mirror of
https://github.com/tailscale/tailscale.git
synced 2026-06-11 21:02:39 +08:00
cb5fa35f57
Some checks failed
checklocks / checklocks (push) Has been cancelled
CodeQL / Analyze (go) (push) Has been cancelled
Dockerfile build / deploy (push) Has been cancelled
CI / gomod-cache (push) Has been cancelled
CI / fuzz (push) Has been cancelled
tailscale.com/cmd/vet / vet (push) Has been cancelled
CI / race-root-integration (1/4) (push) Has been cancelled
CI / race-root-integration (2/4) (push) Has been cancelled
CI / race-root-integration (3/4) (push) Has been cancelled
CI / race-root-integration (4/4) (push) Has been cancelled
CI / test (-race, amd64, 1/3) (push) Has been cancelled
CI / test (-race, amd64, 2/3) (push) Has been cancelled
CI / test (-race, amd64, 3/3) (push) Has been cancelled
CI / test (386) (push) Has been cancelled
CI / test (amd64) (push) Has been cancelled
CI / Windows (${{ matrix.name || matrix.shard}}) (win-bench, benchmarks) (push) Has been cancelled
CI / Windows (${{ matrix.name || matrix.shard}}) (win-shard-1-2, 1/2) (push) Has been cancelled
CI / Windows (${{ matrix.name || matrix.shard}}) (win-shard-2-2, 2/2) (push) Has been cancelled
CI / Windows (win-tool-go) (push) Has been cancelled
CI / privileged (push) Has been cancelled
CI / vm (push) Has been cancelled
CI / cross (386, linux) (push) Has been cancelled
CI / cross (amd64, darwin) (push) Has been cancelled
CI / cross (amd64, freebsd) (push) Has been cancelled
CI / cross (amd64, openbsd) (push) Has been cancelled
CI / cross (amd64, windows) (push) Has been cancelled
CI / cross (arm, 5, linux) (push) Has been cancelled
CI / cross (arm, 7, linux) (push) Has been cancelled
CI / cross (arm64, darwin) (push) Has been cancelled
CI / cross (arm64, linux) (push) Has been cancelled
CI / cross (arm64, windows) (push) Has been cancelled
CI / cross (loong64, linux) (push) Has been cancelled
CI / ios (push) Has been cancelled
CI / crossmin (amd64, illumos) (push) Has been cancelled
CI / crossmin (amd64, plan9) (push) Has been cancelled
CI / crossmin (amd64, solaris) (push) Has been cancelled
CI / crossmin (ppc64, aix) (push) Has been cancelled
CI / android (push) Has been cancelled
CI / wasm (push) Has been cancelled
CI / tailscale_go (push) Has been cancelled
CI / depaware (push) Has been cancelled
CI / go_generate (push) Has been cancelled
CI / go_mod_tidy (push) Has been cancelled
CI / licenses (push) Has been cancelled
CI / staticcheck (${{ matrix.name }}) (--with-tags-all=darwin, arm64, darwin, macOS) (push) Has been cancelled
CI / staticcheck (${{ matrix.name }}) (--with-tags-all=linux, amd64, linux, Linux) (push) Has been cancelled
CI / staticcheck (${{ matrix.name }}) (--with-tags-all=windows, amd64, windows, Windows) (push) Has been cancelled
CI / staticcheck (${{ matrix.name }}) (--without-tags-any=windows,darwin,linux --shard=1/4, amd64, linux, Portable (1/4)) (push) Has been cancelled
CI / staticcheck (${{ matrix.name }}) (--without-tags-any=windows,darwin,linux --shard=2/4, amd64, linux, Portable (2/4)) (push) Has been cancelled
CI / staticcheck (${{ matrix.name }}) (--without-tags-any=windows,darwin,linux --shard=3/4, amd64, linux, Portable (3/4)) (push) Has been cancelled
CI / staticcheck (${{ matrix.name }}) (--without-tags-any=windows,darwin,linux --shard=4/4, amd64, linux, Portable (4/4)) (push) Has been cancelled
CI / notify_slack (push) Has been cancelled
CI / merge_blocker (push) Has been cancelled
CI / check_mergeability_strict (push) Has been cancelled
CI / check_mergeability (push) Has been cancelled
Test that the base image builds and has the right iptables binary linked. Updates #17854 Signed-off-by: Irbe Krumina <irbe@tailscale.com>
88 lines
3.0 KiB
Docker
88 lines
3.0 KiB
Docker
# Copyright (c) Tailscale Inc & AUTHORS
|
|
# SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
# Note that this Dockerfile is currently NOT used to build any of the published
|
|
# Tailscale container images and may have drifted from the image build mechanism
|
|
# we use.
|
|
# Tailscale images are currently built using https://github.com/tailscale/mkctr,
|
|
# and the build script can be found in ./build_docker.sh.
|
|
#
|
|
# If you want to build local images for testing, you can use make.
|
|
#
|
|
# To build a Tailscale image and push to the local docker registry:
|
|
#
|
|
# $ REPO=local/tailscale TAGS=v0.0.1 PLATFORM=local make publishdevimage
|
|
#
|
|
# To build a Tailscale image and push to a remote docker registry:
|
|
#
|
|
# $ REPO=<your-registry>/<your-repo>/tailscale TAGS=v0.0.1 make publishdevimage
|
|
#
|
|
# This Dockerfile includes all the tailscale binaries.
|
|
#
|
|
# To build the Dockerfile:
|
|
#
|
|
# $ docker build -t tailscale/tailscale .
|
|
#
|
|
# To run the tailscaled agent:
|
|
#
|
|
# $ docker run -d --name=tailscaled -v /var/lib:/var/lib -v /dev/net/tun:/dev/net/tun --network=host --privileged tailscale/tailscale tailscaled
|
|
#
|
|
# To then log in:
|
|
#
|
|
# $ docker exec tailscaled tailscale up
|
|
#
|
|
# To see status:
|
|
#
|
|
# $ docker exec tailscaled tailscale status
|
|
|
|
|
|
FROM golang:1.25-alpine AS build-env
|
|
|
|
WORKDIR /go/src/tailscale
|
|
|
|
COPY go.mod go.sum ./
|
|
RUN go mod download
|
|
|
|
# Pre-build some stuff before the following COPY line invalidates the Docker cache.
|
|
RUN go install \
|
|
github.com/aws/aws-sdk-go-v2/aws \
|
|
github.com/aws/aws-sdk-go-v2/config \
|
|
gvisor.dev/gvisor/pkg/tcpip/adapters/gonet \
|
|
gvisor.dev/gvisor/pkg/tcpip/stack \
|
|
golang.org/x/crypto/ssh \
|
|
golang.org/x/crypto/acme \
|
|
github.com/coder/websocket \
|
|
github.com/mdlayher/netlink
|
|
|
|
COPY . .
|
|
|
|
# see build_docker.sh
|
|
ARG VERSION_LONG=""
|
|
ENV VERSION_LONG=$VERSION_LONG
|
|
ARG VERSION_SHORT=""
|
|
ENV VERSION_SHORT=$VERSION_SHORT
|
|
ARG VERSION_GIT_HASH=""
|
|
ENV VERSION_GIT_HASH=$VERSION_GIT_HASH
|
|
ARG TARGETARCH
|
|
|
|
RUN GOARCH=$TARGETARCH go install -ldflags="\
|
|
-X tailscale.com/version.longStamp=$VERSION_LONG \
|
|
-X tailscale.com/version.shortStamp=$VERSION_SHORT \
|
|
-X tailscale.com/version.gitCommitStamp=$VERSION_GIT_HASH" \
|
|
-v ./cmd/tailscale ./cmd/tailscaled ./cmd/containerboot
|
|
|
|
FROM alpine:3.22
|
|
RUN apk add --no-cache ca-certificates iptables iproute2 ip6tables
|
|
# Alpine 3.19 replaced legacy iptables with nftables based implementation.
|
|
# Tailscale is used on some hosts that don't support nftables, such as Synology
|
|
# NAS, so link iptables back to legacy version. Hosts that don't require legacy
|
|
# iptables should be able to use Tailscale in nftables mode. See
|
|
# https://github.com/tailscale/tailscale/issues/17854
|
|
RUN rm /usr/sbin/iptables && ln -s /usr/sbin/iptables-legacy /usr/sbin/iptables
|
|
RUN rm /usr/sbin/ip6tables && ln -s /usr/sbin/ip6tables-legacy /usr/sbin/ip6tables
|
|
|
|
COPY --from=build-env /go/bin/* /usr/local/bin/
|
|
# For compat with the previous run.sh, although ideally you should be
|
|
# using build_docker.sh which sets an entrypoint for the image.
|
|
RUN mkdir /tailscale && ln -s /usr/local/bin/containerboot /tailscale/run.sh
|