fredliang44 / derper-docker Goto Github PK
View Code? Open in Web Editor NEWtailscale‘s selfhosted derp-server docker image
Home Page: https://tailscale.com/kb/1118/custom-derp-servers/
License: GNU General Public License v3.0
derper-docker's People
Contributors
Stargazers
Watchers
Forkers
arbal chenxudong2020 refunc xpzouying toby1991 superng6 bobbych marc1307 luoyi519 sidkang ql-owo-lp wuxingzhong linerg infinityhacks weiweiwitch topabomb shikharbhardwaj mice33 seaeaeagle littlecxm docyc lanneo nowanti jeff-cn qq363 xiangzia 560e jesn viccom mrrfv vmcoud infinitete jartool xupeng techris45 junxy darkswords klsyinghua houance devrify pandaxc12 coinjar seeagood zjpchina lg-yyds 9to5men baymaxxjf navmeshsword royalwang 125hliderper-docker's Issues
启动之后绑定我自己的域名然后通过https://我的域名访问 报错 后台弹出如下错误
Please update README with UDP port mapping
Hi there,
I noticed that the example in README reads:
docker run -e DERP_DOMAIN=derper.your-domain.com -p 80:80 -p 443:443 -p 3478:3478 fredliang/derper
But 3478 port in the docker instance is a UDP port. Please update it. Thanks.
DERP_VERIFY_CLIENTS env option not working
According to the official documentation, if you want to use the DERP_VERIFY_CLIENTS Option on a custom derp server, you need to install a tailscale instance. Does this mean that the existing dockerfile cannot enable the DERP_VERIFY_CLIENTS Option? Because I don’t see the steps to install tailscale in the dockerfile.
official documentation : https://tailscale.com/kb/1118/custom-derp-servers#step-2-adding-derp-servers-to-your-tailnet
fix DERP_CERT_DIR
Can't set DERP_STUN and DERP_VERIFY_CLIENTS to false
derper seems to parse boolean argument solely based on whether the corresponding command line flag exists or not, regardless of its value, so passing in --stun false or --verify-clients false has no effect. We might need to stop passing these flags to derper when DERP_STUN and DERP_VERIFY_CLIENTS are not set to true.
I can't think of a clean way to do this without introducing an entrypoint script. Any ideas?
Issue with `DERP_VERIFY_CLIENTS`
When I enable DERP_VERIFY_CLIENTS and mount the tailscale socket, the log spams:
2024/05/09 13:53:09 derp: 192.168.1.1:33204: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:11 derp: 182.239.114.237:18604: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:22 derp: 39.144.44.249:28107: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:31 derp: 39.144.44.249:28110: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:33 derp: 182.239.114.237:5269: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:33 derp: 39.144.44.249:28111: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:34 derp: 182.239.114.237:5270: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:35 derp: 192.168.1.1:37602: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:46 derp: 39.144.44.249:28120: client 6e6f64656b65793a64623934633866613833303739363332653562646639383030353137623437353539326435376261623463653038343435346162643339646366313763653763 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:48 derp: 192.168.1.1:58130: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:49 derp: 182.239.114.237:18606: client 6e6f64656b65793a64316361636365353235343863303031393437336361393230636439633832616334366630383866323937383536386166326232383666303835656239333662 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:53:56 derp: 192.168.1.1:58136: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:54:04 derp: 192.168.1.1:41912: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
2024/05/09 13:54:12 derp: 192.168.1.1:54770: client 6e6f64656b65793a38363561646163373162613765313461366266646161616666393336356338303233633966353363386134646532386637613536316262306532313562623331 rejected: failed to query local tailscaled status: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: connection refused
Local tailscale is up and running
Command for starting the container:
docker run -d -p 80:80 -p 443:443 -p 3478:3478/udp --name derper --restart=unless-stopped -v ./derper/certs:/app/certs -v /var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock -e DERP_ADDR=":443" -e DERP_VERIFY_CLIENTS=true -e DERP_DOMAIN="derper.my-domain" fredliang/derper
Reverse Proxy
I am trying to run a derper container behind a traefik proxy. I am not sure what I am doing wrong, but my config seems to work until I turn on verification.
Here is my service:
services:
derp:
image: fredliang/derper:latest
container_name: tail-derp
restart: unless-stopped
environment:
DERP_DOMAIN: derper.your-hostname.com
DERP_ADDR: :80
DERP_STUN: 'true'
DERP_STUN_PORT: 3478
DERP_HTTP_PORT: 443
DERP_VERIFY_CLIENTS: 'true'
networks:
- web
labels:
traefik.enable: 'true'
traefik.http.routers.derper.rule: Host(`derper.your-hostname.com`)
traefik.http.routers.derper.tls.certresolver: myresolver
traefik.http.routers.derper.entrypoints: websecure
traefik.http.services.derper.loadbalancer.server.port: 80
traefik.udp.routers.derper.entrypoints: stun
traefik.udp.services.derper.loadbalancer.server.port: 3478Derper is giving me constant errors like:
...
2023/05/28 01:09:27 derp client 172.19.0.19:50580/<id>: read EOF
2023/05/28 01:09:27 derp client 172.19.0.19:50580/<id>: removing connection
...where 172.19.0.19 is the docker IP address of traefik, my reverse proxy. The service is available at https://derper.your-hostname.com and I also get the webpage, but it seems like I am missing something.
Sometimes I also do get errors like this:
...
2023/05/28 00:54:42 derp: 172.19.0.19:55912: client <id> rejected: client nodekey:<node key> not in set of peers
...地址失效了
error name `DERP_HOSTNAME` in Readme
DERP_HOSTNAME in Readme is wrong, should use DERP_DOMAIN
容器无法启动
自己编辑掉,问题主要是docker版本不够高,18和20都跑不了,必须要20.10.23以上版本
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.