{"id":59,"date":"2024-06-22T10:19:22","date_gmt":"2024-06-22T06:19:22","guid":{"rendered":"https:\/\/www.kerloys.com\/?p=59"},"modified":"2024-06-22T10:19:22","modified_gmt":"2024-06-22T06:19:22","slug":"tailscale-on-firewalla-using-docker","status":"publish","type":"post","link":"https:\/\/www.kerloys.com\/index.php\/2024\/06\/22\/tailscale-on-firewalla-using-docker\/","title":{"rendered":"Tailscale on Firewalla using Docker"},"content":{"rendered":"\n

In this article, you will learn how to set up Tailscale on a Firewalla device using Docker. We’ll guide you through creating necessary directories, setting up a Docker Compose file, starting the Tailscale container, and configuring it to auto-start on reboot. This setup will ensure a secure and stable connection using Tailscale’s VPN capabilities on your Firewalla device.<\/p>\n\n\n\n

Step 1: Prepare Directories<\/h3>\n\n\n\n

Create the necessary directories for Docker and Tailscale:<\/p>\n\n\n\n

mkdir -p \/home\/pi\/.firewalla\/run\/docker\/tailscale\ncd \/home\/pi\/.firewalla\/run\/docker\/tailscale\n<\/code><\/pre>\n\n\n\n
Step 2: Create Docker Compose File<\/h3>\n\n\n\n
Create and populate the docker-compose.yml<\/code> file:<\/p>\n\n\n\n
cat > docker-compose.yml << EOF\nversion: \"3\"\nservices:\n  tailscale:\n    image: tailscale\/tailscale:stable\n    container_name: firewalla-tailscale\n    deploy:\n      restart_policy:\n        condition: on-failure\n        max_attempts: 3\n    network_mode: \"host\"\n    volumes:\n      - \"\/home\/pi\/.firewalla\/run\/docker\/tailscale:\/var\/lib\"\n      - \"\/dev\/net\/tun:\/dev\/net\/tun\"\n    privileged: true\n    cap_add:\n      - net_admin\n      - sys_module\n    command: tailscaled\nEOF\n<\/code><\/pre>\n\n\n\n
In this configuration, the image tag stable<\/code> ensures a stable version of Tailscale is used.<\/p>\n\n\n\n
Step 3: Start the Container<\/h3>\n\n\n\n
Start Docker and the Tailscale container:<\/p>\n\n\n\n
sudo systemctl start docker\nsudo docker-compose up -d\nsudo docker exec firewalla-tailscale tailscale up --advertise-routes=192.168.1.0\/24 --advertise-exit-node\nsudo docker exec firewalla-tailscale tailscale status\n<\/code><\/pre>\n\n\n\n
Follow the printed instructions to authorize the node and routes.<\/p>\n\n\n\n
Step 4: Auto-Start on Reboot<\/h3>\n\n\n\n
Ensure Docker and Tailscale start on reboot by creating the following script:<\/p>\n\n\n\n
mkdir -p \/home\/pi\/.firewalla\/config\/post_main.d\/\ncd \/home\/pi\/.firewalla\/config\/post_main.d\/\ncat > start_tailscale.sh <<EOF\n#!\/bin\/bash\n\necho \"\\$0 - \\$(date \"+%Y-%m-%d - %H:%M:%S\") - starting docker\"\nsudo systemctl start docker\nsleep 60\ncd \/home\/pi\/.firewalla\/run\/docker\/tailscale\n\necho \"\\$0 - \\$(date \"+%Y-%m-%d - %H:%M:%S\") - pulling latest images\"\nsudo docker-compose pull\n\necho \"\\$0 - \\$(date \"+%Y-%m-%d - %H:%M:%S\") - bringing containers up\"\nsudo docker-compose up -d\nsleep 60\n\necho \"\\$0 - \\$(date \"+%Y-%m-%d - %H:%M:%S\") - starting tailscale\"\nsudo docker exec firewalla-tailscale tailscale up --advertise-routes=192.168.1.0\/24 --advertise-exit-node\nsleep 15\n\necho \"\\$0 - \\$(date \"+%Y-%m-%d - %H:%M:%S\") - checking status\"\nsudo docker exec firewalla-tailscale tailscale status\n\necho \"\\$0 - \\$(date \"+%Y-%m-%d - %H:%M:%S\") - pruning images\"\nsudo docker system prune -f\nEOF\n<\/code><\/pre>\n\n\n\n
Make the script executable:<\/p>\n\n\n\n
chmod +x start_tailscale.sh\n<\/code><\/pre>\n\n\n\n
With these steps, you should have Tailscale running on Firewalla using Docker. Adjust the advertise-routes<\/code> command as needed for your network configuration.<\/p>\n\n\n\n
For additional details and troubleshooting, refer to the original Firewalla community post<\/a>.<\/p>\n\n\n\n
<\/h2>\n\n\n\n
<\/h2>\n\n\n\n
<\/h2>\n","protected":false},"excerpt":{"rendered":"
In this article, you will learn how to set up Tailscale on a Firewalla device using Docker. We’ll guide you through creating necessary directories, setting up a Docker Compose file, starting the Tailscale container, and configuring it to auto-start on reboot. This setup will ensure a secure and stable connection using Tailscale’s VPN capabilities on … <\/p>\n
Continue reading “Tailscale on Firewalla using Docker”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-59","post","type-post","status-publish","format-standard","hentry","category-technology-networking"],"_links":{"self":[{"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/posts\/59","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/comments?post=59"}],"version-history":[{"count":1,"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/posts\/59\/revisions"}],"predecessor-version":[{"id":60,"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/posts\/59\/revisions\/60"}],"wp:attachment":[{"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/media?parent=59"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/categories?post=59"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kerloys.com\/index.php\/wp-json\/wp\/v2\/tags?post=59"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}