tailscale and derper in dokcer

发表评论
#############
# Tailscale Builder
#############

FROM golang:1.19-alpine as builder

WORKDIR /bin/
RUN go install tailscale.com/cmd/tailscale@main
RUN go install tailscale.com/cmd/tailscaled@main
RUN go install tailscale.com/cmd/derper@main

FROM alpine:latest as tailscale

WORKDIR /bin/
RUN apk add --no-cache ca-certificates iptables ip6tables iproute2 tzdata && \
    cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
    echo "Asia/Shanghai" > /etc/timezone && \
    apk del tzdata && \
    rm -rf /var/cache/apk/*

COPY --from=builder /go/bin/derper /usr/bin/derper
COPY --from=builder /go/bin/tailscale /usr/bin/tailscale
COPY --from=builder /go/bin/tailscaled /usr/bin/tailscaled

ENV DERP_DOMAIN=your-hostname.com
ENV DERP_CERT_DIR=/crt
ENV DERP_ADDR=:443
ENV DERP_STUN=true
ENV DERP_VERIFY_CLIENTS=false
ENV DERP_CERT_MODE=manual
CMD derper -hostname=$DERP_DOMAIN -certmode=$DERP_CERT_MODE -certdir=$DERP_CERT_DIR -a=$DERP_ADDR -stun=$DERP_STUN -verify-clients=$DERP_VERIFY_CLIENTS & tailscaled

LABEL org.opencontainers.image.authors="ylx"


curl -fsSL https://get.docker.com -o get-docker.sh && sh get-docker.sh
docker buildx create --use
docker buildx build --platform linux/arm,linux/arm64,linux/amd64 -t qctt/tailscale -f tailscale/Dockerfile . --push
docker buildx build --platform linux/arm,linux/arm64,linux/amd64 -t qctt/tailscale -f tailscale/Dockerfile . --push --no-cache

#创建docker 运行tailscale+derper
docker run --name tailscale --restart unless-stopped --sysctl net.ipv4.ip_forward=1 --sysctl net.ipv4.conf.all.src_valid_mark=1 --sysctl net.ipv6.conf.all.forwarding=1 --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun -v /root/.acme.sh/crt:/crt/ -v /root/tailscale:/var/lib/tailscale -e DERP_DOMAIN=123.com -e DERP_ADDR=:443 -e DERP_VERIFY_CLIENTS=true -p 443:443 -p 3478:3478/udp -p 3478:3478 -dt qctt/tailscale
#创建docker 运行tailscale
docker run --name tailscale --restart unless-stopped --sysctl net.ipv4.ip_forward=1 --sysctl net.ipv4.conf.all.src_valid_mark=1 --sysctl net.ipv6.conf.all.forwarding=1 --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun -v /root/tailscale:/var/lib/tailscale -dt qctt/tailscale
#登入tailscale
docker exec tailscale tailscale up --authkey key --hostname=hostname --advertise-exit-node
#查看日志
docker logs -f tailscale
#更新docker
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower -c --run-once tailscale
#清理缓存
docker system prune --volumes
#清理不运行的docker
docker container prune -f && docker image prune --force --all

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据