Tailscale
- You can support more guides like this
- Version
- Create Date June 14, 2024
- Last Updated June 20, 2024
- Installation Support Ask Support
-
Number of views
N/A
Secure, remote access
About: https://tailscale.com
Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. It enables encrypted point-to-point connections using the open source WireGuard protocol, which means only devices on your private network can communicate with each other.
In this step by step simple guide, i will show how to install Tailscale using Portainer and Docker.
If you already have docker and portainer installed, skip to Step 5
Follow this guide to install docker: How to install docker
Follow this guide to install portainer: How to install portainer
To generate one authorization key that will be used to authenticate your new node, navigate to https://login.tailscale.com/admin/settings/keys
We'll create one authorization key valid for a single day and for a single use.
Once you are loged in to your tailscale admin account, click on Generate auth key button
On the opened window, select a description for your key, activate the Reusable option if you want to use it to authorize another node and set the expiration to 1 day and 90 days. As seen below, this expiration will not affect the nodes that are already authenticated.
When the key is generated, make sure to use the copy buton to save it on another text file as it will not show again in full after you press on Done.
We need to use this key for the variable TS_AUTHKEY in our Portainer stack.
Our key was created and ready to be use
Open Portainer by typing in your web browser http://yournasip:19000
After you login on Portainer, go to Home, then click on your Local Environment
Go to Stacks and click on Add stack
On the name type tailscale-ugreen, select Web editor and paste the code below.
Make sure you replace TS_AUTHKEY value with the key created on step
Make sure you replace TS_DEST_IP value with your NAS IP
restart:
you can choose from always, unless-stopped, or on-failure[:number of retries]
version: "3.9" services: tailscale-ugreen: container_name: tailscale-ugreen hostname: tailscale-ugreen environment: - TS_AUTHKEY=tskey-client-notAReal-OAuthClientExample - TS_STATE_DIR=/var/lib/tailscale - TS_USERSPACE=false - TS_DEST_IP=192.168.25.168 volumes: - /volume1/DockerData/tailscale/state:/var/lib/tailscale - /dev/net/tun:/dev/net/tun cap_add: - net_admin - sys_module restart: unless-stopped image: tailscale/tailscale:latest
Scroll down and click on Deploy the stack.
If everything goes well, you will get a message that the stack was successfully deployed.
You will see now the containers running
Now we go back to our tailscale admin console in our webrowser and we can see the new node has been created and connected.
If you want, you can disable the key expiry and
Also because our key was created for a single used and actually used to authenticate our node, is now dissapeared from the
Now, from a device that have already Tailscale configured and started, you can access your NAS by typing the Machine IP addrees visible in Taiscale for the newly created node.