tailscale-docker/README.md

2.5 KiB

Tailscale in Docker with Serve/Funnel Support

This modification of the official Tailscale Docker image makes it easy to Serve/Funnel another container without needing interactive configuration.

Prereqs

If you're planning to use Funnel, you may want to build the ACL around a tag (such as tag:funnel) and automatically apply that tag when you generate the pre-auth key.

docker-compose

See docker-compose.yml for an example Compose config.

Expected environment variables:

Variable Name Example Description
TS_AUTHKEY tskey-auth-somestring-somelongerstring used for unattened auth of the new node, get one here
TS_HOSTNAME my-app optional Tailscale hostname for the new node
TS_STATE_DIR /var/lib/tailscale/ required directory for storing Tailscale state, this should be mounted to the container for persistence
TS_TAILSCALED_EXTRA_ARGS --verbose=1 optional additional flags for tailscaled
TS_SERVE_PORT 8080 optional application port to expose with Tailscale Serve
TS_FUNNEL 1 if set (to anything), will proxy TS_SERVE_PORT publicly with Tailscale Funnel

You can drop these in a .env file alongside your docker-compose.yml to load them automatically - see .env_template for an example.

Usage

  • Copy the image/ directory next to your docker-compose.yml.
  • Start with rebuild if necessary: docker compose up -d --build
  • Tail logs: docker compose logs --follow
  • Access tailscale`` container for troubleshooting: docker exec -it tailscale ash`
  • Stop: docker compose down

Credits

Based on Louis-Philippe Asselin's tailscale-docker.