diff --git a/README.md b/README.md
index 07e03b17..b3079077 100644
--- a/README.md
+++ b/README.md
@@ -921,10 +921,10 @@ SOFTWARE.
[vscode-armhf-shield]: https://img.shields.io/badge/armhf-no-red.svg
[vscode-armv7-shield]: https://img.shields.io/badge/armv7-no-red.svg
[vscode-i386-shield]: https://img.shields.io/badge/i386-no-red.svg
-[addon-tailscale]: https://github.com/hassio-addons/addon-tailscale/tree/v0.11.1
-[addon-doc-tailscale]: https://github.com/hassio-addons/addon-tailscale/blob/v0.11.1/README.md
+[addon-tailscale]: https://github.com/hassio-addons/addon-tailscale/tree/v0.12.0
+[addon-doc-tailscale]: https://github.com/hassio-addons/addon-tailscale/blob/v0.12.0/README.md
[tailscale-issue]: https://github.com/hassio-addons/addon-tailscale/issues
-[tailscale-version-shield]: https://img.shields.io/badge/version-v0.11.1-blue.svg
+[tailscale-version-shield]: https://img.shields.io/badge/version-v0.12.0-blue.svg
[tailscale-aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg
[tailscale-amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg
[tailscale-armhf-shield]: https://img.shields.io/badge/armhf-yes-green.svg
diff --git a/tailscale/CHANGELOG.md b/tailscale/CHANGELOG.md
index 1e0126ed..c007f0d8 100644
--- a/tailscale/CHANGELOG.md
+++ b/tailscale/CHANGELOG.md
@@ -1,5 +1,75 @@
## What’s changed
+Major updates and tons of new features!
+
+Special thanks to @lmagyar, @willnorris, @reey and @bitfliq for their contributions and work on this ❤️
+
+## ✨ New features
+
+- Make exit node advertisement configurable @frenck ([#183](https://github.com/hassio-addons/addon-tailscale/pull/183))
+- Make Taildrop configurable @frenck ([#185](https://github.com/hassio-addons/addon-tailscale/pull/185))
+- Drop userspace networking @frenck ([#181](https://github.com/hassio-addons/addon-tailscale/pull/181))
+- Make accepting magicDNS optional @frenck ([#194](https://github.com/hassio-addons/addon-tailscale/pull/194))
+- Enable Tailscale's builtin inbound HTTPS proxy @lmagyar ([#137](https://github.com/hassio-addons/addon-tailscale/pull/137))
+- Enable Tailscale's Funnel feature @lmagyar ([#197](https://github.com/hassio-addons/addon-tailscale/pull/197))
+- make accepting subnet routes optional @willnorris ([#252](https://github.com/hassio-addons/addon-tailscale/pull/252))
+- Make userspace networking configurable @lmagyar ([#199](https://github.com/hassio-addons/addon-tailscale/pull/199))
+- Make advertise routes configurable @lmagyar ([#253](https://github.com/hassio-addons/addon-tailscale/pull/253))
+- Clamp the MSS to the MTU for all advertised subnet's interface @lmagyar ([#222](https://github.com/hassio-addons/addon-tailscale/pull/222))
+- Make subnet source NAT configurable @lmagyar ([#223](https://github.com/hassio-addons/addon-tailscale/pull/223))
+
## 🐛 Bug fixes
-- Fix typo "login_server: unbound variable" @Saoclyph ([#182](https://github.com/hassio-addons/addon-tailscale/pull/182))
+- Fix login-server option @reey ([#184](https://github.com/hassio-addons/addon-tailscale/pull/184))
+- Remove duplicate status checks from dependent S6 services @lmagyar ([#196](https://github.com/hassio-addons/addon-tailscale/pull/196))
+
+## 🚀 Enhancements
+
+- Create fallback page for iOS browsers failing to open Tailscale login page @bitfliq ([#198](https://github.com/hassio-addons/addon-tailscale/pull/198))
+- Do not opt out of client log upload in debug log level @lmagyar ([#212](https://github.com/hassio-addons/addon-tailscale/pull/212))
+- Warn about key expiration @lmagyar ([#255](https://github.com/hassio-addons/addon-tailscale/pull/255))
+- Use new .Self.CapMap in status JSON for HTTPS support check @lmagyar ([#260](https://github.com/hassio-addons/addon-tailscale/pull/260))
+- Protect local subnets from being routed toward Tailscale subnets if they collide @lmagyar ([#201](https://github.com/hassio-addons/addon-tailscale/pull/201))
+
+## 📚 Documentation
+
+- Add taildrop to example configuration @lmagyar ([#188](https://github.com/hassio-addons/addon-tailscale/pull/188))
+- Device limit update in DOCS.md @lmagyar ([#192](https://github.com/hassio-addons/addon-tailscale/pull/192))
+- Add docs for accept_dns @frenck ([#195](https://github.com/hassio-addons/addon-tailscale/pull/195))
+- Fix CONTRIBUTING Link in README.md @senden9 ([#232](https://github.com/hassio-addons/addon-tailscale/pull/232))
+- Rearrange proxy documentation into alphabetical order @lmagyar ([#240](https://github.com/hassio-addons/addon-tailscale/pull/240))
+- Update Installation section in documentation @lmagyar ([#242](https://github.com/hassio-addons/addon-tailscale/pull/242))
+
+## ⬆️ Dependency updates
+
+- ⬆️ Update Add-on base image to v13.2.2 @renovate ([#189](https://github.com/hassio-addons/addon-tailscale/pull/189))
+- ⬆️ Update tailscale/tailscale to v1.40.0 @renovate ([#191](https://github.com/hassio-addons/addon-tailscale/pull/191))
+- ⬆️ Update tailscale/tailscale to v1.40.1 @renovate ([#200](https://github.com/hassio-addons/addon-tailscale/pull/200))
+- ⬆️ Update Add-on base image to v14 (major) @renovate ([#202](https://github.com/hassio-addons/addon-tailscale/pull/202))
+- ⬆️ Update alpine_3_18/nginx to v1.24.0-r4 @renovate ([#205](https://github.com/hassio-addons/addon-tailscale/pull/205))
+- ⬆️ Update alpine_3_18/nginx to v1.24.0-r5 @renovate ([#206](https://github.com/hassio-addons/addon-tailscale/pull/206))
+- ⬆️ Update tailscale/tailscale to v1.42.0 @renovate ([#207](https://github.com/hassio-addons/addon-tailscale/pull/207))
+- ⬆️ Update alpine_3_18/nginx to v1.24.0-r6 @renovate ([#208](https://github.com/hassio-addons/addon-tailscale/pull/208))
+- ⬆️ Update Add-on base image to v14.0.1 @renovate ([#215](https://github.com/hassio-addons/addon-tailscale/pull/215))
+- ⬆️ Update Add-on base image to v14.0.2 @renovate ([#217](https://github.com/hassio-addons/addon-tailscale/pull/217))
+- ⬆️ Update tailscale/tailscale to v1.44.0 @renovate ([#218](https://github.com/hassio-addons/addon-tailscale/pull/218))
+- ⬆️ Update Add-on base image to v14.0.3 @renovate ([#228](https://github.com/hassio-addons/addon-tailscale/pull/228))
+- ⬆️ Update tailscale/tailscale to v1.44.2 @renovate ([#230](https://github.com/hassio-addons/addon-tailscale/pull/230))
+- ⬆️ Update tailscale/tailscale to v1.46.0 @renovate ([#231](https://github.com/hassio-addons/addon-tailscale/pull/231))
+- ⬆️ Update tailscale/tailscale to v1.46.1 @renovate ([#234](https://github.com/hassio-addons/addon-tailscale/pull/234))
+- ⬆️ Update Add-on base image to v14.0.5 @renovate ([#233](https://github.com/hassio-addons/addon-tailscale/pull/233))
+- ⬆️ Update Add-on base image to v14.0.6 @renovate ([#235](https://github.com/hassio-addons/addon-tailscale/pull/235))
+- ⬆️ Update Add-on base image to v14.0.7 @renovate ([#237](https://github.com/hassio-addons/addon-tailscale/pull/237))
+- ⬆️ Update Add-on base image to v14.0.8 @renovate ([#238](https://github.com/hassio-addons/addon-tailscale/pull/238))
+- ⬆️ Update Add-on base image to v14.1.0 @renovate ([#241](https://github.com/hassio-addons/addon-tailscale/pull/241))
+- ⬆️ Update tailscale/tailscale to v1.48.0 @renovate ([#243](https://github.com/hassio-addons/addon-tailscale/pull/243))
+- ⬆️ Update tailscale/tailscale to v1.48.1 @renovate ([#245](https://github.com/hassio-addons/addon-tailscale/pull/245))
+- ⬆️ Update tailscale/tailscale to v1.48.2 @renovate ([#256](https://github.com/hassio-addons/addon-tailscale/pull/256))
+- ⬆️ Update Add-on base image to v14.1.1 @renovate ([#257](https://github.com/hassio-addons/addon-tailscale/pull/257))
+- ⬆️ Update tailscale/tailscale to v1.50.0 @renovate ([#259](https://github.com/hassio-addons/addon-tailscale/pull/259))
+- ⬆️ Update ghcr.io/hassio-addons/base/i386 Docker tag to v14.1.3 @renovate ([#261](https://github.com/hassio-addons/addon-tailscale/pull/261))
+- ⬆️ Update Add-on base image to v14.1.3 @renovate ([#262](https://github.com/hassio-addons/addon-tailscale/pull/262))
+- ⬆️ Update Add-on base image to v14.2.0 @renovate ([#263](https://github.com/hassio-addons/addon-tailscale/pull/263))
+- ⬆️ Update tailscale/tailscale to v1.50.1 @renovate ([#264](https://github.com/hassio-addons/addon-tailscale/pull/264))
+- ⬆️ Update Add-on base image to v14.2.1 @renovate ([#267](https://github.com/hassio-addons/addon-tailscale/pull/267))
+- ⬆️ Update Add-on base image to v14.2.2 @renovate ([#270](https://github.com/hassio-addons/addon-tailscale/pull/270))
diff --git a/tailscale/DOCS.md b/tailscale/DOCS.md
index c87a2e7a..55c9b7a6 100644
--- a/tailscale/DOCS.md
+++ b/tailscale/DOCS.md
@@ -11,7 +11,7 @@ manages firewall rules for you, and works from anywhere you are.
In order to use this add-on, you'll need a Tailscale account.
-It is free to use for personal & hobby projects, up to 20 clients/devices on a
+It is free to use for personal & hobby projects, up to 100 clients/devices on a
single user account. Sign up using your Google, Microsoft or GitHub account at
the following URL:
@@ -28,12 +28,16 @@ however, it is nice to know where you need to go later on.
[![Open this add-on in your Home Assistant instance.][addon-badge]][addon]
1. Click the "Install" button to install the add-on.
+1. **See the "Option: `proxy`" section of this documentation for the necessary
+ configuration changes in Home Assistant!**
1. Start the "Tailscale" add-on.
1. Check the logs of the "Tailscale" add-on to see if everything went well.
1. Open the Web UI of the "Tailscale" add-on to complete authentication and
couple your Home Assistant instance with your Tailscale account.
**Note:** Some browsers don't work with this step. It is recommended to
complete this step on a desktop or laptop computer using the Chrome browser.
+1. Check the logs of the "Tailscale" add-on again, to see if everything went
+ well.
1. Done!
## Configuration
@@ -55,17 +59,129 @@ Consider disabling key expiry to avoid losing connection to your Home Assistant
device. See [Key expiry][tailscale_info_key_expiry] for more information.
```yaml
+accept_dns: true
+accept_routes: true
+advertise_exit_node: true
+funnel: true
+advertise_routes:
+ - 192.168.1.0/24
+ - fd12:3456:abcd::/64
+log_level: info
+login_server: "https://controlplane.tailscale.com"
+proxy: true
+snat_subnet_routes: true
tags:
- tag:example
- tag:homeassistant
-log_level: info
-login_server: "https://controlplane.tailscale.com"
+taildrop: true
+userspace_networking: true
```
+### Option: `accept_dns`
+
+If you are experiencing trouble with MagicDNS on this device and wish to
+disable, you can do so using this option.
+
+When not set, this option is enabled by default.
+
+MagicDNS may cause issues if you run things like Pi-hole or AdGuard Home
+on the same machine as this add-on. In such cases disabling `accept_dns`
+will help. You can still leverage MagicDNS on other devices on your network,
+by adding `100.100.100.100` as a DNS server in your Pi-hole or AdGuard Home.
+
+### Option: `accept_routes`
+
+This option allows you to accept subnet routes advertised by other nodes in
+your tailnet.
+
+More information:
+
+When not set, this option is enabled by default.
+
+### Option: `advertise_exit_node`
+
+This option allows you to advertise this Tailscale instance as an exit node.
+
+By setting a device on your network as an exit node, you can use it to
+route all your public internet traffic as needed, like a consumer VPN.
+
+More information:
+
+When not set, this option is enabled by default.
+
+### Option: `advertise_routes`
+
+This option allows you to advertise routes to subnets (accessible on the network
+your device is connected to) to other clients on your tailnet.
+
+By adding to the list the IP addresses and masks of the subnet routes, you can
+use it to make your devices on these subnets accessible within your tailnet.
+
+If you want to disable this option, specify an empty list in the configuration
+(`[]` in YAML).
+
+More information: [Subnet routers][tailscale_info_subnets]
+
+When not set, the add-on by default will advertise routes to your subnets on all
+supported interfaces.
+
+### Option: `funnel`
+
+This requires Tailscale Proxy to be enabled.
+
+**Important:** See also the "Option: `proxy`" section of this documentation for the
+necessary configuration changes in Home Assistant!
+
+When not set, this option is enabled by default.
+
+With the Tailscale Funnel feature, you can access your Home Assistant instance
+from the wider internet using your Tailscale domain (like
+`https://homeassistant.tail1234.ts.net`) even from devices **without installed
+Tailscale VPN client** (for example, on general phones, tablets, and laptops).
+
+**Client** ⇒ _Internet_ ⇒ **Tailscale Funnel** (TCP proxy) ⇒
+_VPN_ ⇒ **Tailscale Proxy** (HTTPS proxy) → **HA** (HTTP web-server)
+
+Without the Tailscale Funnel feature, you will be able to access your Home
+Assistant instance only when your devices (for example, phones, tablets, and laptops)
+are connected to your Tailscale VPN, there will be no Internet ⇒ VPN TCP
+proxying for HTTPS communication.
+
+More information: [Tailscale Funnel][tailscale_info_funnel]
+
+1. Navigate to the [Access controls page][tailscale_acls] of the admin console,
+ and add the below policy entries to the policy file. See [Server role
+ accounts using ACL tags][tailscale_info_acls] for more information.
+
+ ```json
+ {
+ "nodeAttrs": [
+ {
+ "target": ["autogroup:members"],
+ "attr": ["funnel"]
+ }
+ ]
+ }
+ ```
+
+1. Restart the add-on.
+
+**Note**: _After initial setup, it can take up to 10 minutes for the domain to
+be publicly available._
+
+**Note:** _You should not use any port number in the URL that you used
+previously to access Home Assistant. Tailscale Funnel works on the default HTTPS
+port 443._
+
+**Note:** _If you encounter strange browser behaviour or strange error messages,
+try to clear all site related cookies, clear all browser cache, restart browser._
+
### Option: `log_level`
Optionally enable tailscaled debug messages in the add-on's log. Turn it on only
-in case you are troubleshooting, because Tailscale's daemon is quite chatty.
+in case you are troubleshooting, because Tailscale's daemon is quite chatty. If
+`log_level` is set to `info` or less severe level, the add-on also opts out of
+client log upload to log.tailscale.io.
The `log_level` option controls the level of log output by the addon and can
be changed to be more or less verbose, which might be useful when you are
@@ -91,6 +207,82 @@ the default (`https://controlplane.tailscale.com`). This is useful if you
are running your own Tailscale control server, for example, a self-hosted
[Headscale] instance.
+### Option: `userspace_networking`
+
+The add-on uses [userspace networking mode][tailscale_info_userspace_networking]
+to make your Home Assistant instance (and optionally the local subnets)
+accessible within your tailnet.
+
+When not set, this option is enabled by default.
+
+If you need to access other clients on your tailnet from your Home Assistant
+instance, disable userspace networking mode, which will create a `tailscale0`
+network interface on your host.
+
+If you want to access other clients on your tailnet even from your local subnet,
+execute steps 2 and 3 as described on [Site-to-site
+networking][tailscale_info_site_to_site].
+
+In case your local subnets collide with subnet routes within your tailnet, your
+local network access has priority, and these addresses won't be routed toward
+your tailnet. This will prevent your Home Assistant instance from losing network
+connection. This also means that using the same subnet on multiple nodes for load
+balancing and failover is impossible with the current add-on behavior.
+
+### Option: `proxy`
+
+When not set, this option is enabled by default.
+
+Tailscale can provide a TLS certificate for your Home Assistant instance within
+your tailnet domain.
+
+This can prevent browsers from warning that HTTP URLs to your Home Assistant instance
+look unencrypted (browsers are not aware of the connections between Tailscale
+nodes are secured with end-to-end encryption).
+
+More information: [Enabling HTTPS][tailscale_info_https]
+
+1. Configure Home Assistant to be accessible through an HTTP connection (this is
+ the default). See [HTTP integration documentation][http_integration] for more
+ information. If you still want to use another HTTPS connection to access Home
+ Assistant, please use a reverse proxy add-on.
+
+1. Home Assistant, by default, blocks requests from reverse proxies, like the
+ Tailscale Proxy. To enable it, add the following lines to your
+ `configuration.yaml`, without changing anything:
+
+ ```yaml
+ http:
+ use_x_forwarded_for: true
+ trusted_proxies:
+ - 127.0.0.1
+ ```
+
+1. Navigate to the [DNS page][tailscale_dns] of the admin console:
+
+ - Choose a Tailnet name.
+
+ - Enable MagicDNS if not already enabled.
+
+ - Under HTTPS Certificates section, click Enable HTTPS.
+
+1. Restart the add-on.
+
+**Note:** _You should not use any port number in the URL that you used
+previously to access Home Assistant. Tailscale Proxy works on the default HTTPS
+port 443._
+
+### Option: `snat_subnet_routes`
+
+This option allows subnet devices to see the traffic originating from the subnet
+router, and this simplifies routing configuration.
+
+When not set, this option is enabled by default.
+
+To support advanced [Site-to-site networking][tailscale_info_site_to_site] (eg.
+to traverse multiple networks), you can disable this functionality. But do it
+only when you really understand why you need this.
+
### Option: `tags`
This option allows you to specify specific ACL tags for this Tailscale
@@ -98,12 +290,14 @@ instance. They need to start with `tag:`.
More information:
-## Taildrop
+### Option: `taildrop`
This add-on support [Tailscale's Taildrop][taildrop] feature, which allows
you to send files to your Home Assistant instance from other Tailscale
devices.
+When not set, this option is enabled by default.
+
Received files are stored in the `/share/taildrop` directory.
## Changelog & Releases
@@ -173,9 +367,17 @@ SOFTWARE.
[forum]: https://community.home-assistant.io/?u=frenck
[frenck]: https://github.com/frenck
[headscale]: https://github.com/juanfont/headscale
+[http_integration]: https://www.home-assistant.io/integrations/http/
[issue]: https://github.com/hassio-addons/addon-tailscale/issues
[reddit]: https://reddit.com/r/homeassistant
[releases]: https://github.com/hassio-addons/addon-tailscale/releases
[semver]: https://semver.org/spec/v2.0.0.html
[taildrop]: https://tailscale.com/taildrop/
+[tailscale_acls]: https://login.tailscale.com/admin/acls
+[tailscale_dns]: https://login.tailscale.com/admin/dns
+[tailscale_info_acls]: https://tailscale.com/kb/1068/acl-tags/
+[tailscale_info_funnel]: https://tailscale.com/kb/1223/tailscale-funnel/
+[tailscale_info_https]: https://tailscale.com/kb/1153/enabling-https/
[tailscale_info_key_expiry]: https://tailscale.com/kb/1028/key-expiry/
+[tailscale_info_site_to_site]: https://tailscale.com/kb/1214/site-to-site/
+[tailscale_info_userspace_networking]: https://tailscale.com/kb/1112/userspace-networking/
diff --git a/tailscale/README.md b/tailscale/README.md
index d2371acd..3624a930 100644
--- a/tailscale/README.md
+++ b/tailscale/README.md
@@ -45,5 +45,5 @@ If you are more interested in stable releases of our add-ons:
[patreon-shield]: https://frenck.dev/wp-content/uploads/2019/12/patreon.png
[patreon]: https://www.patreon.com/frenck
[project-stage-shield]: https://img.shields.io/badge/project%20stage-experimental-yellow.svg
-[release-shield]: https://img.shields.io/badge/version-v0.11.1-blue.svg
-[release]: https://github.com/hassio-addons/addon-tailscale/tree/v0.11.1
\ No newline at end of file
+[release-shield]: https://img.shields.io/badge/version-v0.12.0-blue.svg
+[release]: https://github.com/hassio-addons/addon-tailscale/tree/v0.12.0
\ No newline at end of file
diff --git a/tailscale/config.yaml b/tailscale/config.yaml
index b1383c38..c5147ff6 100644
--- a/tailscale/config.yaml
+++ b/tailscale/config.yaml
@@ -1,5 +1,5 @@
name: Tailscale
-version: 0.11.1
+version: 0.12.0
slug: tailscale
description: Zero config VPN for building secure networks
url: https://github.com/hassio-addons/addon-tailscale
@@ -18,11 +18,27 @@ arch:
init: false
hassio_api: true
host_network: true
+host_dbus: true
+privileged:
+- NET_ADMIN
+- NET_RAW
+devices:
+- /dev/net/tun
map:
- share:rw
schema:
+ accept_dns: bool?
+ accept_routes: bool?
+ advertise_exit_node: bool?
+ advertise_routes:
+ - match(^(((25[0-5]|(2[0-4]|1\d|[1-9]?)\d)\.){3}(25[0-5]|(2[0-4]|1\d|[1-9]?)\d)\/(3[0-2]|[12]?\d)|[a-fA-F\d.:]+:[a-fA-F\d.:]+\/(12[0-8]|(1[01]|[1-9]?)\d))$)?
+ funnel: bool?
log_level: list(trace|debug|info|notice|warning|error|fatal)?
login_server: url?
+ proxy: bool?
+ snat_subnet_routes: bool?
tags:
- match(^tag:[a-zA-Z0-9]-?[a-zA-Z0-9]+$)?
+ taildrop: bool?
+ userspace_networking: bool?
image: ghcr.io/hassio-addons/tailscale/{arch}
diff --git a/tailscale/translations/en.yaml b/tailscale/translations/en.yaml
index b6bb472b..9e583c2a 100644
--- a/tailscale/translations/en.yaml
+++ b/tailscale/translations/en.yaml
@@ -1,5 +1,38 @@
---
configuration:
+ accept_dns:
+ name: Accept DNS
+ description: >-
+ If you are experiencing trouble with MagicDNS on this device and wish to
+ disable, you can do so using this option.
+ When not set, this option is enabled by default.
+ accept_routes:
+ name: Accept Routes
+ description: >-
+ This option allows you to accept subnet routes advertised by other nodes
+ in your tailnet.
+ When not set, this option is enabled by default.
+ advertise_exit_node:
+ name: Advertise as an exit node
+ description: >-
+ This option allows you to advertise this Tailscale instance as an exit node.
+ By setting a device on your network as an exit node, you can use it to
+ route all your public internet traffic as needed, like a consumer VPN.
+ When not set, this option is enabled by default.
+ advertise_routes:
+ name: Advertise subnet routes
+ description: >-
+ This option allows you to advertise routes to subnets (accessible on the network
+ your device is connected to) to other clients on your tailnet.
+ When not set, the add-on by default will advertise routes to your subnets on all
+ supported interfaces.
+ funnel:
+ name: Tailscale Funnel
+ description: >-
+ This option allows you to enable Tailscale's Funnel feature to present your
+ Home Assistant instance on the wider internet using your Tailscale domain.
+ This requires Tailscale Proxy to be enabled.
+ When not set, this option is enabled by default.
log_level:
name: Log level
description: >-
@@ -11,8 +44,36 @@ configuration:
This option allows you to specify a custom control server for this
Tailscale instance, for example, a self-host Headscale instance.
By default, it uses the control server provided by Tailscale.
+ proxy:
+ name: Tailscale Proxy
+ description: >-
+ This option allows you to enable Tailscale's Proxy feature to present your
+ Home Assistant instance on your tailnet with a valid certificate.
+ When not set, this option is enabled by default.
+ snat_subnet_routes:
+ name: Source NAT subnet routes
+ description: >-
+ This option allows subnet devices to see the traffic originating from the
+ subnet router, and this simplifies routing configuration.
+ To support advanced Site-to-site networking (eg. to traverse multiple
+ networks), you can disable this functionality.
+ When not set, this option is enabled by default.
tags:
name: Tags
description: >-
This option allows you to specify specific ACL tags for this
Tailscale instance. They need to start with `tag:`.
+ taildrop:
+ name: Taildrop
+ description: >-
+ This option allows you to enable Taildrop, a file sharing service
+ that allows you to share files with other Tailscale nodes.
+ When not set, this option is enabled by default.
+ userspace_networking:
+ name: Userspace networking mode
+ description: >-
+ This option allows you to enable userspace networking mode.
+ If you need to access other clients on your Tailnet from your Home
+ Assistant instance, disable userspace networking mode, which will create a
+ `tailscale0` network interface on your host.
+ When not set, this option is enabled by default.