Tailscale: works with truecharts app, but not with truenas app

Hello all

Using Dragonfish- I’m following the various posts regarding tailscale being “stuck in deploying” but, seeing as mine is fully working with truecharts, I wondered if there is a settings incompatibility between the two which I am yet to discover.

I’m very much a beginner, having only experimented slightly with docker on my linux home machine and not with TrueNAS, using it as it comes simply as a NAS apart from the few “apps” I mention below.

I am trying to migrate all apps so I am on a truenas catalogue only, so I can be ready for Eectric Eel when truecharts will no longer work (but Docker, alongside or importing truenas apps, will work).

Q1 - Is my moving across for all apps a sensible approach to implement now or is it premature?

So far I have migrated from truecharts to truenas the following apps: Jellyfin, Adguard-home and MotionEye, leaving Tailscale to be next.

Q2 - Might there be a forthcoming guide for the Tailscale app?
Having set the truenas Tailscale app to copy the truecharts settings as far as I can, by setting or unsetting various switches I have managed to get past “deploying” to “running” a couple of times but can’t connect to the instance, needing to revert back to the truecharts version instead.

Any pointers will be gratefully received if there are additional experiences I can call upon, beyond those already mentioned in the other recent (Dragonfish) tailscale threads.



I just tried installing Tailscale on my home TrueNAS SCALE from the TrueNAS chart without issues.

If you think it could be having both deployed, have you tried stopping the other version before deploying?
Do the history / logs indicate what is being blocked?

sorry - I should have said that I am stopping the working one and then starting the other (and vice versa).

I didn’t think to look at the logs (idiot!) so I shall see what I can glean and I’ll post here. Thanks for pointing this idea out.

1 Like

I’m one that did have issues with updating Tailscale and having it fail to deploy after updating forcing a rollback.
You can look at log for Tailscale by clicking on the tailscale app and under Workloads click the icon for logs. They should point you in a general direction of the issue.
Tailscale I originally deployed under Cobia, then when upgraded to Dragonfish, I found I could not successfully update Tailscale. This happened on 2 different machines.
After awhile of unsuccessful attempts at finding and fixing (and a bug report) I wound up creating a new instance of Tailscale then after the new instance deployed, I removed the old instance. Now it looks like things are in sync and working update wise on both machines.

I tried a number of things and my suspicion of the issue cause was/is a Tailscale update release that was bad or incomplete/incorrect that updated the app but not the container which forced the app version and the required container version for the app to become out of sync and thus fail to update. The system would see the current app version, but the container was not current for the app or if the container was updated, the app version was then wrong for the container version and would fail to update.

Trying again and looking at the logs: first I stop the truecharts instance and then I start the truenas app: the app almost immediately says “running”, then after 2s says “deploying” which is where it stays.
The “workloads” pane says

Pods: 1
Used Ports:
Stateful Sets:0


docker.io/tailscale/tailscale:v1.68.1 Up to date

the full log (500 lines tailed) says truenas tailscale 060724 - Pastebin.com

and the last (I am guessing the most pertinent) few lines of it say this, timestamps removed for clarity:

control: client.Login(2)
control: LoginInteractive → regen=true
control: doLogin(regen=true, hasUrl=false)
control: control server key from https://controlplane.tailscale.com: ts2021=[fSeS+], legacy=[nlFWp]
control: Generating a new nodekey.
control: RegisterReq: onode= node=[FxF+Y] fup=false nks=false
control: RegisterReq: got response; nodeKeyExpired=false, machineAuthorized=false; authURL=false
Received error: invalid key: API key does not exist
backend error: invalid key: API key does not exist
boot: failed to auth tailscale: failed to auth tailscale: tailscale up failed: exit status 1

which suggests to my uneducated eyes that the API key isn’t being read correctly i.e. I have failed to copy it correctly, or there is another error. I did check, and I will check again.
[edit1 - yes, the API keys are identical]

edit 2: I tried again, this time having selected all three of auth once/userspace/accept DNS and it now says “running”, and the last few lines say

Running ‘tailscale up’
Backend: logs: be:(long hash number)fe:
Switching ipn state NoState → NeedsLogin (WantRunning=true, nm=false)
control: client.Shutdown …
control: updateRoutine: exiting
control: mapRoutine: exiting
control: authRoutine: exiting
control: Client.Shutdown done.
StartLoginInteractive: url=false
control: client.Login(2)
LoginInteractive → regen=true
control: doLogin(regen=true, hasUrl=false)
control: control server key from https://controlplane.tailscale.com: ts2021=[fSeS+], legacy=[nlFWp]
control: Generating a new nodekey.
control: RegisterReq: onode= node=[pPou/] fup=false nks=false

which looked more hopeful, but in the few minutes it has taken me to edit this post, it has reverted back to saying “deploying” again. Stopping and starting shows it change within 5s of starting to “running” and then after a moment or three it drops back to “deploying” and remains there. The logs look the same as those reported a few lines above.

I have continued this thread at

in order to avoid duplication

The solution for me was to use a reusable tailscale key … I generated a new auth key, setting it to be non-expiring and to be reusable.

1 Like