[Support] Tailscale Support Thread


Recommended Posts

On 12/11/2021 at 9:39 PM, raymix said:

You need to add it to UP_FLAGS on your docker.

image.png.1110a667ca1ecf97028f7b4b61b40c53.png

 

Here's a great video that shows how to do it:

 

Follwed the guide and is now able to connect to my unraid server on it's local ip.

But still not able to connect to frigate, homeassistant etc. from my phone.

 

Could it be that they are set to network br0 and assigned ipaddresses?

Link to comment
  • 3 weeks later...
On 11/23/2021 at 10:45 PM, dsmith44 said:


Unless you are doing something funky and giving Docker containers their own IP address it should just work.

Are you using the IP address of the tailscale interface, and not the one you see in the console? The links in the console won’t work as they assume you are on the LAN.

It’ll start 100.x.x.x.


Sent from my iPhone using Tapatalk

 

@dsmith44 Thank you for sharing this template and good luck maintaining it !

 

@ldog88 You can edit the container's url so that it points to the tailscale IP (100.x.x.x) instead of your local IP (eg. 192.168.x.x) by modifying the URL in advanced view.

 

My question is related to this. Is there a way for the link to be tailscale's one when I'm accessing through talescale and the local one when I'm on the LAN ?

My containers URLs are configured as follow : https://[IP]:[PORT]

 

I've thought of two not quite satisfying solution, though it should work enough :

- always access to unraid through tailscale

- configure my router so that https://MYSERVERNAME (same name as in tailscale) routes to the unraid server and configure the containers accordingly.

 

Does any know a smarter way of doing it ?

 

Many thanks

Link to comment

I followed the IBRACORP guide to setting up Tailscale. I then tried accessing the unRAID web UI from my iPhone to test after turning off WiFi.

 

When on LTE and connected to Tailscale, I can successfully ping 100.x.y.z. When I try to navigate to 100.x.y.z in Safari, I get redirected to "xxxxx.unraid.net". But, the request times out before I can actually access the login page.

 

I deleted the My Servers plugin from unRAID and turned off SSL for the web UI in Settings/Management Access. And then I was able to access the unRAID dashboard on my phone via Tailscale while on LTE.

 

My questions are:
1) Is turning off SSL for the web UI required to be able to access the dashboard via Tailscale? If not, I'd be interested to hear if you had to do anything special to get the web UI SSL and Tailscale to play nicely together.
2) Assuming I only access the web UI remotely via Tailscale (i.e. NOT via exposing directly to internet or reverse proxy), is using SSL on the web UI even necessary?
3) Would I be missing out on something by not using SSL (other than a nice lock icon in the browser)? Is there any appreciable security risk (either in theory or in practice)?

 

Thanks!

  • Like 1
Link to comment
On 1/15/2022 at 3:00 PM, rragu said:

I followed the IBRACORP guide to setting up Tailscale. I then tried accessing the unRAID web UI from my iPhone to test after turning off WiFi.

 

When on LTE and connected to Tailscale, I can successfully ping 100.x.y.z. When I try to navigate to 100.x.y.z in Safari, I get redirected to "xxxxx.unraid.net". But, the request times out before I can actually access the login page.

 

I deleted the My Servers plugin from unRAID and turned off SSL for the web UI in Settings/Management Access. And then I was able to access the unRAID dashboard on my phone via Tailscale while on LTE.

 

My questions are:
1) Is turning off SSL for the web UI required to be able to access the dashboard via Tailscale? If not, I'd be interested to hear if you had to do anything special to get the web UI SSL and Tailscale to play nicely together.
2) Assuming I only access the web UI remotely via Tailscale (i.e. NOT via exposing directly to internet or reverse proxy), is using SSL on the web UI even necessary?
3) Would I be missing out on something by not using SSL (other than a nice lock icon in the browser)? Is there any appreciable security risk (either in theory or in practice)?

 

Thanks!

 

I've just tried this on my dev box and

 

If I connect to http://100.x.y.z I get redirected to the default https://servername page

If I connect to https://100.x.y.z I do not get redirected and the login page loads

 

Does that work for you?

 

If not you might need to seek help in the general forum, as if the 100.x.y.z address is working tailscale is up and running, and sadly I'm no expert on the redirect functionality. 

Link to comment

This is great. I have a backup 4G WAN connection on my router when my main broadband goes down.

The issue was the 4G provider uses a shared external IP with NAT so any port forwarding I was using does not work when running through the backup 4G connection so all my VPN's didn't work.

This app allowed access to my network even when using the 4G WAN, very useful, thanks.

Link to comment
  • 2 weeks later...

Tailscale recently announced an HTTPS capability, see https://tailscale.com/kb/1153/enabling-https/

As I saw this new capability, it got me wondering: since this container provides the tailscale command line, I am wondering about the complexity of using it to add generation of certificates to support something like a HTTPS upgrading reverse proxy to access other Docker applications installed on an Unraid Server.

Link to comment
Tailscale recently announced an HTTPS capability, see https://tailscale.com/kb/1153/enabling-https/
As I saw this new capability, it got me wondering: since this container provides the tailscale command line, I am wondering about the complexity of using it to add generation of certificates to support something like a HTTPS upgrading reverse proxy to access other Docker applications installed on an Unraid Server.

I think this shouldwork fine, but will need some command line stuff. I will investigate.


Sent from my iPad using Tapatalk
Link to comment
On 2/7/2022 at 1:03 AM, UnraidVirgin said:

can anyone help - My ISP ip address is not being masked despite having setup my unraid server as an exit node and using my windows PC as a client running tailscale I chose the Unraid server as the exit node but when I check my IP at 'whatsmyip' its still the same showing my location?  

Is your unraid server on a different network from the device you are trying to mask? By default this VPN will give you the external IP address that your unraid server has. It will not mask your unraid server to bypass geo restrictions.

 

I just finished setting it up and it works as expected. Now I can get my home IP address and connect to my work place which only allows known IPs to connect.

Link to comment
  • 2 weeks later...

I can't seem to use tailscale anymore.

 

2022/02/20 20:57:17 logtail: dial "log.tailscale.io:443" failed: dial tcp: lookup log.tailscale.io on [::1]:53: read udp [::1]:57649->[::1]:53: read: connection refused (in 1ms), trying bootstrap...

2022/02/20 20:57:17 [RATELIMIT] format("[unexpected] peerapi listen(%q) error: %v") (1 dropped)

2022/02/20 20:57:17 [unexpected] peerapi listen("fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26") error: listen tcp6 [fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26]:0: bind: cannot assign requested address

2022/02/20 20:57:17 trying bootstrapDNS("derp2b.tailscale.com", "64.227.106.23") for "log.tailscale.io" ...
2022/02/20 20:57:18 bootstrapDNS("derp2b.tailscale.com", "64.227.106.23") for "log.tailscale.io" = [2600:1f18:429f:9305:4043:217b:512c:f8d4 34.229.201.48]
2022/02/20 20:57:18 logtail: bootstrap dial succeeded
2022/02/20 20:57:18 netmap packet filter: 6 filters
2022/02/20 20:57:18 Taildrop disabled; no state directory
2022/02/20 20:57:18 peerapi starting without Taildrop directory configured
2022/02/20 20:57:18 peerapi: serving on http://MYIPADDRESS:63802
2022/02/20 20:57:18 [unexpected] peerapi listen("fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26") error: listen tcp6 [fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26]:0: bind: cannot assign requested address

 

Link to comment
  • 2 weeks later...
On 2/20/2022 at 4:15 PM, Mr_Jay84 said:

I can't seem to use tailscale anymore.

 

2022/02/20 20:57:17 logtail: dial "log.tailscale.io:443" failed: dial tcp: lookup log.tailscale.io on [::1]:53: read udp [::1]:57649->[::1]:53: read: connection refused (in 1ms), trying bootstrap...

2022/02/20 20:57:17 [RATELIMIT] format("[unexpected] peerapi listen(%q) error: %v") (1 dropped)

2022/02/20 20:57:17 [unexpected] peerapi listen("fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26") error: listen tcp6 [fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26]:0: bind: cannot assign requested address

2022/02/20 20:57:17 trying bootstrapDNS("derp2b.tailscale.com", "64.227.106.23") for "log.tailscale.io" ...
2022/02/20 20:57:18 bootstrapDNS("derp2b.tailscale.com", "64.227.106.23") for "log.tailscale.io" = [2600:1f18:429f:9305:4043:217b:512c:f8d4 34.229.201.48]
2022/02/20 20:57:18 logtail: bootstrap dial succeeded
2022/02/20 20:57:18 netmap packet filter: 6 filters
2022/02/20 20:57:18 Taildrop disabled; no state directory
2022/02/20 20:57:18 peerapi starting without Taildrop directory configured
2022/02/20 20:57:18 peerapi: serving on http://MYIPADDRESS:63802
2022/02/20 20:57:18 [unexpected] peerapi listen("fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26") error: listen tcp6 [fd7a:115c:a1e0:ab12:4843:cd96:6264:6e26]:0: bind: cannot assign requested address

 

 I am experiencing this too. Send help. 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.