Skip to content

spr-networks/spr-tailscale

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

93 Commits
.github/workflows
.github/workflows
 
 
code
code
 
 
frontend
frontend
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
build_docker_compose.sh
build_docker_compose.sh
 
 
docker-compose.yml
docker-compose.yml
 
 
install.sh
install.sh
 
 
plugin.json
plugin.json
 
 

Repository files navigation

spr-tailscale

image

About

Integrate Tailscale with SPR. It provides connectivity between Tailscale and SPR devices using SPR's Microsegmentation.

image

Overview

The plugin runs a container with Tailscale for routing between SPR and Tailscale peers. It provides connectivity in several ways.

  1. Users can now assign SPR Devices to the tailnet group to get access to all Tailscale peers
  2. Assign a Tailscale peer to a SPR Group, to give selective access from that peer to the SPR Device. It advertises a route but the firewall only allows a specific IP.
  3. Configure the container as an exit node for Tailscale. This allows Tailscale peers to access the SPR API as well as the internet via the container.

Technical Details

  1. This runs in a container with a custom interface bridge, 'spr-tailscale'
  2. The interface bridge is configured in the container firewall rules to have 'api', 'dns', and 'wan' access. By default it does not see other SPR devices
  3. Make sure to visit the Tailscale UI to accept peer routes also, after configuring a Peer with a custom group.

UI Setup

  1. Under plugins, add https://github.com/spr-networks/spr-tailscale.

  2. After the installation has finished, navigate to the bottom of the left hand menu and look for 'spr-tailscale'

  3. Generate a tailscale auth key, and copy it into the UI presented

  4. All done, now configure Tailscale Peers as needed

  5. If you want to grant a SPR device to all Tailscale peers, add it to the tailnet group.

Command Line Setup

  1. go to the SUPER directory under the plugins/ folder and clone this repository
cd /home/spr/super/plugins/
git clone https://github.com/spr-networks/spr-tailscale
cd spr-tailscale

  1. Generate an API token in the SPR API (under Auth), and a tailscale auth key

  2. Run the install script

./install.sh

Usage

To share all tailscale access with SPR devices, add the SPR devices to the 'tailnet' group.

To update custom groups for tailscale peers, edit the config.json in configs/. See the TailscalePeer struct

type TailscalePeer struct {
	NodeKey  string
	IP       string
	Policies []string
	Groups   []string
	Tags     []string //unused for now
}

type Config struct {
	TailscaleAuthKey  string
	APIToken          string
	AdvertiseExitNode bool
	Peers             []TailscalePeer
}

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

6 tags

Packages 1

 

Contributors 2

  •  
  •  

Languages