-
Notifications
You must be signed in to change notification settings - Fork 95
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A tailscale Rock-on would be nice #328
Comments
This issue is awaiting the final testing/review/and merge of #336 to help clear the way before adding yet more Rock-ons. |
I am currently working on this issue. |
Given the requirement of the official docker image of Tailscale, the hightly preferred option given the security and network concernes here, is it thought that we would need custom custom config & start options such as are employed (in config and install) for our current open-vpn and owncloud rock-ons here: Given that such treatment would lock any Tailscale Rock-on here to only future Rockstor versions it is currently considered that the development time may well be better spent on intergrating Tailscale 'properly' as a service, which is what it runs as anyway (using a go binary). Repo addition logistic is a related concern here. Expect a newer issue in core and the likely closing of this issue if there is not further follow up for some time. Stick point in Rock-on development was the passing of an authentication key: We require the input of a pre-created via tailscale dash settings-key tailnet auth key and for this to be passed to the docker container via:
Hence the suggestion that our current setup could do this only via custom_config
entry and dedicated rockon.name.lower()_start and/or install code adition. Noting here just in case this is re-visited. But the current side channel consensus with admittedly only parsing consideration is that Tailscale is sufficiently inportant to adopt as a core service where we can vastly improve our intergration/compatibility in-comparison to supporting only from a Rock-on where we have already run into an implementation issue. My apologies if I've missed an obviously implementation trick here. |
Currently incomplete and untested, details in associated GitHub repo. Missing auth key entry and transit to associated binaries.
Working via auth-key entry up-front during install. But no Web-UI as yet.
Inergrated webui requires upstream changes to startup script in docker container that are in-progress. Added volume to avoid etherial default of using ram to store state, so we configure via existing env var and map to a share. Remove user text regarding key generation as node authenticates via built in webui: given minor /tailscale/run.sh modifications to be submitted upstream.
Closing as an attempt in the linked pr was meat with upstream resistance. |
There is the following official Tailscale docker image:
https://hub.docker.com/r/tailscale/tailscale
But it's not looking like we need it to currently. Just noting here in case we get any takers or the work to adapt to this rock-on within the rockstor-core takes anyone's fancy. Or if anyone can fathom a way we can get this official docker image in as-is. It could go in with command line caveats/post install setup but that's really not in the Rock-on remit really.
The text was updated successfully, but these errors were encountered: