Issue with Tailscale running in docker

    Intent: Use rsync via tailscale to backup my data drives to an offsite machine.


    I have two machines running omv7

    1) home NAS

    2) backup NAS


    When both machines are on my LAN the RSYNC service works perfectly.

    I use a Remote PUSH with the following Destination server

    root@192.168.1.99::RBackups

    ( I know using root isn't recommended, I just wanted to make sure I wasn't encountering permissions issues.)


    I am running tailscale in a docker container on each machine with the following yaml


    services:

    tailscale:

    restart: unless-stopped

    image: tailscale/tailscale:latest

    network_mode: host

    environment:

    - TS_AUTHKEY=tskey-auth-XXXXXXXXXXXXX

    - TS_ACCEPT_DNS=true # accept DNS

    - TS_HOSTNAME=omvXXXXXXXXX

    - TS_STATE_DIR=/var/lib/tailscale # location in container for persistent data

    volumes:

    - /mnt/main/docker/data/tailscale:/var/lib/tailscale


    Both omv servers appear on my Tailnet and are reachable from my home pc via the Tailscale ip address.





    Both OMV machines are reachable on their Tailscale IP address, and I can get to the regular OMV login page.

    Ping from cmd prompt also work.

    (redacted Tailscale ip's below)


    BUT

    When I change the rsync destination

    from root@192.168.1.99::RBackups

    to root@100.xx.xx.xx::RBackups


    the rsync fails with the following:

    Please wait, syncing xxxxxxxxxx/Backups/> to <root@100.xx.xx.xx::RBackups> ...

    rsync: [sender] failed to connect to 100.xx.xx.xx(100.xx.xx.xx): Connection timed out (110)
    rsync error: error in socket IO (code 10) at clientserver.c(139) [sender=3.2.7]
    ERROR: The synchronisation failed.

    END OF LINE


    when I SSH into either omv server, I cannot ping the other omv server on their Tailscale IP addresses.

    Ping from my home_pc works to both Tailscale IP addresses.


    Questions:

    Is there a config setting in my docker config that I'm missing?

    Am I going about this the wrong way?



    I've seen the Wireguard plugin mentioned, but I would prefer using docker for a few reasons:

    I will be moving the remote server between a couple of family members homes.

    I don't want to mess around with port forwarding and dynamic dns at multiple locations

    I like the idea of using a docker container to keep my base omv install minimal.

    So if i want to change dump a service later, I just drop the container.

  • crashtest

    Approved the thread.

    I don't know the answer, but have you tried the 'magicdns' and 'ssh' option in Tailscale dashboard?


    I will say, I've been using Pi-hole and 'Magicdns' and had problems, there is a document on the Tailscale site.


    Here is a tutorial on running 2 pi-holes and syncing via tailscale article

    Why not try Tailscalled on bare metal? I do this zero problems on two OMV systems but I don't use it to rysnc.

    Inwin MS04 case with 315 W PSU

    ASRock B660M-ITX board

    Two port PCI-E SATA card

    16GB Kingston DDR4

    Intel 12th gen i5 12400

    Crucial M.2 1 TB OS drive

    4x4TB WD Red NAS drives + 1x4TB + 1x5TB Seagate drives - MergerFS pool

    Seagate 5TB USB drives - SnapRAID parity x 2

    Quote from johnvick

    Why not try Tailscalled on bare metal? I do this zero problems on two OMV systems but I don't use it to rysnc.

    Yeah, I have been playing around with thing to try and get this working.


    I installed tailscale baremetal on the local omv machine as per instructions here

    Install Tailscale on Debian Bookworm · Tailscale Docs
    Install the Tailscale client on Debian Bookworm.
    tailscale.com


    and managed to get docker working on remote machine by running the tailscale up command from here

    Kommentar von DaSnipezu „How to set up tailscale“
    Entdecke dieses Gespräch und mehr aus der Community OpenMediaVault
    www.reddit.com

    docker exec -it tailscale tailscale up


    but no luck in getting docker to docker config operational.

    But happy enough with the current setup as it is working.

    I have a long enough list of other things to do that I can park this for later. (if ever :) )

    I got the rsync plugin pushing from OMV to Synology through tailscale.


    My first step was getting the Rsync task to push correctly to the Synology NAS on my local network.


    I created a shared folder (backup) on the Synology NAS and a rsync user (svc-rsync) with the necessary folder and application privileges on the Synology NAS. I also created a shared folder in OMV (backup).

    Then, I created a task in the OMV rsync plugin service that pushes to the Synology NAS shared folder I set up. I used the rsync username (svc-rsync) in the destination server URL. The password is set to the rsync user password.

    Initial Rsync task

    Type: Remote

    Mode: Push

    Source shared folder: backup [on primary, backup/]

    Destination Server: rsync://svc-rsync@192.168.0.100/backup


    After that was working, I installed the Synology Tailscale application and followed the Tailscale Synology set up guide.

    Then, I installed the tailscale docker file and connected it to my account.

    Compose File

    After starting the container, I ssh-ed to OMV and ran docker container exec -it tailscale tailscale up and logged in to tailscale.


    After the container was up and connected, I checked my online tailscale console to make sure I had the correct ACL tags assigned to OMV and Synology. I also added an ACL in Tailscale, allowing OMV and Synology to communicate.

    Code
    "acls": [
  {
    "action": "accept",
    "src": ["tag:omv", "tag:synologynas"],
    "dst": ["tag:omv:*", "tag:synologynas:*"]
  }
]

    I tried pinging the synology nas from OMV through the tailnet using the nas IP and then its tailnet domain name. Both worked, so I changed the rsync task destination server URL and tried a test run.

    Final Rsync Task

    Type: Remote

    Mode: Push

    Source shared folder: backup [on primary, backup/]

    Destination Server: rsync://svc-rsync@synologynas.tailnet.ts.net/backup


    It worked!

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!

Register Yourself Login