-
Notifications
You must be signed in to change notification settings - Fork 60
/
Copy path0110.html
96 lines (85 loc) · 5.92 KB
/
0110.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Easily Connect to Your Home Lab From Anywhere with Tailscale in Docker</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta charset="UTF-8">
<meta name="keywords" content="Home Lab,Home Lab Ideas,Docker Made Easy,Install Guide,Self-Hosted,Free Software,Self-Hosted VPN,VPN Server,Windows,Linux,VPN,VPN Solution,Virtual Private Network,Tailscale,Android,Docker,Home Networking,Network,Docker Simplified,Docker Made Simple,Self-Hosted VPN Server,VPN To Your Home Network,Docker How To,Docker Host,Containers,Containerization,Container,Free VPN,How To,Tutorial,i12bretro">
<meta name="author" content="i12bretro">
<meta name="description" content="Easily Connect to Your Home Lab From Anywhere with Tailscale in Docker">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="revised" content="12/01/2024 07:13:38 PM" />
<link rel="icon" type="image/x-icon" href="includes/favicon.ico">
<script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
<script type="text/javascript" src="includes/js/steps.js"></script>
<link href="css/steps.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="gridContainer">
<div class="topMargin"></div>
<div id="listName" class="topMargin">
<h1>Easily Connect to Your Home Lab From Anywhere with Tailscale in Docker</h1>
</div>
<div></div>
<div id="content">
<h2>What is Tailscale?</h2>
<blockquote><em>Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. It enables encrypted point-to-point connections using the open source WireGuard protocol, which means only devices on your private network can communicate with each other. -<a href="https://tailscale.com/kb/1151/what-is-tailscale/" target="_blank">https://tailscale.com/kb/1151/what-is-tailscale/</a></em></blockquote>
<h2>Creating a Tailscale Account</h2>
<ol>
<li>Open a web browser and navigate to <a href="https://login.tailscale.com/" style="font-size: inherit;" target="_blank">https://login.tailscale.com/</a></li>
<li>Log in using one of the available single sign-on methods</li>
<li>Select DNS from the top navigation menu</li>
<li>Click the Add nameserver dropdown > Custom...</li>
<li>Enter the IP address of the DNS server to use for your internal network/LAN > Click Save</li>
<li>Select Settings from the top navigation menu</li>
<li>Select Keys under the Personal Settings heading in the left navigation menu</li>
<li>Click the Generate auth key... button</li>
<li>Check the Reusable box > Generate key</li>
<li>Copy/leave the generated key visible for use later</li>
</ol>
<h2>Installing Docker</h2>
<ol>
<li>Log into the Linux host and run the following commands in a terminal window
<div class="codeBlock"># install prerequisites<br />
sudo apt install apt-transport-https ca-certificates curl software-properties-common gnupg-agent -y<br />
# add docker gpg key<br />
curl -fsSL https://download.docker.com/linux/$(awk -F'=' '/^ID=/{ print $NF }' /etc/os-release)/gpg | sudo apt-key add -<br />
# add docker software repository<br />
sudo add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/$(awk -F'=' '/^ID=/{ print $NF }' /etc/os-release) $(lsb_release -cs) stable"<br />
# install docker<br />
sudo apt install docker-ce docker-compose containerd.io -y<br />
# enable and start docker service<br />
sudo systemctl enable docker && sudo systemctl start docker<br />
# add the current user to the docker group<br />
sudo usermod -aG docker $USER<br />
# reauthenticate for the new group membership to take effect<br />
su - $USER</div>
</li>
</ol>
<h2>Running the Tailscale Container</h2>
<ol>
<li>Continue with the following commands in a terminal window
<div class="codeBlock"># create the tailscale container<br />
# replace the TS_AUTHKEY variable<br />
# and update the TS_ROUTES variable<br />
# to point to your local network subnet<br />
docker run -d --name=tailscale -v /var/lib:/var/lib -v /dev/net/tun:/dev/net/tun -e TS_ACCEPT_DNS=true --network=host --cap-add=NET_ADMIN --cap-add=NET_RAW --restart=unless-stopped --hostname="ctr-gateway" -e TS_AUTHKEY=<%AUTH KEY CREATED EARLIER%> -e TS_ROUTES=192.168.0.0/24 tailscale/tailscale</div>
</li>
<li>Back in the web browser, select Machines from the top navigation menu</li>
<li>The ctr-gateway machine should be listed and connected</li>
<li>Click the Settings button across from the ctr-gateway device > Select Disable key expiry</li>
<li>Click the Settings button across from the ctr-gateway device again > Edit route settings...</li>
<li>Click the Approve all button to enable routing into the local network</li>
</ol>
<h2>Connecting Other Devices</h2>
<ol>
<li>Additional devices can be added to the Tailscale network by installing the Tailscale client <a href="https://tailscale.com/download" target="_blank">Additional reading</a></li>
<li>To connect from a mobile device, install the Tailscale mobile app</li>
<li>Log into Tailscale using the same method used to create the account earlier</li>
<li>Once connected to the network, the mobile device can be used to reach services in your home lab securely from anywhere</li>
</ol>
<p>Source: <span><span class="codeBlock"><a href="https://hub.docker.com/r/tailscale/tailscale" target="_blank">https://hub.docker.com/r/tailscale/tailscale</a><br />
Documentation: <a href="https://tailscale.com/kb/" target="_blank">https://tailscale.com/kb/</a></span></span></p> </div>
</div>
</body>
</html>