Jump to content

[Support] Tailscale Support Thread

dsmith44

By dsmith44
in Docker Containers

Recommended Posts

dsmith44 Apprentice

dsmith44

Posted
  • Author
Posted
4 minutes ago, Duckers said:

Hoi, tailscale is now all set up on my end, unraid as exit node, i can browse the web and everything. But i can't seem to access unraid's webui or anything. Nor browse the shares over SMB with x-plore. docker logs shows it's accepting, but still can't access anything of the server.

Please use the plugin instead.

 

This is only for specialist use cases now.

Link to comment
  • 4 weeks later...
  • Replies 336
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Ragemachinest
Ragemachinest

Adding on from my previous post, I wanted to access to other machines in my home network that I can't install tailscale on (IP cameras, etc). To solve for this, I made sure the "Network Type" was set

dsmith44
dsmith44

Hello everyone.   Tailscale for unraid has become rather more popular than I ever imagined, when I started this it was in the great tradition of scratching my own itch, wanting to access my

sdballer
sdballer

I had the same issue... The Log tells you what to update in the advanced setting: --advertise-exit-node --advertise-routes=192.168.1.0/24 --stateful-filtering   newly added to mine.

Posted Images

  • 2 weeks later...
sdballer Rookie

sdballer

Posted
Posted (edited)
1 hour ago, blaine07 said:

1.66.4 won't stay running on my Unraid; not sure if just me or what...

 

 

 

I had the same issue... The Log tells you what to update in the advanced setting:

--advertise-exit-node --advertise-routes=192.168.1.0/24 --stateful-filtering

 

newly added to mine.

--stateful-filtering

 

working now.

 

Edited by sdballer
  • Like 1
  • Thanks 2
Link to comment
blaine07 Enthusiast

blaine07

Posted
Posted
50 minutes ago, sdballer said:

 

 

I had the same issue... The Log tells you what to update in the advanced setting:

--advertise-exit-node --advertise-routes=192.168.1.0/24 --stateful-filtering

 

newly added to mine.

--stateful-filtering

 

working now.

 

What exactly does stateful filtering do/is it for?

Link to comment
sdballer Rookie

sdballer

Posted
Posted (edited)
50 minutes ago, blaine07 said:

What exactly does stateful filtering do/is it for?

 

https://tailscale.com/security-bulletins

Description: Insufficient inbound packet filtering in subnet routers and exit nodes

May 8, 2024

TS-2024-005

 

Quote

Stateful packet filtering on packet-forwarding nodes

On Linux packet-forwarding nodes we added stateful packet filtering. This means that these nodes keep track of forwarded connections and only allow return packets for existing outbound connections. Inbound packets that don't belong to an existing connection are dropped.

Because routing is implemented differently on non-Linux platforms, this mitigation is only necessary on Linux.

Stateful filtering is enabled by default.......

 

Edited by sdballer
  • Like 1
  • Thanks 1
Link to comment
Degn Noob

Degn

Posted
Posted (edited)
On 5/22/2024 at 4:50 AM, sdballer said:

 

 

I had the same issue... The Log tells you what to update in the advanced setting:

--advertise-exit-node --advertise-routes=192.168.1.0/24 --stateful-filtering

 

newly added to mine.

--stateful-filtering

 

working now.

 

Thanks mate!

The fix worked for me.

Edited by Degn
Link to comment
Rothemich Noob

Rothemich

Posted
Posted

I’d like to ssh via Tailscale from a device on my tailnet (let’s call it “TN2”) into my Unraid server which is running the Tailscale plugin.  As expected, running 

/app/tailscale set --ssh

from the Tailscale docker container’s CLI enables my Unraid server for ssh (confirmed at my Tailscale admin console "machines" page), but (also as expected), this only grants access to files INSIDE the Tailscale docker container.  As I would like access to other folders/files of my broader Unraid server array (i.e. for back-up to that other “TN2” tailnet device), does anyone have a best practice for opening up for broader array access?

 

I can swap the direction, having the Unraid system initiate the ssh to my other tailnet device (“TN2”), but I’d prefer to orchestrated from "TN2" side into the Unraid server.

 

Any suggestions?

Link to comment
Rothemich Noob

Rothemich

Posted
Posted
On 5/24/2024 at 1:54 PM, Rothemich said:

I’d like to ssh via Tailscale from a device on my tailnet (let’s call it “TN2”) into my Unraid server which is running the Tailscale plugin.  As expected, running 

/app/tailscale set --ssh

from the Tailscale docker container’s CLI enables my Unraid server for ssh (confirmed at my Tailscale admin console "machines" page), but (also as expected), this only grants access to files INSIDE the Tailscale docker container.  As I would like access to other folders/files of my broader Unraid server array (i.e. for back-up to that other “TN2” tailnet device), does anyone have a best practice for opening up for broader array access?

 

I can swap the direction, having the Unraid system initiate the ssh to my other tailnet device (“TN2”), but I’d prefer to orchestrated from "TN2" side into the Unraid server.

 

Any suggestions?


Nevermind ^^.  I conflated docker container and plugin.

Link to comment
dsmith44 Apprentice

dsmith44

Posted
  • Author
Posted

Hello everyone.

 

At this point I want to step back from supporting this docker container, I don't use it personally at all. That was clear with the recent update that I just pushed without testing it at all, sorry but as I said I don't use this and have no interest in it anymore.

 

For 99%+ of people the plugin is better and should be used. 

 

For the 1% of people doing odd things, you have some choices to make.

  • Some of you take over the management of this, it's easy, run a script, push to docker hub
    • I'l work with you and good folk at Unraid on how to best manage the transition as I have no idea
  • You individually use the script to build your own images
  • Something else - ideas on a postcard

I'm going to put a date of the end of June for the last updates I will push to this, so after that unless someone wants to pick this up it will go stale at that point.

 

  • Confused 2
Link to comment
  • 2 weeks later...
EDACerton Enthusiast

EDACerton

Posted
Posted

I added a template that installs the official Tailscale Docker container, it is available in CA as "Tailscale-Docker". The official container should be suitable for the advanced use cases which require a separate Tailscale instance.

 

 

Link to comment
dsmith44 Apprentice

dsmith44

Posted
  • Author
Posted

@EDACerton has suggested to me that his template that uses the official docker container becomes the replacement for my container. I think this is a good idea, and thank you.

 

We'll work together to test/document cut over and then I'll update the instructions for this to reference his.

 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...