← Articles Software / Tailscale

Tailscale

セットアップと最低限の最適化。

Install

curl -fsSL https://tailscale.com/install.sh | sh

通常

sudo tailscale up

SSH + Exit Node

tailscale up --accept-dns --accept-routes --advertise-exit-node --ssh

Exit Node forwarding

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf
sudo sysctl -p /etc/sysctl.d/99-tailscale.conf

最適化

Tailscale SSH 接続後に実行。

UFW

sudo apt-get update
sudo apt-get install -y ufw
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow out 443/tcp    comment 'tailscale control/derp https'
sudo ufw allow out 80/tcp     comment 'tailscale http fallback (optional)'
sudo ufw allow out 3478/udp   comment 'tailscale STUN'
sudo ufw allow out 41641/udp  comment 'tailscale wireguard'
sudo ufw allow in 41641/udp   comment 'tailscale wireguard inbound (optional)'
sudo ufw enable