search

tailscale / tailscale

The easiest, most secure way to use WireGuard and 2FA.
https://tailscale.com
BSD 3-Clause "New" or "Revised" License
17.06k stars 1.3k forks source link

FR: DNS Provider Integrations (BYODomain) #11655

Open shad0wcrawl3r opened 1 month ago

shad0wcrawl3r commented 1 month ago

What are you trying to do?

Integration of DNS Providers such as Cloudflare onto Tailscale s add DNS entries on a configured domain. The user should be able to use Tailscale to configure their DNS provider using the tailscale CLI.

How should we solve this?

Scenario: I own a domain called example.com, the DNS for the domain is provided by Cloudflare. I have nodes, laptop, desktop, homelab, homenas on my tailnet. Feature After configuring Tailscale with Cloudflare's API Key, I could be allowed to do something like
tailscale dns <provider> add homenas
This will use the Cloudflare API to configure a DNS entry that will resolve the domain homenas.example.com to the homenas node's tailscale IP.

What is the impact of not solving this?

Currently, I need to lookup the IP of the node using Tailscale CLI/GUI and add the corresponding entry to my DNS Provider manually. Then the SSL certificate for the node needs to be generated through acme.sh and implemented on the node using the service's documentation.

Anything else?

No response

bradfitz commented 1 month ago

There are several other related BYODomain issues open, such as #4515