Hi,
has anyone had any success installing Tailscale-client on the controller?
I’ve tried the dockerized “tailscaled” withouth any luck - and for now ended up with ZeroTier.
I’ve also tried the “standard” curl-installation command but that doesn’t recognize the Linux distro (CC100)
Hi, I’ve successfully used it on a PFC.
Here is the command I used for installation :
docker run -d --name=tailscaled --restart unless-stopped -v /var/lib:/var/lib -v /var/lib/tailscale:/var/lib/tailscale -e TS_STATE_DIR=/var/lib/tailscale -v /dev/net/tun:/dev/net/tun -e TS_USERSPACE=0 --network=host --cap-add=NET_ADMIN --cap-add=NET_RAW tailscale/tailscale
After you check the status and get the URL to connect it to your tailscale account :
docker exec tailscaled tailscale --socket /tmp/tailscaled.sock status
It should connect, you can use this same command to check if it’s connected or you will see it in your dashboard.
To update the client (optional):
docker exec tailscaled tailscale update --yes
And to me the best feature is the Site-to-Site. If you want to share the network behing your controller, just add a route like this (this is the installation command except that a route is added :
docker run -d --name=tailscaled --restart unless-stopped -v /var/lib:/var/lib -v /var/lib/tailscale:/var/lib/tailscale -e TS_STATE_DIR=/var/lib/tailscale -v /dev/net/tun:/dev/net/tun -e TS_USERSPACE=0 --network=host --cap-add=NET_ADMIN --cap-add=NET_RAW -e TS_ROUTES=192.168.68.0/24
tailscale/tailscale
You’ll have to acknowledge this on your dashboard.
To install it on an Edge computer :
curl -fsSL https://tailscale.com/install.sh | sh
tailscale up
tailscale --socket /tmp/tailscaled.sock status
And if you need to set up the Site-to-Site :
echo ‘net.ipv4.ip_forward = 1’ | sudo tee -a /etc/sysctl.d/99-tailscale.conf
echo ‘net.ipv6.conf.all.forwarding = 1’ | sudo tee -a /etc/sysctl.d/99-tailscale.conf
sudo sysctl -p /etc/sysctl.d/99-tailscale.conf
sudo tailscale up --advertise-routes=192.168.68.0/24
Thank you very much for the write-up, I believe I was missing the --cap-add parameters.
Yes, the Site-to-site feature is something I use a lot and was planning on using here as well, thank you!
I get the URL for logging in and it’s ducessfully added to my account, but the container keeps restarting and every time I query the status it gives a new token and restarts
It is also possible to create an authentication key in advance to connect the controller directly. In the Tailscale portal, go to Settings/Keys and generate an Auth keys. This configurable key can be used multiple times or not, and its expiration time is configurable.
Add the environment variable TS_AUTHKEY to use it in the Docker command.
-e TS_AUTHKEY=tskey-auth-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Yes, I’ve tried that as well but with the same experience - the container keeps restarting and it doesn’t connect to the tailnet.
Have you look at the logs ?
docker logs #containername#
Yes, and noticed some errors in the log - but didn’t have time to investigate any more at the time.
But when using the docker log command and the original command, I retrieved the auth-URL and sucessfully added the CC100 to my tailnet.
Seems like the status-command somehow resets the login and provide a new URL in the background(?)
docker run -d --name=tailscaled --restart unless-stopped -v /var/lib:/var/lib -v /var/lib/tailscale:/var/lib/tailscale -e TS_STATE_DIR=/var/lib/tailscale -v /dev/net/tun:/dev/net/tun -e TS_USERSPACE=0 --network=host --cap-add=NET_ADMIN --cap-add=NET_RAW -e TS_ROUTES=192.168.68.0/24
tailscale/tailscale
I started using tailscale but after a tip from one of our customers I changed to netbird.io
It is more or less the same thing but netbird.io maintains an arm32v6/7 binary which makes it possible to run the client directly on the WAGO controllers.
I am currently running the binary without any issues on cc100, pfc200, edge controller. And of course on the amd64 linux (edge computer etc), mac, windows ++ (I actually run it on a pre-production model of our upcoming pfc300 arm64 controller as well 
)
They also got a open source version of the management server if you want/need to host your own and not use their cloud management server. I use the cloud myself.
I have forked one of the install scripts and modified it to detect WAGO controllers running arm32. Feel free to give it a go. The same script also download and update the binary when you run it again later.