search

tailscale / tailscale-qpkg

Package Tailscale client in QPKG
MIT License
459 stars 38 forks source link

500 Internal Server Error: no TailscaleVarRoot with tailscale from qpkg #63

Closed chder closed 1 year ago

chder commented 1 year ago

Like #62 I'm still using https://github.com/tailscale/tailscale-qpkg/releases/download/qnap-v1.34.1/Tailscale_1.34.1-1_arm-x41.qpkg

With tailscale up and running, I wanted to get an SSL certificate but instead got an error:

[/share/CACHEDEV1_DATA/.qpkg/Tailscale] # ./tailscale cert nas.actual-tailnet-redacted.ts.net
500 Internal Server Error: no TailscaleVarRoot

Checking how tailscaled was launched:

[/share/CACHEDEV1_DATA/.qpkg/Tailscale] # ps | grep tailsca
13043 admin     25992 S   /share/CACHEDEV1_DATA/.qpkg/Tailscale/tailscaled --port 41641 --state=/share/CACHEDEV1_DATA/.qpkg/Tailscale/state/tailscaled.state --socket=/tmp/tailscale/tailscaled.sock

I see --state is used rather than --statedir and it succeeded in creating a state file.

[/share/CACHEDEV1_DATA/.qpkg/Tailscale] # ls -al /share/CACHEDEV1_DATA/.qpkg/Tailscale/state/
drwxrwxrwx    2 admin    administ      4096 Dec 29 20:32 ./
drwxr-xr-x    4 admin    administ      4096 Dec 29 19:55 ../
-rw-------    1 admin    administ      2250 Dec 29 20:32 tailscaled.state

Checking help:

Usage of ./tailscaled:
...snip...
  -state string
        absolute path of state file; use 'kube:<secret-name>' to use Kubernetes secrets or 'arn:aws:ssm:...' to store in AWS SSM; use 'mem:' to not store state and register as an ephemeral node. If empty and --statedir is provided, the default is <statedir>/tailscaled.state. Default: /var/lib/tailscale/tailscaled.state
  -statedir string
        path to directory for storage of config state, TLS certs, temporary incoming Taildrop files, etc. If empty, it's derived from --state when possible.

The help text suggesting If empty, it's derived from --state when possible but I guess currently it's not possible here yet.

I went ahead and edited my init script and that (after some hopefully unrelated dns troubleshooting) let me request a cert.

[/share/CACHEDEV1_DATA/.qpkg/Tailscale] # diff Tailscale{-original,}.sh
--- Tailscale-original.sh       Fri Dec 16 05:35:01 2022
+++ Tailscale.sh        Thu Dec 29 21:13:23 2022
@@ -20,7 +20,7 @@
           exit 0
         fi
     fi
-    ${QPKG_ROOT}/tailscaled --port 41641 --state=${QPKG_ROOT}/state/tailscaled.state --socket=/tmp/tailscale/tailscaled.sock 2> /dev/null &
+    ${QPKG_ROOT}/tailscaled --port 41641 --statedir=${QPKG_ROOT}/state/ --socket=/tmp/tailscale/tailscaled.sock 2> /dev/null &
     echo $! > /tmp/tailscale/tailscaled.pid
     ;;
[/share/CACHEDEV1_DATA/.qpkg/Tailscale] # ./tailscale cert nas.actual-tailnet-redacted.ts.net
Wrote public cert to nas.actual-tailnet-redacted.ts.net.crt
Wrote private key to nas.actual-tailnet-redacted.ts.net.key

For a little extra confusion and maybe this belongs a bug over on the main repo but /var/lib/tailscale/ is getting created when starting the app. (I stopped, deleted it, and started again to make sure it wasn't left over from testing older community packages)

[/share/CACHEDEV1_DATA/.qpkg/Tailscale] # ls -al /var/lib/tailscale/tailscaled.log.conf
-rw-------    1 admin    administ       209 Dec 29 21:07 /var/lib/tailscale/tailscaled.log.conf

Something logging related seems to save some state and doesn't care that the statedir isn't otherwise set when other features can't auto-select that same directory. And turns out even with statedir the way I changed it, it still writes this log.conf file there.

chder commented 1 year ago

Switching back to the release version didn't seem to have this problem for whatever reason.