3.9 KiB
Cockpit application to manage Tailscale
A Cockpit application to manage Tailscale
Development
This repo story includes deployment scripts for the Cocpit Tailscale development environment. The easiest to get started is by using the following cloud development environments:
- Open in Gitpod workspace
- Open in CodeSandbox
or you can either use a local devsys
/almsys
, as published here:
Preparation
Install the following packages to develop and build:
$ sudo dnf install -y make npm
and to make the RPM you need:
$ sudo dnf install -y rpm-build gettext libappstream-glib
Cockpit user
If you want to run Cockpit, you need a user with a password:
$ sudo dnf install -y passwd
$ sudo passwd gbraad
After which you can use this user to log in to Cockpit.
Build
To perform a development build:
$ npm run dev
To perform a production build:
$ npm run build
For the RPM package:
$ npm run rpm
Cockpit
After the build, copy contents to /usr/share/cockpit/tailscale
, /usr/share/local/cockpit/tailscale
or ~/.local/share/cockpit/tailscale
.
Link development
For convenience, you can also create a symlink to ~/.local/share/cockpit/tailscale
to $PWD/dist
. However, you will need to log out and log in because Cockpit caches the page and assets.
To create a link:
$ npm run link
And to remove:
$ npm run unlink
Run Cockpit
You can run Cockpit in a container or remote development environment with the following command:
$ npm run cockpit
You will need to use an account with a password to log in.
Origins
If the login fails and you see bad Origin
errors, you need to modify the /etc/cockpit/cockpit.conf
file and add something like:
[WebService]
Origins=https://jqgnyj-9090.csb.app
The example shows CodeSandbox. For Gitpod this might look like this:
[WebService]
Origins=https://9090-spotsnel-cockpittailsca-57e5sbbb0zb.ws-us100.gitpod.io
Tailscale systemd image
You can run this as part of spotsnel/tailscale-systemd container image to deploy this inside a Podman machine or similar:
$ tailscale ssh podmandesktop / podman exec -it tailscale-system bash
# dnf install -y cockpit passwd
# systemctl enable --now cockpit.socket
# curl -L https://github.com/spotsnel/cockpit-tailscale/releases/download/v0.0.1/cockpit-tailscale-v0.0.1.tar.gz -o dist.tar.gz
# tar zxvf dist.tar.gz
# mkdir /usr/local/share/cockpit
# mv dist /usr/local/share/cockpit/tailscale
# passwd root
# tailscale up --ssh
Now you can access the remote cockpit from another host by 'add new host'.
Note: remote hosts get authenticated over SSH. If you have conflicts, like on WSL, you can serve on localhost
instead.
/etc/systemd/system/cockpit.socket.d/listen.conf
[Socket]
ListenStream=
ListenStream=127.0.0.1:9090
FreeBind=yes
Note: the blank ListenStream
is intentional as it resets the parameter.
Now set up the forward from the Tailscale client to open port 9090
:
# tailscale serve tcp:9090 tcp://localhost:9090
# systemctl daemon-reload
# systemctl restart cockpit.socket
Now you can navigate to the Tailscale IP:
# tailscale ip -4
100.113.113.114
Open https://100.113.113.114:9090.
Authors
@gbraad |