search

termux / termux-packages

A package build system for Termux.
https://termux.dev
Other
12.99k stars 2.99k forks source link

Tailscale #10166

Open alensiljak opened 4 years ago

alensiljak commented 4 years ago

Package description

Tailscale service helps build mesh VPN networks using WireGuard. The clients are available for Linux (with the mobile client in development). In more detail: https://tailscale.com/blog/how-tailscale-works/

Link to home page and sources

  1. Home page: https://tailscale.com/
  2. Source code: https://github.com/tailscale/tailscale

Additional information Have you compiled or tried to compile the package on device? No.

alensiljak commented 4 years ago

Staticly-linked binaries available at https://pkgs.tailscale.com/stable/#static, including ARM and ARM64.

normanr commented 4 years ago

I doubt termux would be able to create the wireguard interfaces, etc. You may be more interested in following https://github.com/tailscale/tailscale/issues/285

Grimler91 commented 4 years ago

@normanr controlling interfaces works fine with wireguard-tools, on rooted devices with the wireguard kernel module

ihsakashi commented 3 years ago

I support this package request. I don't think Tailscale can use the Wireguard kernel module. It uses wireguard-go.

FarisZR commented 1 year ago

Tailscale supports Userspace networking https://tailscale.com/kb/1112/userspace-networking/

DeicPro commented 1 year ago

Tailscale support Userspace networking https://tailscale.com/kb/1112/userspace-networking/

Works like a charm to convert my phone in an exit node without the app (and the Android VPN connection). Thank you!

# Here is a how-to for armv8, it's non-root, just in case.

Installation

  1. Download and extract package: 
    curl -fsSL https://pkgs.tailscale.com/stable/tailscale_1.36.2_arm64.tgz | tar xzv
  2. Move binaries and set permissions: 
    mv tailscale_1.36.2_arm64/{tailscale,tailscaled} . && chmod 700 {tailscale,tailscaled} && rm -r tailscale_1.36.2_arm64

First run

  1. Run tailscale daemon: 
    ./tailscaled -tun userspace-networking &
  2. Link your account and setting up tailscale as exit node: 
    ./tailscale up && ./tailscale set --advertise-exit-node
  3. Go to https://login.tailscale.com/admin/machines > (click your device) > Machine settings > Edit route settings... > Turn on "Use as exit node"

# In next sessions you can simply run the daemon command as in step 1 and nothing more.

worldofgeese commented 1 year ago

@DeicPro this didn't work for me: 

~ $ ./tailscaled -tun userspace-networking &
[2] 24287
~ $ logtail started
Program starting: v1.36.2-t9450812f7-g622a25149, Go 1.19.4-tsdc0ce6324d: []string{"./tailscaled", "-tun", "userspace-networking"}
LogID: dcff35d155acaaa349538ba71805206f64ab5bf410f261a4b8fa41a57a643681
logpolicy: using system state directory "/data/data/com.termux/files/home/.local/share/tailscale"
flushing log.
logger closing down
logtail: dial "log.tailscale.io:443" failed: dial tcp: lookup log.tailscale.io on [::1]:53: read udp [::1]:43950->[::1]:53: read: connection refused (in 1ms), trying bootstrap...
trying bootstrapDNS("derp9.tailscale.com", "207.148.3.137") for "log.tailscale.io" ...
logtail: upload: log upload of 687 bytes compressed failed: Post "https://log.tailscale.io/c/tailnode.log.tailscale.io/90a76b1e96a30f21fd5e981981b695471876641eedc8541b4d9356ac9e79516a": context canceled
getLocalBackend error: monitor.New: route ip+net: netlinkrib: permission denied
stevenxxiu commented 1 year ago

@worldofgeese I needed root to get past the error.

First download the latest version in https://pkgs.tailscale.com/stable/#static.

The following worked for me. I use Nushell here but switch to your syntax and preferred directories.

$ sudo tailscaled -tun userspace-networking -statedir ~/.local/share/tailscale/tailscaled.state -socket $'($env.PREFIX)/var/run/tailscale/tailscaled.sock'

Then in another terminal:

$ sudo tailscale --socket $'($env.PREFIX)/var/run/tailscale/tailscaled.sock' up
kb-1000 commented 9 months ago

Something that might be interesting to think about is supporting the tailscale CLI (so for example funnel) together with the android app, which could work without root. Though the app would likely need changes to support that.

YCJDWCJI commented 8 months ago

./tailscaled -tun userspace-networking

doesn't work for me, seems to be a new issue caused by Android 11, may require ROOT:

netmon.New: route ip+net: netlinkrib: permission denied
YCJDWCJI commented 8 months ago

@worldofgeese I needed root to get past the error.

First download the latest version in https://pkgs.tailscale.com/stable/#static.

The following worked for me. I use Nushell here but switch to your syntax and preferred directories.

$ sudo tailscaled -tun userspace-networking -statedir ~/.local/share/tailscale/tailscaled.state -socket $'($env.PREFIX)/var/run/tailscale/tailscaled.sock'

Then in another terminal:

$ sudo tailscale --socket $'($env.PREFIX)/var/run/tailscale/tailscaled.sock' up

If using Termux and ROOT (su):

sudo ./tailscaled -tun userspace-networking --state=$PREFIX/var/lib/tailscale/tailscaled.state -socket $PREFIX/var/run/tailscale/tailscaled.sock --port=41641 &
sudo ./tailscale --socket $PREFIX/var/run/tailscale/tailscaled.sock up # --login-server=https://your-domain:443

perfect solution should be to use Magisk module: anasfanani/Magisk-Tailscaled.

stevenxxiu commented 8 months ago

Using a Magisk module does have downsides and is definitely not "perfect". It depends on the authors updating their module, requires a wrapper around it. Using Termux itself is enough. It only requires root, setting up a service if you want, Tailscale itself.

AgentConDier commented 6 months ago

I've been using self-built tailscale without root in userspace networking mode for ages. Works like a charm on both Android 10 and 12.

# Prepare
cd "$HOME"
pkg install golang

# Build tailscale
git clone https://github.com/tailscale/tailscale --depth=1
cd tailscale
go install tailscale.com/cmd/tailscale{,d}

# Cleanup
cd "$HOME"
rm -rf tailscale
chmod -R u+w go/pkg
rm -rf go/pkg
rm -r .cache/go-build/
apt purge golang

# To use it, add /data/data/com.termux/files/home/go/bin to $PATH
# Usage example:
# alias tailscale='tailscale --socket /data/data/com.termux/files/usr/run/tailscaled.sock'
# alias tailscaled='tailscaled --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 --socket /data/data/com.termux/files/usr/run/tailscaled.sock --statedir /data/data/com.termux/files/home/.config/tailscale/'

A package would be appreciated, the build doesn't work currently because go >= 1.22.0 is required.

mattalxndr commented 6 months ago

I've been using self-built tailscale without root in userspace networking mode for ages. Works like a charm on both Android 10 and 12.

# Prepare
cd "$HOME"
pkg install golang

# Build tailscale
git clone https://github.com/tailscale/tailscale --depth=1
cd tailscale
go install tailscale.com/cmd/tailscale{,d}

# Cleanup
cd "$HOME"
rm -rf tailscale
chmod -R u+w go/pkg
rm -rf go/pkg
rm -r .cache/go-build/
apt purge golang

# To use it, add /data/data/com.termux/files/home/go/bin to $PATH
# Usage example:
# alias tailscale='tailscale --socket /data/data/com.termux/files/usr/run/tailscaled.sock'
# alias tailscaled='tailscaled --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 --socket /data/data/com.termux/files/usr/run/tailscaled.sock --statedir /data/data/com.termux/files/home/.config/tailscale/'

A package would be appreciated, the build doesn't work currently because go >= 1.22.0 is required.

How does this get around the route ip+net: netlinkrib: permission denied issue?

Tried your params on the static files from https://pkgs.tailscale.com/stable/tailscale_1.60.1_arm64.tgz without sudoing and got the same error:

$ ./tailscaled --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 --socket /data/data/com.termux/files/usr/run/tailscaled.sock --statedir /data/data/com.termux/files/home/.config/tailscale/
2024/03/04 19:21:41 netmon.New: route ip+net: netlinkrib: permission denied
AgentConDier commented 6 months ago

How does this get around the route ip+net: netlinkrib: permission denied issue?

I've never seen that error on my end. I'm assuming that's either because when you build the beta on-device it automatically recognizes android and uses some kind of workaround, or I got lucky with my vendor specific android versions (Tried it on Huawei Emui 12 / Android 10 and Samsung Android 12).

I think the former is more likely though; it seems my tailscaled is using some android-specific route API:

[…]
interfaces: found Android default route 10.147.81.165
monitor: gateway and self IP changed: gw=10.147.81.165 self=10.147.81.165
post-rebind ping of DERP region 4 okay
post-rebind ping of DERP region 4 okay