[RELEASE] TAILMON v1.0.10 -May 12, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (Now available in AMTM!)

[XIII]

I'm sorry, I have been editing my last post without reloading, so I did not see any reply yet...

 

[Viktor Jaep]

I'm sorry, I have been editing my last post without reloading, so I did not see any reply yet...

Let me know if you have a better experience this time.

 

[XIII]

Everything seems much better on my side now.

Tip for people that are also converting from the manual setup to this script: I had to (re)approve my advertised route in the Tailscale admin console (web) for my ASUS router to act as a Tailscale subnet router.

 

[phneeley]

Fantastic work, all!

I’m a big fan of Tailscale and have it on my personal devices, desktop, several SBCs, and my Apple TVs. I have several subnet routes running through the latter, and I can optionally turn on exit nodes. Outside the home, my phone connects through VPN On-Demand and I use AdGuard through two of the SBCs.

So, the question: is there any significant benefit to running TS directly on the router? If there Is a benefit, I may try this out. If no significant benefit over the current setup, seems better not to mess with my router, even though I admit the urge to tinker might end up getting the best of me

 

[jksmurf]

So, the question: is there any significant benefit to running TS directly on the router?

My primary driver for installing Tailscale was due to an ISP offering only CGNET, so a subnet router was needed to get around this.
I originally attached a RPi3 running TS as a subnet router, to the Router to gain access to the Router remotely (9k kms away).

Worked fine, but I read the RPi (even 4) was a bit underpowered and then thought to add a thin client (Wyse 5070 with DietPi running Tailscale); but all these take power and are additional devices hanging around looking ugly (WAF), so I thought to add an AppleTV (mine at home works fine as a subnet Router too). But then I read the iOS devices did not run quite as efficiently as those devices running TS natively in the Linux kernel (at least 6.2 and above which the Router is not...). I am not sure this is correct but I am sure someone will correct me if not.

So the end result was, if it can run on the device I actually want to access, and all I need is a USB (SSD) attached, and it can run in Kernel mode, why not give it a whirl (so tinker away ).

I'm absolutely no expert on TS, just a low level user, so hopefully someone with more knowledge and experience can give you hard data on "why".

 

[Crazy]

Thanks was able to install it on my AXE16000. Is there a script to update the version of Tailscale?

 

[jksmurf]

Thanks was able to install it on my AXE16000. Is there a script to update the version of Tailscale?

Ostensibly it gets updated with entware updates (and @ColinTaylor has requested them to update it).

So officially, nope, not at this stage, but per the wiki, you can do it ... even though it is not recommended.

I have updated it with no problems, touch wood. Don't forget to restart S06tailscaled.

See the section "Updating Tailscale (or not)"

 

[XIII]

I think I solved this in my manual setup, but I can't remember how... Tips?

# Health check:
#     - Linux DNS config not ideal. /etc/resolv.conf overwritten. See https://tailscale.com/s/dns-fight

That file is overwritten by the NextDNS CLI with this contents:

nameserver 45.90.28.xx
nameserver 45.90.30.yy

 

[jksmurf]

I think I solved this in my manual setup, but I can't remember how... Tips?

# Health check:
#     - Linux DNS config not ideal. /etc/resolv.conf overwritten. See https://tailscale.com/s/dns-fight

This error came up in testing. @ColinTaylor noted:

You can ignore that message. It appears when you're using kernel mode and you restart dnsmasq.

 

[Viktor Jaep]

Thanks was able to install it on my AXE16000. Is there a script to update the version of Tailscale?

This item is on my to-do list to offer through the interface in the near future...

 

[Rajjco]

Tried it on my AX11000 works perfectly.

One thing I noticed is LAN access is enabled by default. Anyway to disable LAN access when router is set as an exit node?

 

[Tadas]

Hi, working thanks on router ax86u, how can we change basic command for self hosted users default is: Tailscale Connection Commandline --advertise-exit-node --advertise-routes=192.168.50.0/24 but i want connect to my own server?

 

[ColinTaylor]

One thing I noticed is LAN access is enabled by default. Anyway to disable LAN access when router is set as an exit node?

You could leave Tailscale on the router configured for LAN access but enable or disable that ability in the admin console. Go to ... > Edit route settings... and "Unapprove" the route.

Hi, working thanks on router ax86u, how can we change basic command for self hosted users default is: Tailscale Connection Commandline --advertise-exit-node --advertise-routes=192.168.50.0/24 but i want connect to my own server?

I don't understand what you're asking. Can you give an example scenario?

 

[Viktor Jaep]

Hi, working thanks on router ax86u, how can we change basic command for self hosted users default is: Tailscale Connection Commandline --advertise-exit-node --advertise-routes=192.168.50.0/24 but i want connect to my own server?

In case you're asking if you can add your own custom commands... then yes. You would need to change the Operating Mode to "Custom" under the setup/config menu, which lets you have full control over all Tailscale switches. If not, like Colin asked above, please explain further.

 

[phneeley]

I’ve set custom nameservers for my tailnet (the IPs of my AdGuard enabled SBCs) so I can use AdGuard outside the home. If I install Tailscale directly on the router using TAILMON, would it be possible (or would it even be necessary) to set the router to accept-dns=false? Or would the router by default keep using what I have set in the WAN DNS setting?

 

[Tadas]

In case you're asking if you can add your own custom commands... then yes. You would need to change the Operating Mode to "Custom" under the setup/config menu, which lets you have full control over all Tailscale switches. If not, like Colin asked above, please explain further.

Hi, did a trick thank you!

 

[jksmurf]

Hi, did a trick thank you!

Great that it worked out for you.

At the risk of veering slightly OT into Tailscale settings (and there are many) rather than Tailmon usage, would you be able to elaborate on your use-case and the actual custom commands you amended or added; could be useful for others here.

Or was it literally just defining your own server(s), typing a comma-delimited IP list?

Thanks.

 

[Viktor Jaep]

Knocking some items off my to-do list... Enjoy v1.0.6!

What's new?
v1.0.6 - (May 1, 2024)
- PATCH: The Tailscale binary version is now shown in the UI on the Tailscale Service bar/header.
- PATCH: The "Custom (O)peration Mode Settings" item in the Operations Menu is now grayed out if the "Custom" Operations Mode isn't selected. This item will be non-responsive unless "Custom" has been enabled, which will then open the Custom Operation Mode menu, allowing for full control over the Tailscale service switches and connection commandline switches.
- PATCH: A new menu item in the Setup/Configuration menu will now show up if Tailscale has been found to be installed. The new option U(P)date will run the "tailscale update" command, and present the user with the choice to update to the latest available stable Tailscale version. After the update finishes, TAILMON will ask if you would like to reset the Tailscale service/connection (highly recommended), as this action will also sync previous switch settings which are wiped out when an update is installed.
- PATCH: Another new menu item under the Custom Configuration menu has been added to provide TAILMON with a reboot protection option. Item #6 under this menu will add a command to your post-mount file and will launch TAILMON into its own Screen session, providing continued monitoring even after a router reboot occurs.

Download link (or update directly within TAILMON):

curl --retry 3 "https://raw.githubusercontent.com/ViktorJp/TAILMON/master/tailmon.sh" -o "/jffs/scripts/tailmon.sh" && chmod 755 "/jffs/scripts/tailmon.sh"

Significant Screenshots:

The "Custom (O)peration Mode Settings item is now grayed out if you're not using "Custom Operation Mode". Also, the Tailscale binary version number is now displayed on the Tailscale Service header.

If Tailscale is installed, you now have a new U(P)date item under the Setup/Config Menu, It will indicate if there's a new version to download after pressing "P"

Under the configuration options menu, new item #6 gives you reboot protection, and will autostart TAILMON using a Screen session should your router reboot, to ensure Tailscale continues running optimally!

Further detail after pressing item #6:

 

[Rajjco]

Restart Tailscale?
[y/n]: y

Messages:

Executing: tailscale down

error fetching current status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory

Is this error normal?

 

[Viktor Jaep]

Restart Tailscale?
[y/n]: y

Messages:

Executing: tailscale down

error fetching current status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory

Is this error normal?

That error is normal... When it goes through a reset cycle, it starts with bringing down the TS connection first before the service gets shut down. In your case, the service wasn't running either, and thus the error.