question

techie4hire avatar image
techie4hire asked

[SOLVED] VenusOS RaspberryPi Tailscale Installation

Has anybody been successful getting Tailscale installed under VenusOS on the Raspberry Pi? I understand the VenusOS has a limited package manager that doesn't include Tailscale -- based on a previous post or two on this subject.

I use Tailscale extensively, and it really works well for accessing devices that are on different subnets, or behind the CGNAT used by the likes of Starlink and most cellular providers. The VRM Portal is fantastic, but it'd be nice to be able to access VenusOS and Node-RED like they were on my local network as well.

So, if anyone in the Victron Community has gone to the effort of compiling a custom version of the VenusOS that includes Tailscale, or a mainstream package manger, let me know. Thanks! :-)

Venus OSRaspberry Pi
11 comments
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

batmanvane avatar image batmanvane commented ·

1. ssh into your venus os pi. if not possible, enable via remote console (you may need to adapt user and domain/ip).

ssh root@venus.local

2. use the static binary from Tailscale (for raspi 4 choose arm architecture), download and untar:

curl -o tailscale_loc.tgz https://pkgs.tailscale.com/stable/tailscale_1.42.0_arm.tgz
tar -xvf tailscale_loc.tgz

If not sure which architecture, use

cat /proc/cpuinfo

3. CD into to tailscale___ directory and copy and make executable the client tailscale and daemon tailscaled to /use/bin

cp tailscale /usr/bin
cp tailscaled /usr/bin/
sudo chmod +x /usr/bin/tailscale
sudo chmod +x /usr/bin/tailscaled

4. implement tailscale daemon init script

sudo nano /etc/init.d/tailscaled

5. and put this into the init script (adopt USER and GROUP depending on what you have set unter SSH in venus os):

#!/bin/sh
### BEGIN INIT INFO
# Provides:          tailscaled
# Required-Start:    $local_fs $network $syslog
# Required-Stop:     $local_fs $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tailscaled daemon
# Description:       tailscaled daemon
### END INIT INFO

DAEMON=/usr/bin/tailscaled
PIDFILE=/var/run/tailscaled.pid
USER=root
GROUP=root
test -x $DAEMON || exit 0
case "$1" in
  start)
    echo "Starting Tailscaled"
    start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON -- start
    ;;
  stop)
    echo "Stopping Tailscaled"
    start-stop-daemon --stop --pidfile $PIDFILE --retry 10
    ;;
  *)
    echo "Usage: /etc/init.d/tailscaled {start|stop}"
    exit 1
    ;;
esac
exit 0

6. make init script executable and restart on boot

sudo chmod +x /etc/init.d/tailscaled

7. Test if the init script for the daemon

sudo /etc/init.d/tailscaled start
sudo /etc/init.d/tailscaled stop
sudo /etc/init.d/tailscaled start

should see Starting Tailscaled / Stopping Tailscaled /Starting Tailscaled

8. configure tailscale init script to start automatically on boot

sudo update-rc.d tailscaled defaults

9. connect to your tailscale account

tailscale up

Done.

[1] for the init script, i.e. no systemctl available on venus, i got help from here: https://byteshiva.medium.com/how-to-create-an-init-script-for-tailscaled-in-linux-244347336fc7

1 Like 1 ·
techie4hire avatar image techie4hire batmanvane commented ·

@batmanvane I have Tailscale installed and running at startup. However, there's one key mistake above and several simplifications I'd like to suggest (using your numbering above):

3. cp tailscale tailscaled /usr/bin/  <this is the only line needed>
4. 6. 7. 8.  <none of the sudos are required as you're logged in as root>
5. start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON  <the "-- start" at the end of this line is removed, as it keeps the daemon from loading>

If you could edit your answer as suggested (assuming you agree of course), I'll mark it as accepted. :-)

This is an excellent solution. Maybe we should script it for use after VenusOS updates?

1 Like 1 ·
Show more comments
techie4hire avatar image techie4hire batmanvane commented ·
Excellent! I had no idea it could be done this way, but this looks very straightforward. I'll give this a try soon, and mark as a solution once confirmed. Thanks.
0 Likes 0 ·
Show more comments
smallsolar avatar image smallsolar commented ·

Alternatively if you have any other linux machines on your network you can look into bridging with Zerotier. I have a Zerotier bridge set up and I can access any machine (including the Venus Gui) from other networks. Works well with the Starlink CGNAT. Only thing I have had problems with so far is when I am behind a CGNAT on both ends (cellular with my phone) and starlink on my home network.

*Edit to add that i have connectivity even on cellular now after enabling ipv6 on my network and configuring the zero tier bridge to work with it

0 Likes 0 ·
andlo avatar image andlo commented ·

I havnt yet, but were about to look into it.

I think it should be posible same way as installing ZeroTier.
Use the VenusOS Large image and compile and install it should work.
I know it does with ZeroTier when I follow this guide remote access to VenusOS: ZeroTier-One installation on RPi [HOW-TO] - Victron Community (victronenergy.com)

0 Likes 0 ·
3 Answers
techie4hire avatar image
techie4hire answered ·

Thanks to @batmanvane for his original answer! Here are the corrected steps:

1. ssh into your venus os pi. if not possible, enable via remote console (you may need to adapt user and domain/ip). windows users can connect with putty.

  
                  
    
                   
  1. ssh root@venus.local
    2.

2. use the static binary from tailscale (choose latest for arm architecture), download and untar:

  
                  
    
                   
  1. curl -o tailscale_loc.tgz https://pkgs.tailscale.com/stable/tailscale_1.42.0_arm.tgz
    2. 
                   
  2. tar -xvf tailscale_loc.tgz
    3.

3. chdir to tailscale___ directory and copy and the client tailscale and daemon tailscaled to /usr/bin

  
                  
    
                   
  1. cp tailscale tailscaled /usr/bin/
    2.

4. implement tailscale daemon init script

  
                  
    
                   
  1. nano /etc/init.d/tailscaled
    2.

5. and put this into the init script

  
                  
    
                   
  1. #!/bin/sh
    2. 
                   
  2. ### BEGIN INIT INFO
    3. 
                   
  3. # Provides:          tailscaled
    4. 
                   
  4. # Required-Start:    $local_fs $network $syslog
    5. 
                   
  5. # Required-Stop:     $local_fs $network $syslog
    6. 
                   
  6. # Default-Start:     2 3 4 5
    7. 
                   
  7. # Default-Stop:      0 1 6
    8. 
                   
  8. # Short-Description: tailscaled daemon
    9. 
                   
  9. # Description:       tailscaled daemon
    10. 
                   
  10. ### END INIT INFO
    11. 
                   
  11.  
    12. 
                   
  12. DAEMON=/usr/bin/tailscaled
    13. 
                   
  13. PIDFILE=/var/run/tailscaled.pid
    14. 
                   
  14. USER=root
    15. 
                   
  15. GROUP=root
    16. 
                   
  16. test -x $DAEMON || exit 0
    17. 
                   
  17. case "$1" in
    18. 
                   
  18.   start)
    19. 
                   
  19.     echo "Starting Tailscaled"
    20. 
                   
  20.     start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON
    21. 
                   
  21.     ;;
    22. 
                   
  22.   stop)
    23. 
                   
  23.     echo "Stopping Tailscaled"
    24. 
                   
  24.     start-stop-daemon --stop --pidfile $PIDFILE --retry 10
    25. 
                   
  25.     ;;
    26. 
                   
  26.   *)
    27. 
                   
  27.     echo "Usage: /etc/init.d/tailscaled {start|stop}"
    28. 
                   
  28.     exit 1
    29. 
                   
  29.     ;;
    30. 
                   
  30. esac
    31. 
                   
  31. exit 0
    32.

6. make init script executable

  
                  
    
                   
  1. chmod +x /etc/init.d/tailscaled
    2.

7. test the init script

  
                  
    
                   
  1. /etc/init.d/tailscaled start
    2. 
                   
  2. /etc/init.d/tailscaled stop
    3. 
                   
  3. /etc/init.d/tailscaled start
    4.

should see Starting Tailscaled / Stopping Tailscaled / Starting Tailscaled

8. configure tailscale init script to start automatically on boot

  
                  
    
                   
  1. update-rc.d tailscaled defaults
    2.

9. connect to your tailscale account

  
                  
    
                   
  1. tailscale up
    2.

done.

1 comment
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

techie4hire avatar image techie4hire commented ·
I just upgraded the VenusOS to v3.14, mostly because I wanted to get Tailscale updated (due to a potential security issue with Tailscale 1.42.0). And, basically the process is the same as I documented above. This is not something you want to do over Tailscale -- it needs to be done locally.


After the online VenusOS update completed, I set my ssh password to what it was before the upgrade using the Remote Console. Then, I ssh'd into the RPi and modified /etc/hostname so it would be the same as what I was using previously.


Follow the steps above, downloading the most recent Tailscale static binary for ARM (1.58.2 at this writing). On a Raspberry Pi 3B at least, this approach to Tailscale installation is persistent across reboots. It does not survive upgrades to the VenusOS however, so the steps would need to be repeated.


Given the frequency of updates to Tailscale, this works fine for me, as I'll just update both at the same time when I'm local to the RPi. The Node Red Flow I'm using to turn a battery warmer on and off based on temperature (to keep my Lithium Ion battery above 25F), appears to have survived this upgrade as well. :-)

0 Likes 0 ·
henrik avatar image
henrik answered ·

I installed tailscaled on a Raspberry Pi Zero 2 W running VenusOS v3.10 in my cabin this weekend. Everything worked fine on-site. I could SSH into it using the tailnet address, and the VRM remote console worked fine.

Now that I'm home, all connections to it (e.g. SSH, HTTP & HTTPS) times out. Also I can't connect to the VRM remote console through VictronConnect. The device shows as online, but "Connecting..." stops at 40% and fails after a while.

Outgoing connections seems to work fine, because I can see the battery charging status in the Victron Dashboard. Also tailscale shows the machine as Online.

Connections to all other tailnet machines work fine.

Any ideas on what the problem is?

3 comments
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

henrik avatar image henrik commented ·

A change in config + restart fixed it for me. On my installation / (and thus /etc) is mounted read-only. Also, any changes in /etc and /var/lib are wiped on upgrades, so I put the binaries and init script in /home/root/tailscale/, and created a /data/rc.local (which is run on every reboot):

#!/bin/bash
/sbin/sysctl -w net.ipv4.ip_forward=1
/sbin/sysctl -w net.ipv6.conf.all.forwarding=1
/home/root/tailscale/tailscaled-init.sh start
exit 0

Also had to add a -statedir option in the init script slightly to put the tailscale state in a safe place (/data and /home survives upgrades):

#!/bin/sh
### BEGIN INIT INFO
# Provides:          tailscaled
# Required-Start:    $local_fs $network $syslog
# Required-Stop:     $local_fs $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tailscaled daemon
# Description:       tailscaled daemon
### END INIT INFO

DAEMON=/home/root/tailscale/tailscaled
PIDFILE=/var/run/tailscaled.pid
OPTS="-statedir /data/var/lib/tailscale"
USER=root
GROUP=root
test -x $DAEMON || exit 0
case "$1" in
  start)
    echo "Starting Tailscaled"
    start-stop-daemon --start --background --pidfile $PIDFILE --make-pidfile --chuid $USER:$GROUP --startas $DAEMON -- $OPTS
    ;;
  stop)
    echo "Stopping Tailscaled"
    start-stop-daemon --stop --pidfile $PIDFILE --retry 10 -- $OPTS
    ;;
  *)
    echo "Usage: $0 {start|stop}"
    exit 1
    ;;
esac
exit 0

And obviously remember to set executable permissions:

cd /home/root/tailscale
chmod 755 tailscale tailscaled tailscaled-init.sh /data/rc.local
0 Likes 0 ·
henrik avatar image henrik commented ·

Also tailscale edits /etc/resolv.conf with a nameserver 100.100.100.100. This doesn't seem to work on VenusOS/RPi. Switching back to the default plus mount -o remount,ro / (which is the default) fixes things. I can now access VictronConnect / VRM again.

0 Likes 0 ·
henrik avatar image henrik commented ·
I've set the Rpi to reboot every night, also reboot when vrm has connection issues (after one hour). Haven't had problems after this.
0 Likes 0 ·
mvader (Victron Energy) avatar image
mvader (Victron Energy) answered ·
2 |3000
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.