blob: f0033f086e6ef3d073cdcce855a5803591b01903 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
#!/bin/sh /etc/rc.common
# Copyright 2020 Google LLC.
# Copyright (C) 2021 CZ.NIC z.s.p.o. (https://www.nic.cz/)
# SPDX-License-Identifier: Apache-2.0
USE_PROCD=1
START=80
export TS_NO_LOGS_NO_SUPPORT=true
start_service() {
local state_file
local port
local std_err std_out
config_load tailscale
config_get_bool std_out "settings" log_stdout 1
config_get_bool std_err "settings" log_stderr 1
config_get port "settings" port 41641
config_get state_file "settings" state_file /etc/tailscale/tailscaled.state
config_get fw_mode "settings" fw_mode nftables
/usr/sbin/tailscaled --cleanup
procd_open_instance
procd_set_param command /usr/sbin/tailscaled
# Starting with v1.48.1 ENV variable is required to enable use of iptables / nftables.
# Use nftables by default - can be changed to 'iptables' in tailscale config
procd_set_param env TS_DEBUG_FIREWALL_MODE="$fw_mode"
# Disable logging to log.tailscale.com
procd_set_param env TS_NO_LOGS_NO_SUPPORT=true
# Set the port to listen on for incoming VPN packets.
# Remote nodes will automatically be informed about the new port number,
# but you might want to configure this in order to set external firewall
# settings.
procd_append_param command --port "$port"
procd_append_param command --state "$state_file"
procd_set_param respawn
procd_set_param stdout "$std_out"
procd_set_param stderr "$std_err"
procd_close_instance
}
stop_service() {
/usr/sbin/tailscaled --cleanup
}
|
