mirror of https://github.com/jbowdre/tailscale-docker.git synced 2024-11-21 09:42:18 +00:00

Tailscale in Docker with Serve/Funnel Support

Find a file

John Bowdre 852a42bba0 update readme		2024-02-07 19:34:34 -06:00
.github/workflows	start updating workflow	2023-12-28 14:19:18 -06:00
docker-compose-example	restart containers unless stopped	2024-01-01 16:44:04 -06:00
image	support extra args to tailscale up	2023-12-29 21:58:39 -06:00
k8s-example	support extra args to tailscale up	2023-12-29 21:58:39 -06:00
.gitignore	update gitignore	2023-12-29 12:53:40 -06:00
LICENSE	update license	2023-12-28 13:27:21 -06:00
README.md	update readme	2024-02-07 19:34:34 -06:00

README.md

Tailscale in Docker with Serve/Funnel Support

Note

The Tailscale Blog has a recent post which describes how to use the TS_SERVE_CONFIG variable to manage Serve and Funnel with the official image. You should probably use that approach now instead of this weird one-off cobbled together by some rando.

This modification of the official Tailscale Docker image makes it easy to Serve/Funnel another container without needing interactive configuration.

Read more about this implementation in the blog post.

Prereqs

A pre-authentication key so the Tailscale container can log in to your tailnet.
Tailscale Serve setup
Tailscale Funnel setup
Tailscale Funnel ACL

If you're planning to use Funnel, you may want to build the ACL around a tag (such as tag:funnel) and automatically apply that tag when you generate the pre-auth key.

docker-compose

See docker-compose.yml for an example Compose config.

Expected environment variables:

Variable Name	Example	Description
`TS_AUTHKEY`	`tskey-auth-somestring-somelongerstring`	used for unattened auth of the new node, get one here
`TS_HOSTNAME`	`my-app`	optional Tailscale hostname for the new node
`TS_STATE_DIR`	`/var/lib/tailscale/`	required directory for storing Tailscale state, this should be mounted to the container for persistence
`TS_TAILSCALED_EXTRA_ARGS`	`--verbose=1`	optional additional flags for `tailscaled`
`TS_EXTRA_ARGS`	`--ssh`	optional additional flags for `tailscale up`
`TS_SERVE_PORT`	`8080`	optional application port to expose with Tailscale Serve
`TS_FUNNEL`	`1`	if set (to anything), will proxy `TS_SERVE_PORT` publicly with Tailscale Funnel

You can drop these in a .env file alongside your docker-compose.yml to load them automatically - see .env_template for an example.

Usage

Copy the example docker-compose.yml and modify to suit your needs.
Start: docker compose up -d --build
Tail Tailscale logs: docker compose logs tailscale --follow
Access tailscale`` container for troubleshooting: docker exec -it tailscale ash`
Stop: docker compose down

Credits

Based on Louis-Philippe Asselin's tailscale-docker.