Problem/Justification
We’ve set up Tailscale per this useful guide on all our TrueNAS arrays:
https :// tailscale . com/kb/1483/truenas
While this does work it brings some disadvantages:
- Lost efficiency: tailscale is, after all, just a wrapper for Wireguard. Stuffing all its packets through Docker only serves to burn CPU cycles that could be better used elsewhere. Yes, Docker’s pretty fast but still.
- Easier to manage: if something goes wrong with the tailscale app, one has to interact with it through Docker. If you’re in an environment without a lot of containerization this means Tailscale on TrueNAS is a Martian. Nobody wants to work with Martians if they don’t have to.
- Apps are completely disabled in TrueNAS Enterprise. That’s right, if you’re paying for TrueNAS you actually have a worse experience here. The only supported way to get Tailscale going is to contact support and request an apps enablement key. Would it not be better to simply have the daemon run native and remove this support burden?
Impact
The only impact here would be felt by:
- End users who need Tailscale in their TrueNAS systems, and this would be a positive impact (native system-level service, no begging for apps key, etc).
- TrueNAS support. There would be upfront work configuring the UX to enable Tailscale, although the configuration is simple enough that this would be relatively minor. In addition, there would be a need to support Enterprise users if they encountered issues with the Tailscale service. On the other hand, there would be fewer Enterprise users opening up support tickets to request apps enablement.
User Story
Log on to an array. Go to System / Services. Enable Tailscale. Hit the pencil and edit the configuration - should be fine to use the same edit window as currently ships with the Docker app.
…
Profit!