r/Tailscale

•

2 yr. ago

Installing Tailscale in a Docker container

I've been pulling my hair out for a week now trying to install Tailscale in a Docker container.

- Following the Tailscale Docker image guide returns a Dockerfile error;

- Following this L1T guide I managed to get it installed, but the exit node wouldn't work because ip6tables_filter couldn't be found.

Do any of you guys know a guide on how to install Tailscale on Docker and get the exit node working?

OperaAirBrowser

•

Promoted

Light, calm, and focused. Opera Air is your partner in mindful browsing.

Download

opera.com

Thumbnail image: Light, calm, and focused. Opera Air is your partner in mindful browsing.

Sort by:

Best

Open comment sort options

Best

Top

New

Controversial

Old

Q&A

cmsj

•

2y ago

• Edited 2y ago

This is my docker compose for Tailscale:

tailscale:
  hostname: tailscale
  image: tailscale/tailscale:latest
  restart: unless-stopped
  network_mode: "host" # Easy mode
  privileged: true # I'm only about 80% sure this is required
  volumes:
    - /srv/docker/tailscale/data:/var/lib # tailscale/tailscale.state in here is where our authkey lives
    - /dev/net/tun:/dev/net/tun
    - /var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket # This seems kinda terrible, but the daemon complains a lot if it can't connect to this
  cap_add: # Required
    - NET_ADMIN
    - NET_RAW
  environment:
    TS_HOSTNAME: "lolname" # Set this to the machine name you want to appear on the Tailscale website
    TS_STATE_DIR: "/var/lib/tailscale" # This gives us a persistent entry in TS Machines, rather than Epehmeral
    TS_USERSPACE: false # Bizarrely, even if you bind /dev/net/tun in, you still need to tell the image to not use userspace networking
    TS_AUTH_ONCE: false # If you have a config error somewhere, and this is set to true, it'll be really hard to figure it out
    TS_EXTRA_ARGS: "--advertise-exit-node"

The ip6tables error you’re getting is because your host kernel doesn’t have that loaded. Edit /etc/modules and add a line that says ip6_tables.

You’ll also need to enable IP forwarding. Edit /etc/sysctl.conf and add these two lines:

net.ipv4.conf.all.forwarding=1
net.ipv6.conf.all.forwarding=1

That should be all you need.

Edit: The first volume there, you should choose a host path that makes sense for you. I keep all my Docker volumes in /srv/docker/, but maybe you do something different there.

GoTVm

•

2y ago

I'll try your compose later today, thanks.

The IP forwarding part I'd already done, both on host os and in the container. What I havent yet tried is editing /etc/modules and adding the line.

More replies

BigotDream240420

•

9mo ago

This almost works but where do I put my tailscale login and password?

More replies

Mr_Parzival_

•

4mo ago

Is it posible to connect to exit node from tailscale in docker. As im adding --exit-node=100.64.x.x. and nothing happens...

julietscause

•

2y ago

• Edited 2y ago

Following the Tailscale Docker image guide returns a Dockerfile error;

Can you post a screenshot of the command you ran and the full error?

I managed to get it installed, but the exit node wouldn't work because ip6tables_filter couldn't be found.

What host OS are you using?

Can you post the full command on what you are running the CLI and the error you are getting?

Any reason why you arent doing this in docker compose?

https://www.reddit.com/r/Tailscale/comments/169qdzu/setup_tailscale_exit_node_in_a_docker_compose/

Just wondering

GoTVm

•

2y ago

• Edited 2y ago

The compose in the post doesn't even compile, I keep getting errors on

- '/dev/net/tun:/dev/net/tun'

There is an error in the yaml syntax: YAMLSemanticError: Plain value cannot start with a tab character

EDIT: I managed to fix that error by copying a known good compose file and editing in the values that the post provided. Still, nothing was fixed as I still get this error when running tailscale status

# Health check:
- router: setting up filter/ts-input: running [/sbin/ip6tables -t filter -N ts-input --wait]: exit status 3: modprobe: can't change directory to '/lib/modules': No such file or directory
ip6tables v1.8.8 (legacy): can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?) Perhaps ip6tables or your kernel needs to be upgraded.

More replies

[deleted]

•

2y ago

Rootless or rootful docker?

GoTVm

•

2y ago

I run docker from my root account

More replies

Installing Tailscale in a Docker container

Should I install Tailscale on bare metal or docker?

How to connect docker containers to tailscale?

Docker Tailscale use gluetun container for exit node

How to install Tailscale without Docker?

[Guide] How to Use Tailscale Serve with Docker Compose for Secure, Private Self-Hosting

Make a docker service accessible in the tailnet as well as locally

Tailscale, Cloudflare and NGINX

How doesn't it go through Tailscale's servers?

Install tailscale in a raspberry with no desktop env

Anyone know why my custom domain is not working with Tailscale?

Setting up tailscale to connect to a single docker container?

I Developed a Minimalist Linux Distro with Tailscale Built-In 🚀

Connecting selfhosted apps to Tailscale with TSDProxy

My blog post on how I joined two separate home networks together using Tailscale and two Raspberry Pis (feedback appreciated)

Has anyone installed hoppstoch using Docker?

Running a server (flask) from a docker container

Headscale in Docker on Synology

Fitting for junction box to waterproof pigtail?

Not enough headspace for filament spool. Suggestions?

Alpine in a Docker Container

Best way to deploy tailscale in home network

Tailscale runs automatically, CONSTANTLY: What can I do with it?

Help me get my head straight - Tailscale and Kubernetes

Any suggestions on how to fix a magstrike air pump?

Need help with starting a docker container

Top Posts