Unable to run TailScale in Synology Docker (DSM7)

Hi
What I’m trying to do is run 2 containers on my Synology NAS.
1st is PiHole with a custom IP to serve the LAN as well as requests coming via TailScale VPN
2nd is TailScale to handle the connections to PiHole via the tailscale VPN

I’m struggling to get tailscale to come up and I’m not sure why it’s erroring.

Here’s what I’ve done so far
I setup a macvlan in docker for the PiHole so it can have a unique LAN IP separate from Synology:

docker network create -d macvlan \
--subnet=192.168.0.0/24 \
--ip-range=192.168.0.201/28 \
--gateway=192.168.0.1 \
-o parent=ovs_bond0 mycustommacvlan

Then I created the PiHole:

docker run -d \
--name pihole \
-h PiHole2 \
--net mycustommacvlan \
-p 53/tcp \
-p 53/udp \
-p 67/udp \
-p 80/tcp \
--ip 192.168.0.200 \
-e ServerIP=192.168.0.200 \
-e PIHOLE_DNS_=1.1.1.1\;8.8.8.8 \
-e DHCP_RAPID_COMMIT=True \
-e DNSMASQ_USER=root \
-e DNSMASQ_LISTENING=local \
-e IPv6=False \
-e HOSTNAME=pihole2 \
-e PIHOLE_DOMAIN=mydomain \
-e HOME=/root \
-e TZ=EUROPE/LONDON \
-v /my/full/local/path/to/pihole:/etc/pihole \
-v /my/full/local/path/to/dnsmasq.d:/etc/dnsmasq.d \
--cap-add CAP_NET_ADMIN \
--restart=unless-stopped \
pihole/pihole:latest

That all works fine and is usable by all devices on the LAN @ 192.168.0.200
Pihole is set to “Permit all origins” for DNS requests so t will work with both networks
So far so good.
So now I try to install tailscale:

docker run -d \
--name=tailscaled \
--network=host \
-v /my/full/local/path/to/lib:/var/lib \
-v /dev/net/tun:/dev/net/tun \
--privileged \
tailscale/tailscale:latest

It pulled the latest image down and installed fine, but when I try to start tailscale from within the container (docker exec tailscaled tailscale up) I get this error:

failed to connect to local tailscaled (which appears to be running as tailscaled, pid 7). Got error: Failed to connect to local Tailscale daemon for /localapi/v0/status; not running? Error: dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory

I confirmed that /dev/net/tun exists (just in case)

Google searches found examples where synology packages wouldn’t run, but not docker IN synology, so I’m a bit stuck. Any help would be appreciated

Thanks
CW

Following. Having the same issue as well. @callumw better to create this post in github issues as well.

Done

Hi.
I found a fix for this which I added to the github bug report, but adding here to make it easier for others to find:


Addendum - I found the solution to the error: “/var/run/tailscale/tailscaled.sock does not exist”

Checking the processes inside the container I see:

/usr/local/bin # ps -ef | grep -i tailscale
    1 root      0:00 /bin/sh /tailscale/run.sh
    7 root      0:00 tailscaled --socket=/tmp/tailscaled.sock --state=mem: --tun=userspace-networking
    8 root      0:00 tailscale --socket=/tmp/tailscaled.sock up --accept-dns=false

The .sock is there, just not in /var/run

So I created a symbolic link from the /tmp folder to the /var by typing the following:

cd /var/run
mkdir tailscale
ln -s /tmp/tailscaled.sock /var/run/tailscale/tailscaled.sock

Now when I run tailscale up I get the URL to authenticate

linking the issue in github here.

1 Like