Tailscale
Authentication
OAuth
Disable AuthKey
OAuth authentication mode is enable if no AuthKey is set in the configuration for Tailscale provider.
Like:
tailscale:
providers:
default:
authKey: ""
authKeyFile: ""When the proxy starts, it will wait to be authenticated with the Tailscale.
Authenticate
Go to TSDProxy Dashboard and click on the Proxy that should show “Authentication” status.
Tip
Set “Ephemeral” to false in the Tailscale provider to avoid the need of authentication next time. See docker Ephemeral label or Proxy List configuration
AuthKey
Generate Authkey
- Go to https://login.tailscale.com/admin/settings/keys
- Click in “Generate auth key”
- Add a Description
- Enable Reusable
- Enable Ephemeral
- Add Tags if you need
- Click in “Generate key”
Warning
If tags were added to the key, all proxies initialized with the same authkey will get the same tags. Add a new Tailscale provider to the configuration if you need to use different)
Add to configuration
Add you key to the configuration as follow:
tailscale:
providers:
default:
authKey: "GENERATED KEY HERE"
authKeyFile: ""Restart
Restart TSDProxy gg
Funnel
Beside adding the TSDProxy configuration to activate Funnel to a proxy, you also should give permissions on Tailscale ACL. See here to more detail.