April 14Apr 14 unRAID OS: 7.3.0-beta2docker container: JoplinNew to unRAID, but had success deploying tailscale within Mealie and getting certificate via TS Serve. It was cool. Mealie being PWA, https in browser enables some features, so this was very helpful.Was hoping to do all my docker services to be shared this way, but running into a snag on my second docker container deployment, Joplin. I get the following error in logs after running:Executing Unraid Docker Hook for Tailscale ERROR: No root privileges! ERROR: Unraid Docker Hook script throw an error! Starting container without Tailscale! Starting container...My Joplin works fine, and do it the original way, point it at Tailscale IP of server, and in ACLs allow port 22300 access. I guess https isn't required for Joplin so not a huge issue; but alasI was hoping to have all my dockers as a device on tailnet that I just run with tags; but I guess when I get to spinning up Plex again, I'll have to share out my server with port ACLs on it anyways?Curious for peoples' feedback on tailscale deployment in the container and getting certificate via serve, vs running the "old-school" way and having port ACLs/Grants on your server in tailscale.Thank you!
April 27Apr 27 Community Expert Extra parameter -u 0:0 (or --user 0:0) does work but makes Joplin run with root permissions. For a home lab this might be acceptable...
April 29Apr 29 Author On 4/27/2026 at 9:06 AM, Tom7320 said:Extra parameter -u 0:0 (or --user 0:0) does work but makes Joplin run with root permissions. For a home lab this might be acceptable... Thank you for your response. Ya, I'd like to avoid running as root if possible. Just curious why joplin requires this, or throws this error, while others have no issue with the tailscale hook without root permission.
April 29Apr 29 Community Expert Good question which I can't answer unfortunately...I do not use the build in Tailscale mechanism anymore. I switched all my Dockers to Tailscale services. This way I can use Joplin for example without being root (-u 0:0):TailscaleTailscale Services · Tailscale DocsSecurely connect to and manage access to your internal resources using Tailscale Services.
June 14Jun 14 On 4/29/2026 at 9:38 AM, mikescott said:Thank you for your response. Ya, I'd like to avoid running as root if possible. Just curious why joplin requires this, or throws this error, while others have no issue with the tailscale hook without root permission.Have you managed to fix it? For me using either -u 0:0 or --user 0:0 doesn't work.EDIT: I've made a mistake, I've put -u 0:0 in the Tailscale extra parameters under Tailscale advanced settings instead of enabling the docker advanced settings in the top right corner.Then Tailscale threw an error ERROR: Couldn't detect persistent Docker directory for .tailscale_state! Please enable Tailscale Advanced Settings in the Docker template and set the Tailscale State Directory manually! To fix it I've created a new path under "Add another Path, Port, Variable, Label or Device".Name: Tailscale StateContainer Path: /tailscale-dataHost Path: /mnt/user/appdata/joplin-server-tailscale/Under Tailscale advanced Settings at the bottom add /tailscale-data/.tailscale_state in Tailscale State Directory. Edited June 14Jun 14 by siiire Correction and new information
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.