From 3ddacad42a41516bc16b670a60a8e76f8f37e3bd Mon Sep 17 00:00:00 2001 From: Guy Resheff Date: Thu, 27 Mar 2025 22:30:52 -0700 Subject: [PATCH] initial commit for docker dnsmasq and tailscale --- Dockerfile | 13 +++++++++++++ README.md | 23 +++++++++++++++++++++++ dnsmasq.conf | 27 +++++++++++++++++++++++++++ docker-compose.yml | 14 ++++++++++++++ entrypoint.sh | 4 ++++ 5 files changed, 81 insertions(+) create mode 100644 Dockerfile create mode 100644 dnsmasq.conf create mode 100644 docker-compose.yml create mode 100644 entrypoint.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..e8dda77 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM ubuntu:22.04 + +RUN apt-get update && apt-get install -y dnsmasq curl + +# Install Tailscale +RUN curl -fsSL https://tailscale.com/install.sh | sh + +COPY dnsmasq.conf /etc/dnsmasq.conf +COPY entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + +ENTRYPOINT ["/entrypoint.sh"] +CMD ["dnsmasq", "--keep-in-foreground", "--log-facility=-"] diff --git a/README.md b/README.md index 7ff04a3..8f76f1c 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,25 @@ # local-dns-docker +https://www.reddit.com/r/Tailscale/comments/1dql8a6/use_the_same_domain_name_on_home_network_and_on/ + +What everybody has already said, but also use the tailnet IP of your DNS server as a global nameserver. I'll post my working steps: + +* Create a subnet router on your DNS host. + +1. On the DNS host you need to set --accept-dns=false +2. advertise routes +3. https://tailscale.com/kb/1019/subnets +sudo tailscale up --accept-dns=false --advertise-routes=192.168.x.x/x + +* In tailscale Machines edit new host and allow new route(s) +* In tailscale DNS, create a global namerserver: + +1. set it to the tailnet IP of your DNS server +2. you can set split DNS here or you can just use your DNS for everything +3. if u have android clients, check the slider to ignore local DNS + +* (optional) do the Linux enhancements mentioned on https://tailscale.com/kb/1019/subnets + +https://tailscale.com/kb/1019/subnets?tab=linux#connect-to-tailscale-as-a-subnet-router + +There is also a procedure to initially register the device with Tailscale server before this whole thing can work. Maybe I will document later. Not necessary as long as using the credentials in /DATA/AppData/tailscale/ so don't delete them. diff --git a/dnsmasq.conf b/dnsmasq.conf new file mode 100644 index 0000000..6b71fd7 --- /dev/null +++ b/dnsmasq.conf @@ -0,0 +1,27 @@ +# Don't use /etc/hosts or /etc/resolv.conf +no-hosts +no-resolv + +# Listen on all interfaces +#interface=* +interface=eth0 +interface=tailscale0 + +# Resolve *.local to 192.168.1.16 +address=/.local/192.168.1.16 + +# Forward other queries to 192.168.1.1 +server=192.168.1.1 + +# Log queries +log-queries +log-facility=- + +# Don't use /etc/hosts +no-hosts + +# Don't act as a DHCP server +no-dhcp-interface= + +# Bind to all interfaces +bind-interfaces diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..8a639d4 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,14 @@ +version: '3' +services: + dns-server: + container_name: dns-server + build: . + cap_add: + - NET_ADMIN + - SYS_MODULE + devices: + - /dev/net/tun:/dev/net/tun + volumes: + - /DATA/AppData/dns-docker:/var/lib/tailscale + network_mode: host + restart: unless-stopped diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..c6b3753 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/bash +tailscaled & +tailscale up --accept-dns=false --advertise-routes=192.168.1.0/24 +exec "$@"