question

techie4hire avatar image
techie4hire asked

[SOLVED] VenusOS RaspberryPi Tailscale Installation

Has anybody been successful getting Tailscale installed under VenusOS on the Raspberry Pi? I understand the VenusOS has a limited package manager that doesn't include Tailscale -- based on a previous post or two on this subject.

I use Tailscale extensively, and it really works well for accessing devices that are on different subnets, or behind the CGNAT used by the likes of Starlink and most cellular providers. The VRM Portal is fantastic, but it'd be nice to be able to access VenusOS and Node-RED like they were on my local network as well.

So, if anyone in the Victron Community has gone to the effort of compiling a custom version of the VenusOS that includes Tailscale, or a mainstream package manger, let me know. Thanks! :-)

Venus OSRaspberry Pi
11 comments
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

batmanvane avatar image batmanvane commented ·

1. ssh into your venus os pi. if not possible, enable via remote console (you may need to adapt user and domain/ip).

ssh root@venus.local

2. use the static binary from Tailscale (for raspi 4 choose arm architecture), download and untar:

curl -o tailscale_loc.tgz https://pkgs.tailscale.com/stable/tailscale_1.42.0_arm.tgz
tar -xvf tailscale_loc.tgz

If not sure which architecture, use

cat /proc/cpuinfo

3. CD into to tailscale___ directory and copy and make executable the client tailscale and daemon tailscaled to /use/bin

cp tailscale /usr/bin
cp tailscaled /usr/bin/
sudo chmod +x /usr/bin/tailscale
sudo chmod +x /usr/bin/tailscaled

4. implement tailscale daemon init script

sudo nano /etc/init.d/tailscaled

5. and put this into the init script (adopt USER and GROUP depending on what you have set unter SSH in venus os):

#!/bin/sh
### BEGIN INIT INFO
# Provides:          tailscaled
# Required-Start:    $local_fs $network $syslog
# Required-Stop:     $local_fs $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tailscaled daemon
# Description:       tailscaled daemon
### END INIT INFO

DAEMON=/usr/bin/tailscaled
PIDFILE=/var/run/tailscaled.pid
USER=root
GROUP=root
test -x $DAEMON || exit 0
case "$1" in
  start)
    echo "Starting Tailscaled"
    start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON -- start
    ;;
  stop)
    echo "Stopping Tailscaled"
    start-stop-daemon --stop --pidfile $PIDFILE --retry 10
    ;;
  *)
    echo "Usage: /etc/init.d/tailscaled {start|stop}"
    exit 1
    ;;
esac
exit 0

6. make init script executable and restart on boot

sudo chmod +x /etc/init.d/tailscaled

7. Test if the init script for the daemon

sudo /etc/init.d/tailscaled start
sudo /etc/init.d/tailscaled stop
sudo /etc/init.d/tailscaled start

should see Starting Tailscaled / Stopping Tailscaled /Starting Tailscaled

8. configure tailscale init script to start automatically on boot

sudo update-rc.d tailscaled defaults

9. connect to your tailscale account

tailscale up

Done.

[1] for the init script, i.e. no systemctl available on venus, i got help from here: https://byteshiva.medium.com/how-to-create-an-init-script-for-tailscaled-in-linux-244347336fc7

1 Like 1 ·
techie4hire avatar image techie4hire batmanvane commented ·

@batmanvane I have Tailscale installed and running at startup. However, there's one key mistake above and several simplifications I'd like to suggest (using your numbering above):

3. cp tailscale tailscaled /usr/bin/  <this is the only line needed>
4. 6. 7. 8.  <none of the sudos are required as you're logged in as root>
5. start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON  <the "-- start" at the end of this line is removed, as it keeps the daemon from loading>

If you could edit your answer as suggested (assuming you agree of course), I'll mark it as accepted. :-)

This is an excellent solution. Maybe we should script it for use after VenusOS updates?

1 Like 1 ·
batmanvane avatar image batmanvane techie4hire commented ·

sure, go ahead! ii have now scripted about 2 h and it seems to work (i am not an expert on shell scripting) maybe you can comment on the difference. thx:

#!/bin/sh
#set -x #echo on
### BEGIN INIT INFO
# Provides:          tailscaled
# Required-Start:    $local_fs $network $syslog
# Required-Stop:     $local_fs $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tailscaled daemon
# Description:       tailscaled daemon
### END INIT INFO

dir="/usr/bin"
cmd="tailscaled"
user="root"

name=`basename $0`
pid_file="/var/run/$name.pid"
stdout_log="/var/log/$name.log"
stderr_log="/var/log/$name.err"

get_pid() {
    cat "$pid_file"
}


is_running() {
    pidof $cmd  > /dev/null 2>&1
}

case "$1" in
    start)
    if  is_running; then
        echo "Already started"
    else
        echo "Starting $name"
        cd "$dir"
        if [ -z "$user" ]; then
            sudo $cmd >> "$stdout_log" 2>> "$stderr_log" &
        else
            sudo -u "$user" $cmd >> "$stdout_log" 2>> "$stderr_log" &
        fi
echo $! > "$pid_file"
        if ! is_running; then
            echo "Unable to start, see $stdout_log and $stderr_log"
            exit 1
        fi
    fi
    ;;
    stop)
    if is_running; then
        echo -n "Stopping $name.."
        kill `get_pid`
        for i in 1 2 3 4 5 6 7 8 9 10
        # for i in `seq 10`
        do
            if  is_running; then
                break
            fi

            echo -n "."
            sleep 1
        done
echo

if is_running; then
            echo "Not stopped; may still be shutting down or shutdown may have failed"
            exit 1
        else
            echo "Stopped"
            if [ -f "$pid_file" ]; then
                rm "$pid_file"
            fi
fi
    else
        echo "Not running"
    fi
    ;;
    restart)
    $0 stop
    if  is_running; then
        echo "Unable to stop, will not attempt to start"
        exit 1
    fi
    $0 start
    ;;
    status)
    if is_running; then
        echo "Running"
    else
        echo "Stopped"
        exit 1
    fi
    ;;
    *)
    echo "Usage: $0 {start|stop|restart|status}"
    exit 1
    ;;
esac

exit 0
0 Likes 0 ·
techie4hire avatar image techie4hire batmanvane commented ·
@batmanvane What problem are you trying to solve with this more extensive init.d script? As far as I can tell so far, the original script you posted works just fine when it's corrected as suggested in one of my replies above.
0 Likes 0 ·
batmanvane avatar image batmanvane techie4hire commented ·

Agree, let's take the initial script. I just couldn't figure out the problem with the flag -- start. So I started over from a template with a more readable script. I also like the functions 'status' and 'retstart'. but well, let's keep it simple. it's only about starting tailscale at (re)boot. ;-)

0 Likes 0 ·
batmanvane avatar image batmanvane techie4hire commented ·

I just started on venus os so: Will an update of venus os remove tailscale? also the script?


update: ah I see, you also mentioned this in your comment. So what do you mean scrip it? Into the update/install script of venos os ? It would be great as an optional install. tailscale is quite useful. Don't know how straight forward on can implement the binary download from tailscale. but it's alway ARM right?

0 Likes 0 ·
techie4hire avatar image techie4hire batmanvane commented ·
@batmanvane Yes it's always "ARM" (ARMv7) as the VenusOS is a 32-bit operating system.

What I was thinking of is doing a script that will perform the steps you've outlined above. They're pretty simple, but a script can be downloaded and executed on one line, and then the script could do the download from Tailscale, do the extraction, move the files around, add the init.d script and set it up to run at boot. I'll take a crack at that sometime soon.

Also, I noticed Tailscale is willing to add to its supported Operating Systems -- so I'll send them an email and see if they'd be willing to add the VenusOS. That would make it even easier as they'd provide an installation script, and update it as needed. So I'll try that first, and then do a script if they decline to add it.

0 Likes 0 ·
techie4hire avatar image techie4hire batmanvane commented ·
Excellent! I had no idea it could be done this way, but this looks very straightforward. I'll give this a try soon, and mark as a solution once confirmed. Thanks.
0 Likes 0 ·
batmanvane avatar image batmanvane techie4hire commented ·
There is still an issue with the ini script. It worked for me becaus I was using a "screen" session in terminal to run tailscaled. I will look at it tonight and try to post the fix. But yes, you probably need venus large image
0 Likes 0 ·
smallsolar avatar image smallsolar commented ·

Alternatively if you have any other linux machines on your network you can look into bridging with Zerotier. I have a Zerotier bridge set up and I can access any machine (including the Venus Gui) from other networks. Works well with the Starlink CGNAT. Only thing I have had problems with so far is when I am behind a CGNAT on both ends (cellular with my phone) and starlink on my home network.

*Edit to add that i have connectivity even on cellular now after enabling ipv6 on my network and configuring the zero tier bridge to work with it

0 Likes 0 ·
andlo avatar image andlo commented ·

I havnt yet, but were about to look into it.

I think it should be posible same way as installing ZeroTier.
Use the VenusOS Large image and compile and install it should work.
I know it does with ZeroTier when I follow this guide remote access to VenusOS: ZeroTier-One installation on RPi [HOW-TO] - Victron Community (victronenergy.com)

0 Likes 0 ·
3 Answers
techie4hire avatar image
techie4hire answered ·

Thanks to @batmanvane for his original answer! Here are the corrected steps:

1. ssh into your venus os pi. if not possible, enable via remote console (you may need to adapt user and domain/ip). windows users can connect with putty.

                  
    
                   
  1. ssh root@venus.local
    2.

2. use the static binary from tailscale (choose latest for arm architecture), download and untar:

                  
    
                   
  1. curl -o tailscale_loc.tgz https://pkgs.tailscale.com/stable/tailscale_1.42.0_arm.tgz
    2. 
                   
  2. tar -xvf tailscale_loc.tgz
    3.

3. chdir to tailscale___ directory and copy and the client tailscale and daemon tailscaled to /usr/bin

                  
    
                   
  1. cp tailscale tailscaled /usr/bin/
    2.

4. implement tailscale daemon init script

                  
    
                   
  1. nano /etc/init.d/tailscaled
    2.

5. and put this into the init script

                  
    
                   
  1. #!/bin/sh
    2. 
                   
  2. ### BEGIN INIT INFO
    3. 
                   
  3. # Provides:          tailscaled
    4. 
                   
  4. # Required-Start:    $local_fs $network $syslog
    5. 
                   
  5. # Required-Stop:     $local_fs $network $syslog
    6. 
                   
  6. # Default-Start:     2 3 4 5
    7. 
                   
  7. # Default-Stop:      0 1 6
    8. 
                   
  8. # Short-Description: tailscaled daemon
    9. 
                   
  9. # Description:       tailscaled daemon
    10. 
                   
  10. ### END INIT INFO
    11. 
                   
  11.  
    12. 
                   
  12. DAEMON=/usr/bin/tailscaled
    13. 
                   
  13. PIDFILE=/var/run/tailscaled.pid
    14. 
                   
  14. USER=root
    15. 
                   
  15. GROUP=root
    16. 
                   
  16. test -x $DAEMON || exit 0
    17. 
                   
  17. case "$1" in
    18. 
                   
  18.   start)
    19. 
                   
  19.     echo "Starting Tailscaled"
    20. 
                   
  20.     start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON
    21. 
                   
  21.     ;;
    22. 
                   
  22.   stop)
    23. 
                   
  23.     echo "Stopping Tailscaled"
    24. 
                   
  24.     start-stop-daemon --stop --pidfile $PIDFILE --retry 10
    25. 
                   
  25.     ;;
    26. 
                   
  26.   *)
    27. 
                   
  27.     echo "Usage: /etc/init.d/tailscaled {start|stop}"
    28. 
                   
  28.     exit 1
    29. 
                   
  29.     ;;
    30. 
                   
  30. esac
    31. 
                   
  31. exit 0
    32.

6. make init script executable

                  
    
                   
  1. chmod +x /etc/init.d/tailscaled
    2.

7. test the init script

                  
    
                   
  1. /etc/init.d/tailscaled start
    2. 
                   
  2. /etc/init.d/tailscaled stop
    3. 
                   
  3. /etc/init.d/tailscaled start
    4.

should see Starting Tailscaled / Stopping Tailscaled / Starting Tailscaled

8. configure tailscale init script to start automatically on boot

                  
    
                   
  1. update-rc.d tailscaled defaults
    2.

9. connect to your tailscale account

                  
    
                   
  1. tailscale up
    2.

done.

1 comment
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

techie4hire avatar image techie4hire commented ·
I just upgraded the VenusOS to v3.14, mostly because I wanted to get Tailscale updated (due to a potential security issue with Tailscale 1.42.0). And, basically the process is the same as I documented above. This is not something you want to do over Tailscale -- it needs to be done locally.


After the online VenusOS update completed, I set my ssh password to what it was before the upgrade using the Remote Console. Then, I ssh'd into the RPi and modified /etc/hostname so it would be the same as what I was using previously.


Follow the steps above, downloading the most recent Tailscale static binary for ARM (1.58.2 at this writing). On a Raspberry Pi 3B at least, this approach to Tailscale installation is persistent across reboots. It does not survive upgrades to the VenusOS however, so the steps would need to be repeated.


Given the frequency of updates to Tailscale, this works fine for me, as I'll just update both at the same time when I'm local to the RPi. The Node Red Flow I'm using to turn a battery warmer on and off based on temperature (to keep my Lithium Ion battery above 25F), appears to have survived this upgrade as well. :-)

0 Likes 0 ·
henrik avatar image
henrik answered ·

I installed tailscaled on a Raspberry Pi Zero 2 W running VenusOS v3.10 in my cabin this weekend. Everything worked fine on-site. I could SSH into it using the tailnet address, and the VRM remote console worked fine.

Now that I'm home, all connections to it (e.g. SSH, HTTP & HTTPS) times out. Also I can't connect to the VRM remote console through VictronConnect. The device shows as online, but "Connecting..." stops at 40% and fails after a while.

Outgoing connections seems to work fine, because I can see the battery charging status in the Victron Dashboard. Also tailscale shows the machine as Online.

Connections to all other tailnet machines work fine.

Any ideas on what the problem is?

3 comments
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

henrik avatar image henrik commented ·

A change in config + restart fixed it for me. On my installation / (and thus /etc) is mounted read-only. Also, any changes in /etc and /var/lib are wiped on upgrades, so I put the binaries and init script in /home/root/tailscale/, and created a /data/rc.local (which is run on every reboot):

#!/bin/bash
/sbin/sysctl -w net.ipv4.ip_forward=1
/sbin/sysctl -w net.ipv6.conf.all.forwarding=1
/home/root/tailscale/tailscaled-init.sh start
exit 0

Also had to add a -statedir option in the init script slightly to put the tailscale state in a safe place (/data and /home survives upgrades):

#!/bin/sh
### BEGIN INIT INFO
# Provides:          tailscaled
# Required-Start:    $local_fs $network $syslog
# Required-Stop:     $local_fs $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tailscaled daemon
# Description:       tailscaled daemon
### END INIT INFO

DAEMON=/home/root/tailscale/tailscaled
PIDFILE=/var/run/tailscaled.pid
OPTS="-statedir /data/var/lib/tailscale"
USER=root
GROUP=root
test -x $DAEMON || exit 0
case "$1" in
  start)
    echo "Starting Tailscaled"
    start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON -- $OPTS
    ;;
  stop)
    echo "Stopping Tailscaled"
    start-stop-daemon --stop --pidfile $PIDFILE --retry 10 -- $OPTS
    ;;
  *)
    echo "Usage: $0 {start|stop}"
    exit 1
    ;;
esac
exit 0

And obviously remember to set executable permissions:

cd /home/root/tailscale
chmod 755 tailscale tailscaled tailscaled-init.sh /data/rc.local
0 Likes 0 ·
henrik avatar image henrik commented ·

Also tailscale edits /etc/resolv.conf with a nameserver 100.100.100.100. This doesn't seem to work on VenusOS/RPi. Switching back to the default plus mount -o remount,ro / (which is the default) fixes things. I can now access VictronConnect / VRM again.

0 Likes 0 ·
henrik avatar image henrik commented ·
I've set the Rpi to reboot every night, also reboot when vrm has connection issues (after one hour). Haven't had problems after this.
0 Likes 0 ·
mvader (Victron Energy) avatar image
mvader (Victron Energy) answered ·
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.