Open signalpillar opened 1 month ago
signalpillar
commented
1 month ago Ok, I guess, it's obvious that setting config:set TS_SERVE_CONFIG won't work as I need explicitly pass the e-var in the docker call in the tailscale_attach function.
Attempt 2 :)
signalpillar
commented
1 month ago Looks like this one works. At least I can see the label Funnel but the host is not accessible outside of the tailscale network.
diff --git a/functions b/functions
index 3780f5b..5a8ce9c 100644
--- a/functions
+++ b/functions
@@ -72,6 +72,7 @@ tailscale_attach() {
( ! tailscale_is_enabled ) && return
local authkey="$(config_get --global TS_AUTHKEY)"
+ local tsServeConfig="$(config_get --global TS_SERVE_CONFIG)"
[[ -z "$authkey" ]] && dokku_log_fail "Set the TS_AUTHKEY with dokku config:set --global"
local storage_directory="${DOKKU_LIB_ROOT}/data/tailscale/${APP}"
@@ -84,6 +85,7 @@ tailscale_attach() {
--env TS_AUTHKEY="${authkey}" \
--env TS_EXTRA_ARGS="--advertise-tags=tag:dokku" \
--env TS_STATE_DIR=/var/lib/tailscale \
+ --env TS_SERVE_CONFIG=${tsServeConfig:-""} \
--volume "${storage_directory}":/var/lib/tailscale \
--volume /dev/net/tun:/dev/net/tun \
--cap-add=NET_ADMIN \
Ok, my ACL wasn't correct so the funnel works.
I think, it's not the change you would like to see. The new config is global, the JSON file is not managed by the plugin.
Hi @andrew-womeldorf
First of all, thank you for this amazing plugin and very helpful README. The service part works great. I am trying to get one of the dokku apps exposed via funnel.
Could you please advise what would be the simplest way to add funnel support?
I see that according to the docs I could set
TS_SERVE_CONFIGso it points to a JSON file where the following snippet is added (based on guide)I could put this JSON file in the
/var/lib/dokku/data/tailscale/$APP_NAME. It will be mounted in tailscale container. It's not clear whether settingTS_SERVE_CONFIG=/var/lib/tailscale/with-funnel-enabled.jsonwill be picked by the sidecar container.So far, I will try it this way.
Thank you