Tailscale Rock-on incomplete #328 #338
Conversation
Currently incomplete and untested, details in associated GitHub repo. Missing auth key entry and transit to associated binaries.
|
Adding as draft in case folks find this usefull and to aid further discussion in case I've missed an easy fix in this case. Please see issue text for the blocker experienced on further development of this Rock-on. |
Working via auth-key entry up-front during install. But no Web-UI as yet.
|
Installed view so far:
|
Inergrated webui requires upstream changes to startup script in docker container that are in-progress. Added volume to avoid etherial default of using ram to store state, so we configure via existing env var and map to a share. Remove user text regarding key generation as node authenticates via built in webui: given minor /tailscale/run.sh modifications to be submitted upstream.
|
After the move to use only the build-in webui that re-directs to the auth url required we have a more refined on-boarding:
With only one port and one state dir (Share) to assign and we are done bar the WebUI auth bit awaiting upstream modifications:
|
|
@phillxnet, I just happened to look at this today, and it seems that your pull request to the tailscale repo has become somewhat obsolete, as they did away with the |
|
Closing as the lack of upstream flexibility renders this effort mute. We will have to take a differing tack no this front I think. |
|
No planning openSUSE level intergration avoiding any limitations regarding the docker approach. Noting here an encouraging interaction with upstream on our prior efforts to contribute there: tailscale/tailscale#5799 (comment) details Unraid support added to their codebase. We likely need to follow though and contribute something similar to ensure an easier path for us in the future. @Hooverdan96 the above comment and linked (now merged) pull requests may be of some interest. |
|
Reading more on tailscale, I would tend to agree with the openSUSE integration. My assumption would be, if a Rockstor owner will be using it in a corporate setting, they will go for the paid license setup, and I would further assume that a corporate IT environment will prefer a OS level integration vs. managing a pure docker solution? |
|
and in the meantime, maybe the Wireguard Rock-on PR, while "only" point-to-point, with its WebUI is a decent compromise of VPN technology and usability via QR codes for the time being until we get to the tailscale solution. |
Currently incomplete and awaiting upstream modifications to the official docker run.sh to enable web based initialisation, and re-auth when required.
It is proposed that in-time we focus on adding a Tailscale service 'proper' given this technologies value, and mind share, for future capabilities regarding remote access, an oft requested config/capability. However a Rock-on may serve well in the mean time given our limited developer resources.