0.1.6

RouterOS 7.6, Tailscale 1.32.0. Add container registry option. Container password as env option. Enable upgrade functionality using Tailscale API.
2025-08-31 15:09:31 +02:00 · 2022-10-25 18:52:32 +10:00 · 2022-10-25 18:52:32 +10:00 · c7f5f36486
commit c7f5f36486
parent 0c26e89f66
5 changed files with 107 additions and 45 deletions
--- a/tailscale.sh
+++ b/tailscale.sh
@ -1,11 +1,19 @@
 #!/bin/bash

+set -m
+
+# Enable IP forwarding
+echo 'net.ipv4.ip_forward = 1' | tee -a /etc/sysctl.conf
+echo 'net.ipv6.conf.all.forwarding = 1' | tee -a /etc/sysctl.conf
+sysctl -p /etc/sysctl.conf
+
 # Prepare run dir
 if [ ! -d "/var/run/sshd" ]; then
  mkdir -p /var/run/sshd
 fi

-set -m
+# Set root password
+echo "root:${PASSWORD}" | chpasswd

 # Install routes
 IFS=',' read -ra SUBNETS <<< "${ADVERTISE_ROUTES}"
@ -13,11 +21,28 @@ for s in "${SUBNETS[@]}"; do
  ip route add "$s" via "${CONTAINER_GATEWAY}"
 done

+# Check if this is first-time container startup
+if [ ! -f "/var/run/tailscale.sh.pid" ]; then
+	# Delete all the old devices with this hostname.
+	IDS=$(curl -sSL "https://api.tailscale.com/api/v2/domain/${DOMAIN}/devices" -u "${API_KEY}:" | jq -r '.[][]  | select(.hostname == "'${HOSTNAME}'") | .id' || echo "")
+	while IFS= read -r id; do
+		if [[ ! -z "$id" ]]; then
+			echo "deleting tailscale device: $id";
+			curl -sSL -XDELETE  -u "${API_KEY}:" "https://api.tailscale.com/api/v2/device/$id";
+		fi
+	done <<EOL
+$IDS
+EOL
+fi
+
+echo $$ >/var/run/tailscale.sh.pid
+
 # Start tailscaled and bring tailscale up 
 /usr/local/bin/tailscaled &
 until /usr/local/bin/tailscale up \
-	--authkey=${AUTH_KEY} \
-	--advertise-routes="${ADVERTISE_ROUTES}"
+  --reset --authkey=${AUTH_KEY} \
+	--advertise-routes="${ADVERTISE_ROUTES}" \
+  ${TAILSCALE_ARGS}
 do
    sleep 0.1
 done