Skip to content

Allow the configuration of an exit node and lan access. #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Allow the configuration of an exit node and lan access. #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1d9a736
Allow the configuration of an exit node and lan access.
Linuturk Sep 14, 2023
7c5cfca
Renaming TAILSCALE_USE_EXIT_NODE to TAILSCALE_EXIT_NODE
Linuturk Nov 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ use to configure it.
| `TAILSCALE_SERVE_PORT` | The port number that you want to expose on your tailnet. This will be the port of your DokuWiki, Transmission, or other container. | `80` |
| `TAILSCALE_SERVE_MODE` | The mode you want to run Tailscale serving in. This should be `https` in most cases, but there may be times when you need to enable `tls-terminated-tcp` to deal with some weird edge cases like HTTP long-poll connections. See [here](https://tailscale.com/kb/1242/tailscale-serve/) for more information. | `https` |
| `TAILSCALE_FUNNEL` | Set this to `true`, `1`, or `t` to enable [funnel](https://tailscale.com/kb/1243/funnel/). For more information about the accepted syntax, please read the [strconv.ParseBool documentation](https://pkg.go.dev/strconv#ParseBool) in the Go standard library. | `on` |
| `TAILSCALE_EXIT_NODE` | Set the exit node you'd like to use for the container. | `my-exit-node` or `100.101.165.3` |
| `TAILSCALE_EXIT_NODE_ALLOW_LAN_ACCESS` | Optionally, set this to true to allow direct access to your local network when traffic is routed via an exit node. | `true` |

Something important to keep in mind is that you really should set up a
separate volume for Tailscale state. Here is how to do that with the
Expand Down
17 changes: 13 additions & 4 deletions root/etc/s6-overlay/s6-rc.d/svc-tailscale-up/run
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,19 @@ if [ -v TAILSCALE_BE_EXIT_NODE ]; then
FLAGS="${FLAGS} --advertise-exit-node=${TS_BE_EXIT_NODE}"
fi

if [ -v TAILSCALE_EXIT_NODE ]; then
echo "[!] using ${TAILSCALE_EXIT_NODE} as an exit node."
FLAGS="${FLAGS} --exit-node=${TAILSCALE_EXIT_NODE}"

if [ "${TAILSCALE_EXIT_NODE_ALLOW_LAN_ACCESS}" = "true" ] ||
[ "${TAILSCALE_EXIT_NODE_ALLOW_LAN_ACCESS}" = "false" ]; then
echo "[!] configuring exit node LAN access to ${TAILSCALE_EXIT_NODE_ALLOW_LAN_ACCESS}"
FLAGS="${FLAGS} --exit-node-allow-lan-access=${TAILSCALE_EXIT_NODE_ALLOW_LAN_ACCESS}"
else
echo '[!] TAILSCALE_EXIT_NODE_ALLOW_LAN_ACCESS is not set to true or false. Skipping this setting.'
fi
fi

tailscale up $FLAGS

# configure serve
Expand All @@ -37,7 +50,3 @@ fi
if [ -v TAILSCALE_FUNNEL ]; then
tailscale funnel 443 on
fi