Connect to tailscale in systemd unit file

Hi!

I want to connect to tailscale right after OS is booted. For that i created a systemd unit file that looks like this:

[Unit]
Description=Tailscale client
After=tailscaled.service

[Service]
LimitMEMLOCK=infinity
User=root
Group=root
Type=forking
ExecStart=ip vrf exec vrfInternet /usr/local/bin/tailscale up --auth-key [Auth Key] --login-server [Login Server]
ExecStopPost=ip vrf exec vrfInternet /usr/local/bin/tailscale down
Restart=on-failure

[Install]
WantedBy=multi-user.target

When i execute tailscale status on the machine where this unit file is installed it says that “Tailscale is stopped”. But when i connect another machine and do tailscale status there i can see the previous machine in the status. But if i try to connect to it there’s no Rx packets from the first machine.

Then, if i start tailscale up... manually on the first machine – everything starts working. So i assume that problem is in my systemd unit file. Could someone help me to figure out the problem?

I partially figured what was the problem. When systemd unit is of type forking it actually tracks the forks created by ExecStart process(references: 1, 2). As tailscale up doesn’t actually creates any forks, after process is finished systemd executes ExecStopPost, which runs tailscale down.

At the moment i’m using type simple and removed the ExecStopPost directive from the unit file. But it doesn’t feel like a right solution. What if connection fails for some reason – is it a possible scenario when i would actually want to run tailscale down and tailscale up again? Or tailscaled should handle all the problems with connections?