Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

A tailscale Rock-on would be nice #328

Closed
phillxnet opened this issue Jun 6, 2022 · 4 comments
Closed

A tailscale Rock-on would be nice #328

phillxnet opened this issue Jun 6, 2022 · 4 comments
Assignees
@phillxnet

Comments

@phillxnet
Copy link
Member

There is the following official Tailscale docker image:
https://hub.docker.com/r/tailscale/tailscale

But it's not looking like we need it to currently. Just noting here in case we get any takers or the work to adapt to this rock-on within the rockstor-core takes anyone's fancy. Or if anyone can fathom a way we can get this official docker image in as-is. It could go in with command line caveats/post install setup but that's really not in the Rock-on remit really.
@phillxnet
Copy link
Member Author

This issue is awaiting the final testing/review/and merge of #336 to help clear the way before adding yet more Rock-ons.

@phillxnet phillxnet self-assigned this Sep 26, 2022
@phillxnet
Copy link
Member Author

I am currently working on this issue.

@phillxnet
Copy link
Member Author

Given the requirement of the official docker image of Tailscale, the hightly preferred option given the security and network concernes here, is it thought that we would need custom custom config & start options such as are employed (in config and install) for our current open-vpn and owncloud rock-ons here:

https://github.com/rockstor/rockstor-core/blob/master/src/rockstor/storageadmin/views/rockon_helpers.py

Given that such treatment would lock any Tailscale Rock-on here to only future Rockstor versions it is currently considered that the development time may well be better spent on intergrating Tailscale 'properly' as a service, which is what it runs as anyway (using a go binary). Repo addition logistic is a related concern here. Expect a newer issue in core and the likely closing of this issue if there is not further follow up for some time.

Stick point in Rock-on development was the passing of an authentication key:
From: https://hub.docker.com/r/tailscale/tailscale

We require the input of a pre-created via tailscale dash settings-key tailnet auth key and for this to be passed to the docker container via:

docker exec tailscaled tailscale up --authkey=$KEY

Hence the suggestion that our current setup could do this only via custom_config

  (optional)"custom_config": <custom configuration object that a special install handler of this Rock-on expects>

entry and dedicated rockon.name.lower()_start and/or install code adition.

Noting here just in case this is re-visited. But the current side channel consensus with admittedly only parsing consideration is that Tailscale is sufficiently inportant to adopt as a core service where we can vastly improve our intergration/compatibility in-comparison to supporting only from a Rock-on where we have already run into an implementation issue.

My apologies if I've missed an obviously implementation trick here.
I'll leave this issue open for a while to allow input on potential work-arounds. I'm really not keen on having folks drop to a terminal as such a work around. They may as well install via command line in the first place if that is the way we end up going with such things. We do have this still in some Rock-ons but they are likely to be removed or improved in time hopefully. And adding yet another cli requiring Rock-on doesn't seem like the way forward.

phillxnet added a commit to phillxnet/rockon-registry that referenced this issue Sep 27, 2022
@phillxnet
tailscale Rock-on save point rockstor#328
ea6d511 
Currently incomplete and untested, details in associated GitHub repo.
Missing auth key entry and transit to associated binaries.
@phillxnet phillxnet mentioned this issue Sep 27, 2022
Closed
1 task
phillxnet added a commit to phillxnet/rockon-registry that referenced this issue Sep 28, 2022
@phillxnet
tailscale Rock-on further dev rockstor#328
de58604 
Working via auth-key entry up-front during install.
But no Web-UI as yet.
phillxnet added a commit to phillxnet/rockon-registry that referenced this issue Sep 29, 2022
@phillxnet
tailscale Rock-on enable webui and state saving rockstor#328
bf86ad8 
Inergrated webui requires upstream changes to startup
script in docker container that are in-progress.
Added volume to avoid etherial default of using ram
to store state, so we configure via existing env var
and map to a share.
Remove user text regarding key generation as node
authenticates via built in webui:
given minor /tailscale/run.sh modifications to be
submitted upstream.
@phillxnet
Copy link
Member Author

Closing as an attempt in the linked pr was meat with upstream resistance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@phillxnet phillxnet

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@phillxnet