-
-
Save shayne/25e194e068751e281937ef68edefb99b to your computer and use it in GitHub Desktop.
| ######################################################################## | |
| #### DEPRECATED in favor of https://github.com/deasmi/unraid-tailscale | |
| ######################################################################## | |
| # /boot/config/go | |
| # add the following... | |
| # Tailscale | |
| bash /boot/config/tailscale/install.sh | |
| bash /boot/config/tailscale/start.sh |
| #!/bin/bash | |
| # /boot/config/tailscale/install.sh | |
| tar -xf /boot/config/tailscale/tailscale_static.tgz -C /usr/bin/ --strip-components=1 --no-anchored tailscale | |
| tar -xf /boot/config/tailscale/tailscale_static.tgz -C /usr/sbin/ --strip-components=1 --no-anchored tailscaled |
| #!/bin/bash | |
| # /boot/config/tailscale/start.sh | |
| exec >/tmp/tailscaled.log 2>&1 | |
| setsid /usr/sbin/tailscaled -statedir=/boot/config/tailscale/ & |
| #!/bin/bash | |
| set -x | |
| # check latest version against what's installed | |
| VER=$(curl -sL https://api.github.com/repos/tailscale/tailscale/releases/latest | jq -r ".tag_name" | cut -c 2-) | |
| if [ "$VER" = "$(tailscale version | head -n1)" ]; then | |
| echo "$VER already installed, exiting..." | |
| exit 0 | |
| fi | |
| # download latest version, restart daemon | |
| curl -fsSL -o /boot/config/tailscale/tailscale_static.tgz "https://pkgs.tailscale.com/stable/tailscale_${VER}_amd64.tgz" | |
| if [ $? -eq 0 ]; then | |
| pkill tailscaled | |
| sleep 1 | |
| /usr/sbin/tailscaled -cleanup | |
| bash /boot/config/tailscale/install.sh | |
| bash /boot/config/tailscale/start.sh | |
| fi |
I went ahead and added & to the end of the tailscaled line in start.sh which should mitigate the issue and avoid 🦶 🔫 in the /boot/config/go
Looking at the script it seems that this is writing the log file directly to the USB drive. I want to limit how often the unraid USB drive gets written to. Can we safely change the location to /tmp instead? Also maybe change where tailscale_static.tgz gets downloaded to?
That’s a good idea. I’ll update it.
I want to advertise my Unraid server as an exit node, which requires a call to /usr/bin/tailscale up --advertise-exit-node.
I believe in the start script, we just need to add the line:
/usr/bin/tailscale up --advertise-exit-node
However, I’m not sure where to put this line in the start script given the discussion earlier about the importance of the ampersand sign in the script to ensure it doesn’t block the execution of the go script.
As related to exit node, the tailscale docs recommend adding these lines to /etc/sysctl.conf to handle the IP forwarding:
net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1
This is also mentioned on Ibrahub in the instructions about setting up the docker container: https://docs.ibracorp.io/tailscale/#enable-ip-forwarding-in-unraid
However, since changes will be lost on reboots, we need to make sure these lines are added to /etc/sysctl.conf each time. However, in my past experience it’s a bit of a pain to manage that file as you have to insert changes then call into sysctl. Instead, I think a better approach based on this post is calling into sysctl directly with -w param and adding these lines to start script also.
/sbin/sysctl -w net.ipv4.ip_forward=1
/sbin/sysctl -w net.ipv6.conf.all.forwarding=1
Should be safe to add this at the start of the start script, so the entire script looking like this:
#!/bin/bash
# /boot/config/tailscale/start.sh
# If your server is meant to use as exit node, uncomment these 2 lines to enable IP forwarding
/sbin/sysctl -w net.ipv4.ip_forward=1
/sbin/sysctl -w net.ipv6.conf.all.forwarding=1
exec >/tmp/tailscaled.log 2>&1
setsid /usr/sbin/tailscaled -statedir=/boot/config/tailscale/ &
I believe Unraid enables IPv4 forwarding by default. However, I am unsure about IPv6 since I don't run it.
Regarding exit-node and -ssh: From a terminal, run tailscale up --ssh --advertise-exit-node, and you're all set. It's persisted to the state directory, so it'll retain its previous configuration on reboot.
I believe Unraid enables IPv4 forwarding by default. However, I am unsure about IPv6 since I don't run it.
Yes, I just verified this. So only the IPV6 line is needed.
Regarding exit-node and -ssh: From a terminal, run
tailscale up --ssh --advertise-exit-node, and you're all set. It's persisted to the state directory, so it'll retain its previous configuration on reboot.
Oh interesting, I didn’t realize it was single run thing. It was passed into the docker container as a parameter so assumed it needed to be run each time. Thanks!
How does one get the user script to run on multiple schedules (array start and weekly)? I only see single scheduling options
I only have the user script run weekly; it's only used for updates. Also, one of the reasons I use this method over a container is that Tailscale runs even when the array is offline.
To have it run both weekly and at array start, I think you'd create two separate user scripts.
it's only used for updates.
Oops I misread the script. I thought it also go the daemon running but that’s from the go file. Thanks.
Does anyone know if there is a way to make MagicDNS work when installing Tailscale using this method? I ran tailscale up with --accept-dns, but I don't seem to be able to resolve MagicDNS hostnames.
Does anyone know if there is a way to make MagicDNS work when installing Tailscale using this method? I ran
tailscale upwith--accept-dns, but I don't seem to be able to resolve MagicDNS hostnames.
I haven’t been able to get this to work either, haven’t figured out why yet.
First, make sure MagicDNS is enabled over at https://login.tailscale.com/admin/dns.
Other than that, I don't do anything special. /etc/resolv.conf should show 100.100.100.100 after connecting to Tailscale.
You can try dig +short <node>.<tailnet>.ts.net @100.100.100.100 to query the nameserver directly.
@shayne Thanks for the reply. After further investigation, /etc/resolv.conf does show 100.100.100.100, and MagicDNS works, immediately after rebooting the Unraid server. However, after some time, it gets modified to 8.8.8.8, and MagicDNS stops working. So unfortunately I think this may be a case of tailscale/tailscale#2334.
This is what was in my /etc/resolv.conf after it got overwritten:
# Generated by dhcpcd from br0.dhcp
nameserver 8.8.8.8
nameserver 8.8.4.4
Hello,
I'm trying to run the User Script but cant get it to write the file.
curl: (23) Failure writing output to destination
Maybe I'm just not doing something in the right order?
Any help would be appreciated
@SC8198 does the folder /boot/config/tailscale/ exist?
Wow, I feel dumb.
Made the directory and it grabbed it,
It looks like it didn't make the install.sh and the start.sh files.
When I run the Unraid set up script I get
bash: /boot/config/tailscale/install.sh: No such file or directory bash: /boot/config/tailscale/start.sh: No such file or directory
Do I have to manually make those files?
I do see tailscale and tailscaled in the correct folders
Do I have to manually make those files?
yes you have to make those files. The files are at the top of the gist.
Nevermind I got the interface up. All good to go!
Sorry if that is the wrong place to ask but I am hoping that you might have the answer. Until yesterday, i was able to reach all the my docker apps/containers locally via the tailscale ip or the forwarded route (unraid local IP) and the corresponding port. However, today, apps that do not allow internet access (like sabnzbd) are locking me out like I am connecting from the internet.
Do you have any idea what could cause that? Thanks in advance.
I moved away from the docker tailscale specifically because I once turned off docker in the unraid settings and was locked out until I got home a few days later.
I'm now using this tailscale plugin for unraid instead
https://forums.unraid.net/topic/136889-plugin-tailscale/
I think @shayne meant https://github.com/dkaser/unraid-tailscale
That’s the plug-in :)
@shayne as your Tailscale lines are below the
emhttpline in yourgofile, you would not experience this problem. However, in the future, if you changed around the ordering of thegofile or appended more lines, anything under thestart.shline will not get executed because thestart.shline will execute indefinitely. I've verified that forking with&works fine and will allow thegofile to be fully run.