search

tsujamin / hass-addons

108 stars 35 forks source link

`tailscale cert` #28

Closed patlux closed 2 years ago

patlux commented 2 years ago

Is your feature request related to a problem? Please describe.

Not directly with this addon. I just need a valid ssl certificate to access my bitwarden_rs instance on iOS devices, because iOS doesn't accept ssl certificate which are not authorised by a public Certificate Authority.

Describe the solution you'd like

A button which I can click to get a valid ssl certificate or (better) an automated process like the Let's Encrypt addon to get a ssl certificate which executes tailscale cert <domain>.

Describe alternatives you've considered

Execute tailscale cert manually in the command line. But I can't find the the executable when I login via ssh to my hassio instance.

Additional context

https://tailscale.com/kb/1153/enabling-https/

I took a look at https://github.com/tsujamin/hass-addons/blob/main/tailscale/run.sh, but I think it would not be the right place to add tailscale cert, because it's not an argument which I had to pass to the start process. I need a way to just execute tailscale cert once. I don't have deep knowledge in home assistant development, maybe you could provide a clear path for me how to do that, then I would just try it and provide a Pull Request :)

Thank you

tsujamin commented 2 years ago

Hey mate

Just on being unable to find the tailscale binary when you SSH in - its likely its because you've SSH'd into the Docker container of the SSH addon, whereas Tailscale runs in its own Docker container. It should be possible to use docker from your SSH session to enter the tailscale container and run it manually there I think.

On the wider feature - let me have a think. I'm not adverse to adding it but in all honesty I don't have the free time at the moment. You're right that adding some code to run.sh would be the way to go, and it would likely look something like (in pseudocode):

# add the new option to the json files too
if bashio::config.has_value 'generate_certificate_on_startup':
    tailscale cert

The challenge will be how to get that certificate out of the tailscale addon and into wherever you want to use it. This would probably require ssh and docker, in which case manually running it is probably the best solution still.

patlux commented 2 years ago

Hey @tsujamin, thank you for the help. I will take a look at it and hopefully make some progress :)

tsujamin commented 2 years ago

closing as fixed by @patlux in #29