[Plugin] Tailscale

EDACerton

By EDACerton
in Plugin Support

Recommended Posts

Recommended

Posted by EDACerton,

Common Issues I can't access the WebGUI after logging in to Tailscale This is usually caused by enabling the "Use Tailscale Subnets" feature. This feature isn't needed for most installs. Usually, if this happens the WebGUI is still accessible via the Tailscale IP/name. Try connecting via that address, then disable "Use Tailscale Subnets". If you don't know the Tailscale IP for your server, you can get it from ano
Recommended by EDACerton
  • Like

4 reactions

Go to this post
phishfi Noob

phishfi

Posted
Posted (edited)

I'm struggling to get this configured correctly ever since the 6.12 update to UnRAID.

 

Previously, I was using the Tailscale docker container, but I just found this Plugin while I was troubleshooting.

 

Basically, what I need is to configure Tailscale such that when I share my device to other Tailscale users, they can access the UnRAID shares via SMB. This was previously working perfectly by just having the UnRAID server shared to the Tailscale user (my dad), but now I'm able to reach any of the web interfaces via the Tailscale IP, but SMB times out when I try to browse to 

\\<Tailscale IP>\

or  

\\<Tailscale IP>\<Share Name>

 

Edit: I experience the same issue when trying to access a share from my phone over SMB as well. So it has nothing to do with the fact that I'm sharing the device over Tailscale to another user.

Edited by phishfi
Link to comment
  • Replies 726
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

EDACerton
EDACerton

Tailscale     Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. The service handles complex netw

EDACerton
EDACerton

2023.05.25b Update Tailscale to 1.42.0 Add Tailscale web interface to Settings page Add page for Tailscale / plugin logs Switch Taildrop implementation to use native Unrai

EDACerton
EDACerton

Common Issues I can't access the WebGUI after logging in to Tailscale This is usually caused by enabling the "Use Tailscale Subnets" feature. This feature isn't neede

Posted Images

EDACerton Contributor

EDACerton

Posted
  • Author
Posted
On 7/1/2023 at 1:37 PM, mihcox said:

 

I do notice that it does happen twice, once on initial boot, and a second time during the array start.

I’ll have to poke around this some more. Other folks have reported similar messages, but I’ve never seen them on my system. I’ll probably try to add some diagnostic output in a future release to try and understand where these are coming from. 

Link to comment
TBT Noob

TBT

Posted
Posted (edited)
On 7/2/2023 at 7:18 PM, phishfi said:

but SMB times out when I try to browse to 

\\<Tailscale IP>\

or  

\\<Tailscale IP>\<Share Name>

Can cofirm, this happens with Tailscale and Zerotier as well since 6.12.0. I am on 6.12.2, still not fixed. I have all the mentioned tricks applied, does not work.

 

  

On 7/2/2023 at 8:51 PM, EDACerton said:

Which version of 6.12 are you on? There was a bug in 6.12.0 that affected SMB. 

It is still in there with 6.12.2.

 

Edited by TBT
Link to comment
trevorstarick Noob

trevorstarick

Posted
Posted

I'm still encountering the issue where as soon as I have tailscale running, I'm unable to access the GUI or SSH via the non-tailenet IP. I can SSH but not access the GUI via the tailnet IP. Has been happening since 6.12.0, on 6.12.2 and still there. Have the same issue on multiple Unraid boxes. I've attached my diagnostics while tailscale is not running and while it is running.

modnardev-diagnostics-20230704-1748-running.zip modnardev-diagnostics-20230704-1746-notrunning.zip

Link to comment
EDACerton Contributor

EDACerton

Posted
  • Author
Posted
13 minutes ago, trevorstarick said:

I'm still encountering the issue where as soon as I have tailscale running, I'm unable to access the GUI or SSH via the non-tailenet IP. I can SSH but not access the GUI via the tailnet IP. Has been happening since 6.12.0, on 6.12.2 and still there. Have the same issue on multiple Unraid boxes. I've attached my diagnostics while tailscale is not running and while it is running.

modnardev-diagnostics-20230704-1748-running.zip 115.78 kB · 0 downloads modnardev-diagnostics-20230704-1746-notrunning.zip 115.19 kB · 0 downloads

I’ll take a look later on. I might need for you to run diags again in a day or two… the next plugin release will have some better diagnostics in it. 

Link to comment
phishfi Noob

phishfi

Posted
Posted
On 7/3/2023 at 3:36 PM, TBT said:

Can cofirm, this happens with Tailscale and Zerotier as well since 6.12.0. I am on 6.12.2, still not fixed. I have all the mentioned tricks applied, does not work.

 

  

It is still in there with 6.12.2.

 

 

So this isn't a completely safe fix, but it did the job for fixing my Tailscale SMB connectivity:

 

Add the following to you SMB Extra config in settings - > SMB:

 

Quote

[global]
bind interfaces only = no
interfaces = lo tailscale1 br0

You might only need to include the Tailscale interface name, whatever's relevant when you run `IP addr` from the Unraid terminal. 

  • Thanks 2
Link to comment
EDACerton Contributor

EDACerton

Posted
  • Author
Posted
5 hours ago, trevorstarick said:

I'm still encountering the issue where as soon as I have tailscale running, I'm unable to access the GUI or SSH via the non-tailenet IP. I can SSH but not access the GUI via the tailnet IP. Has been happening since 6.12.0, on 6.12.2 and still there. Have the same issue on multiple Unraid boxes. I've attached my diagnostics while tailscale is not running and while it is running.

modnardev-diagnostics-20230704-1748-running.zip 115.78 kB · 0 downloads modnardev-diagnostics-20230704-1746-notrunning.zip 115.19 kB · 0 downloads

Can you update to the latest plugin version (2023.07.05b) and then run the Tailscale diagnostics?

 

Settings -> Tailscale -> Help -> Click the "Download diagnostic package" link.

Link to comment
trevorstarick Noob

trevorstarick

Posted
Posted
2 hours ago, EDACerton said:

Can you update to the latest plugin version (2023.07.05b) and then run the Tailscale diagnostics?

 

Settings -> Tailscale -> Help -> Click the "Download diagnostic package" link.

Thanks! Attached the diags. This is with tailscale still being in the down state as I can't access the UI to grab it in the running state. Let me know if there's something you need me to grab off the box or run while tailscale is "up"

modnardev-tailscale-diag-20230705-020610.zip

Link to comment
ThatDude Apprentice

ThatDude

Posted
Posted

First of all thanks for this plugin, it's much needed IMO as running TailScale or ZeroTier in a docker doesn't work unless the array is mounted.

 

I've installed the plugin and 'tailscale up' to add to my tailscale network.

 

I can ping the unraid server from my remote machine but no other services work, SSH, HTTP, SMB etc.

 

Can anyone point me in the right direction? unRAID v6.12.0

Link to comment
ThatDude Apprentice

ThatDude

Posted
Posted
8 minutes ago, ThatDude said:

First of all thanks for this plugin, it's much needed IMO as running TailScale or ZeroTier in a docker doesn't work unless the array is mounted.

 

I've installed the plugin and 'tailscale up' to add to my tailscale network.

 

I can ping the unraid server from my remote machine but no other services work, SSH, HTTP, SMB etc.

 

Can anyone point me in the right direction? unRAID v6.12.0

 

It looks like recent builds of unRAID lockdown services, which is a good thing!

 

To enable SSH I had to edit /etc/ssh/sshd_config and add my tailscale IP in the listen section:

  

Port 22
AddressFamily any
ListenAddress 192.168.1.250
ListenAddress 100.94.227.51    <-------- here
ListenAddress fd7a:115c:a1e0:ab12:4843:cd96:625e:e333

 

Then restart SSH with 

 /etc/rc.d/rc.sshd restart

 

This seems to have updated /boot/config/ssh/sshd_config which I guess means it will work across reboots (I can't test this right now)

 

I guess there will be a similar process for the other services on unRAID

 

  • Like 1
Link to comment
ThatDude Apprentice

ThatDude

Posted
Posted
3 minutes ago, bonienl said:

 

 

Thanks so much @bonienl I totally missed that post.

 

If Tailscale is running as a plugin presumably I just need to run  /usr/local/emhttp/webGui/scripts/reload_services from the go script to get the web interface working. I'm specifically interested in getting the Tailscale plugin operational before the array is brought online as I need to type in my encryption key before the array can start.

 

Link to comment
EDACerton Contributor

EDACerton

Posted
  • Author
Posted
Just now, ThatDude said:

 

Thanks so much @bonienl I totally missed that post.

 

If Tailscale is running as a plugin presumably I just need to run  /usr/local/emhttp/webGui/scripts/reload_services from the go script to get the web interface working. I'm specifically interested in getting the Tailscale plugin operational before the array is brought online as I need to type in my encryption key before the array can start.

 

In your case it was probably just a timing issue… the one thing that I can’t easily catch is the first connection to Tailscale (when you log in to Tailscale to authorize the device). My guess is that’s what you encountered, then after rebooting everything worked fine.

 

The plugin triggers the reload_services script at startup, so you shouldn’t need to run that from your go file.

  • Like 1
Link to comment
ThatDude Apprentice

ThatDude

Posted
Posted
4 hours ago, EDACerton said:

In your case it was probably just a timing issue… the one thing that I can’t easily catch is the first connection to Tailscale (when you log in to Tailscale to authorize the device). My guess is that’s what you encountered, then after rebooting everything worked fine.

 

The plugin triggers the reload_services script at startup, so you shouldn’t need to run that from your go file.

 

That correlates - thanks for the clarification.

Link to comment
phishfi Noob

phishfi

Posted
Posted
On 7/4/2023 at 9:35 PM, phishfi said:

 

So this isn't a completely safe fix, but it did the job for fixing my Tailscale SMB connectivity:

 

Add the following to you SMB Extra config in settings - > SMB:

 

You might only need to include the Tailscale interface name, whatever's relevant when you run `IP addr` from the Unraid terminal. 

 

Just a follow up in case anyone ever finds this solution useful. It appears binding lo causes some issues with Docker containers accessing the shares. I recommend just including the Tailscale interface name and seeing how well that works before making any additional changes.

Link to comment
EDACerton Contributor

EDACerton

Posted
  • Author
Posted
1 hour ago, SensibleSalmon said:

Is there any way to pass a login_server param to the underlying tailscale daemon? I'm trying to link my unraid host to my headscale instance. (Docs here). I didn't see anything in the plugin settings.

In concept, it’s possible to add that feature, but I can’t currently test that. Are you on Discord at all? If so, ping me there (@edacerton) and we can chat. 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing