working examples simple and complex

This commit is contained in:
Louis-Philippe Asselin 2022-08-22 14:03:01 -04:00
parent 40bf327e69
commit 1009329b49
9 changed files with 86 additions and 2 deletions

View file

@ -1,2 +1,19 @@
# tailscale-docker
Tailscale in Docker without elevated privileges
# Tailscale in Docker
Tailscale in Docker without elevated privileges. See associated blog post: https://asselin.engineer/tailscale-docker
**Replace TAILSCALE_AUTH_KEY in `*/tailscale/start.sh` with your own**: https://login.tailscale.com/admin/settings/keys
## simple-example
As explained in the blog post, uses a docker-compose service to add the container in the VPN.
## complex-example
Not complex but more complex than the simple-example.
A nginx layer is added. It manages two services in independent containers at locations `/service-one` and `/service-two`.
## TODO
- auth key as a secret
- force reuse hostname in tailscale instead of adding suffix. Example: first start is assigned `hostname`. Then, if container is recreated, Tailscale assigns `hostname-1`

View file

@ -0,0 +1,16 @@
version: "3.9"
services:
tailscale:
build:
context: ./tailscale
nginx:
build:
context: ./nginx
depends_on:
- service-one
- service-two
network_mode: "service:tailscale"
service-one:
image: nginxdemos/hello
service-two:
image: nginxdemos/hello

View file

@ -0,0 +1,3 @@
FROM nginx:1.21
# based on debian:bullseye-slim
COPY conf.d /etc/nginx/conf.d

View file

@ -0,0 +1,18 @@
server {
listen 80 default_server;
server_name _;
location /service-one {
proxy_pass http://service-one/;
proxy_set_header Host $http_host;
access_log /dev/stdout;
error_log /dev/stdout;
}
location /service-two {
proxy_pass http://service-two/;
proxy_set_header Host $http_host;
access_log /dev/stdout;
error_log /dev/stdout;
}
}

View file

@ -0,0 +1,4 @@
FROM tailscale/tailscale:v1.29
COPY start.sh /usr/bin/start.sh
RUN chmod +x /usr/bin/start.sh
CMD "start.sh"

View file

@ -0,0 +1,7 @@
#!/bin/ash
echo "Starting TS daemon"
tailscaled --tun=userspace-networking &
sleep 5
tailscale up --authkey=TAILSCALE_AUTH_KEY --hostname=complex-example
tailscale status
sleep infinity

View file

@ -0,0 +1,8 @@
version: "3.9"
services:
tailscale:
build:
context: ./tailscale
some-service-1:
image: nginxdemos/hello
network_mode: "service:tailscale"

View file

@ -0,0 +1,4 @@
FROM tailscale/tailscale:v1.29
COPY start.sh /usr/bin/start.sh
RUN chmod +x /usr/bin/start.sh
CMD "start.sh"

View file

@ -0,0 +1,7 @@
#!/bin/ash
echo "Starting TS daemon"
tailscaled --tun=userspace-networking &
sleep 5
tailscale up --authkey=TAILSCALE_AUTH_KEY --hostname=simple-docker-compose
tailscale status
sleep infinity