Skip to content

Latest commit

 

History

History
174 lines (114 loc) · 4.08 KB

README.md

File metadata and controls

174 lines (114 loc) · 4.08 KB

Cockpit application to manage Tailscale

"Prompt"

A Cockpit application to manage Tailscale

Screenshot

Development

This repository includes deployment scripts for the Cocpit Tailscale development environment. The easiest to get started is by using the following cloud development environments:

or you can either use a local devsys/almsys, as published here:

Preparation

Install the following packages to develop and build:

$ sudo dnf install -y make npm

and to make the RPM you need:

$ sudo dnf install -y rpm-build gettext libappstream-glib

Cockpit user

If you want to run Cockpit, you need a user with a password:

$ sudo dnf install -y passwd
$ sudo passwd gbraad

After which you can use this user to log in to Cockpit.

Build

To perform a development build:

$ npm run dev

To perform a production build:

$ npm run build

For the RPM package:

$ npm run rpm

Cockpit

After the build, copy contents to /usr/share/cockpit/tailscale, /usr/share/local/cockpit/tailscale or ~/.local/share/cockpit/tailscale.

Link development

For convenience, you can also create a symlink to ~/.local/share/cockpit/tailscale to $PWD/dist. However, you will need to log out and log in because Cockpit caches the page and assets.

To create a link:

$ npm run link

And to remove:

$ npm run unlink

Note: this only works when the current user also logs in. Otherwise, use the tasks linkusr and unlinkusr which uses sudo to create the link in /usr/local/share/cockpit.

Run Cockpit

You can run Cockpit in a container or remote development environment with the following command:

$ npm run cockpit

You will need to use an account with a password to log in.

Origins

If the login fails and you see bad Origin errors, you need to modify the /etc/cockpit/cockpit.conf file and add something like:

[WebService]
Origins=https://jqgnyj-9090.csb.app

The example shows CodeSandbox. For Gitpod this might look like this:

[WebService]
Origins=https://9090-spotsnel-cockpittailsca-57e5sbbb0zb.ws-us100.gitpod.io

Tailscale systemd image

You can run this as part of spotsnel/tailscale-systemd container image to deploy this inside a Podman machine or similar:

$ tailscale ssh podmandesktop / podman exec -it tailscale-system bash
# dnf install -y cockpit passwd
# systemctl enable --now cockpit.socket
# curl -L https://github.com/spotsnel/cockpit-tailscale/releases/download/v0.0.1/cockpit-tailscale-v0.0.1.tar.gz -o dist.tar.gz
# tar zxvf dist.tar.gz 
# mkdir /usr/local/share/cockpit
# mv dist /usr/local/share/cockpit/tailscale
# passwd root
# tailscale up --ssh

Now you can access the remote cockpit from another host by 'add new host'. Note: remote hosts get authenticated over SSH. If you have conflicts, like on WSL, you can serve on localhost instead.

/etc/systemd/system/cockpit.socket.d/listen.conf

[Socket]
ListenStream=
ListenStream=127.0.0.1:9090
FreeBind=yes

Note: the blank ListenStream is intentional as it resets the parameter.

Now set up the forward from the Tailscale client to open port 9090:

# tailscale serve tcp:9090 tcp://localhost:9090
# systemctl daemon-reload
# systemctl restart cockpit.socket

Now you can navigate to the Tailscale IP:

# tailscale ip -4
100.113.113.114

Open https://100.113.113.114:9090.

Authors

"Gerard Braad"
@gbraad