Skip to content

dgiunta/heroku-buildpack-tailscale

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
bin
bin
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
heroku-18.tgz
heroku-18.tgz
 
 
heroku-20.tgz
heroku-20.tgz
 
 
heroku-22.tgz
heroku-22.tgz
 
 

Repository files navigation

Tailscale Buildpack for Heroku

This Buildpack adds configuration to connect a running heroku dyno to your tailscale network.

Tailscale's instructions for getting it working on Heroku are setup to work with a Docker-based deployment in Heroku. This repo accomplishes those same installation instructions in buildpack form in the event that you are running your application on heroku in a non-Docker-based setup.

You'll still want to follow Step 1 of Tailscale's instructions (ie - create an auth token and install it in your app's ENV vars as TAILSCALE_AUTHKEY).

After that you'll add this repo as an additional buildpack in your environment, and you should be all set.

Other ENV vars that can be set:

var name values description
DISABLE_TAILSCALE (default: unset), false, true Prevents tailscale from starting on dyno boot.
TAILSCALE_PROXY_PORT (default: 1055), any number If you want / need to configure the internal port that tailscale uses for the SOCKS proxy it sets up.
TAILSCALE_HOSTNAME (default: heroku-app), short text Text label used to identify your heroku dynos in your tailscale dashboard
TAILSCALE_EXTRA_ARGS (default: unset), short text Additional arguments to the tailscale up command. Useful for passing --accept-routes or --advertise-tags="tag:heroku-dyno" if you're using an OAuth token vs. a personal access token

If you're using an OAuth token, be sure to consult the scopes documentation and descriptions to determine what are the most appropriate scopes for your use case. For most use cases, you will at least need the devices scope in order for your heroku dynos to register themselves as devices and read the list of other devices on your tailnet.

On Dyno startup, if DISABLE_TAILSCALE is set to "true" (or any value other than false or unset), this buildpack will startup tailscaled in userspace-networking mode, which sets up a SOCKS5 proxy as well as an outbound-http-proxy-listener on localhost:1055. This address is set in the ALL_PROXY, HTTP_PROXY and http_proxy environment variables, which is how most HTTP libraries pick up the proxy by default.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages