Add translation layer for official Tailscale Sidecar container

share/docker/tailscale_container_hook

@@ -1,6 +1,6 @@
 #!/bin/sh
-# Copyright 2024, Lime Technology
-# Copyright 2024, Christoph Hummer
+# Copyright 2024-2025, Lime Technology
+# Copyright 2024-2025, Christoph Hummer
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License version 2,
@@ -18,10 +18,12 @@ exec_entrypoint() {
 }
 
 error_handler() {
-  echo "ERROR: Unraid Docker Hook script throw an error!"
-  echo "       Starting container without Tailscale!"
-  echo
-  exec_entrypoint
+  if [ "${DISABLE_ERROR_HANDLER}" != "true" ]; then
+    echo "ERROR: Unraid Docker Hook script throw an error!"
+    echo "       Starting container without Tailscale!"
+    echo
+    exec_entrypoint
+  fi
 }
 
 echo "======================="
@@ -34,7 +36,14 @@ if [ "$(id -u)" != "0" ]; then
   error_handler
 fi
 
-if [ ! -f /usr/bin/tailscale ] || [ ! -f /usr/bin/tailscaled ]; then
+if [ -f /usr/local/bin/tailscale ] || [ -f /usr/local/bin/tailscaled ]; then
+  echo "Official Tailscale Sidecar container detected!"
+  echo
+  OFFICIAL_TS_SIDECAR="true"
+  apk update >/dev/null 2>&1
+  apk add jq >/dev/null 2>&1
+elif [ ! -f /usr/bin/tailscale ] || [ ! -f /usr/bin/tailscaled ]; then
+  OFFICIAL_TS_SIDECAR="false"
   if [ ! -z "${TAILSCALE_EXIT_NODE_IP}" ]; then
     if [ ! -c /dev/net/tun ]; then
       echo "ERROR: Device /dev/net/tun not found!"
@@ -128,13 +137,22 @@ if [ ! -f /usr/bin/tailscale ] || [ ! -f /usr/bin/tailscaled ]; then
 
   echo "Installation Done!"
 else
+  OFFICIAL_TS_SIDECAR="false"
   echo "Tailscale found, continuing..."
 fi
 
 unset TSD_PARAMS
 unset TS_PARAMS
 
-if [ ! -z "${TAILSCALE_STATE_DIR}" ]; then
+if [ "${OFFICIAL_TS_SIDECAR}" = "true" ]; then
+  if [ -z "${TS_STATE_DIR}" ]; then
+    echo "No Tailscale State Directory specified, falling back to: /var/lib/tailscale"
+    export TS_STATE_DIR="/var/lib/tailscale"
+  else
+    export TS_STATE_DIR="${TS_STATE_DIR}"
+  fi
+  TSD_STATE_DIR="${TS_STATE_DIR}"
+elif [ ! -z "${TAILSCALE_STATE_DIR}" ]; then
   TSD_STATE_DIR="${TAILSCALE_STATE_DIR}"
 elif [ ! -z "${SERVER_DIR}" ]; then
   TSD_STATE_DIR="${SERVER_DIR}/.tailscale_state"
@@ -155,7 +173,7 @@ else
 fi
 echo "Settings Tailscale state dir to: ${TSD_STATE_DIR}"
 
-if [ ! -d "${TSD_STATE_DIR}" ]; then
+if [ ! -z "${TSD_STATE_DIR}" ] && [ ! -d "${TSD_STATE_DIR}" ]; then
   mkdir -p ${TSD_STATE_DIR}
 fi
 
@@ -197,12 +215,14 @@ if [ "${TAILSCALE_USE_SSH}" = "true" ]; then
   TS_PARAMS="${TS_PARAMS} --ssh"
 fi
 
-if [ "${TAILSCALE_LOG}" != "false" ]; then
-  TSD_PARAMS="${TSD_PARAMS} >>/var/log/tailscaled 2>&1 "
-  TSD_MSG=" with log file location: /var/log/tailscaled"
-else
-  TSD_PARAMS="${TSD_PARAMS} >/dev/null 2>&1 "
-  TSD_MSG=" with logging disabled"
+if [ "${OFFICIAL_TS_SIDECAR}" != "true" ]; then
+  if [ "${TAILSCALE_LOG}" != "false" ]; then
+    TSD_PARAMS="${TSD_PARAMS} >>/var/log/tailscaled 2>&1 "
+    TSD_MSG=" with log file location: /var/log/tailscaled"
+  else
+    TSD_PARAMS="${TSD_PARAMS} >/dev/null 2>&1 "
+    TSD_MSG=" with logging disabled"
+  fi
 fi
 
 if [ ! -z "${TAILSCALE_HOSTNAME}" ]; then
@@ -211,35 +231,72 @@ if [ ! -z "${TAILSCALE_HOSTNAME}" ]; then
   TS_PARAMS="${TS_PARAMS} --hostname=${TAILSCALE_HOSTNAME}"
 fi
 
+if [ "${OFFICIAL_TS_SIDECAR}" = "true" ]; then
+  if [ ! -z "${TAILSCALE_HOSTNAME}" ]; then
+    export TS_STATE_DIR="${TS_STATE_DIR}/${TAILSCALE_HOSTNAME}"
+    TSD_STATE_DIR="${TS_STATE_DIR}/${TAILSCALE_HOSTNAME}"
+  else
+    export TS_STATE_DIR="${TS_STATE_DIR}/$(hostname)"
+    TSD_STATE_DIR="${TS_STATE_DIR}/$(hostname)"
+  fi
+fi
+
 if [ "${TAILSCALE_EXIT_NODE}" = "true" ]; then
   echo "Configuring container as Exit Node! See https://tailscale.com/kb/1103/exit-nodes"
   TS_PARAMS="${TS_PARAMS} --advertise-exit-node"
 fi
 
-if [ ! -z "${TAILSCALED_PARAMS}" ]; then
-  TSD_PARAMS="${TAILSCALED_PARAMS} ${TSD_PARAMS}"
-fi
-
-if [ ! -z "${TAILSCALE_PARAMS}" ]; then
-  TS_PARAMS="${TAILSCALE_PARAMS}${TS_PARAMS}"
-fi
-
-echo "Starting tailscaled${TSD_MSG}"
-eval tailscaled -statedir=${TSD_STATE_DIR} ${TSD_PARAMS}&
-
-echo "Starting tailscale"
-eval tailscale up ${TS_PARAMS} --reset
-EXIT_STATUS="$?"
-
-if [ "${EXIT_STATUS}" != "0" ]; then
-  echo "ERROR: Connecting to Tailscale not successful!"
-  if [ -f /var/log/tailscaled ]; then
-    echo "Please check the logs:"
-    tail -20 /var/log/tailscaled
+if [ "${OFFICIAL_TS_SIDECAR}" = "true" ]; then
+  if [ ! -z "${TAILSCALED_PARAMS}" ]; then
+    export TS_TAILSCALED_EXTRA_ARGS="${TAILSCALED_PARAMS} ${TSD_PARAMS}"
+  else
+    export TS_TAILSCALED_EXTRA_ARGS="${TSD_PARAMS}"
+  fi
+  if [ ! -z "${TAILSCALE_PARAMS}" ]; then
+    export TS_EXTRA_ARGS="${TAILSCALE_PARAMS}${TS_PARAMS}"
+  else
+    export TS_EXTRA_ARGS="${TS_PARAMS}"
+  fi
+  exec_entrypoint &
+  TAILSCALE_PID=$!
+else
+  if [ ! -z "${TAILSCALED_PARAMS}" ]; then
+    TSD_PARAMS="${TAILSCALED_PARAMS} ${TSD_PARAMS}"
+  fi
+  if [ ! -z "${TAILSCALE_PARAMS}" ]; then
+    TS_PARAMS="${TAILSCALE_PARAMS}${TS_PARAMS}"
   fi
-  error_handler
 fi
-unset EXIT_STATUS
+
+if [ "${OFFICIAL_TS_SIDECAR}" != "true" ]; then
+  echo "Starting tailscaled${TSD_MSG}"
+  eval tailscaled -statedir=${TSD_STATE_DIR} ${TSD_PARAMS}&
+
+  echo "Starting tailscale"
+  eval tailscale up ${TS_PARAMS} --reset
+  EXIT_STATUS="$?"
+
+  if [ "${EXIT_STATUS}" != "0" ]; then
+    echo "ERROR: Connecting to Tailscale not successful!"
+    if [ -f /var/log/tailscaled ]; then
+      echo "Please check the logs:"
+      tail -20 /var/log/tailscaled
+    fi
+    error_handler
+  fi
+  unset EXIT_STATUS
+else
+  DISABLE_ERROR_HANDLER="true"
+  sleep 2
+fi
+
+while true; do
+  TAILSCALE_ONLINE=$(tailscale status --json | jq '.Self.Online')
+  if [ "${TAILSCALE_ONLINE}" = "true" ]; then
+    break
+  fi
+  sleep 2
+done
 
 if [ ! -z "${TAILSCALE_SERVE_PORT}" ] && [ "$(tailscale status --json | jq -r '.CurrentTailnet.MagicDNSEnabled')" != "false" ] && [ -z "$(tailscale status --json | jq -r '.Self.Capabilities[] | select(. == "https")')" ]; then
   echo "ERROR: Enable MagicDNS and HTTPS on your Tailscale account to use Tailscale Serve/Funnel."
@@ -320,7 +377,7 @@ if [ ! -z "${TAILSCALE_SERVE_PORT}" ]; then
       echo "Generating Tailscale certs! This can take some time, please wait..."
       timeout 30 tailscale cert --cert-file="${TSD_STATE_DIR}/certs/${TS_DNSNAME}.crt" --key-file="${TSD_STATE_DIR}/certs/${TS_DNSNAME}.key" "${TS_DNSNAME}" >/dev/null 2>&1
       EXIT_STATUS="$?"
-      if [ "${EXIT_STATUS}" != "0" ]; then
+      if [ "${EXIT_STATUS}" != "0" ] && [ "${OFFICIAL_TS_SIDECAR}" != "true" ]; then
         echo "ERROR: Can't generate certificates!"
         echo "Please check the logs:"
         tail -10 /var/log/tailscaled
@@ -332,4 +389,9 @@ if [ ! -z "${TAILSCALE_SERVE_PORT}" ]; then
   fi
 fi
 
-exec_entrypoint
+if [ "${OFFICIAL_TS_SIDECAR}" != "true" ]; then
+  exec_entrypoint
+else
+  trap "kill -SIGTERM ${TAILSCALE_PID}; exit 0" SIGTERM
+  wait "${TAILSCALE_PID}"
+fi