Automatic installation
Lanrat’s Tailscale Repository
echo "src/gz openwrt-tailscale https://lanrat.github.io/openwrt-tailscale-repo/packages/19.07" >> "/etc/opkg/customfeeds.conf"
opkg update
opkg install tailscale
It’s not compressed as of writing this (30MB binary), but it’s much easier to install, and now supports our architecture
Manual compilation and installation
Prerequisites
- A GL.iNet SiFlower router, like the Opal (GL-SFT1200)
- A Linux system (or WSL2 on Windows) to build Tailscale
Building Tailscale
- Clone the Tailscale repository:
git clone https://github.com/tailscale/tailscale.git
- Install Golang: Download and install - The Go Programming Language
- Verify that Go is installed correctly:
go version
- Install the latest (important!) version of UPX: Release v4.0.2 · upx/upx · GitHub
- Install
binutils-mipsel-linux-gnu
sudo apt install binutils-mipsel-linux-gnu
mipsel-linux-gnu-strip --version
- Build Tailscale:
# Change to the Tailscale directory:
cd tailscale
# Optionally switch to a specific version:
# git checkout tags/v1.44.0 -b v1.44.0
# Build the combined binary - mipsel, hardfloat (?), linked statically, stripped, verbose:
# Note: mipsel = mipsle for Golang
GOOS=linux GOARCH=mipsle GOMIPS=hardfloat CGO_ENABLED=0 go build -v -o tailscale.combined -tags ts_include_cli -trimpath -ldflags="-s -w" ./cmd/tailscaled
- Compress the binary:
mipsel-linux-gnu-strip tailscale.combined
upx --lzma --best -o tailscale.upx ./tailscale.combined
Installing Tailscale
- Copy the
tailscale.upxbinary to the router:
scp tailscale.upx root@192.168.8.1:/root # or whatever your router's IP is
- SSH into the router:
ssh root@192.168.8.1 # or whatever your router's IP is
- Make the binary executable:
chmod +x tailscale.upx
- Verify that the binary works (keep in mind that it’s UPX-compressed, so it will take a few seconds to decompress):
./tailscale.upx -version
ln -s tailscale.upx tailscale
ln -s tailscale.upx tailscaled
- Create init script:
cat << EOF > /etc/init.d/tailscale
#!/bin/sh /etc/rc.common
# Copyright 2020 Google LLC.
# SPDX-License-Identifier: Apache-2.0
USE_PROCD=1
START=99
STOP=1
start_service() {
procd_open_instance
procd_set_param command /root/tailscaled
# Set the port to listen on for incoming VPN packets.
# Remote nodes will automatically be informed about the new port number,
# but you might want to configure this in order to set external firewall
# settings.
procd_append_param command --port 41641
# OpenWRT /var is a symlink to /tmp, so write persistent state elsewhere.
procd_append_param command --state /etc/config/tailscaled.state
# Persist files for TLS cert & Taildrop files
procd_append_param command --statedir /etc/tailscale/
procd_set_param respawn
procd_set_param stdout 1
procd_set_param stderr 1
procd_close_instance
}
stop_service() {
/root/tailscaled --cleanup
}
EOF
- Make the init script executable:
chmod +x /etc/init.d/tailscale
- Enable the init script:
/etc/init.d/tailscale enable
- Verify that the service is enabled:
ls /etc/rc.d/S*tailscale*
- Start the service:
/etc/init.d/tailscale start
- Verify that the service is running:
ps | grep tailscaled
- Hope for the best and try to up tailscale:
/root/tailscale up --accept-dns=false
If you get a segmentation fault, you might want to try skipping the UPX compression step altogether, but mind that the binary will be 30MB instead of 5.4MB. Mind the binary name being tailscale.combined instead of tailscale.upx in the steps.
Configuration
Refer to the OpenWRT wiki
@yuxin.zou Hopefully this is useful for official support for those devices, like a nice GUI 
