tailscale/golink tailscale/golink

  • Stars
    star
    1,224
  • Rank 38,318 (Top 0.8 %)
  • Language
    Go
  • License
    BSD 3-Clause "New...
  • Created over 2 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
tailscale/golink
github

tailscale

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A private shortlink service for tailnets

golink

status: experimental

golink is a private shortlink service for your tailnet. It lets you create short, memorable links for the websites you and your team use most. If you're new to golink, learn more in our announcement blog post. If you were looking for a SaaS go link service that doesn't use Tailscale, you might be thinking of golinks.io or trot.to

Screenshot of golink home screen

Building and running

To build from source and run in dev mode:

go run ./cmd/golink -dev-listen :8080

golink will be available at http://localhost:8080/, storing links in a temporary database, and will not attempt to join a tailnet.

The equivalent using the pre-built docker image:

docker run -it --rm -p 8080:8080 ghcr.io/tailscale/golink:main -dev-listen :8080

If you receive the docker error unable to open database file: out of memory (14), use a persistent volume as documented in Running in production.

Updating Dependencies

After updating dependencies and making changes to go.mod and go.sum, flake.nix needs to be updated to reflect the new SHA256 of the go dependencies. This can be done by running:

./update-flake.sh

Joining a tailnet

Create an auth key for your tailnet at https://login.tailscale.com/admin/settings/keys. Configure the auth key to your preferences, but at a minimum we generally recommend:

  • add a tag (maybe something like tag:golink) to make it easier to set ACLs for controlling access and to ensure the node doesn't expires.
  • don't set "ephemeral" so the node isn't removed if it goes offline

Once you have a key, set it as the TS_AUTHKEY environment variable when starting golink. You will also need to specify your sqlite database file:

TS_AUTHKEY="tskey-auth-<key>" go run ./cmd/golink -sqlitedb golink.db

golink stores its tailscale data files in a tsnet-golink directory inside os.UserConfigDir. As long as this is on a persistent volume, the auth key only needs to be provided on first run.

MagicDNS

When golink joins your tailnet, it will attempt to use "go" as its node name, and will be available at http://go.tailnet0000.ts.net/ (or whatever your tailnet name is). To make it accessible simply as http://go/, enable MagicDNS for your tailnet. With MagicDNS enabled, no special configuration or browser extensions are needed on client devices. Users just need to have Tailscale installed and connected to the tailnet.

Running in production

golink compiles as a single static binary (including the frontend) and can be deployed and run like any other binary. Two pieces of data should be on persistent volumes:

  • tailscale data files in the tsnet-golink directory inside os.UserConfigDir
  • the sqlite database file where links are stored

In the docker image, both are stored in /home/nonroot, so you can mount a persistent volume:

docker run -v /persistent/data:/home/nonroot ghcr.io/tailscale/golink:main

The mounted directory will need to be writable by the nonroot user (uid: 65532, gid: 65532), for example by calling sudo chown 65532 /persistent/data. Alternatively, you can run golink as root using docker run -u root.

No ports need to be exposed, whether running as a binary or in docker. golink will listen on port 80 on the tailscale interface, so can be accessed at http://go/.

Deploy on Fly

See https://fly.io/docs/ for full instructions for deploying apps on Fly, but this should give you a good start. Replace FLY_APP_NAME and FLY_VOLUME_NAME with your app and volume names.

Create a fly.toml file:

app = "FLY_APP_NAME"

[build]
image = "ghcr.io/tailscale/golink:main"

[deploy]
strategy = "immediate"

[mounts]
source="FLY_VOLUME_NAME"
destination="/home/nonroot"

Then run the commands with the flyctl CLI.

$ flyctl apps create FLY_APP_NAME
$ flyctl volumes create FLY_VOLUME_NAME
$ flyctl secrets set TS_AUTHKEY=tskey-auth-<key>
$ flyctl deploy

Backups

Once you have golink running, you can backup all of your links in JSON lines format from http://go/.export. At Tailscale, we snapshot our links weekly and store them in git.

To restore links, specify the snapshot file on startup. Only links that don't already exist in the database will be added.

golink -snapshot links.json

You can also resolve links locally using a snapshot file:

golink -resolve-from-backup links.json go/link

Firefox configuration

If you're using Firefox, you might want to configure two options to make it easy to load links:

  • to prevent go/ page loads from the address bar being treated as searches, navigate to about:config and add a boolean setting browser.fixup.domainwhitelist.go with a value of true

  • if you use HTTPS-Only Mode, add an exception

More Repositories

1

tailscale

The easiest, most secure way to use WireGuard and 2FA.
Go
18,763
star
2

tailscale-android

Tailscale Android Client
Kotlin
976
star
3

tailscale-synology

Synology packages for tailscale.com
875
star
4

hujson

HuJSON: JSON for Humans (JWCC: JSON w/ comments and trailing commas)
Go
596
star
5

github-action

A GitHub Action to connect your workflow to your Tailscale network.
563
star
6

tailscale-qpkg

Package Tailscale client in QPKG
458
star
7

depaware

depaware makes you aware of your Go dependencies
Go
436
star
8

caddy-tailscale

A highly experimental exploration of integrating Tailscale and Caddy.
Go
386
star
9

security-policies

Security policies for Tailscale
259
star
10

terraform-provider-tailscale

Terraform provider for Tailscale
Go
256
star
11

sqlite

work in progress
Go
193
star
12

libtailscale

Tailscale C library
Go
173
star
13

pam

An experimental, work-in-progress PAM module for Tailscale
Rust
137
star
14

tailetc

total-memory-cache etcd v3 client
Go
137
star
15

ToBeReviewedBot

GitHub App to watch for PRs merged without a reviewer approving.
Go
111
star
16

cpc

a copy tool
Go
100
star
17

go-mod-archiver

go.mod git archiver
Go
88
star
18

wf

Package for controlling the Windows firewall (aka Windows Filtering Platform, WFP)
Go
86
star
19

setec

Go
82
star
20

gitops-acl-action

GitOps for your Tailscale ACLs
81
star
21

codespace

Experimenting with codespaces
Shell
74
star
22

mkctr

mkctr: cross platform container builder for go
Go
67
star
23

docker-extension

Docker Desktop extension adding Tailscale networking.
TypeScript
66
star
24

tailscale-client-go

A client implementation for the Tailscale HTTP API
Go
60
star
25

art

implementation of the Allotment Routing Table (ART) algorithm by Donald Knuth, as described in the paper by Yoichi Hariguchi
Go
47
star
26

tailsql

A SQL playground service over Tailscale.
Go
47
star
27

tmemes

A meme generator for your tailnet!
Go
42
star
28

squibble

A lightweight schema manager for SQLite databases.
Go
33
star
29

scertec

ACME client daemon that puts fresh HTTPS certs in setec, and client to get them out of at serving time
Go
28
star
30

terms-and-conditions

Terms and conditions for Tailscale
27
star
31

tscert

Minimal package for just the HTTPS cert fetching part of the Tailscale client API
Go
23
star
32

tailscale-chocolatey

Chocolatey packaging for Tailscale IPN
PowerShell
18
star
33

tailscale-aws-host-acl-updater

Update Hosts list in Tailscale ACL file as AWS resources move about.
Go
12
star
34

peercred

Go
11
star
35

gitpod

Investigation into gitpod.io
Shell
11
star
36

wintun

Fork of https://git.zx2c4.com/wintun
C
10
star
37

winipcfg-go

old fork of https://git.zx2c4.com/winipcfg-go, from before it moved to the wireguard-windows repo; no longer used by Tailscale
Go
6
star
38

ts-webhook-adapter

Adapter for Tailscale Webhooks for Microsoft Teams and Discord.
Go
6
star
39

go-cache-plugin

A Go toolchain cache plugin backed by S3.
Go
4
star
40

go-mod-tidy-broken

demo showing a go mod tidy bug
Go
4
star
41

accessbot

TypeScript
4
star
42

tb

Go
4
star
43

issue-status

Tailscale's status page
JavaScript
3
star
44

web-client-prebuilt

Prebuilt assets for the Tailscale web client
HTML
3
star
45

bradtest

Brad's GitHub automation test repo
Go
2
star
46

pkgsitelib

A fork of golang.org/x/pkgsite that can be used as a library in other projects.
Go
2
star
47

quis-custodiet

quis custodiet ipsos custodes: a service to check whether someone is assigned to oncall on each calendar at squadcast.com.
Go
1
star
48

bsky-webhook

1
star
49

active-directory-sites-subnets

Populate Active Directory Sites & Subnets table for Tailscale clients
Go
1
star
50

terraform-aws-tailscale-site2sitevpn

Create a site to site VPN between AWS VPCs with Tailscale and Terraform
HCL
1
star