A Cockpit application to manage Tailscale
This repository includes deployment scripts for the Cocpit Tailscale development environment. The easiest to get started is by using the following cloud development environments:
- Open in Gitpod workspace
- Open in CodeSandbox
or you can either use a local devsys
/almsys
, as published here:
Install the following packages to develop and build:
$ sudo dnf install -y make npm
and to make the RPM you need:
$ sudo dnf install -y rpm-build gettext libappstream-glib
If you want to run Cockpit, you need a user with a password:
$ sudo dnf install -y passwd
$ sudo passwd gbraad
After which you can use this user to log in to Cockpit.
To perform a development build:
$ npm run dev
To perform a production build:
$ npm run build
For the RPM package:
$ npm run rpm
After the build, copy contents to /usr/share/cockpit/tailscale
, /usr/share/local/cockpit/tailscale
or ~/.local/share/cockpit/tailscale
.
For convenience, you can also create a symlink to ~/.local/share/cockpit/tailscale
to $PWD/dist
. However, you will need to log out and log in because Cockpit caches the page and assets.
To create a link:
$ npm run link
And to remove:
$ npm run unlink
Note: this only works when the current user also logs in. Otherwise, use the tasks
linkusr
and unlinkusr
which uses sudo
to create the link in /usr/local/share/cockpit
.
You can run Cockpit in a container or remote development environment with the following command:
$ npm run cockpit
You will need to use an account with a password to log in.
If the login fails and you see bad Origin
errors, you need to modify the /etc/cockpit/cockpit.conf
file and add something like:
[WebService]
Origins=https://jqgnyj-9090.csb.app
The example shows CodeSandbox. For Gitpod this might look like this:
[WebService]
Origins=https://9090-spotsnel-cockpittailsca-57e5sbbb0zb.ws-us100.gitpod.io
You can run this as part of spotsnel/tailscale-systemd container image to deploy this inside a Podman machine or similar:
$ tailscale ssh podmandesktop / podman exec -it tailscale-system bash
# dnf install -y cockpit passwd
# systemctl enable --now cockpit.socket
# curl -L https://github.com/spotsnel/cockpit-tailscale/releases/download/v0.0.1/cockpit-tailscale-v0.0.1.tar.gz -o dist.tar.gz
# tar zxvf dist.tar.gz
# mkdir /usr/local/share/cockpit
# mv dist /usr/local/share/cockpit/tailscale
# passwd root
# tailscale up --ssh
Now you can access the remote cockpit from another host by 'add new host'.
Note: remote hosts get authenticated over SSH. If you have conflicts, like on WSL, you can serve on localhost
instead.
/etc/systemd/system/cockpit.socket.d/listen.conf
[Socket]
ListenStream=
ListenStream=127.0.0.1:9090
FreeBind=yes
Note: the blank ListenStream
is intentional as it resets the parameter.
Now set up the forward from the Tailscale client to open port 9090
:
# tailscale serve tcp:9090 tcp://localhost:9090
# systemctl daemon-reload
# systemctl restart cockpit.socket
Now you can navigate to the Tailscale IP:
# tailscale ip -4
100.113.113.114
Open https://100.113.113.114:9090.
@gbraad |