mirror of
https://github.com/tailscale/tailscale.git
synced 2024-11-29 21:15:39 +00:00
59 lines
1.4 KiB
Bash
59 lines
1.4 KiB
Bash
|
# Copyright (c) 2021 Tailscale Inc & AUTHORS All rights reserved.
|
||
|
# Use of this source code is governed by a BSD-style
|
||
|
# license that can be found in the LICENSE file.
|
||
|
|
||
|
#! /bin/sh
|
||
|
|
||
|
export PATH=$PATH:/tailscale/bin
|
||
|
|
||
|
AUTH_KEY="${AUTH_KEY:-}"
|
||
|
ROUTES="${ROUTES:-}"
|
||
|
DEST_IP="${DEST_IP:-}"
|
||
|
EXTRA_ARGS="${EXTRA_ARGS:-}"
|
||
|
USERSPACE="${USERSPACE:-true}"
|
||
|
KUBE_SECRET="${KUBE_SECRET:-tailscale}"
|
||
|
|
||
|
set -e
|
||
|
|
||
|
TAILSCALED_ARGS="--state=kube:${KUBE_SECRET} --socket=/tmp/tailscaled.sock"
|
||
|
|
||
|
if [[ "${USERSPACE}" == "true" ]]; then
|
||
|
if [[ ! -z "${DEST_IP}" ]]; then
|
||
|
echo "IP forwarding is not supported in userspace mode"
|
||
|
exit 1
|
||
|
fi
|
||
|
TAILSCALED_ARGS="${TAILSCALED_ARGS} --tun=userspace-networking"
|
||
|
else
|
||
|
if [[ ! -d /dev/net ]]; then
|
||
|
mkdir -p /dev/net
|
||
|
fi
|
||
|
|
||
|
if [[ ! -c /dev/net/tun ]]; then
|
||
|
mknod /dev/net/tun c 10 200
|
||
|
fi
|
||
|
fi
|
||
|
|
||
|
echo "Starting tailscaled"
|
||
|
tailscaled ${TAILSCALED_ARGS} &
|
||
|
PID=$!
|
||
|
|
||
|
UP_ARGS="--accept-dns=false"
|
||
|
if [[ ! -z "${ROUTES}" ]]; then
|
||
|
UP_ARGS="--advertise-routes=${ROUTES} ${UP_ARGS}"
|
||
|
fi
|
||
|
if [[ ! -z "${AUTH_KEY}" ]]; then
|
||
|
UP_ARGS="--authkey=${AUTH_KEY} ${UP_ARGS}"
|
||
|
fi
|
||
|
if [[ ! -z "${EXTRA_ARGS}" ]]; then
|
||
|
UP_ARGS="${UP_ARGS} ${EXTRA_ARGS:-}"
|
||
|
fi
|
||
|
|
||
|
echo "Running tailscale up"
|
||
|
tailscale --socket=/tmp/tailscaled.sock up ${UP_ARGS}
|
||
|
|
||
|
if [[ ! -z "${DEST_IP}" ]]; then
|
||
|
echo "Adding iptables rule for DNAT"
|
||
|
iptables -t nat -I PREROUTING -d "$(tailscale ip -4)" -j DNAT --to-destination "${DEST_IP}"
|
||
|
fi
|
||
|
|
||
|
wait ${PID}
|