tailscale / codespace Goto Github PK
View Code? Open in Web Editor NEWExperimenting with codespaces
License: BSD 3-Clause "New" or "Revised" License
Experimenting with codespaces
License: BSD 3-Clause "New" or "Revised" License
Great to see this, after dealing with getting the docker layers working.
However, I don't think you've flagged the feature as public yet, as it appears as unavailable
MUAT TURUN APLIKASI TERMUX
Pastikan anda muat turun aplikasi TERMUX dari sumber yang betul.
• Muat turun aplikasi F-Droid
Muat turun : https://f-droid.org/F-Droid.apk
• Muat turun dan Pasang TERMUX dari aplikasi F-Droid tersebut.
I set this up and it's working great but my tailscale version is stuck at 1.36.2 and can't update using any of the manual methods described on the Tailscale site. Also can't seem to turn on auto-update. I have tried all methods as the user and and after using sudo su root.
Anyone have any success updating Tailscale after initially installing it into your Codespace?
After the codespace is built including the feature (which now is available, thank you), I try the following:
tailscale up --accept-routes
failed to connect to local tailscaled; it doesn't appear to be running (sudo systemctl start tailscaled ?)
However, if I manually enter (copied from tailscaled-entrypoint.sh
):
sudo /usr/local/sbin/tailscaled --statedir=/workspaces/.tailscale/ --socket=/var/run/tailscale/tailscaled.sock --port=41641
I can then use sudo tailscale up --accept-routes
(note the sudo; it doesn't work without it)
I suspect that you may be expecting remoteUser to be root (which is not the default for codespaces)?
This may have been originally written for Codespaces, but Codespaces are basically just fancy devcontainers and this works just fine in a regular devcontainer like in VSCode. If you list this on containers.dev it will be easily discoverable to anyone using devcontainers. You can do so by creating a PR for this file https://github.com/devcontainers/devcontainers.github.io/blob/gh-pages/_data/collection-index.yml
more info https://containers.dev/features
Seems like tailscaled is unable to update the dns resolver settings.
Tailscaled log:
logtail started
Program starting: v1.34.1-t328b49c4d-g921b59a2e, Go 1.19.2-ts3fd24dee31: []string{"tailscaled", "--state=mem:"}
LogID: xxxxx
logpolicy: using system state directory "/var/lib/tailscale"
logpolicy.ConfigFromFile /var/lib/tailscale/tailscaled.log.conf: open /var/lib/tailscale/tailscaled.log.conf: no such file or directory
logpolicy.Config.Validate for /var/lib/tailscale/tailscaled.log.conf: config is nil
wgengine.NewUserspaceEngine(tun "tailscale0") ...
setting link attributes: netlink receive: no such file or directory
router: v6nat = true
dns: resolvedIsActuallyResolver error: resolv.conf doesn't point to systemd-resolved; points to [127.0.0.53 168.63.129.16]
dns: [rc=resolved resolved=not-in-use ret=direct]
dns: using "direct" mode
dns: using *dns.directManager
link state: interfaces.State{defaultRoute=eth0 ifs={docker0:[172.17.0.1/16] eth0:[172.16.5.4/24]} v4=true v6=false}
magicsock: disco key = d:xxxxx
Creating WireGuard device...
Bringing WireGuard device up...
external route: up
Bringing router up...
Clearing router settings...
Starting link monitor...
Engine created.
pm: migrating "_daemon" profile to new format
got LocalBackend in 2.104s
Start
Backend: logs: be:xxxxx fe:
Switching ipn state NoState -> NeedsLogin (WantRunning=false, nm=false)
blockEngineUpdates(true)
wgengine: Reconfig: configuring userspace WireGuard config (with 0/0 peers)
wgengine: Reconfig: configuring router
wgengine: Reconfig: configuring DNS
dns: Set: {DefaultResolvers:[] Routes:{} SearchDomains:[] Hosts:0}
dns: Resolvercfg: {Routes:{} Hosts:0 LocalDomains:[]}
dns: OScfg: {Nameservers:[] SearchDomains:[] MatchDomains:[] Hosts:[]}
health("overall"): error: state=NeedsLogin, wantRunning=false
Start
generating new machine key
machine key written to store
Backend: logs: be:xxxxx fe:
Switching ipn state NoState -> NeedsLogin (WantRunning=true, nm=false)
blockEngineUpdates(true)
control: client.Shutdown()
control: client.Shutdown: inSendStatus=0
control: mapRoutine: quit
control: Client.Shutdown done.
StartLoginInteractive: url=false
control: client.Login(false, 6)
control: LoginInteractive -> regen=true
control: doLogin(regen=true, hasUrl=false)
control: control server key from https://controlplane.tailscale.com: ts2021=[fSeS+], legacy=[nlFWp]
control: Generating a new nodekey.
control: RegisterReq: onode= node=[Zi5HA] fup=false nks=false
control: creating new noise client
control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=false; authURL=true
control: AuthURL is https://login.tailscale.com/a/xxxxxxxx
Received auth URL: https://login.tailsc...
popBrowserAuthNow: url=true
blockEngineUpdates(true)
stopEngineAndWait...
requestEngineStatusAndWait
requestEngineStatusAndWait: waiting...
requestEngineStatusAndWait: got status update.
stopEngineAndWait: done.
control: doLogin(regen=false, hasUrl=true)
control: RegisterReq: onode= node=[Zi5HA] fup=true nks=false
control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=true; authURL=false
blockEngineUpdates(false)
active login: xxxx
Switching ipn state NeedsLogin -> Starting (WantRunning=true, nm=true)
magicsock: SetPrivateKey called (init)
wgengine: Reconfig: configuring userspace WireGuard config (with 1/5 peers)
wgengine: Reconfig: configuring router
monitor: RTM_NEWROUTE: src=, dst=10.xx.0.0/16, gw=, outif=10, table=52
monitor: RTM_NEWROUTE: src=, dst=10.xx.xx.0/24, gw=, outif=10, table=52
Taildrop disabled; no state directory
peerapi starting without Taildrop directory configured
peerapi: serving on http://100.64.222.158:33280
peerapi: serving on http://[fd7a:115c:a1e0:efe3::6440:de9e]:33280
Switching ipn state Starting -> Running (WantRunning=true, nm=true)
health("router"): error: setting up filter/ts-input: running [/usr/sbin/ip6tables -t filter -N ts-input --wait]: exit status 3: ip6tables v1.8.4 (legacy): can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
magicsock: home is now derp-14 (ams)
magicsock: endpoints changed: 20.234.135.20:1025 (stun), 172.16.5.4:60438 (local), 172.17.0.1:60438 (local)
control: NetInfo: NetInfo{varies=false hairpin=false ipv6=false ipv6os=true udp=true icmpv4=false derp=#14 portmap= link=""}
magicsock: adding connection to derp-14 for home-keep-alive
magicsock: 1 active derp conns: derp-14=cr0s,wr0s
derphttp.Client.Connect: connecting to derp-14 (ams)
magicsock: derp-14 connected; connGen=1
network-lock unavailable; no state directory
/etc/resolv.conf:
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# 127.0.0.53 is the systemd-resolved stub resolver.
# run "systemd-resolve --status" to see details about the actual nameservers.
nameserver 127.0.0.53
search k3lhcgm3d11urhp2rjmnl5p2jd.ax.internal.cloudapp.net
options timeout:1 attempts:5
nameserver 168.63.129.16
devcontainer.json
{
"runArgs": ["--device=/dev/net/tun"],
"features": {
// ...
"ghcr.io/tailscale/codespace/tailscale": {}
// ...
}
}
dig output
$ dig xxx.tailxxxx.ts.net
; <<>> DiG 9.16.1-Ubuntu <<>> xxx.tailxxxx.ts.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15864
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;xxx.tailxxxx.ts.net. IN A
;; Query time: 120 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Thu Jan 12 09:57:29 UTC 2023
;; MSG SIZE rcvd: 50
$ dig @100.100.100.100 xxx.tailxxxx.ts.net
; <<>> DiG 9.16.1-Ubuntu <<>> @100.100.100.100 xxx.tailxxxx.ts.net
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 19364
;; flags: qr aa rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;xxx.tailxxxx.ts.net. IN A
;; Query time: 0 msec
;; SERVER: 100.100.100.100#53(100.100.100.100)
;; WHEN: Thu Jan 12 09:57:34 UTC 2023
;; MSG SIZE rcvd: 39
When doing that last one, I get the following in tailscaled log:
dns: resolver: forward: no upstream resolvers set, returning SERVFAIL
I can't seem to get this to work anymore. I created a test repository here and it fails to create a codespace with the devcontainer.json configured as
{
"image":"mcr.microsoft.com/devcontainers/universal:2",
"runArgs": ["--device=/dev/net/tun"],
"features": {
// ...
"ghcr.io/tailscale/codespace": {}
// ...
}
}
I see:
=================================================================
2023-07-19 21:00:15.891Z: Creating container...
2023-07-19 21:00:15.893Z: $ devcontainer up --id-label Type=codespaces --workspace-folder /var/lib/docker/codespacemount/workspace/stunning-sniffle --mount type=bind,source=/.codespaces/agent/mount/cache,target=/vscode --user-data-folder /var/lib/docker/codespacemount/.persistedshare --container-data-folder .vscode-remote/data/Machine --container-system-data-folder /var/vscode-remote --log-level trace --log-format json --update-remote-user-uid-default never --mount-workspace-git-root false --omit-config-remote-env-from-metadata --skip-non-blocking-commands --skip-post-create --remove-existing-container --config "/var/lib/docker/codespacemount/workspace/stunning-sniffle/.devcontainer/devcontainer.json" --override-config /root/.codespaces/shared/merged_devcontainer.json --default-user-env-probe loginInteractiveShell --container-session-data-folder /workspaces/.codespaces/.persistedshare/devcontainers-cli/cache --secrets-file /root/.codespaces/shared/user-secrets-envs.json
2023-07-19 21:00:16.105Z: @devcontainers/cli 0.48.0. Node.js v18.16.1. linux 5.15.0-1041-azure x64.
2023-07-19 21:00:16.752Z: Resolving Feature dependencies for 'ghcr.io/tailscale/codespace'...
2023-07-19 21:00:17.898Z: {"outcome":"error","message":"Failed to download package for ghcr.io/tailscale/codespace","description":"An error occurred setting up the container."}
2023-07-19 21:00:17.902Z: Error: Failed to download package for ghcr.io/tailscale/codespace
2023-07-19 21:00:17.903Z: at fg (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1830:18327)
2023-07-19 21:00:17.904Z: at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
2023-07-19 21:00:17.905Z: at async pN (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1830:25540)
2023-07-19 21:00:17.907Z: at async Lee (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1830:24135)
2023-07-19 21:00:17.909Z: at async Lf (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1830:26289)
2023-07-19 21:00:17.911Z: at async mg (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1830:26513)
2023-07-19 21:00:17.913Z: at async xg (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1935:2368)
2023-07-19 21:00:17.914Z: at async zf (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1937:1830)
2023-07-19 21:00:17.916Z: at async Fg (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:1937:280)
2023-07-19 21:00:17.919Z: at async cC (/usr/lib/node_modules/@devcontainers/cli/dist/spec-node/devContainersSpecCLI.js:2007:1729)
2023-07-19 21:00:17.920Z: devcontainer process exited with exit code 1
====================================== ERROR ====================================
2023-07-19 21:00:17.939Z: Failed to create container.
=================================================================================
2023-07-19 21:00:17.944Z: Error: Failed to download package for ghcr.io/tailscale/codespace
2023-07-19 21:00:17.945Z: Error code: 1302 (UnifiedContainersErrorFatalCreatingContainer)
====================================== ERROR ====================================
2023-07-19 21:00:17.959Z: Container creation failed.
=================================================================================
Is this just me? Am I doing something wrong?
Would there be interest in restructuring this as a Dev Container "feature"? This would allow any project to add Tailscale in as a one-line mix-in rather than having to build off this base image, like:
"features": {
"ghcr.io/tailscale/codespace": {}
}
I'd be willing to contribute this if it is of interest.
After running tailscale up
with an --exit-node
the connection to the Codespace goes away and I'm unable to connect to the Codespace again.
Also tried with more options:
sudo tailscale up --accept-routes --exit-node=100.x.x.x --exit-node-allow-lan-access=true
When adding this:
"runArgs": [
"--device=/dev/net/tun"
]
I get the following error: Property runArgs is not allowed.
.
Not sure if it is something with my setup, but happens with Codespaces and Docker dev containers.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.