############# # Tailscale Builder ############# FROM golang:1.19-alpine as builder WORKDIR /bin/ RUN go install tailscale.com/cmd/tailscale@main RUN go install tailscale.com/cmd/tailscaled@main RUN go install tailscale.com/cmd/derper@main FROM alpine:latest as tailscale WORKDIR /bin/ RUN apk add --no-cache ca-certificates iptables ip6tables iproute2 tzdata && \ cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ echo "Asia/Shanghai" > /etc/timezone && \ apk del tzdata && \ rm -rf /var/cache/apk/* COPY --from=builder /go/bin/derper /usr/bin/derper COPY --from=builder /go/bin/tailscale /usr/bin/tailscale COPY --from=builder /go/bin/tailscaled /usr/bin/tailscaled ENV DERP_DOMAIN=your-hostname.com ENV DERP_CERT_DIR=/crt ENV DERP_ADDR=:443 ENV DERP_STUN=true ENV DERP_VERIFY_CLIENTS=false ENV DERP_CERT_MODE=manual CMD derper -hostname=$DERP_DOMAIN -certmode=$DERP_CERT_MODE -certdir=$DERP_CERT_DIR -a=$DERP_ADDR -stun=$DERP_STUN -verify-clients=$DERP_VERIFY_CLIENTS & tailscaled LABEL org.opencontainers.image.authors="ylx" curl -fsSL https://get.docker.com -o get-docker.sh && sh get-docker.sh docker buildx create --use docker buildx build --platform linux/arm,linux/arm64,linux/amd64 -t qctt/tailscale -f tailscale/Dockerfile . --push docker buildx build --platform linux/arm,linux/arm64,linux/amd64 -t qctt/tailscale -f tailscale/Dockerfile . --push --no-cache #创建docker 运行tailscale+derper docker run --name tailscale --restart unless-stopped --sysctl net.ipv4.ip_forward=1 --sysctl net.ipv4.conf.all.src_valid_mark=1 --sysctl net.ipv6.conf.all.forwarding=1 --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun -v /root/.acme.sh/crt:/crt/ -v /root/tailscale:/var/lib/tailscale -e DERP_DOMAIN=123.com -e DERP_ADDR=:443 -e DERP_VERIFY_CLIENTS=true -p 443:443 -p 3478:3478/udp -p 3478:3478 -dt qctt/tailscale #创建docker 运行tailscale docker run --name tailscale --restart unless-stopped --sysctl net.ipv4.ip_forward=1 --sysctl net.ipv4.conf.all.src_valid_mark=1 --sysctl net.ipv6.conf.all.forwarding=1 --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun -v /root/tailscale:/var/lib/tailscale -dt qctt/tailscale #登入tailscale docker exec tailscale tailscale up --authkey key --hostname=hostname --advertise-exit-node #查看日志 docker logs -f tailscale #更新docker docker run --rm -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower -c --run-once tailscale #清理缓存 docker system prune --volumes #清理不运行的docker docker container prune -f && docker image prune --force --all