Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/erisa/ts-derp-docker
Yet another take on a Tailscale DERP Docker image
https://github.com/erisa/ts-derp-docker
derp derper docker docker-compose tailscale
Last synced: about 1 month ago
JSON representation
Yet another take on a Tailscale DERP Docker image
- Host: GitHub
- URL: https://github.com/erisa/ts-derp-docker
- Owner: Erisa
- Created: 2024-07-29T02:51:48.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2024-10-12T02:06:04.000Z (2 months ago)
- Last Synced: 2024-11-02T14:35:29.342Z (about 2 months ago)
- Topics: derp, derper, docker, docker-compose, tailscale
- Language: Dockerfile
- Homepage:
- Size: 15.6 KB
- Stars: 8
- Watchers: 1
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Erisa's Tailscale DERP Docker image
This is [yet](https://github.com/tijjjy/Tailscale-DERP-Docker) [another](https://github.com/fredliang44/derper-docker) take on a Tailscale DERP server in a Docker image.
The guiding principles that distinguish this from alternatives are:
- Compatibility with all [containerboot](https://pkg.go.dev/tailscale.com/cmd/containerboot) environment variables.
- Stable and predictable versioning, using the same version of Tailscale and DERP together to ensure stability.
- Will not run Tailscale if not desired.
- Full functioning of `/debug/` routes.
- Ease of use. Just clone, set variables, and `docker compose up -d`.
- Support for multiple architectures.The image is available on `ghcr.io/erisa/ts-derper` with the `:latest` tag serving the latest stable version of Tailscale and some versioned tags being available for specific versions.
## Setup
In short, and assuming you want to verify clients are part of your tailnet:
- Setup DNS records on a subdomain to point to the public IPv4/IPv6 of the machine that's going to run the DERP server.
- Clone the repository: `$ git clone https://github.com/Erisa/ts-derp-docker && cd ts-derp-docker`
- Create your own copy of the `.env`: `$ cp example.env .env`
- Edit `.env` with an [auth key](https://login.tailscale.com/admin/settings/keys), the domain and an optional hostname.
- I recommend attaching a tag to your authkey, such as `tag:derpers`.
- Run `docker compose up -d`
- Add the DERP server to your tailnet, as [directed by the documentation](https://tailscale.com/kb/1118/custom-derp-servers#step-2-adding-derp-servers-to-your-tailnet).The following ports are required by default:
```
80/tcp (HTTP)
443/tcp (HTTPS)
3478/udp (STUN)
```Port 80 [normally cannot be changed](https://tailscale.com/kb/1118/custom-derp-servers#required-ports), but you are welcome to try and see.
You can change HTTPS and STUN to different ports in the `.env` configuration. You must then update [DERPnode.DERPPort](https://pkg.go.dev/tailscale.com/tailcfg#DERPNode.DERPPort) and [DERPNode.STUNPort](https://pkg.go.dev/tailscale.com/tailcfg#DERPNode.STUNPort) accordingly.
If you need custom certificates, set `TS_DERP_CERTMODE` to `manual` and place the files in `./certs` as `derp.example.com.crt` and `derp.example.com.key`.
## Credits
- [tijjjy](https://github.com/tijjjy) for [Tailscale-DERP-Docker](https://github.com/tijjjy/Tailscale-DERP-Docker)