Installing Tailscale inside a jail

E

e76e0zgfht

Cadet
Joined
Aug 15, 2021
Messages
2
Hi all,

Tailscale has no official support on FreeBSD but there is a port here.
I am having trouble installing it in a jail. It installs and runs perfectly fine on a VM running FreeBSD 12.2-RELEASE but not inside a jail on Truenas 12.0.

After installing the pkg in a jail and running:
service tailscaled enable service tailscaled start tailscale up

It results in:

can't fetch status from tailscaled: Get "http://local-tailscaled.sock/localapi/v0/status": dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory

I'm assuming it fails because jails are less permissive by default than the host OS. I have no clue which /etc/devfs.rules I should enable to get it to work.
So far, I tried using the following set of /etc/devfs.rules that I found here, which explains how to install Wireguard in a jail. I thought that since Tailscale uses Wireguard, it might work but it didn't:

Code:
[devfsrules_jail=5]
add include $devfsrules_hide_all
add include $devfsrules_unhide_basic
add include $devfsrules_unhide_login
add path 'tun*' unhide
add path 'bpf*' unhide
add path zfs unhide


I also tried checking for any logs in /var/log inside the jail, but they're mostly empty.
If anyone can offer any guidance, I would greatly appreciate it. Thank you!
 
G

gt2416

Patron
Joined
Feb 4, 2018
Messages
262
what do you see if you run the command
Code:
tailscaled


For me it tries to access /var.run/devd.seqpacket.pipe which I don't know how to pass through to a jail.
 
sretalla

sretalla

Powered by Neutrality
Moderator
Joined
Jan 1, 2016
Messages
9,703
gt2416 said:
tries to access /var.run/devd.seqpacket.pipe which I don't know how to pass through to a jail.
Click to expand...
What you want to look at is the devfs_ruleset for the jail.

iocage set devfs_ruleset=2 jailname would be a starting point which opens up all devices to the jail.
 
E

e76e0zgfht

Cadet
Joined
Aug 15, 2021
Messages
2
gt2416 said:
what do you see if you run the command
Code:
tailscaled


For me it tries to access /var.run/devd.seqpacket.pipe which I don't know how to pass through to a jail.
Click to expand...

sretalla said:
What you want to look at is the devfs_ruleset for the jail.

iocage set devfs_ruleset=2 jailname would be a starting point which opens up all devices to the jail.
Click to expand...

It seems it isn't possible to use Tailscale in a jail. I contacted the maintainer of the port and they linked a discussion about running devd(8) in a jail and it isn't possible.

Instead I'll just use a VM. Thank you both for the suggestions!
 
G

gt2416

Patron
Joined
Feb 4, 2018
Messages
262
I read that you cant use devd in a jail as well. I tried linking the file inside the jail but thats a no go, guess a vm is the best way for now. The lightest distro I know of is alpine linux, it could be a decent alternative to a jail.
 
R

rjone1

Cadet
Joined
Nov 4, 2021
Messages
3
Anyone know if this is still the case. According to the Tailscale website they mention:

Tailscale’s FreeBSD support is community-maintained but functional. Tailscale is now in FreeBSD Ports.
FreeNAS is based on FreeBSD. Our users have reported that Tailscale’s FreeBSD version works fine on FreeNAS.

tailscale.com

Connect to network attached storage (NAS) · Tailscale Docs

Learn how to install the Tailscale client on supported network-attached storage (NAS) devices.
tailscale.com tailscale.com

Really hoping it was possible to run tailscale without the need for a VM.
 
Geek

Geek

Cadet
Joined
Nov 23, 2021
Messages
1
rjone1 said:
Anyone know if this is still the case. According to the Tailscale website they mention:

Tailscale’s FreeBSD support is community-maintained but functional. Tailscale is now in FreeBSD Ports.
FreeNAS is based on FreeBSD. Our users have reported that Tailscale’s FreeBSD version works fine on FreeNAS.

tailscale.com

Connect to network attached storage (NAS) · Tailscale Docs

Learn how to install the Tailscale client on supported network-attached storage (NAS) devices.
tailscale.com tailscale.com

Really hoping it was possible to run tailscale without the need for a VM.
Click to expand...
Did you get anywhere with this? I'm also trying to run tailscale in a jail without a VM. I've been running in to all kinds of errors trying to get it to work.
 
R

rjone1

Cadet
Joined
Nov 4, 2021
Messages
3
Geek said:
Did you get anywhere with this? I'm also trying to run tailscale in a jail without a VM. I've been running in to all kinds of errors trying to get it to work.
Click to expand...
I just gave up and went with a light weight Ubuntu install as a relay server. It actually wasn't too hard and isn't using much resources.

Using Tailscale and FreeNAS (or TrueNAS CORE) Together

Tailscale has been a recent fascination of mine and Pat’s recently. Tailscale is a secure, zero-configuration mesh network that just works. I’ve gushed enough about Tailscale in previous blogs that I’m going to work to avoid it here in this blog, but if you’d like–here are a few links where you...
butterwhat.com

tailscale.com

Setting up Tailscale on Ubuntu 20.04 LTS (focal) · Tailscale Docs

Learn how to install Tailscale on Ubuntu 20.04 LTS (focal).
tailscale.com tailscale.com
 
You must log in or register to reply here.

Similar threads

BlueJ007
Tailscale jail help
Replies
1
Views
242
pantera
P
dak180
Activating Plex hardware acceleration
16 17 18 19 20
Replies
380
Views
148K
elorimer
E
DevilNAS
TrueNAS Core v12-U8 and Hardware Transcode Plex Issues
Replies
3
Views
5K
DevilNAS
DevilNAS
AndrewShumate
[HowTo] Install Tailscale in a Jail
Replies
13
Views
23K
cornail
C
K
Jail: Start a service only after another service has been started
Replies
0
Views
191
Krieg
K
Top