolved this issue.

This can be the case for Docker containers that are connected to the default "bridge" network, but that is expected behavior from Docker.

 

If you want for Docker containers to have internal DNS resolution (i.e., being able to resolve the other containers by name), you need to create a user-defined bridge (reference: Docker documentation). Docker containers connected to a user-defined bridge get an internal DNS server.

  • Like 1
Link to comment
EDACerton Rookie

EDACerton

Posted
  • Author
Posted
13 minutes ago, gustyScanner said:

Fantastic plugin, thank you for working on it! Exit node as a setting to persist across reboots would be fantastic.

Just for clarity -- exit node will persist across reboots, the only thing that doesn't is enabling IPv6 forwarding.

  • Like 1
Link to comment
Nexus Rookie

Nexus

Posted
Posted

I installed this plugin then ran 

 

tailscale up --advertise-exit-node --accept-routes --advertise-routes=192.168.1.0/24

 

Now, my system is unresponsive and I had to do a hard reboot and it's not coming back :(

 

I need to go hookup a keyboard and display to try and recover. Any ideas where to start?  

Link to comment
EDACerton Rookie

EDACerton

Posted
  • Author
Posted (edited)
17 minutes ago, Nexus said:

I installed this plugin then ran 

 

tailscale up --advertise-exit-node --accept-routes --advertise-routes=192.168.1.0/24

 

Now, my system is unresponsive and I had to do a hard reboot and it's not coming back :(

 

I need to go hookup a keyboard and display to try and recover. Any ideas where to start?  

Something about this command probably didn't mesh nicely with your network... it's enabling several extra features that affect how traffic moves.

As a general rule, start with tailscale up, only add other flags if you know you need them.

 

To fix your connection, I'd run the following from CLI: 

tailscale set --accept-routes=false --advertise-exit-node=false --advertise-routes=""

 

Edited by EDACerton
Link to comment
Nexus Rookie

Nexus

Posted
Posted (edited)
3 hours ago, EDACerton said:

Something about this command probably didn't mesh nicely with your network... it's enabling several extra features that affect how traffic moves.

As a general rule, start with tailscale up, only add other flags if you know you need them.

 

To fix your connection, I'd run the following from CLI: 

tailscale set --accept-routes=false --advertise-exit-node=false --advertise-routes=""

 


Thanks. I opted to boot with no plugins loaded and delete the plugin and plugins directory and reboot. I'll wait a bit until wiser ones than me can play around with this :) 

 

Edited by Nexus
Link to comment
EDACerton Rookie

EDACerton

Posted
  • Author
Posted
23 hours ago, Nexus said:


Thanks. I opted to boot with no plugins loaded and delete the plugin and plugins directory and reboot. I'll wait a bit until wiser ones than me can play around with this :) 

 

If what you want is to be able to connect to Unraid remotely, and Docker containers running on bridge networks, then you can install the plugin and run tailscale up (no flags), that should work just fine.

 

The other features are all more advanced networking, so adding them incorrectly can cause issues.

  • Upvote 1
Link to comment
SomeoneOnLine Newbie

SomeoneOnLine

Posted
Posted (edited)

All though I haven't tried this plugin.....yet. I definitely will be once I get back on land in a few days. Thanks for this. Now to see if and when someone can make a headscale plugin to pair up with this plugin.

 

Thanks for this!

 

~SOL

Edited by SomeoneOnLine
spell check!
Link to comment
rukiftw Newbie

rukiftw

Posted
Posted

anyway to get access to br0 dockers?

with dsmith44's docker tailscale verison and docker host network access enabled, it can access br0 dockers. So far i have been unable to get this plugin to do the same. any ideas?

Link to comment
EDACerton Rookie

EDACerton

Posted
  • Author
Posted
1 hour ago, rukiftw said:

anyway to get access to br0 dockers?

with dsmith44's docker tailscale verison and docker host network access enabled, it can access br0 dockers. So far i have been unable to get this plugin to do the same. any ideas?

Honestly, I'm not really certain how that worked in the first place :)

 

You could probably use the subnet router option to get a similar effect. The other option is to sidecar a Tailscale container to your other containers. This is possible with the existing Docker container, I'm also chatting with dsmith44 a little bit about how that could be made easier.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing