GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → markpash → tailscale-sidecar

markpash / tailscale-sidecar

Licence: MIT license
A TCP proxy used to expose services onto a tailscale network without root. Ideal for container environments.

Programming Languages

go
31211 projects - #10 most used programming language

Labels

sidecartailscaletailscale-network

Projects that are alternatives of or similar to tailscale-sidecar

ansible-role-tailscale
Ansible role to install and configure a Tailscale node.
Stars: ✭ 189 (+117.24%)
Mutual labels:  tailscale
template-tailscale
Ever wondered how to configure Tailscale with Gitpod to enable secure and ephemeral developer environments in the cloud? Here's how...
Stars: ✭ 29 (-66.67%)
Mutual labels:  tailscale
dapr-wasm
A template project to demonstrate how to run WebAssembly functions as sidecar microservices in dapr
Stars: ✭ 168 (+93.1%)
Mutual labels:  sidecar
secret-sidecar
A Kubernetes init container that retrieves a secret from AWS Secrets Manager
Stars: ✭ 24 (-72.41%)
Mutual labels:  sidecar
athenz-client-sidecar
Moved to https://github.com/AthenZ/athenz-client-sidecar
Stars: ✭ 14 (-83.91%)
Mutual labels:  sidecar
Z370M-ITX-ac-macOS-OpenCore
A working OpenCore configuration and files for ASRock Z370M-ITX/ac
Stars: ✭ 19 (-78.16%)
Mutual labels:  sidecar
Mosn
The Cloud-Native Network Proxy Platform.
Stars: ✭ 3,451 (+3866.67%)
Mutual labels:  sidecar
sidecar
Deploy and execute AWS Lambda functions from your Laravel application.
Stars: ✭ 543 (+524.14%)
Mutual labels:  sidecar
marin3r
Lightweight, CRD based envoy control plane for kubernetes
Stars: ✭ 51 (-41.38%)
Mutual labels:  sidecar
tailscale-docker
Automated Tailscale Docker Build
Stars: ✭ 13 (-85.06%)
Mutual labels:  tailscale
mongoproxy
Lightweight proxy to collect MongoDb client metrics
Stars: ✭ 26 (-70.11%)
Mutual labels:  sidecar
swir
SWIR - Sidecar Written In Rust
Stars: ✭ 49 (-43.68%)
Mutual labels:  sidecar
derper-docker
tailscale‘s selfhosted derp-server docker image
Stars: ✭ 67 (-22.99%)
Mutual labels:  tailscale
openwrt-tailscale-enabler
Brings Tailscale to low powered OpenWRT devices
Stars: ✭ 409 (+370.11%)
Mutual labels:  tailscale
addon-tailscale
Tailscale - Home Assistant Community Add-ons
Stars: ✭ 47 (-45.98%)
Mutual labels:  tailscale
Dapr
Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge.
Stars: ✭ 16,274 (+18605.75%)
Mutual labels:  sidecar
tailscale-ui
Tailscale UI for Ubuntu
Stars: ✭ 56 (-35.63%)
Mutual labels:  tailscale
kubernetes-sidecar-injector
Easy Service Mesh with Kong and Kubernetes
Stars: ✭ 20 (-77.01%)
Mutual labels:  sidecar
Lenovo-ThinkPad-T450s-Hackintosh-OpenCore
此仓库可以让你在macos中使用ThinkPad T450s T450 X250 X1C3的所有功能(不包括指纹、VGA),且99%接近于白苹果的完美黑苹果。
Stars: ✭ 234 (+168.97%)
Mutual labels:  sidecar
vault-sidecar-injector
Kubernetes admission webhook for secure, seamless and dynamic handling of secrets in your applications
Stars: ✭ 55 (-36.78%)
Mutual labels:  sidecar
View All Similar Projects ➔

tailscale-sidecar

checks

This program is designed to expose services onto a tailscale network without needing root. Using the tsnet package provided by tailscale, we can listen on a port on a tailscale IP and then proxy the stream to a destination. The use-case for me was running this as a sidecar container in nomad to expose services onto my tailscale network, without needing root or routing.

Currently this only supports tcp because right now because that's all I care about. I may try to make UDP work in the future.

Docker image available:

docker pull ghcr.io/markpash/tailscale-sidecar:latest

Versions of this software track the versions of upstream tailscale. Any features added to this software will be released when the next version of tailscale is released.

Usage

To use this program, it needs to be executed with a few environment variables. They are as follows:

TS_AUTHKEY
TS_SIDECAR_STATEDIR
TS_SIDECAR_NAME
TS_SIDECAR_BINDINGS

TS_AUTHKEY is now enabled for this project. You can provide this variable with a key, consult the tailscale documentation to determine the appropriate key to use. The old TS_LOGIN method still works, but it's not advised and it's not very convenient either.

TS_SIDECAR_STATEDIR is the location where the persistent data for the sidecar will be stored. This is used to not need to re-authorise the instance. In a container setup, you'll want to have this persisted. The default is ./tsstate, which will result in Tailscale using home/nonroot/tsstate in the Docker container.

Tailscale will not use the specified state directory to store the TLS certificates. When using the Docker container, you should mount home/nonroot/.local/share/tailscale.

TS_SIDECAR_NAME is the name that you wish this program to use to present itself to the tailscale servers, this is what you will see in your panel.

TS_SIDECAR_BINDINGS is the path to the bindings file, which should be a JSON file which has contents much like what's below. The default path for bindings is /etc/ts-sidecar/bindings.json.

Configuration

Configuration should look like this:

[
    {
        "from": 443,
        "to": "127.0.0.1:8000",
        "tls": true
    }
]

Disclaimer

THIS IS NOT OFFICIALLY ENDORSED BY TAILSCALE.

I thought I should put that there just in case someone thought it may be a tailscale product. I'm also not responsible for any of the bad things that might happen as a result of using this software. It works for me but maybe not for you.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].