Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Tailscale Support Thread

Featured Replies

  • Author
On 5/19/2020 at 7:22 PM, fserb said:

I'm pretty sure there's an issue with Tailscale's iptables rules and Unraid's docker iptables.

I've also tried using tailscale tip of tree, but no success there either.

Someone who understands Unraid iptables better would have an easier time with this.

 

dsmith, I have a suggestion for your docker-entrypoint.sh. Replace the bottom lines with:


(sleep 10; tailscape up) &

exec tailscaled --state=/state/tailscaled.state

it's much nicer than your current while loop. ;)

 

 

 

I don't know what people have against the poor venerable while loop 😎, but I have changed to use a 'sleep infinity' instead which is slightly cleaner.

 

Whilst your method will work, and is elegant, it's less 'obvious' about ordering, so I think I'll leave that alone.

 

 

 

 

  • Replies 350
  • Views 131.8k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Ragemachinest
    Ragemachinest

    Adding on from my previous post, I wanted to access to other machines in my home network that I can't install tailscale on (IP cameras, etc). To solve for this, I made sure the "Network Type" was set

  • Hello everyone.   Tailscale for unraid has become rather more popular than I ever imagined, when I started this it was in the great tradition of scratching my own itch, wanting to access my

  • sdballer
    sdballer

    I had the same issue... The Log tells you what to update in the advanced setting: --advertise-exit-node --advertise-routes=192.168.1.0/24 --stateful-filtering   newly added to mine.

Posted Images

Question... not sure if this is the right place to ask this. 

I have 2 Ethernet ports on my server. 
Eth1 is 10.0.0.8 (local traffic)

Eth2 is running 10.1.0.5 (internet)

 

do you know a way I can use TailScale to work on Eth 2, but access docker containers I have on Eth1 network? 
 

I am trying to use InfluxDB to receive info from different endpoints through port 8086 on Eth1, but run Tailscale through the internet on Eth2 and allow port 8086 on Eth1.

 

This is kinda what I am aiming for: 

DXuhlCy.png

Edited by ghulican

  • Author
5 hours ago, ghulican said:

Question... not sure if this is the right place to ask this. 

I have 2 Ethernet ports on my server. 
Eth1 is 10.0.0.8 (local traffic)

Eth2 is running 10.1.0.5 (internet)

 

do you know a way I can use TailScale to work on Eth 2, but access docker containers I have on Eth1 network? 
 

I am trying to use InfluxDB to receive info from different endpoints through port 8086 on Eth1, but run Tailscale through the internet on Eth2 and allow port 8086 on Eth1.

 

This is kinda what I am aiming for: 

DXuhlCy.png

If the influx container is only listening on the ETH1 ip address, bridge mode, then I'm afraid this container probably isn't going to work for you.

 

This will only allow you to access containers that listen on the tailscale interface ip address itself, not eth1, eth2 or any other interfaces. It is not providing a gateway to 'other networks' just exposing the Unraid server itself to tailscale.'other networks' in this context means absolutely anything that isn't the IP address of the tailscale interface.

 

If you can make influxDB also bind to the tailscale interface then it will work.

 

I'm not keen on trying to turn this into a VPN gateway solution, nor am I sure that's even possible with a docker container rather than a plugin.

 

 

Hey, great work here! Does anyone know how to change hostname? Not sure where I'd add the extra parameters. Thanks!

4 minutes ago, yitzi said:

Hey, great work here! Does anyone know how to change hostname? Not sure where I'd add the extra parameters. Thanks!

Go on the container Edit page, on the top right, press on "basic view" (to switch to advanced). Find the "Extra Parameters" field. Either add or edit the `--hostname` to use the hostname you want.

3 minutes ago, fserb said:

Go on the container Edit page, on the top right, press on "basic view" (to switch to advanced). Find the "Extra Parameters" field. Either add or edit the `--hostname` to use the hostname you want.

Thanks!! That basic switch gets me sometimes.

  • Author
On 6/3/2020 at 4:46 PM, ghulican said:

Do you know a way that we can use the ACL tags? I know this is a beta feature, but I assume it will be the same in prod? 

https://tailscale.com/kb/1068/acl-tags

I believe ACL support is only available in the paid version, which I do not have, nor have a need for.

 

As such I am not planning to look at ACLs.

 

Sorry.

After ZeroTier stopped working for me for some reason, I was advised to try your Tailscale Docker.

So I installed the Tailscale Docker, got the network ID via Ragemachinest instructions and registered it via the link in the console, and now see it in my Tailscale Dashboard. Then installed Tailscale on my MBP. Still no sight of my unRAID system in my Network, though. Maybe I will first need to register my MBP with my Tailscale account as well? I don't see it in my Dashboard.

Maybe I don't correctly understand the purpose of Tailscale, but since it was recommended to me as an alternative to ZeroTier, which after first configured showed my unRAID system in my Finder Network, I thought that Tailscale will also server this purpose (amongst other much more lower-level functions, I am sure).

Am I misunderstanding what this Docker allows me to do? If the main function I want is to implement unRAID in my local network via the Finder Network *and* get to the unRAID webUI, will this work when correctly configured?

  • Author
2 hours ago, tillkrueger said:

After ZeroTier stopped working for me for some reason, I was advised to try your Tailscale Docker.

So I installed the Tailscale Docker, got the network ID via Ragemachinest instructions and registered it via the link in the console, and now see it in my Tailscale Dashboard. Then installed Tailscale on my MBP. Still no sight of my unRAID system in my Network, though. Maybe I will first need to register my MBP with my Tailscale account as well? I don't see it in my Dashboard.

Maybe I don't correctly understand the purpose of Tailscale, but since it was recommended to me as an alternative to ZeroTier, which after first configured showed my unRAID system in my Finder Network, I thought that Tailscale will also server this purpose (amongst other much more lower-level functions, I am sure).

Am I misunderstanding what this Docker allows me to do? If the main function I want is to implement unRAID in my local network via the Finder Network *and* get to the unRAID webUI, will this work when correctly configured?

Looking at the Zerotier docker post that links here it looks like you got connectivity working, you can connect by IP to your unraid server's tailscale address.

 

I do not believe that tailscale support multicast or broadcast traffic, so there won't be any way to get Bonjour working and have your Unraid appear as a browsable machine.

 

Ok, I guess I can’t have it all with this, but I am glad to have an easier method to administer and connect to my unRAID by means of your Docker.

Thank you!


Sent from my iPhone using Tapatalk

  • 4 months later...
  • Author

A couple of updates.

 

I have changed the template to pull latest rather than versioned builds, tailscale itself is developing more slowly now so this feels appropriate.

Please change the 'Repository' to deasmi/unraid-tailscale:latest to use this.

 

Secondly I've merged in support for passing flags to tailscale. 

If you want to use this define a variable UP_FLAGS.

These will be appended to the command that invokes tailscale.

 

Please note if you are using UP_FLAGS I cannot provide support until it is removed, but I recognise some people may want to try subnet routing and the like.

Thanks to @shayne for this.

 

Dean

  • 2 weeks later...
On 10/19/2020 at 6:30 PM, dsmith44 said:

A couple of updates.

 

I have changed the template to pull latest rather than versioned builds, tailscale itself is developing more slowly now so this feels appropriate.

Please change the 'Repository' to deasmi/unraid-tailscale:latest to use this.

 

Secondly I've merged in support for passing flags to tailscale. 

If you want to use this define a variable UP_FLAGS.

These will be appended to the command that invokes tailscale.

 

Please note if you are using UP_FLAGS I cannot provide support until it is removed, but I recognise some people may want to try subnet routing and the like.

Thanks to @shayne for this.

 

Dean

 

Hi Dean, can you double check the template is set to use :latest? I did a fresh install from community apps today and it defaulted to a versioned tag (which is quite out of date at this point).

  • Author
On 3/18/2021 at 11:14 PM, Alexstrasza said:

 

Hi Dean, can you double check the template is set to use :latest? I did a fresh install from community apps today and it defaulted to a versioned tag (which is quite out of date at this point).

 

I have no idea why you are seeing this, the repo with the template in has clear latest tag. I've just done a clean install and got latest tag. Can you totally remove the image and try?

 

Latest tag in dockerhub tag is 1.6.0 - https://hub.docker.com/layers/deasmi/unraid-tailscale/latest/images/sha256-89c29de3e44120014a41b9399c09a97732794527b0aff5cc3fcd1d8bb28abd6d?context=repo

 

On 3/23/2021 at 9:46 AM, dsmith44 said:

Can you totally remove the image and try?

 

On a fresh reinstall I can confirm the template picked up had :latest, so I have no idea why I got an old 2020 build when I first downloaded. My best guess is some cursed CA caching or something, but it doesn't seem to be happening any more so I guess it's fixed 😅?

 

Did you have a chance to look into the warning about exit nodes I mentioned above? I'm definitely still getting this on the container vs my Raspberry Pi, but the subnet and exit route features are 100% working, so I'm not sure the cause for the warning.

 

UPDATE: This turned out to be because I had IPv6 forwarding off on my host.

 

image.png.cb345ec11f120f33c4d0bac674d700ec.png

Edited by Alexstrasza
Explain reason for error

  • 1 month later...
Quote

Where can I find a setup guide for this? Also, do you need to download wireguard as well?

 

On 3/23/2021 at 5:34 PM, Alexstrasza said:

On a fresh reinstall I can confirm the template picked up had :latest, so I have no idea why I got an old 2020 build when I first downloaded. My best guess is some cursed CA caching or something, but it doesn't seem to be happening any more so I guess it's fixed 😅?

 

Did you have a chance to look into the warning about exit nodes I mentioned above? I'm definitely still getting this on the container vs my Raspberry Pi, but the subnet and exit route features are 100% working, so I'm not sure the cause for the warning.

 

UPDATE: This turned out to be because I had IPv6 forwarding off on my host.

 

image.png.cb345ec11f120f33c4d0bac674d700ec.png

 

I've been trying to get subnet relay to work, have added a flag with --advertise-routes=192.168.5.0/24 (This is the subnet my unraid box is on). And it shows up in the tailscale dashboard, but after i have enabled it i can't ping any of my devices on that subnet. Did you have to change any other settings in Unraid to get it working?

 

15 hours ago, Fillwe said:

 

I've been trying to get subnet relay to work, have added a flag with --advertise-routes=192.168.5.0/24 (This is the subnet my unraid box is on). And it shows up in the tailscale dashboard, but after i have enabled it i can't ping any of my devices on that subnet. Did you have to change any other settings in Unraid to get it working?

 

 

It should just work, because I believe UnRaid IPv4 forwarding is on by default (it did and was for me). Try double checking with https://tailscale.com/kb/1104/enable-ip-forwarding/

Edited by Alexstrasza

 

10 hours ago, Alexstrasza said:

 

It should just work, because I believe UnRaid IPv4 forwarding is on by default (it did and was for me). Try double checking with https://tailscale.com/kb/1104/enable-ip-forwarding/

Yeah sorry never mind, it was working without any further configuration. I can reach other devices on the subnet and my containers running as bridge/host. But as soon as I turn on the subnet routing I can’t seem to be able the reach my Pi-Hole container. It’s configured with its own ip on that subnet. But I suspect it clashes somehow?

 

I have another network card on the way though which I was planning on using mostly for the Pihole container. Hopefully that might help the situation.

 

If anybody else has gotten Pi-Hole and this container to work when both are hosted on Unraid, I’m all ears!

Edited by Fillwe

12 hours ago, Fillwe said:

 

Yeah sorry never mind, it was working without any further configuration. I can reach other devices on the subnet and my containers running as bridge/host. But as soon as I turn on the subnet routing I can’t seem to be able the reach my Pi-Hole container. It’s configured with its own ip on that subnet. But I suspect it clashes somehow?

 

I have another network card on the way though which I was planning on using mostly for the Pihole container. Hopefully that might help the situation.

 

If anybody else has gotten Pi-Hole and this container to work when both are hosted on Unraid, I’m all ears!

 

This is probably due to the fact that Docker containers are prevented from talking to the host by default. So the traffic will be trying to do this:

 

You -> Tailscale tunnel -> Tailscale Docker on Unraid Host -x> Pihole container

 

Before it was doing this:

 

You -> LAN -> Directly in the network interface of the Unraid host and routed to the PiHole

 

To fix, try going to Settings -> Docker and changing "Host access to custom networks" to "Enabled". You'll have to temporarily disable Docker to do this and then restart it.

 

Let me know if that works!

On 4/30/2021 at 1:43 PM, Alexstrasza said:

 

This is probably due to the fact that Docker containers are prevented from talking to the host by default. So the traffic will be trying to do this:

 

You -> Tailscale tunnel -> Tailscale Docker on Unraid Host -x> Pihole container

 

Before it was doing this:

 

You -> LAN -> Directly in the network interface of the Unraid host and routed to the PiHole

 

To fix, try going to Settings -> Docker and changing "Host access to custom networks" to "Enabled". You'll have to temporarily disable Docker to do this and then restart it.

 

Let me know if that works!

Ah i see, yes that worked! Thank you so much for the help!:-)

Edited by Fillwe

2 minutes ago, Fillwe said:

Ah i see, yes that worked! Thank you so much for the help!:-)

No problem, glad it was that setting and not something more messy!

On 4/30/2021 at 1:43 PM, Alexstrasza said:

 

This is probably due to the fact that Docker containers are prevented from talking to the host by default. So the traffic will be trying to do this:

 

You -> Tailscale tunnel -> Tailscale Docker on Unraid Host -x> Pihole container

 

Before it was doing this:

 

You -> LAN -> Directly in the network interface of the Unraid host and routed to the PiHole

 

To fix, try going to Settings -> Docker and changing "Host access to custom networks" to "Enabled". You'll have to temporarily disable Docker to do this and then restart it.

 

Let me know if that works!

This helped me too, thanks! 

 

Maybe it should be added to the instructions?

  • 2 weeks later...

I currently have WireGuard working with UnRaid via the Dynamix WireGuard plugin.

 

What do I need to do if I want to try out this TailScale?

Can both run at the same time or do I need to uninstall the WireGuard plugin?

 

I only have two clients, so I don't care if they're lost.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.