[Plugin] Tailscale

[TBT]

3 hours ago, Comfuzio said:

A quick question, why do we have such a large delay to catch up with the main release?
I am running a few other platforms and when I visit the admin console of tailscale it is always the unraid's version that is outdated and by the time it catches up, then a new version of tailscale comes and again my unraid servers are with the update arrow.

 

Maybe because @EDACerton also has a life and needs to work on incorporating every new release into the plugin!? And because probably tests are done before launching them to the general public?

 

Sounds a tad bit ungrateful to such a great developer.

[EDACerton]

4 hours ago, TBT said:

 

Maybe because @EDACerton also has a life and needs to work on incorporating every new release into the plugin!? And because probably tests are done before launching them to the general public?

 

Sounds a tad bit ungrateful to such a great developer.

Thanks for the backup

 

However, to answer the original question from @Comfuzio : switch to the "Preview" version of the plugin. I updated that one within hours of the last release (right after I did my local testing).

 

The "regular" version of the plugin gets the update around a week after the preview version does.

Edited February 21 by EDACerton

[Duckers]

Hoi, i installed the new fancy plugin, but got 1 issue, 1 question:

1: Can't set my server as a exit node when added through the plugin
2: How can i setup a "subnet mask" for the tailscale IP to redirect my game server on unraid to use tailscale? As my ISP blocks all "fun", i can't host game servers as is. And when i tried to enter my server with game's port at the end of tailscale IP, it didn't work.

[lightsout]

Thanks for this plugin. I am still learning how it all works. I have installed it on my unraid server and on my phone. My goal is to login to docker services on my phone with the local home addresses of 192.168.1.192:xxxx

This is because I have some apps that are already setup to connect to these services locally. Is this a possibility? Sorry if this is obvious there is a lot of jargon that I don't quite get.

[Laov]

On 2/23/2024 at 5:32 PM, Duckers said:

Hoi, i installed the new fancy plugin, but got 1 issue, 1 question:

1: Can't set my server as a exit node when added through the plugin
2: How can i setup a "subnet mask" for the tailscale IP to redirect my game server on unraid to use tailscale? As my ISP blocks all "fun", i can't host game servers as is. And when i tried to enter my server with game's port at the end of tailscale IP, it didn't work.

1. Unraid Settings -> Tailscale -> Run as exit node. Confirm on tailscale web page and you are done.
2. Subnet mask does not redirect anything. It can only advertise your local IPs to tailscale. I asked @EDACerton to add full syntax for --advertise-routes in to HELP section as people CONSTANTLY ask for it but it is still not there  You will have to make due with the tailscale link:
https://tailscale.com/kb/1019/subnets
 

@lightsout for you its the same #2. You need to advertise the subnet you want available over tailscale.

[lightsout]

2 minutes ago, Laov said:

1. Unraid Settings -> Tailscale -> Run as exit node. Confirm on tailscale web page and you are done.
2. Subnet mask does not redirect anything. It can only advertise your local IPs to tailscale. I asked @EDACerton to add full syntax for --advertise-routes in to HELP section as people CONSTANTLY ask for it but it is still not there  You will have to make due with the tailscale link:
https://tailscale.com/kb/1019/subnets
 

@lightsout for you its the same #2. You need to advertise the subnet you want available over tailscale.

Thanks, I came across that page but wanted to ask before I went and started messing with stuff.

[gamerayers]

I installed the tailscale plugin and when I restart it appears that nginx won't start now due to something on port 80. If I turned off the tailscale plugin, it seems to work fine. I switched to port 81, but the redirect from port 80 to 443 then doesn't work correctly. I'm curious if there is a good way to fix this. Has anybody else run into this? It appears to be exclusive to the tailscale plugin causing the issues.

 

FYI, the nginx won't start on port 80 for the management terminal. I already have it set to https, so it should be using 443, but the http port for redirect to https is port 80. When I do a:
 

lsof -i :80 | grep LISTEN

I get
 

tailscale 1045 root   34u  IPv6 481363296      0t0  TCP [x:x:x::x:x]:http (LISTEN)
tailscale 1045 root   35u  IPv4 481382452      0t0  TCP x.x.x.x:http (LISTEN)

Basically showing that it is tailscale that has that port opened and why nginx can't open it for management-redirect.

Edited March 1 by gamerayers
added info.

[EDACerton]

8 hours ago, gamerayers said:

I installed the tailscale plugin and when I restart it appears that nginx won't start now due to something on port 80. If I turned off the tailscale plugin, it seems to work fine. I switched to port 81, but the redirect from port 80 to 443 then doesn't work correctly. I'm curious if there is a good way to fix this. Has anybody else run into this? It appears to be exclusive to the tailscale plugin causing the issues.

 

FYI, the nginx won't start on port 80 for the management terminal. I already have it set to https, so it should be using 443, but the http port for redirect to https is port 80. When I do a:
 

lsof -i :80 | grep LISTEN

I get
 

tailscale 1045 root   34u  IPv6 481363296      0t0  TCP [x:x:x::x:x]:http (LISTEN)
tailscale 1045 root   35u  IPv4 481382452      0t0  TCP x.x.x.x:http (LISTEN)

Basically showing that it is tailscale that has that port opened and why nginx can't open it for management-redirect.

Tailscale wouldn't usually open up port 80 on its own. Can you run diagnostics from inside the Tailscale settings?

[EDACerton]

22 hours ago, Laov said:

2. Subnet mask does not redirect anything. It can only advertise your local IPs to tailscale. I asked @EDACerton to add full syntax for --advertise-routes in to HELP section as people CONSTANTLY ask for it but it is still not there  You will have to make due with the tailscale link:
https://tailscale.com/kb/1019/subnets

Adding guidance or functionality for advertised routes isn't in my plans for the plugin at this point.

 

That functionality is now provided via Tailscale's built-in web interface.

[gamerayers]

5 hours ago, EDACerton said:

Tailscale wouldn't usually open up port 80 on its own. Can you run diagnostics from inside the Tailscale settings?

 

SuperMicro-tailscale-diag-20240301-223355.zip

[EDACerton]

1 hour ago, gamerayers said:

 

SuperMicro-tailscale-diag-20240301-223355.zip 290.23 kB · 0 downloads

I can see where Tailscale is starting to listen on port 80, but that's not something that it would ordinarily do on its own.

 

Have you run any CLI commands to set up "extra" features of Tailscale, like "tailscale serve" or "tailscale funnel"?

[gamerayers]

11 hours ago, EDACerton said:

I can see where Tailscale is starting to listen on port 80, but that's not something that it would ordinarily do on its own.

 

Have you run any CLI commands to set up "extra" features of Tailscale, like "tailscale serve" or "tailscale funnel"?

I did in a docker, trying to add a sidecar, but I removed that since it wasn't working.

I think I attempted to do the cert early on, but then realized that I needed to change the name to be the name of my domain on tailscale and I wasn't ready to do that.

Would it be advisable to delete the plugin and try again? or do you think that it would leave me in the same situation with port 80 taken?

[EDACerton]

1 minute ago, gamerayers said:

I did in a docker, trying to add a sidecar, but I removed that since it wasn't working.

I think I attempted to do the cert early on, but then realized that I needed to change the name to be the name of my domain on tailscale and I wasn't ready to do that.

Would it be advisable to delete the plugin and try again? or do you think that it would leave me in the same situation with port 80 taken?

It seems like there’s something stuck that’s making Tailscale try to open port 80. 
 

You could try this:

 

1. Delete the related entries from the Tailscale admin console. 
2. Erase the plugin configuration (there’s a button in the plugin settings, I think it’s in advanced mode.)

3. Log back in to Tailscale via the plugin. 

[gamerayers]

5 minutes ago, EDACerton said:

It seems like there’s something stuck that’s making Tailscale try to open port 80. 
 

You could try this:

 

1. Delete the related entries from the Tailscale admin console. 
2. Erase the plugin configuration (there’s a button in the plugin settings, I think it’s in advanced mode.)

3. Log back in to Tailscale via the plugin. 

OK, so that is super interesting. I was able to do all of that, and as soon as I erased the plugin configuration it was clear nothing was running on port 80 anymore.

Time to try to reset the nginx to use port 80. Fingers crossed.

[gamerayers]

1 minute ago, gamerayers said:

OK, so that is super interesting. I was able to do all of that, and as soon as I erased the plugin configuration it was clear nothing was running on port 80 anymore.

Time to try to reset the nginx to use port 80. Fingers crossed.

Yep all fixed. Thanks for the help. And agreed, super weird.

[Masterwishx]

Is some one tryed to setup remote syslog as another tailscale client domain name? 

When I set short domain it's working fine but after reboot Becouse rsyslog start befor tailscale plugin it's can't resolve domain name. I will try Ip instead but not sure it will also work... 

[EDACerton]

11 minutes ago, Masterwishx said:

Is some one tryed to setup remote syslog as another tailscale client domain name? 

When I set short domain it's working fine but after reboot Becouse rsyslog start befor tailscale plugin it's can't resolve domain name. I will try Ip instead but not sure it will also work... 

The IP would be a better choice here... you'll lose the logs from while Tailscale isn't running, but once Tailscale comes up it should work.

 

As you've seen, rsyslog won't be able to resolve a MagicDNS name on boot.

[Masterwishx]

7 minutes ago, EDACerton said:

As you've seen, rsyslog won't be able to resolve a MagicDNS name on boot.

 

Yes , but seems the IP is working Fine ....

[Masterwishx]

@EDACerton not sure what happened , but found i cant ping from console at short domain name of other clients ...

[chilled-bouillabaisse6517]

Hi I was using the Tailscale plugin for a few months and it was working great. I recently deleted it in order to troubleshoot another issue I was having with Unraid, turns out Tailscale wasn’t the issues. Anyway, I reinstalled the plugin and now I have been unable to get it to work. 

[MrCravon]

I changed from the docker container to this plugin recently. I had some issues getting started but when I used the following command i got it up and running the way (i think) i wanted it:

 

tailscale up --accept-routes --advertise-exit-node --advertise-routes=192.168.30.0/24,192.168.40.0/24 --reset

 

And it seems to work the way I had it set up with the docket version with one exception. I can access everything on my network except the unraid web interface? Am i missing something?

[Johnny4233]

Hi,

 

getting some trouble too.

 

i was using the docker container for tail scale. was working flawless. since a few days it stops working. I switched to this plugin version. same problem.

 

i connect 2 unraid server together. then I want to mount a share with unassigned devices. 

 

Ping Unraid <-Tailscale-> Unraid works good. connection ok.

 

But unassigned devices say, mount point is offline... 

in network settings, I set the network extra "tailscale1"...

 

but there seems a setting I missed? the past 1 year it was working good. 

 

any idea? 🙂

 

Edit:

Netbios is off

tryed the extra smb conf

NASty-tailscale-diag-20240306-213055.zip

Edited March 6 by Johnny4233

[EDACerton]

12 hours ago, Johnny4233 said:

Hi,

 

getting some trouble too.

 

i was using the docker container for tail scale. was working flawless. since a few days it stops working. I switched to this plugin version. same problem.

 

i connect 2 unraid server together. then I want to mount a share with unassigned devices. 

 

Ping Unraid <-Tailscale-> Unraid works good. connection ok.

 

But unassigned devices say, mount point is offline... 

in network settings, I set the network extra "tailscale1"...

 

but there seems a setting I missed? the past 1 year it was working good. 

 

any idea? 🙂

 

Edit:

Netbios is off

tryed the extra smb conf

NASty-tailscale-diag-20240306-213055.zip 217.91 kB · 0 downloads

It looks like the connection is starting, but the server with UD seems to be terminating the connection ("got RST by peer") when it gets a response:

 

Quote

2024/03/06 21:26:07 open-conn-track: flow TCP (TCP 100.114.21.21:45178 => 100.72.40.79:445) got RST by peer
2024/03/06 21:26:07 Accept: TCP{100.72.40.79:445 > 100.114.21.21:45178} 40 tcp non-syn
2024/03/06 21:26:08 Accept: TCP{100.114.21.21:45190 > 100.72.40.79:445} 60 ok out
2024/03/06 21:26:08 open-conn-track: flow TCP (TCP 100.114.21.21:45190 => 100.72.40.79:445) got RST by peer
2024/03/06 21:26:26 Accept: TCP{100.72.40.79:33024 > 100.114.21.21:445} 124 tcp non-syn
2024/03/06 21:26:37 Accept: TCP{100.114.21.21:49934 > 100.72.40.79:445} 60 ok out
2024/03/06 21:26:37 open-conn-track: flow TCP (TCP 100.114.21.21:49934 => 100.72.40.79:445) got RST by peer

You might want to check logs on that server to see if that helps show what it's unhappy about.

Edited March 7 by EDACerton

[EDACerton]

On 3/4/2024 at 1:06 PM, chilled-bouillabaisse6517 said:

Hi I was using the Tailscale plugin for a few months and it was working great. I recently deleted it in order to troubleshoot another issue I was having with Unraid, turns out Tailscale wasn’t the issues. Anyway, I reinstalled the plugin and now I have been unable to get it to work. 

 

On 3/5/2024 at 10:24 AM, MrCravon said:

I changed from the docker container to this plugin recently. I had some issues getting started but when I used the following command i got it up and running the way (i think) i wanted it:

 

tailscale up --accept-routes --advertise-exit-node --advertise-routes=192.168.30.0/24,192.168.40.0/24 --reset

 

And it seems to work the way I had it set up with the docket version with one exception. I can access everything on my network except the unraid web interface? Am i missing something?

 

13 hours ago, valhalla540 said:

Hoping for some assistance. I'm working on a remote Unraid server for backups. The server will be placed in a families house. I have tailscale running on both servers and isolated them from each other on a VLAN. I can ping each other with the tailnet IPs ( and the local IPs are blocked).

 

I'm trying to get Duplicati to connect from the home server to the remote server but can't seem to figure out how to access the Tailnet IP.

 

I'm assume I'm missing something specific regarding the setting in either the tailscale plugin or in docker. 

 

Are there additional steps required to get docker images to access the tailnet IPs? Or has anyone set up remote backups with tailscale and if so what's your preferred backup app/docker and is there guide for it  Thank you for any assistance. 

Diagnostics from inside the plugin settings please.

[Laov]

On 3/2/2024 at 12:07 AM, EDACerton said:

Adding guidance or functionality for advertised routes isn't in my plans for the plugin at this point.

 

That functionality is now provided via Tailscale's built-in web interface.

 

I was unable to find it. The built-in web interface only shows routes that you advertised with no ability to add new ones in version 1.60.0.