-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add a project page for TailService:
- Loading branch information
1 parent
3fa3c4f
commit 4cd25b5
Showing
2 changed files
with
106 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,103 @@ | ||
| --- | ||
| title: TailService | ||
| group: Services | ||
| description: | | ||
| Easily expose services on your Tailscale network | ||
| with their own DNS names and TLS certificates. | ||
| permalinkPattern: /projects/:slug/ | ||
| date: 2024-01-30 | ||
| layout: GitHubProject | ||
| repo: sierrasoftworks/tailservice | ||
| releases: true | ||
| --- | ||
|
|
||
| # TailService | ||
| **Easily expose services on your Tailscale network with their own DNS names and TLS certificates.** | ||
|
|
||
| TailService provides an extremely easy to use proxy for exposing services on your | ||
| [Tailscale](https://tailscale.com/) network under their own MagicDNS name. It is | ||
| particularly useful if you're hosting several services on the same machine and | ||
| want to access them by name instead of needing to remember port numbers. | ||
|
|
||
| ## Installation | ||
| You can either download the latest release from | ||
| [GitHub](https://github.com/sierrasoftworks/tailservice/releases) | ||
| or install from source using `go install` as shown below. | ||
|
|
||
| ```bash | ||
| go install github.com/sierrasoftworks/tailservice@latest | ||
| ``` | ||
|
|
||
| ## Usage | ||
| At its simplest, you can expose a service on your local machine by running the | ||
| `tailservice` command with a `--name` and one or more `--tcp`, `--udp`, or `--tls` | ||
| arguments specifying the ports to expose. | ||
|
|
||
| ```bash | ||
| # Expose port 80 on the local machine as my-service on your tailnet, | ||
| # listening on ports 80 and 443 (port 443 will get a TLS certificate | ||
| # automatically). | ||
| tailservice --name my-service --tls 443:80 --tcp 80:80 | ||
| ``` | ||
|
|
||
| ### Exposing Ports | ||
| The `tailservice` command supports exposing ports using TCP and UDP | ||
| network protocols. It also supports automatically generating TLS certificates | ||
| for your services using [Let's Encrypt](https://letsencrypt.org/) (if you | ||
| have configured your Tailscale account to support HTTPS certificates). | ||
|
|
||
| When specifying a port to expose, you first indicate the type of protocol | ||
| you'd like to receive traffic on (e.g. `--tcp`, `--udp` or the special `--tls` | ||
| variant), followed by the listener specification. | ||
|
|
||
| ```bash | ||
| # Forwards raw TCP traffic from port 80 on the Tailnet service | ||
| # to port 8080 on the local machine. | ||
| tailservice --name my-service --tcp 80:8080 | ||
|
|
||
| # Forwards raw UDP traffic from port 53 on the Tailnet service | ||
| # to port 53 on a remote machine. | ||
| tailservice --name my-service --udp 53:8.8.4.4:53 | ||
|
|
||
| # Forwards TLS traffic from port 443 on the Tailnet service | ||
| # to port 8080 on another Tailnet node. | ||
| tailservice --name my-service --tls 443:example-node.tails-scales.ts.net:8080 | ||
| ``` | ||
|
|
||
| ### Running in Ephemeral Mode | ||
| By default, `tailservice` will save its configuration to disk so that it can | ||
| be restarted without the need to re-authenticate. Running in this manner retains | ||
| the IP address of the service on your Tailnet, allowing you to use the same | ||
| DNS name to access it regardless of how fresh your DNS cache is. | ||
|
|
||
| If you'd prefer that the service is removed from your Tailnet when it is | ||
| stopped, you can use the `--ephemeral` flag to run in ephemeral mode. This | ||
| mode is particularly useful if you're running `tailservice` in a container | ||
| or for test purposes. | ||
|
|
||
| ```bash | ||
| tailservice --name my-service --tcp 80:80 --ephemeral | ||
| ``` | ||
|
|
||
| ### Specifying a Tailscale Authkey | ||
| If you're running `tailservice` in a container or on a headless machine, | ||
| you may find it useful to specify the Tailscale Authkey using an environment | ||
| variable. Doing so is only necessary on the first run, as the resulting config | ||
| will be saved to disk (note that this does not apply if `--ephemeral` is used | ||
| or if the config file is deleted). | ||
|
|
||
| ```bash | ||
| # Configure your Tailscale authentication key | ||
| export TS_AUTHKEY="tskey-1234567890abcdef" | ||
| ``` | ||
|
|
||
| ### Enabling Tailscale Debug Logging | ||
| If you're having trouble getting `tailservice` to work, you can enable debug | ||
| logging by passing the `--ts-debug` flag. This will cause `tailservice` to | ||
| print out the raw Tailscale logs to the console, which may help you to | ||
| diagnose the problem. | ||
|
|
||
| ```bash | ||
| tailservice --name my-service --tcp 80:80 --ts-debug | ||
| ``` |