Feliberto Posted March 19, 2022 Share Posted March 19, 2022 Hello all. I'm trying to connect Frigate in my unraid server at home to my parents camera at my parents home. I have Tailscale configured in my unraid server as a docker with working advertised routes. And I have a Raspbery pi with Tailscale at my parents home, also with working advertised routes. If I use my laptop with Tailscale i can connect to both networks from anywhere. Sadly, Frigate can't connect to my parents camera using the advertised route. Should I also install tailscale inside Frigate Docker Container?? if so, how should I do it?, I just failed miserably to do so. Quote Link to comment
Viper-694 Posted March 28, 2022 Share Posted March 28, 2022 Where are logs saved for this container? For some reason the connection between my two unraid servers keeps disconnecting and I want to find the moment that happens in the logs. Restarting the container fixes the problem but eventually i keep getting these. 2022/03/27 23:53:05 open-conn-track: timeout opening (TCP => ) to node []; online=yes, lastRecv=7s 2022/03/27 23:53:08 open-conn-track: timeout opening (TCP => ) to node []; online=yes, lastRecv=10s 2022/03/27 23:53:09 open-conn-track: timeout opening (TCP => ) to node []; online=yes, lastRecv=0s 2022/03/27 23:53:09 [RATELIMIT] format("open-conn-track: timeout opening %v to node %v; online=%v, lastRecv=%v") Quote Link to comment
hvddrift Posted March 28, 2022 Share Posted March 28, 2022 On 2/9/2022 at 12:44 AM, dsmith44 said: I think this shouldwork fine, but will need some command line stuff. I will investigate. Sent from my iPad using Tapatalk Hi Were you able to get this working? I tried on the console: ./tailscale cert "unraid.###############.tailscale.net" but I get the response: unexpected output: no delimiter Am I missing something simple, or could you please point me in the right direction? Thanks Quote Link to comment
dsmith44 Posted March 29, 2022 Author Share Posted March 29, 2022 On 3/28/2022 at 1:49 AM, Viper-694 said: Where are logs saved for this container? For some reason the connection between my two unraid servers keeps disconnecting and I want to find the moment that happens in the logs. Restarting the container fixes the problem but eventually i keep getting these. 2022/03/27 23:53:05 open-conn-track: timeout opening (TCP => ) to node []; online=yes, lastRecv=7s 2022/03/27 23:53:08 open-conn-track: timeout opening (TCP => ) to node []; online=yes, lastRecv=10s 2022/03/27 23:53:09 open-conn-track: timeout opening (TCP => ) to node []; online=yes, lastRecv=0s 2022/03/27 23:53:09 [RATELIMIT] format("open-conn-track: timeout opening %v to node %v; online=%v, lastRecv=%v") There is no logfile saved that I'm aware of, all logs go to stdout as per docker standard - so everything that's logged will be under the 'Logs' menu in unraid if you click on the container name. Quote Link to comment
dsmith44 Posted March 29, 2022 Author Share Posted March 29, 2022 On 3/28/2022 at 10:40 AM, hvddrift said: Hi Were you able to get this working? I tried on the console: ./tailscale cert "unraid.###############.tailscale.net" but I get the response: unexpected output: no delimiter Am I missing something simple, or could you please point me in the right direction? Thanks I am getting the same thing I'm afraid. I have filed a bug report, lets see what they say. https://github.com/tailscale/tailscale/issues/4322 1 Quote Link to comment
Viper-694 Posted March 30, 2022 Share Posted March 30, 2022 15 hours ago, dsmith44 said: There is no logfile saved that I'm aware of, all logs go to stdout as per docker standard - so everything that's logged will be under the 'Logs' menu in unraid if you click on the container name. That explains why I couldn't find it. I did figure out the issue though. I was updating a few things that caused a short interruption in my internet connection and for what ever reason tailscale would fail to reconnect to my backup server. I quick restart of the container and everything has been fine since. Quote Link to comment
plantsandbinary Posted April 9, 2022 Share Posted April 9, 2022 Could someone please share a way to generate an SSL cert for tailscale on Unraid? The tailscale cert doesn't work either from inside the container, nor on my host machine. Quote Link to comment
dsmith44 Posted April 25, 2022 Author Share Posted April 25, 2022 Could someone please share a way to generate an SSL cert for tailscale on Unraid? Thetailscale cert doesn't work either from inside the container, nor on my host machine.This is unfortunately a bug, I think, and is open with upstream.https://github.com/tailscale/tailscale/issues/4322Sent from my iPad using Tapatalk Quote Link to comment
hvddrift Posted April 26, 2022 Share Posted April 26, 2022 (edited) On 3/30/2022 at 7:56 AM, dsmith44 said: I am getting the same thing I'm afraid. I have filed a bug report, lets see what they say. https://github.com/tailscale/tailscale/issues/4322 Seeing if this response on the github issue page may shed some light. Quote I don't remember what the issue was, and I'm using a different container-based setup, but I know I fixed it by setting both --state and --statedir. So if that's something that you can override, that might be a way to work around it. Edited April 26, 2022 by hvddrift Quote Link to comment
Rocka374 Posted May 3, 2022 Share Posted May 3, 2022 If I enable "Use SSL/TLS:" or set it to auto in "Management Access", I can't connect with the Tailscale IP even if I put the HTTP(S) port after it, and/or even if I manually type "http://" and/or "https://" before it. Quote Link to comment
dsmith44 Posted May 3, 2022 Author Share Posted May 3, 2022 On 4/25/2022 at 10:02 PM, dsmith44 said: This is unfortunately a bug, I think, and is open with upstream. https://github.com/tailscale/tailscale/issues/4322 Sent from my iPad using Tapatalk I think the advice provided has fixed this, I see a key and crt file created, however am not sure how to use this feature. Can someone who does please pull deasmi/unraid-tailscale:dev-1.24.2 and try it out. I'd like some people to check this before I promote to latest. Thanks 1 Quote Link to comment
Slowrider8 Posted May 4, 2022 Share Posted May 4, 2022 I set up this docker and it seems to work mostly fine with letting me connect to my server and it's dockers from anywhere, except seemingly for Plex. It would try to load but give me a could not connect error eventually. I found out the only way to fix this was to set my unraid server up as a subnet router providing its own LAN address, then everything worked as it should. I'm not sure why though Plex doesn't work without this change, and I'm concerned it won't let me share access to the Plex server to anyone else as according to tailscales documention, sharing quarantines the user into not having access to subnet routed devices. Any insight into why this might be happening? Quote Link to comment
wolfNZ Posted May 24, 2022 Share Posted May 24, 2022 (edited) I understand @dsmith44 that this is out of scope for the project and i'm not asking for this function to be supported by you . I'm trying to get access to my subnet and webgui while maintaining an HTTPS connection. On 4/17/2020 at 7:11 PM, Ragemachinest said: Adding on from my previous post, I wanted to access to other machines in my home network that I can't install tailscale on (IP cameras, etc). To solve for this, I made sure the "Network Type" was set to "bridge". I went in to the console for the Tailscale docker container and ran the following (my home network is 192.168.1.0/24 - change this to match your network): tailscale up --advertise-routes=192.168.1.0/24 After running this, I logged in to the Tailscale admin portal at https://login.tailscale.com/admin/machines and for my unraid box clicked the ... on the menu on the far right and click "Enable subnet routes" Back in the docker console I ran: vi /etc/sysctl.d/00-alpine.conf I added a line: net.ipv4.ip_forward=1 then saved the file. I ran the command: echo 0 | tee /proc/sys/net/ipv4/conf/tailscale0/rp_filter I ran the command: iptables -t nat -A POSTROUTING -j MASQUERADE I could then hit my internal IPs from an iPhone on LTE e.g. http://192.168.1.145 let me hit my IP cams web interface I rebooted and the settings persisted, so it seems to be a permanent setup now. I followed all these steps (My ISP also uses CGNAT). I am yet to be able to access the webGUI or local devices via tailscale. I can however, ping and make an SSH connection to the tailscale unraid server IP. I am currently using the provisioned TLS certification in the unraid Access Management console (set to auto) which is probably the issue. I'd like to keep my HTTPS enabled if there is a way. Do you have SSL/TLS enabled @Ragemachinest? Has anyone figured out how to set up Tailscale with the Unraid TLS certification and provide access to the local subnet? Thanks Edited May 24, 2022 by wolfNZ Quote Link to comment
dsmith44 Posted May 24, 2022 Author Share Posted May 24, 2022 (edited) A quick update for people on two open issues. Firstly the TSL certificate issues, this all seems happily fixed now. I'm also happy to report that the download feature can now be used as well. I will be pushing these features as latest tag as well as 1.24.2-downloads, as there is already a 1.24.2. Latest now has this supported pease use that ongoing. Please see instructions at the top of this thread. @martial @hvddrift @plantsandbinary @Rocka374 @wolfNZ I think you were all looking for a soltion to the certificate issue, hope this helps. @FoxyNC Your downloads can now work ! I'd also like to thank https://github.com/hugochinchilla for beta testing the downloads Edited July 9, 2022 by dsmith44 2 Quote Link to comment
JM2005 Posted May 25, 2022 Share Posted May 25, 2022 What happened to your deasmi/unraid-tailscale docker in the unraid app store? I just looked and its gone. 1 Quote Link to comment
dsmith44 Posted May 25, 2022 Author Share Posted May 25, 2022 2 hours ago, JM2005 said: What happened to your deasmi/unraid-tailscale docker in the unraid app store? I just looked and its gone. Thank you for spotting. With the XML changes needed for the new version I'd uploaded an invalid file. I'm hoping now fixed and will re-appear. Quote Link to comment
Auden69 Posted June 9, 2022 Share Posted June 9, 2022 Hello, I just configured tailscale. It's very easy to use but i've a little problem when I want open gui of a service... Ie : My ip connection is 10.100.23.9:1234 I want to open my torrent docker (clicking on gui link) but It doesn't go to 10.100.23.9:8080 but to 192.168.23.9:8080... So it's not ok. If I type 10.100.23.9:8080 in my browser it's ok. How to fix it ? Thanks. Quote Link to comment
dsmith44 Posted June 9, 2022 Author Share Posted June 9, 2022 10 hours ago, Auden69 said: Hello, I just configured tailscale. It's very easy to use but i've a little problem when I want open gui of a service... Ie : My ip connection is 10.100.23.9:1234 I want to open my torrent docker (clicking on gui link) but It doesn't go to 10.100.23.9:8080 but to 192.168.23.9:8080... So it's not ok. If I type 10.100.23.9:8080 in my browser it's ok. How to fix it ? Thanks. I am not entirely clear this is anything to do with tailscale, as the address of the server over tailscale is going to start 100.x.x.x not 10. or 192. If you are running a container in bridge mode and it listens on port 8080 for example then you should be able to connect to http://100.x.x.x:8080 from any tailscale connected device. Quote Link to comment
dsmith44 Posted June 9, 2022 Author Share Posted June 9, 2022 I have uploaded version 1.26.0 but have not updated latest tag, I'll wait a week or so. https://hub.docker.com/layers/unraid-tailscale/deasmi/unraid-tailscale/1.26/images/sha256-d5e42c4cefaefbf2cd0fd714960ad992532b1c80793ca469c0911fbc7750fc43?context=explore 1 Quote Link to comment
blaine07 Posted June 14, 2022 Share Posted June 14, 2022 (edited) I am on 1.24.2 and downloads aren't working correctly. I'll send something to Unraid server, Tailscale log shows receiving it, but the file is never in destination I pointed it to on Unraid Server. Any ideas? EDIT: Upgraded to 1.26.0 and all the files appeared; even the ones that weren't showing up earlier. It's like the upgrade forced them all to show up from hours ago today when I was mucking with it. ODD. Edited June 14, 2022 by blaine07 Quote Link to comment
thewave Posted June 15, 2022 Share Posted June 15, 2022 So I’ve recently discovered and installed Tailscale and it seems great, but I do have some concerns about security. It seems that if someone has access to my google account they now have ssh access to my entire unraid server.. is this not a big concern? Quote Link to comment
David Chevalier Posted June 15, 2022 Share Posted June 15, 2022 2 hours ago, thewave said: So I’ve recently discovered and installed Tailscale and it seems great, but I do have some concerns about security. It seems that if someone has access to my google account they now have ssh access to my entire unraid server.. is this not I would suggest creating a dedicated email address for this specific use. That would limit the risk. In my case I use Microsoft authentication with 2FA when connecting to Tailscale so it's more secure. You can do it with Google too. Quote Link to comment
thewave Posted June 15, 2022 Share Posted June 15, 2022 7 hours ago, FoxyNC said: I would suggest creating a dedicated email address for this specific use. That would limit the risk. In my case I use Microsoft authentication with 2FA when connecting to Tailscale so it's more secure. You can do it with Google too. I use 2FA with my google account - how do I enable it for Tailscale? Quote Link to comment
David Chevalier Posted June 15, 2022 Share Posted June 15, 2022 6 hours ago, thewave said: I use 2FA with my google account - how do I enable it for Tailscale? Just enable 2FA on your Google account and it will be active whenever you need to log into it. It's not specific to one external app. Quote Link to comment
JM2005 Posted June 16, 2022 Share Posted June 16, 2022 Just wondering how safe Tailscale is security wise? They seem to log a lot of information about what IP's , hostnames and more while connected. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.