Skip to content

mindbox-cloud/tailscale-utils

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
 
 
 
 
 
 

Repository files navigation

Tailscale Utilities

Here you can find decriptions and instructions for each provided utility

tailscale-setup.sh

Description

Quickly set up and run Tailscale client and/or DERP server

Actual installation scirpt for Tailscale provided by Tailscale

How to run

Run following command(s) and follow the instructions

curl -fsSL https://raw.githubusercontent.com/mindbox-cloud/tailscale-utils/main/tailscale-setup.sh | sudo bash

or

curl -fsSL https://raw.githubusercontent.com/mindbox-cloud/tailscale-utils/main/tailscale-setup.sh > tailscale-setup.sh
chmod +x tailscale-setup.sh
sudo ./tailscale-setup.sh

Additional configuration

You can use environment variables to automate installation process:

  • INSTALL_MODE - Components to install
    • 1 = Tailscale only
    • 2 = DERP only
    • 3 = Tailscale + DERP
  • USE_DEFAULT_VALS - Set to 1 to skip prompts for optional variables and use default values
  • TS_AUTH_TOKEN - Authentication token a.k.a. Preauth key
  • TS_HOSTNAME - Hostname to use in Tailscale network
  • TS_LOGIN_SERVER - Login server for Tailscale (e.g. https://controlplane.tailscale.com)
  • TS_ACCEPT_ROUTES - Set to 1 to accept routes from peers when connection to Tailscale (optional, default: 1)
  • TS_ACCEPT_DNS - Set to 1 to accept DNS from Tailscale (optional, default: 1)
  • TS_UP_ARGS - Additional arguments when connecting to Tailscale (optional, e.g. --advertise-tags=tag:derp)
  • TS_UP_SKIP - Set to 1 if you want to join Tailnet manually
  • TS_ADVERTISE_ROUTES - Comma-separated list of CIDRs to advertise as routes (optional, e.g. 192.168.0.0/24,192.168.1.0/24)
  • TS_PKG_MIRROR - ## Tailscale packages repository mirror (optional, e.g. https://pkgs.example.com/ts)
  • TS_TAGS - Comma-separated list of advertised tags (optional, e.g. vpn,mgmt)
  • DERP_DOMAIN - Hostname that DERP will run on and obtain its certificate
  • DERP_VERIFY_CLIENTS - Whether to verify clients connecting to node. Works only if Tailscale is installed (optional, default: 1)
  • DERP_HTTP_PORT - HTTP port for DERP to use (optional, default: 80)
  • DERP_HTTPS_PORT - HTTP port for DERP to use (optional, default: 443)
  • DERP_STUN_PORT - STUN port (optional, default: 3878)
  • DERP_ENV_FILE - Location of DERP service's variables (optional, default: /etc/default/derper)
  • DERP_ARGS - Additional arguments for DERP (optional, e.g. --stun=false)

Usage example:

INSTALL_MODE=3 \
USE_DEFAULT_VALS=1 \
TS_AUTH_TOKEN=abcdef1234 \
TS_HOSTNAME=derp-node-a1 \
TS_LOGIN_SERVER=https://ts.example.com \
DERP_DOMAIN=derp-a1.example.com \
sudo -E ./tailscale-setup.sh

This will install Tailscale and DERP

tailscale-setup.ps1

Description

Windows counterpart for tailscale-setup.sh.

Please note that this script doen't support interactive mode and DERP setup!

How to run

Command below will download and launch script

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;
Invoke-WebRequest -Uri "https://raw.githubusercontent.com/mindbox-cloud/tailscale-utils/main/tailscale-setup.ps1" -OutFile "tailscale-setup.ps1";
.\tailscale-setup.ps1 `
-TsLoginServer "https://ts.example.com" `
-TsAuthKey "abcdef1234" `
-TsAcceptDns 0 `
-TsAcceptRoutes 0

Additional configuration

You can use arguments to configure how script will work.

You may use Get-Help to get help on how to use arguments (e.g. Get-Help .\tailscale-setup.ps1 -Detailed)

About

Utilities to setup Tailscale and/or DERP

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published