sys-tailscale
Tailscale environment in Qubes OS.
Table of Contents
Description
Install Tailscale and use it on the "sys-tailscale" or with any other qube you want to install. The "sys-tailscale" qube can provide network for other qubes, but its clients can only access devices in the tailnet via IP and not via DNS.
Installation
- Top:
sudo qubesctl top.enable sys-tailscale
sudo qubesctl --targets=tpl-sys-tailscale state.apply
sudo qubesctl top.disable sys-tailscale
- State:
sudo qubesctl state.apply sys-tailscale.create
sudo qubesctl --skip-dom0 --targets=tpl-sys-tailscale state.apply sys-tailscale.install
The Tailscale qube requires the Tailscale service to be enabled:
qvm-features QUBE service.tailscale 1
Usage
Authenticate to your Tailnet by following the upstream instructions to generate an auth key for use in automated setups. For interactive setups, get the authorization link from the following command:
sudo tailscale up
On the Tailscale web interface, authorize the new device.
You may want to disable automatic key expiry to avoid having to redo the authentication steps.
There are various functionalities Tailscale provides, consult upstream documentation for more information. There is also an introductory video covering the basics.