Tailscale

From Official Website

Tailscale makes networking easy

Tailscale lets you easily manage access to private resources, quickly SSH into devices on your network, and work securely from anywhere in the world.

Basic setup

This article or section needs expansion. Reason: This article is a stub. (Discuss in Talk:Tailscale#) Please consult the pedia article metapage for guidelines on contributing.

Configuring TLS

Per Enabling HTTPS in the Tailscale documentation, run the following:

$ sudo tailscale cert ${MACHINE_NAME}.${TAILNET_NAME}

This article or section needs expansion. Reason: Set up Systemd service to run this command at regular intervals to avoid cert expiration. Show how to run for multiple services on a single machine. (Discuss in Talk:Tailscale#) Please consult the pedia article metapage for guidelines on contributing.

Running multiple Tailnet-accessible services on a single machine

The essence is to run multiple tailscaled daemons on a machine, with the additional daemons using userspace networking rather than tun, which seems to intercept connections to all Tailscale IPs on a machine. Basically for an additional service MYSERVICE run the following commands:

$ STATE_DIRECTORY=/var/lib/tailscale/tailscaled-tt_rss
$ sudo mkdir -p ${STATE_DIRECTORY}
$ sudo env STATE_DIRECTORY=${STATE_DIRECTORY} tailscaled --statedir=${STATE_DIRECTORY} --socket=${STATE_DIRECTORY}/tailscaled.sock --port=0 --tun=user
$ sudo tailscale --socket=${STATE_DIRECTORY}/tailscaled.sock up --auth-key=tskey-key-MYSERVICE_KEY_FROM_TAILSCALE_ADMIN_CONSOLE --hostname=MYSERVICE --reset

This article or section needs expansion. Reason: Set up Systemd services for the additional host names (Discuss in Talk:Tailscale#) Please consult the pedia article metapage for guidelines on contributing.