Installing Tailscale

65ef58483c7a8126267704 e1739490122954

Tailscale is way of viewing your cameras when you are away from home. You have to install the app, switch on the VPN then you will have access to your NVR to view all cameras.
This guide will walk you through the process of installing Tailscale using a Portainer stack and configuring it for secure connections. Tailscale is a zero-config VPN that makes it easy to connect devices securely.

Prerequisites

  1. Docker and Portainer installed: Ensure Docker and Portainer are set up on your server.
  2. Tailscale account: Sign up for a free Tailscale account at tailscale.com.
  3. Tailscale auth key: Generate an auth key from the Tailscale admin panel for automated setup.

Step 1: Generate a Tailscale Auth Key

  1. Log in to your Tailscale account.
  2. Go to the Settings page.
  3. Under the Keys section, click Generate auth key.
  4. Choose the key type (e.g., ephemeral for temporary devices or reusable for persistent devices).
  5. Copy the generated key. You’ll use it in the Portainer stack.

Step 2: Create a Portainer Stack for Tailscale

  1. Log in to your Portainer instance.
  2. Navigate to Stacks in the left-hand menu.
  3. Click Add Stack.
  4. Name your stack (e.g., tailscale).
  5. In the Web Editor, paste the following Docker Compose configuration:
version: '3.8'
services:
  tailscale:
    image: tailscale/tailscale:latest
    container_name: tailscale
    environment:
      - TS_AUTHKEY=your_auth_key_here
      - TS_STATE_DIR=/var/lib/tailscale
    volumes:
      - ./tailscale-state:/var/lib/tailscale
    network_mode: "host"
    cap_add:
      - NET_ADMIN
    restart: unless-stopped
  1. Replace your_auth_key_here with the Tailscale auth key you generated earlier.
  2. Click Deploy the stack.

Step 3: Verify Tailscale Installation

  1. After deploying the stack, check the logs of the tailscale container in Portainer to ensure it started successfully.
  2. Go to your Tailscale admin panel. You should see your server listed as a new device.
  3. Note the Tailscale IP address assigned to your server.

Step 4: Configure Tailscale for Connections

  1. Accessing Services: Use the Tailscale IP address of your server to access services running on it. For example, if your server has a web app on port 8080, you can access it via http://[Tailscale-IP]:8080.
  2. Subnet Routing (Optional): If you want your server to route traffic for an entire subnet, enable subnet routing:
  • Run the following command in the Tailscale container:
    bash tailscale up --advertise-routes=192.168.1.0/24
  • Replace 192.168.1.0/24 with your subnet.
  • Approve the subnet route in the Tailscale admin panel.
  1. Exit Node (Optional): To use your server as an exit node (for routing all internet traffic through it):
  • Run the following command in the Tailscale container:
    bash tailscale up --advertise-exit-node
  • Enable the exit node in the Tailscale admin panel.

Step 5: Manage Tailscale

  • Update Tailscale: To update Tailscale, simply redeploy the stack with the latest image.
  • Remove Tailscale: To remove Tailscale, delete the stack from Portainer and remove the tailscale-state volume.

Troubleshooting

  • Container Fails to Start: Check the logs for errors. Ensure the auth key is correct and the tailscale-state volume has proper permissions.
  • Device Not Appearing in Tailscale: Verify the auth key and ensure the container is running.

By following this guide, you’ve successfully installed Tailscale using Portainer and configured it for secure connections. Tailscale simplifies secure networking, making it ideal for remote access and private networking. Enjoy!

Similar Posts

Leave a Reply