Tailscale 搭建derp中继节点(无需域名)

共计 1585 个字符,预计需要花费 4 分钟才能阅读完成。

步骤1:安装必要工具

  • 安装依赖:
  apt update && apt install -y wget git openssl curl
  wget https://go.dev/dl/go1.22.4.linux-amd64.tar.gz 
  rm -rf /usr/local/go && tar -C /usr/local -xzf go1.22.4.linux-amd64.tar.gz
  export PATH=$PATH:/usr/local/go/bin
  echo "export PATH=$PATH:/usr/local/go/bin" >> /etc/profile
  source /etc/profile
  go version

步骤3:下载Tailscale Derper

  • 配置Go环境以使用中国国内的镜像:
  go env -w GO111MODULE=on
  go env -w GOPROXY=https://goproxy.cn,direct
  • 克隆 tailscale derper:
git clone https://github.com/tailscale/tailscale.git

步骤4:编译与配置DERP服务

  • 打开cert.go文件,删除校验证书代码
Tailscale 搭建derp中继节点(无需域名)
  • 编译derper:
go build -o /etc/derp/derper ./cmd/derper
  • 自签域名:
  openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout /etc/derp/derp.myself.com.key -out /etc/derp/derp.myself.com.crt -subj "/CN=derp.myself.com" -addext "subjectAltName=DNS:derp.myself.com"
  • 配置DERP服务:
  cat > /etc/systemd/system/derp.service <<EOF
  [Unit]
  Description=TS Derper
  After=network.target
  Wants=network.target

  [Service]
  User=root
  Restart=always
  ExecStart=/etc/derp/derper -hostname derp.myself.com -a :33445 -http-port 33446 -certmode manual -certdir /etc/derp
  RestartPreventExitStatus=1

  [Install]
  WantedBy=multi-user.target
  EOF

步骤5:启动与验证

  • 重新加载并启动DERP服务:
  systemctl daemon-reload
  systemctl restart derp
  systemctl enable derp
  • 检查DERP服务器状态,访问云服务器的IP地址和配置的端口号。

步骤6:ACL配置

  • 在Tailscale网页端添加ACL配置,确保正确设置了Regions和Nodes。
 
	"derpMap": {
		"OmitDefaultRegions": true,
		"Regions": {
			"901": {
				"RegionID":   901,
				"RegionCode": "Myself",
				"RegionName": "Myself Derper",
				"Nodes": [
					{
						"Name":             "901a",
						"RegionID":         901,
						"DERPPort":         33445,
						"IPv4":            "服务器IP",
						"InsecureForTests": true,
					},
				],
			},
		},
	},
Tailscale 搭建derp中继节点(无需域名)

检查状态

tailscale netcheck

查看derp日志

journalctl -xefu derp

参考

https://blog.csdn.net/qq_29064203/article/details/135379460

正文完
 0
评论(没有评论)