• You can support more guides like this Click to Donate
  • Version
  • Create Date June 14, 2024
  • Last Updated June 20, 2024
  • Installation Support Ask Support
  • Number of views

Secure, remote access

About: https://tailscale.com

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. It enables encrypted point-to-point connections using the open source WireGuard protocol, which means only devices on your private network can communicate with each other.

In this step by step simple guide, i will show how to install Tailscale using Portainer and Docker.

If you already have docker and portainer installed, skip to Step 5

Follow this guide to install docker: How to install docker

Follow this guide to install portainer: How to install portainer

To generate one authorization key that will be used to authenticate your new node, navigate to https://login.tailscale.com/admin/settings/keys
We'll create one authorization key valid for a single day and for a single use.
Once you are loged in to your tailscale admin account, click on Generate auth key button

On the opened window, select a description for your key, activate the Reusable option if you want to use it to authorize another node and set the expiration to 1 day and 90 days. As seen below, this expiration will not affect the nodes that are already authenticated.

When the key is generated, make sure to use the copy buton to save it on another text file as it will not show again in full after you press on Done.
We need to use this key for the variable TS_AUTHKEY in our Portainer stack.

Our key was created and ready to be use

Open Portainer by typing in your web browser http://yournasip:19000

After you login on Portainer, go to Home, then click on your Local Environment

Go to Stacks and click on Add stack

On the name type tailscale-ugreen, select Web editor and paste the code below.
Make sure you replace TS_AUTHKEY value with the key created on step
Make sure you replace TS_DEST_IP value with your NAS IP

restart: you can choose from alwaysunless-stopped, or on-failure[:number of retries]

version: "3.9"
    container_name: tailscale-ugreen
    hostname: tailscale-ugreen
      - TS_AUTHKEY=tskey-client-notAReal-OAuthClientExample
      - TS_STATE_DIR=/var/lib/tailscale
      - TS_USERSPACE=false
      - TS_DEST_IP=
      - /volume1/DockerData/tailscale/state:/var/lib/tailscale
      - /dev/net/tun:/dev/net/tun
      - net_admin
      - sys_module
    restart: unless-stopped
    image: tailscale/tailscale:latest

Scroll down and click on Deploy the stack.

If everything goes well, you will get a message that the stack was successfully deployed.

You will see now the containers running

Now we go back to our tailscale admin console in our webrowser and we can see the new node has been created and connected.
If you want, you can disable the key expiry and

Also because our key was created for a single used and actually used to authenticate our node, is now dissapeared from the

Now, from a device that have already Tailscale configured and started, you can access your NAS by typing the Machine IP addrees visible in Taiscale for the newly created node.

User Reviews
You are not allowed to post review.
Posted in .