sierrasoftworks / tailscale-udm Goto Github PK
View Code? Open in Web Editor NEWRun Tailscale on your Unifi Dream Machine
License: MIT License
Run Tailscale on your Unifi Dream Machine
License: MIT License
on UDM Pro SE the update.sh fails if tailscaled is running.
can we use advertise dns subnet with this
After upgrading from 1.x to 2.x, I had edited tailscale-env
to add some additional options to be passed to tailscale up
. However, it appears TAILSCALE_FLAGS
is no longer used in unios_2.x.sh.
for the install script to download, curl need -L option. That is
From:
curl https://raw.github.com/SierraSoftworks/tailscale-udm/master/install.sh | sh
To:
curl -L https://raw.github.com/SierraSoftworks/tailscale-udm/master/install.sh | sh
I've been unable to get the installation to work; it does not ask me to perform a login, only starts tailscaled on the UDM pro.
Once I do that, the tailscale up command does not, in fact, work:
/mnt/data/tailscale/tailscale up --force-reauth --authkey CENSORED
This command just hangs.
What I can't tell is if that's something in the setup script or in tailscale itself.
hey ๐
UDR is a little bit different than UDM, but I believe it should be pretty straightforward to support it, too
please see https://github.com/WireGuard/wireguard-vyatta-ubnt for reference, I believe the key difference is the directory tree
thank you!
There is an error (/mnt/data/tailscale/manage.sh: line 151: tailscale_update: not found
) in the code of manage.sh
.
tailscale-udm/package/manage.sh
Line 151 in 8d3758c
tailscale_update
is an undefined function in the script. Workaround would be to structure the script like this:
tailscale_update() {
tailscale_stop
tailscale_install "$1"
tailscale_start
}
case $1 in
"update!")
if tailscale_has_update "$2"; then
tailscale_update "$2"
else
echo "Tailscale is already up to date"
fi
;;
"on-boot")
# shellcheck source=package/tailscale-env
. "${TAILSCALE_ROOT}/tailscale-env"
if [ "${TAILSCALE_AUTOUPDATE}" = "true" ]; then
tailscale_has_update && tailscale_update || echo "Not updated"
fi
tailscale_start
;;
Want me to submit a PR?
However, tailscale ping hostname
works.
I've read everything on the internet but I don't quite understand what is needed to get the UDM Pro able to resolve tailnet hosts and ping them.
The ideal goal: other devices on my lan (without having tailscale installed) can resolve any tailnet host, through the dream machine.
What am I doing wrong?
Hi Sierra Softworks,
I have a VPS with Vultr on Debian 11 runningTailscale and Bird 1.6.8, installed and the VPS acts as the exit node for my mesh network. I installed your script on my UDM and added the command "sudo tailscale up --exit-node= --exit-node-allow-lan-access=true" to route traffic from the VPS to the UDM but the UDM is not acquiring the IP address of the VPS as my other devices within the mesh are able to connect to the UDM. The goal is for my VPS to advertise a BGP and IPv6 /48 addressing to the UDM.
Please advise.
Hello, I was just wondering how you would go about adding this device as a exit note and pushing routes if possible.
Thank you so much for making this script it worked first try out of the box and just simply worked.
https://headscale.EXAMPLE.com
doing a traceroute to the login-server shows 1 hop including the public ip of the router itself.
Originally posted by wolffcatskyy December 9, 2023
Could you allow pulling the unstable (beta) version>? That's what I have running on all my other devices.
Tried to re-install Tailscale on UDM SE but I always get an error installing the tailscale-install.timer. See:
root@Dream-Machine-Special-Edition:~# systemctl stop tailscaled
root@Dream-Machine-Special-Edition:~# rm -Rf /data/tailscale
root@Dream-Machine-Special-Edition:~# # Install the latest version of Tailscale UDM
curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository...
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye-updates InRelease
Hit:3 https://security.debian.org/debian-security bullseye-security InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Hit:5 https://apt.artifacts.ui.com bullseye InRelease
Get:6 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Fetched 6566 B in 1s (6023 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
36 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.60.0...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
tailscale is already the newest version (1.60.0).
0 upgraded, 0 newly installed, 0 to remove and 36 not upgraded.
Configuring Tailscale port...
Configuring Tailscaled startup flags...
Restarting Tailscale daemon to detect new configuration...
Enabling Tailscale to start on boot...
Installing auto-update timer to ensure that Tailscale is kept installed and up to date.
ln: failed to create symbolic link '/etc/systemd/system/tailscale-install.timer': File exists
Using the instructions in the 2.5.2 update, seem results:
root@Dream-Machine-Special-Edition:~# systemctl disable tailscale-install.service
Removed /etc/systemd/system/multi-user.target.wants/tailscale-install.service.
Removed /etc/systemd/system/tailscale-install.service.
root@Dream-Machine-Special-Edition:~# /data/tailscale/manage.sh install!
Installing latest Tailscale package repository...
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye-updates InRelease
Hit:3 https://security.debian.org/debian-security bullseye-security InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Hit:5 https://apt.artifacts.ui.com bullseye InRelease
Get:6 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Fetched 6566 B in 1s (6105 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
36 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.60.0...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
tailscale is already the newest version (1.60.0).
0 upgraded, 0 newly installed, 0 to remove and 36 not upgraded.
Configuring Tailscale port...
Configuring Tailscaled startup flags...
Restarting Tailscale daemon to detect new configuration...
Enabling Tailscale to start on boot...
Installing pre-start script to install Tailscale on firmware updates.
Created symlink /etc/systemd/system/multi-user.target.wants/tailscale-install.service โ /data/tailscale/tailscale-install.service.
Installing auto-update timer to ensure that Tailscale is kept installed and up to date.
ln: failed to create symbolic link '/etc/systemd/system/tailscale-install.timer': File exists
I tried several reinstalling, removing tailscale and then install. Nothing seems to work. My hope was that this timer would fixed another issue I have. Tailscale stops working now and then. My suspicion is after an update. So, my hope was the 2.5.2 update would solve this :-)
Currently, when using on-boot
with firmware version 2+, the variable TAILSCALE_ROOT
is undefined
tailscale-udm/package/manage.sh
Line 116 in f429756
unios_1.x.sh
defines TAILSCALE_ROOT
at the top:
tailscale-udm/package/unios_1.x.sh
Line 2 in f429756
unios_2.x.sh
doesn't.UDM Pro, running OS v3.0.20 (Kernel 4.19.152 SMP)
Installed Tailscale with install script
Configured with:
#tailscale up --advertise-routes=10.10.0.0/23,10.10.2.0/24 --advertise-exit-node --advertise-tags=tag:udmpro --accept-routes
#tailscale ip -4
100.105.87.25
Issue:
Cannot ping local IP nor any other IPs.
'traceroute -n 100.105.87.25' goes to WAN port and the next hop router, then dies.
'traceroute -n 10.10.9.5' (10.10.9.0/24 is an advertized LAN behind another tailscale router) goes to WAN port and the next hop router, then dies.
Obviously the UDM Pro does NOT see the tailscale network, and thus has no idea how to route across the tailscale connection...
Hi
I am trying to install TailScale on a UDMP with version 2.5.17 but getting errors before it installs successfully. Attached is the output of the SSH session.
TailScale UDMP Install Log.txt
Just following the steps as outlined. The install fails on unifi 2.5.17
I just updated my UDM core OS and tried to reinstall Tailscale, but ended up with errors. It looks like the Debian repo is having issues, but I'm not an expert. Anyone have any thoughts on this? (boostchicken is already installed; it's installer completed without any issues)
From my UDM console:
root@udm:# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh#
Updating package lists...
Ign:1 http://security.debian.org stretch/updates InRelease
Ign:2 http://deb.debian.org/debian stretch InRelease
Err:3 http://security.debian.org stretch/updates Release
404 Not Found [IP: 151.101.42.132 80]
Ign:4 http://deb.debian.org/debian stretch-updates InRelease
Ign:5 http://deb.debian.org/debian stretch-backports InRelease
Err:6 http://deb.debian.org/debian stretch Release
404 Not Found [IP: 151.101.42.132 80]
Err:7 http://deb.debian.org/debian stretch-updates Release
404 Not Found [IP: 151.101.42.132 80]
Err:8 http://deb.debian.org/debian stretch-backports Release
404 Not Found [IP: 151.101.42.132 80]
Hit:10 https://apt-release-candidate.artifacts.ui.com stretch InRelease
Hit:11 https://apt-beta.artifacts.ui.com stretch InRelease
Hit:12 https://apt.artifacts.ui.com stretch InRelease
Reading package lists... Done
E: The repository 'http://security.debian.org stretch/updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-backports Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
root@udm:
There is a new early access version of the UDMP firmware, which is version 4.0.3, the installer exits out with following message:
Unsupported UniFi OS version (v4).
Please provide the following information to us on GitHub:
/usr/bin/ubnt-device-info firmware_detail
4.0.3
/etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
my UDM-pro is on Unifi-OS 3.2.12 which uses debian bullseye. The install.sh script fails with the following:
root@UDMPRO-Chambord:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository key...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
Updating package lists...
Hit:1 https://security.debian.org/debian-security bullseye-security InRelease
Hit:2 https://deb.debian.org/debian bullseye InRelease
Hit:3 https://deb.debian.org/debian bullseye-updates InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Hit:5 https://apt.artifacts.ui.com bullseye InRelease
Hit:6 https://apt-release-candidate.artifacts.ui.com bullseye InRelease
Hit:7 https://apt-beta.artifacts.ui.com bullseye InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
15 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.58.2...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
E: Unable to locate package tailscale
As you can see, there's a line about apt-key being deprecated. The tailscale install instruction changed between stretch and bullseye. The script works after using the new instructions to add the key. I do not know if these new instructions would work for debian stretch too.
I am moving away from tailscale to netbird, as they use the real kernel mode wireguard for better performance and easier self-hosting,
any plans to redo all of your tailscale work for netbird? they also offer arm64 binaries on github :)
Hi there,
# ls -al /mnt/data/tailscale/upgrade.sh
-rw-r--r-- 1 root root 744 Dec 30 17:29 /mnt/data/tailscale/upgrade.sh
###edit###
addressing my own points from #3 #4 and #5
I manually checked and found a newer version available: https://pkgs.tailscale.com/stable/tailscale_1.18.2_arm64.tgz
after making the upgrade script executable:
chmod 744 /mnt/data/tailscale/upgrade.sh
I installed it successfully:
/mnt/data/tailscale/upgrade.sh 1.18.2
Thanks for that nice work. My UDM is installed and running on Tailscale, but it is not showing and subnets. I tried the command sudo tailscale up --advertise-routes=10.0.0.0/24,10.0.1.0/24 but I get a command not found.
Thanks
Hello, if i try to run the install.sh with the code you provided in the description, i will get the folowing output.:
version is: 2.5. 17:
root@UDMPro-Haller:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Updating package lists...
Ign:1 http://security.debian.org stretch/updates InRelease
Err:2 http://security.debian.org stretch/updates Release
404 Not Found [IP: 146.75.122.132 80]
Ign:3 http://deb.debian.org/debian stretch InRelease
Ign:4 http://deb.debian.org/debian stretch-updates InRelease
Ign:5 http://deb.debian.org/debian stretch-backports InRelease
Err:6 http://deb.debian.org/debian stretch Release
404 Not Found [IP: 146.75.122.132 80]
Err:7 http://deb.debian.org/debian stretch-updates Release
404 Not Found [IP: 146.75.122.132 80]
Err:8 http://deb.debian.org/debian stretch-backports Release
404 Not Found [IP: 146.75.122.132 80]
Hit:10 https://apt-beta.artifacts.ui.com stretch InRelease
Hit:11 https://apt-release-candidate.artifacts.ui.com stretch InRelease
Hit:12 https://apt.artifacts.ui.com stretch InRelease
Reading package lists... Done
E: The repository 'http://security.debian.org stretch/updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-updates Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://deb.debian.org/debian stretch-backports Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
error during install
Downloading Tailscale 1.34.2...
Installing Tailscale 1.34.2...
(Reading database ... 40007 files and directories currently installed.)
Preparing to unpack .../tmp.mnbpOhz2H8/tailscale.deb ...
Unpacking tailscale (1.34.2) over (1.34.2) ...
Setting up tailscale (1.34.2) ...
Configuration file '/etc/default/tailscaled'
==> File on system created by you or by a script.
==> File also in package provided by package maintainer.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** tailscaled (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package tailscale (--install):
end of file on stdin at conffile prompt
Errors were encountered while processing:
tailscale
Failed to install Tailscale v1.34.2 from /tmp/tmp.mnbpOhz2H8/tailscale.deb
Please make sure that you're using a valid version number and try again.
curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | DEBIAN_FRONTEND=noninteractive sh
/etc/default/tailscaled
and try again
rm /etc/default/tailscaled && curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Hi there,
My device just auto-updated (yes I have automatic updates enabled, yolo) from 2.4.23 to 2.4.26. Afterwards, tailscale was not installed.
Is this supposed to persist across firmware updates?
Edit: working fine after a reinstall ๐คท๐ป
Hi Sierra Softworks,
I installed the latest version of tailscale-udm and "status" and "netcheck" outputs are successful I connected
the UDM to an exit node but I received the following exit-node output lis status. It appears my UDM is not able to
connect to my VPS although I am able to ping the between the UDM and VPS and a client device.
tailscale -- exit-node list
100.76.xx.xx xxx.tailee24b.ts.net - - -
100.91.x.xxx xxx.tailee24b.ts.net - - selected but offline
Current configuration:
tailscale up --exit-node=100.9.x.xxx --exit-node-allow-lan-access=true --advertise-routes=192.168.x.0/24,192.168.x.0/24,192.168.x.0/24 --ssh
Any assistance is greatly appreciated.
Hi there,
For some reason despite working IPv6 on my network, and being able to ping6
from the UDM-PRO, unless I append --ipv4
to all of the curl requests in the script they hang indefinitely. I'm reluctant to do this bypass without understanding why v6 seems to be stuck. Has anyone else been able to run this script on a network with v4 and v6?
There a few small tweaks that can be made to allow routing to/from other machines on the local network and account for multiple WAN links failing over.
FLAGS="--port 41641 --socket /var/run/tailscale/tailscaled.sock --state /data/tailscale/tailscaled.state"
ROUTES_TO_ADD=$( ip route | grep "dev br" )
echo "${ROUTES_TO_ADD}" | while read -r route; do /sbin/ip route add ${route} table 52; done
#!/bin/sh
RULE_PRIORITY="5225"
SLEEP_INTERVAL="0.25"
TABLE=-1
getDefaultRouteTable() {
/sbin/ip rule list priority 32766 | cut -d " " -f 4
}
updateTailscaleMarkingRule() {
#if default route table changed then update ip rules accordingly
if [ ! $TABLE -eq $1 ] && [ $1 -gt 0 ]
then
/sbin/ip rule del priority $RULE_PRIORITY
/sbin/ip rule add priority $RULE_PRIORITY from all fwmark 0x80000 lookup $1
TABLE=$1
fi
}
until false; do
updateTailscaleMarkingRule $(getDefaultRouteTable)
sleep $SLEEP_INTERVAL
done
tailscale up --advertise-exit-node --advertise-routes="192.168.0.0/24,192.168.1.0/24" --snat-subnet-routes=false --accept-routes --reset
Currently, TAILSCALE_ROOT
is hardcoded and wrong for firmware versions above 2.*
.
tailscale-udm/package/on-boot.sh
Line 4 in f429756
This can easily be fixed by including the same snippet from manage.sh
and install.sh
:
Lines 21 to 27 in f429756
Whenever I attempt to run the install script as listed I get the error:
"curl: (7) Failed to connect to gihub.com port 443: Connection refused"
Any help would be appreciated.
Hey y'all,
I've just built and run the new commits for installing Tailscale via APT instead of downloading the package directly.
Unfortunately, the APT installation fails with this error Version '11 (bullseye)' for 'tailscale' was not found
.
Is there any fixes to this issue just yet or should I be waiting until the official release comes out?
My fork is at https://github.com/bslatyer/tailscale-udm
Here's the full output from the run on my UDM-SE
root@Redwood:~# curl -sSLq https://raw.github.com/bslatyer/tailscale-udm/main/install.sh | sh
Installing Tailscale package repository...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
# Tailscale packages for debian bullseye
deb https://pkgs.tailscale.com/stable/debian bullseye main
Updating package lists...
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease
Hit:3 http://deb.debian.org/debian bullseye-backports InRelease
Hit:4 http://security.debian.org/debian-security bullseye-security InRelease
Get:5 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Hit:6 https://apt-release-candidate.artifacts.ui.com bullseye InRelease
Hit:7 https://apt.artifacts.ui.com bullseye InRelease
Hit:8 https://repo.nextdns.io/deb stable InRelease
Get:9 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 Packages [7105 B]
Get:10 https://pkgs.tailscale.com/stable/debian bullseye/main all Packages [354 B]
Fetched 13.5 kB in 2s (7005 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
25 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 11 (bullseye)...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
E: Version '11 (bullseye)' for 'tailscale' was not found
I just got the UDM SE last week. Everything seems to install and run fine, I do get an IP-address and in the web interface an IP shows up.
However, if I run ip addr show
I don't see any tailscale interface, I can't ping to other machines and other machines can't ping to the UDM SE. The logs do not seem to tell anything useful in finding the cause. I shared them below:
Kernel
root@udm:~# uname -ar
Linux udm 4.19.152-ui-alpine #4.19.152 SMP Fri Apr 22 00:04:43 CST 2022 aarch64 GNU/Linux
Install
root@udm:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing Tailscale v1.24.2 in /mnt/data/tailscale...
Installation complete, run '/mnt/data/tailscale/manage.sh start' to start Tailscale
Starting Tailscaled...
Tailscaled started successfully
To authenticate, visit:
https://login.tailscale.com/a/xxxxxx
Success.
tailscale.log
2022/05/08 18:46:09 logtail started
2022/05/08 18:46:09 Program starting: v1.24.2-t9d6867fb0-g2d0f7ddc3, Go 1.18.1-ts710a0d8610: []string{"/mnt/data/tailscale/tailscaled", "--cleanup"}
2022/05/08 18:46:09 LogID: **MASKED**
2022/05/08 18:46:09 logpolicy: using system state directory "/var/lib/tailscale"
2022/05/08 18:46:09 dns: [rc=unknown ret=direct]
2022/05/08 18:46:09 dns: using *dns.directManager
2022/05/08 18:46:09 flushing log.
2022/05/08 18:46:09 logger closing down
2022/05/08 18:46:10 logtail started
2022/05/08 18:46:10 Program starting: v1.24.2-t9d6867fb0-g2d0f7ddc3, Go 1.18.1-ts710a0d8610: []string{"/mnt/data/tailscale/tailscaled", "--state", "/mnt/data/tailscale/tailscaled.state", "--socket", "/var/run/tailscale/tailscaled.sock", "--port", "41641", "--tun", "userspace-networking"}
2022/05/08 18:46:10 LogID: **MASKED**
2022/05/08 18:46:10 logpolicy: using system state directory "/var/lib/tailscale"
2022/05/08 18:46:10 wgengine.NewUserspaceEngine(tun "userspace-networking") ...
2022/05/08 18:46:10 dns: using dns.noopManager
2022/05/08 18:46:10 link state: interfaces.State ** TRUNCATED **
2022/05/08 18:46:10 magicsock: disco key = **MASKED**
2022/05/08 18:46:10 Creating wireguard device...
2022/05/08 18:46:10 Bringing wireguard device up...
2022/05/08 18:46:10 Bringing router up...
2022/05/08 18:46:10 Clearing router settings...
2022/05/08 18:46:10 Starting link monitor...
2022/05/08 18:46:10 Engine created.
2022/05/08 18:46:10 Start
2022/05/08 18:46:10 using backend prefs for "_daemon": Prefs{ra=false dns=true want=false routes=[] nf=on Persist{lm=, o=, n=[LZHWO] u="**MASKED**"}}
2022/05/08 18:46:10 Backend: logs: be:**MASKED** fe:
2022/05/08 18:46:10 control: client.Login(false, 0)
2022/05/08 18:46:10 Switching ipn state NoState -> Stopped (WantRunning=false, nm=false)
2022/05/08 18:46:10 wgengine: Reconfig: configuring userspace wireguard config (with 0/0 peers)
2022/05/08 18:46:10 wgengine: Reconfig: configuring router
2022/05/08 18:46:10 wgengine: Reconfig: configuring DNS
2022/05/08 18:46:10 dns: Set: {DefaultResolvers:[] Routes:{} SearchDomains:[] Hosts:0}
2022/05/08 18:46:10 dns: Resolvercfg: {Routes:{} Hosts:0 LocalDomains:[]}
2022/05/08 18:46:10 dns: OScfg: {Nameservers:[] SearchDomains:[] MatchDomains:[]}
2022/05/08 18:46:10 control: doLogin(regen=false, hasUrl=false)
2022/05/08 18:46:10 health("overall"): error: state=Stopped, wantRunning=false
2022/05/08 18:46:10 control: control server key from https://controlplane.tailscale.com: ts2021=[fSeS+], legacy=[nlFWp]
2022/05/08 18:46:10 control: RegisterReq: onode= node=[LZHWO] fup=false
2022/05/08 18:46:10 control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=true; authURL=false
2022/05/08 18:46:10 active login: **MASKED**@github
2022/05/08 18:46:10 control: setPaused(true)
2022/05/08 18:46:10 control: mapRoutine: paused
2022/05/08 18:46:10 control: mapRoutine: awaiting unpause
2022/05/08 18:46:10 control: NetInfo: NetInfo{varies=false hairpin=false ipv6=true udp=true derp=#4 portmap= link=""}
2022/05/08 18:46:10 magicsock: endpoints changed: ** TRUNCATED **
2022/05/08 18:46:15 ipnserver: conn2: connection from userid 0; root has access
2022/05/08 18:46:15 EditPrefs: MaskedPrefs{WantRunning=true}
2022/05/08 18:46:15 active login: "**MASKED**" ([unexpected] corp#461, not "**MASKED**@github")
2022/05/08 18:46:15 transitioning to running; doing Login...
2022/05/08 18:46:15 control: client.Login(false, 0)
2022/05/08 18:46:15 control: setPaused(false)
2022/05/08 18:46:15 Switching ipn state Stopped -> Starting (WantRunning=true, nm=true)
2022/05/08 18:46:15 control: mapRoutine: unpaused
2022/05/08 18:46:15 control: doLogin(regen=false, hasUrl=false)
2022/05/08 18:46:15 control: RegisterReq: onode= node=[LZHWO] fup=false
2022/05/08 18:46:15 magicsock: SetPrivateKey called (init)
2022/05/08 18:46:15 magicsock: private key changed, reconnecting to home derp-4
2022/05/08 18:46:15 wgengine: Reconfig: configuring userspace wireguard config (with 0/2 peers)
2022/05/08 18:46:15 wgengine: Reconfig: configuring router
2022/05/08 18:46:15 wgengine: Reconfig: configuring DNS
2022/05/08 18:46:15 dns: Set: {DefaultResolvers:[] Routes:{**MASKED**.github.beta.tailscale.net.:[]}+65arpa SearchDomains:[**MASKED**.github.beta.tailscale.net.] Hosts:3}
2022/05/08 18:46:15 peerapi: serving on http://** MASKED **:34277
2022/05/08 18:46:15 peerapi: serving on http://** MASKED **:34277
2022/05/08 18:46:15 health("dns"): error: getting OS base config is not supported
2022/05/08 18:46:15 magicsock: adding connection to derp-4 for home-keep-alive
2022/05/08 18:46:15 magicsock: 1 active derp conns: derp-4=cr0s,wr0s
2022/05/08 18:46:15 health("dns-os"): error: getting OS base config is not supported
2022/05/08 18:46:15 Switching ipn state Starting -> Running (WantRunning=true, nm=true)
2022/05/08 18:46:15 control: controlclient: restarting map request for "dns" health change to new state: getting OS base config is not supported
2022/05/08 18:46:15 control: controlclient: restarting map request for "dns-os" health change to new state: getting OS base config is not supported
2022/05/08 18:46:15 derphttp.Client.Connect: connecting to derp-4 (fra)
2022/05/08 18:46:15 ipnserver: conn2: ReadMsg: read unix /var/run/tailscale/tailscaled.sock->@: read: connection reset by peer
2022/05/08 18:46:15 control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=true; authURL=false
2022/05/08 18:46:15 magicsock: derp-4 connected; connGen=1
Noticed today that tailscale wasn't starting automatically and couldn't be manually started either required a fresh install to get going again.
Hey @notheotherben
I've got another tricky situation that you need to look into.
The installer script fails to configure Tailscale to use the userspace networking as an error occurs using sed to edit the state file.
It's on a UDM-SE running the 3.0.16 RC
Configuring Tailscale to use userspace networking...
sed: -e expression #1, char 28: unknown option to `s'
Failed to configure Tailscale to use userspace networking
Check that the file /etc/default/tailscaled exists and contains the line FLAGS="--state /data/tailscale/tailscale.state --tun userspace-networking".
root@Redwood:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing Tailscale package repository...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
# Tailscale packages for debian bullseye
deb https://pkgs.tailscale.com/stable/debian bullseye main
Updating package lists...
Hit:1 http://deb.debian.org/debian bullseye InRelease
Hit:2 http://deb.debian.org/debian bullseye-updates InRelease
Hit:3 http://deb.debian.org/debian bullseye-backports InRelease
Hit:4 http://security.debian.org/debian-security bullseye-security InRelease
Hit:5 https://apt-release-candidate.artifacts.ui.com bullseye InRelease
Hit:6 https://apt.artifacts.ui.com bullseye InRelease
Get:7 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Hit:8 https://repo.nextdns.io/deb stable InRelease
Fetched 6016 B in 3s (1786 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
25 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.36.1...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
tailscale
0 upgraded, 1 newly installed, 0 to remove and 25 not upgraded.
Need to get 21.0 MB of archives.
After this operation, 39.9 MB of additional disk space will be used.
Get:1 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 tailscale arm64 1.36.1 [21.0 MB]
Fetched 21.0 MB in 3s (6897 kB/s)
Selecting previously unselected package tailscale.
(Reading database ... 47000 files and directories currently installed.)
Preparing to unpack .../tailscale_1.36.1_arm64.deb ...
Unpacking tailscale (1.36.1) ...
Setting up tailscale (1.36.1) ...
Configuring Tailscale to use userspace networking...
sed: -e expression #1, char 28: unknown option to `s'
Failed to configure Tailscale to use userspace networking
Check that the file /etc/default/tailscaled exists and contains the line FLAGS="--state /data/tailscale/tailscale.state --tun userspace-networking".
I ran into this error while installing on a fresh UDM-SE, FW: 3.2.12
Failed to enable unit: Unit file tailscale-install.timer does not exist.
Full install Log
root@Home-UDM-SE:/data/on_boot.d# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository...
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://deb.debian.org/debian bullseye-updates InRelease
Hit:3 https://deb.debian.org/debian bullseye-backports InRelease
Get:4 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Hit:5 https://security.debian.org/debian-security bullseye-security InRelease
Hit:6 https://apt.artifacts.ui.com bullseye InRelease
Get:7 https://pkgs.tailscale.com/stable/debian bullseye/main all Packages [354 B]
Get:8 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 Packages [9969 B]
Fetched 16.9 kB in 1s (13.2 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
37 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.62.0...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
tailscale-archive-keyring
The following NEW packages will be installed:
tailscale tailscale-archive-keyring
0 upgraded, 2 newly installed, 0 to remove and 37 not upgraded.
Need to get 25.6 MB of archives.
After this operation, 48.3 MB of additional disk space will be used.
Get:2 https://pkgs.tailscale.com/stable/debian bullseye/main all tailscale-archive-keyring all 1.35.181 [3082 B]
Get:1 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 tailscale arm64 1.62.0 [25.6 MB]
Fetched 25.6 MB in 1s (26.0 MB/s)
Selecting previously unselected package tailscale.
(Reading database ... 52830 files and directories currently installed.)
Preparing to unpack .../tailscale_1.62.0_arm64.deb ...
Unpacking tailscale (1.62.0) ...
Selecting previously unselected package tailscale-archive-keyring.
Preparing to unpack .../tailscale-archive-keyring_1.35.181_all.deb ...
Unpacking tailscale-archive-keyring (1.35.181) ...
Setting up tailscale-archive-keyring (1.35.181) ...
Setting up tailscale (1.62.0) ...
Created symlink /etc/systemd/system/multi-user.target.wants/tailscaled.service โ /lib/systemd/system/tailscaled.service.
Configuring Tailscale port...
Configuring Tailscaled startup flags...
Restarting Tailscale daemon to detect new configuration...
Enabling Tailscale to start on boot...
Installing pre-start script to install Tailscale on firmware updates.
Created symlink /etc/systemd/system/multi-user.target.wants/tailscale-install.service โ /data/tailscale/tailscale-install.service.
Installing auto-update timer to ensure that Tailscale is kept installed and up to date.
Failed to enable unit: Unit file tailscale-install.timer does not exist.
Looking in the tailscale directory the timer file does not exist that the symlink is trying to use.
root@Home-UDM-SE:/data/tailscale# ls
LICENSE manage.sh* tailscale-env tailscale-install.service tailscaled.state unios_1.x.sh unios_2.x.sh
Digging around in the repo I can see it is being ignored by the package script when building releases which is why this error is happening.
tailscale-udm/build/package.sh
Lines 9 to 16 in 429c1f8
I am not sure if this is something that is required but if it does enable auto updating, that would be nice to have. Looks like everything is there for this to function, just a single file left out of the latest release, 2.5.3, and the release previous to that.
I am unable to complete the install of Tailscale for UDM, or more realistically, get taiilscale running on a UDM. I tried reboot the UDM (full power cycle) to try to the old adage of "have you tried turning it off and back on again?" Any help is appreciated.
Upon install, I am seeing the following error:
Failed to restart tailscaled.service: Unit tailscaled.service is masked.
UDM info:
root@3815-E-Winray-Dr-new:~# /usr/bin/ubnt-device-info firmware_detail
3.1.16
Console info:
root@3815-E-Winray-Dr-new:~# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Installing latest Tailscale package repository key...
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
Installing Tailscale package repository...
deb https://pkgs.tailscale.com/stable/debian bullseye main
Updating package lists...
Hit:1 https://deb.debian.org/debian bullseye InRelease
Hit:2 https://security.debian.org/debian-security bullseye-security InRelease
Hit:3 https://deb.debian.org/debian bullseye-updates InRelease
Hit:4 https://deb.debian.org/debian bullseye-backports InRelease
Get:5 https://apt.artifacts.ui.com bullseye InRelease [13.0 kB]
Get:6 https://pkgs.tailscale.com/stable/debian bullseye InRelease
Get:7 https://apt.artifacts.ui.com bullseye/release arm64 Packages [40.8 kB]
Fetched 60.3 kB in 1s (43.0 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
58 packages can be upgraded. Run 'apt list --upgradable' to see them.
Installing Tailscale 1.54.1...
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
tailscale
0 upgraded, 1 newly installed, 0 to remove and 59 not upgraded.
Need to get 24.4 MB of archives.
After this operation, 46.0 MB of additional disk space will be used.
Get:1 https://pkgs.tailscale.com/stable/debian bullseye/main arm64 tailscale arm64 1.54.1 [24.4 MB]
Fetched 24.4 MB in 1s (19.8 MB/s)
Selecting previously unselected package tailscale.
(Reading database ... 46360 files and directories currently installed.)
Preparing to unpack .../tailscale_1.54.1_arm64.deb ...
Unpacking tailscale (1.54.1) ...
Setting up tailscale (1.54.1) ...
Failed to preset unit: Unit file /etc/systemd/system/tailscaled.service is masked.
/usr/bin/deb-systemd-helper: error: systemctl preset failed on tailscaled.service: No such file or directory
tailscaled.service is a disabled or a static unit not running, not starting it.
Configuring Tailscale to use userspace networking...
Restarting Tailscale daemon to detect new configuration...
Failed to restart tailscaled.service: Unit tailscaled.service is masked.
Failed to restart Tailscale daemon
The daemon might not be running with userspace networking enabled, you can restart it manually using 'systemctl restart tailscaled'.
root@3815-E-Winray-Dr-new:~# systemctl restart tailscaled
Failed to restart tailscaled.service: Unit tailscaled.service is masked.
Can I route traffic from machines on my local network to Tailscale endpoints automatically?
Currently we are not aware of any supported means of achieving this. Tailscale's subnet routing is intended for Tailscale-to-subnet connections and doesn't provide explicit support for subnet-to-Tailscale connections.
Each device automatically gets a routable (over Tailscale) IP. So my guess is that if you have a device in your local network and you want to connect to a device on the tailscale network, this packet will reach your UDM, and the UDM (connected to Tailscale) will know the route to this 100.64.0.0/10
network, which won't be reachable over the regular internet. Because they use this specific range, this route can easily be added to the UDM routing table (if that did not happen automatically when you connected to the tailscale network).
See this page for details.
i have server running in my lan on lets say 192.168.5.5 i have tailscale running on my udm pro which is 192.168.5.1 i have port open in udm so that 80/443 go to 192.168.5.5 and everything works when i am not on tailscale but when i am on tailsacle i use udm pro as exit node and i try to go to my domain port forwarding doesn't work it goes to 192.168.5.1 instead of 5.5 any idea what might cause this ?
# /usr/bin/ubnt-device-info firmware_detail
4.0.3
# curl -sSLq https://raw.github.com/SierraSoftworks/tailscale-udm/main/install.sh | sh
Unsupported UniFi OS version (v4).
Please provide the following information to us on GitHub:
4.0.3
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
Much Appreciated! Let me know how I can help. Happy to test.
hello
My English is not very good, so please understand
tailscale ping
works
# /mnt/data/tailscale/tailscale ping macbook-01
pong from macbook-01 (100.64.0.3) via XXX.XXX.XXX.XXX:54263 in 10ms
but normal ping
...
# ping 100.64.0.3
PING 100.64.0.3 (100.64.0.3): 56 data bytes
^C
--- 100.64.0.3 ping statistics ---
10 packets transmitted, 0 packets received, 100% packet loss
unable to connect to other machine from udm pro
# ssh 100.64.0.1
ssh: Connection to [email protected]:22 exited: Connect failed: Connection timed out
But other machine is possible
TE-01:~# ssh 100.64.0.18
Welcome to UbiOS
By logging in, accessing, or using the Ubiquiti product, you
acknowledge that you have read and understood the Ubiquiti
License Agreement and agree to be bound by its terms.
[email protected]'s password:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.