跳转至

Tailscale服务部署

打开https://login.tailscale.com/,使用微软或者GitHub等账号登录,

准备一个微软账号 https://account.microsoft.com/

https://go.dev/

https://go.dev/doc/install

安装GO环境

wget https://go.dev/dl/go1.20.1.linux-amd64.tar.gz
rm -rf /usr/local/go && tar -C /usr/local -xzf go1.20.1.linux-amd64.tar.gz

执行sudo nano /etc/profile,添加以下内容:

cat >>/etc/profile<<\EOF
export PATH=$PATH:/usr/local/go/bin
export PATH=$PATH:$HOME/go/bin
EOF

执行source /etc/profile

source /etc/profile

执行go help

go help

执行go version

go version

配置防火墙

服务器开启443端口和3478端口,TCP 443 (https) , UDP 3478 (STUN),

sudo apt install -y ufw
sudo ufw enable
sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 100/tcp
sudo ufw allow 3478/udp
sudo ufw allow 10000/tcp
sudo ufw reload
sudo ufw status

开启内核转发

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf

安装tailscale

Linux服务器使用了Debian 11系统 (一键安装)

https://tailscale.com/download/

curl -fsSL https://tailscale.com/install.sh | sh

出现如下信息则表示OK

Installation complete! Log in to start using Tailscale by running:
tailscale up

执行sudo tailscale up,显示以下内容: 

To authenticate, visit:
    https://login.tailscale.com/a/5ae8e1d0ff4e
Success.

在浏览器中打开https://login.tailscale.com/a/100000000000,使用微软或者GitHub等账号登录,

配置tailscale

如果需要科学上网,执行如下命令

sudo tailscale up --advertise-routes=192.168.1.0/24,172.16.0.0/16 --accept-routes --advertise-exit-node --hostname "node1"

在浏览器中打开https://login.tailscale.com/admin/,设置禁止key过期

image-20230301104559473设置vpn路由

image-20230301104719659

设置服务端DNS

https://login.tailscale.com/admin/dns

打开https://login.tailscale.com/admin/dns,添加“8.8.8.8”和“1.1.1.1”,勾选“Override local DNS”(可选,非必需),点击“Enable MagicDNS”,

image-20230301110532703

打开https://tailscale.com/download,下载客户端,

或者执行sudo tailscale up --qr,将链接转换为二维码,使用手机浏览器扫描并登录,

执行sudo tailscale ip -4

执行sudo tailscale status

执行sudo tailscale netcheck

在浏览器中打开https://login.tailscale.com/admin/

https://tailscale.com/kb/1103/exit-nodes/

https://tailscale.com/kb/1019/subnets/

执行sudo tailscale up --advertise-routes=192.168.1.0/24,172.16.0.0/16 --accept-routes --advertise-exit-node --hostname "node1"

如果有第二个服务器,执行sudo tailscale up --advertise-routes=192.168.1.0/24,172.16.0.0/16 --accept-routes --advertise-exit-node --hostname "node2",其他服务器以此类推,

打开https://login.tailscale.com/admin/machines, 点击“Disable key expiry”, 点击“Edit route settings”,点击“Subnet routes”中的“Approve all”按钮,勾选“Use as exit node”,

打开https://login.tailscale.com/admin/dns,添加“8.8.8.8”和“1.1.1.1”,勾选“Override local DNS”(可选,非必需),点击“Enable MagicDNS”,

打开https://tailscale.com/download,下载客户端,