Docker Services
To add a service to your TSDProxy instance, you need to add a label to your service container.
tsdproxy.enable
Just add the label tsdproxy.enable to true and restart you service. The
container will be started and TSDProxy will be enabled.
labels:
tsdproxy.enable: "true"TSProxy will use container name as Tailscale server, and will use one exposed port to proxy traffic.
tsdproxy.name
If you define a name different from the container name, you can define it with
the label tsdproxy.name and it will be used as the Tailscale server name.
labels:
tsdproxy.enable: "true"
tsdproxy.name: "myserver"tsdproxy.container_port
If you want to define a different port than the default one, you can define it
with the label tsdproxy.container_port.
This is useful if the container has multiple exposed ports or if the container
is running in network_mode=host.
ports:
- 8081:8080
- 8000:8000
labels:
tsdproxy.enable: "true"
tsdproxy.name: "myserver"
tsdproxy.container_port: 8080tsdproxy.container_port label is the port used
internal in the container and not the exposed port.tsdproxy.ephemeral
If you want to use an ephemeral container, you can define it with the label tsdproxy.ephemeral.
labels:
tsdproxy.enable: "true"
tsdproxy.name: "myserver"
tsdproxy.ephemeral: "true"tsdproxy.webclient
If you want to enable the Tailscale webclient (port 5252), you can define it
with the label tsdproxy.webclient.
labels:
tsdproxy.enable: "true"
tsdproxy.name: "myserver"
tsdproxy.webclient: "true"tsdproxy.tsnet_verbose
If you want to enable Tailscale’s verbose mode, you can define it with the label
tsdproxy.tsnet_verbose.
labels:
tsdproxy.enable: "true"
tsdproxy.name: "myserver"
tsdproxy.tsnet_verbose: "true"tsdproxy.funnel
To enable funnel mode, you can define it with the label tsdproxy.funnel.
labels:
tsdproxy.enable: "true"
tsdproxy.name: "myserver"
tsdproxy.funnel: "true"tsdproxy.authkey
Enable TSDProxy authentication with a different Authkey. This give the possibility to add tags on your containers if were defined when created the Authkey.
labels:
tsdproxy.enable: "true"
tsdproxy.authkey: "YOUR_AUTHKEY_HERE"tsdproxy.authkeyfile
Authkeyfile is the path to your Authkey. This is useful if you want to use docker secrets.
labels:
tsdproxy.enable: "true"
tsdproxy.authkey: "/run/secrets/authkey"tsdproxy.proxyprovider
If you want to use a proxy provider other than the default one, you can define
it with the label tsdproxy.proxyprovider.
labels:
tsdproxy.enable: "true"
tsdproxy.proxyprovider: "providername"tsdproxy.autodetect
Defaults to true, if your having problem with the internal network interfaces autodetection, set to false.
labels:
tsdproxy.enable: "true"
tsdproxy.autodetect: "false"tsdproxy.scheme
Defaults to “http”, set to https to enable “https” if the container is running with TLS.
labels:
tsdproxy.enable: "true"
tsdproxy.scheme: "https"tsdproxy.tlsvalidate
Defaults to true, set to false to disable TLS validation.
labels:
tsdproxy.enable: "true"
tsdproxy.scheme: "https"
tsdproxy.tlsvalidate: "false"