简介

Tailscale是一项虚拟专用网络 (VPN) 服务，可以让您从全球任何地方安全轻松地访问您的设备和应用。它使用开源 WireGuard 协议实现安全直接的通信，确保只有您的专用网络内的设备才能相互建立通信。

Tailscale 客户端软件可以安装在多种操作系统上，包括 Linux、Windows、macOS、Android、iOS、OPNsense、pfSense 等。它用于在安全的 Tailscale 网状网络内建立设备之间的连接。与典型的WireGuard服务器配置相比，Tailscale 的优势在于无需进行端口转发。

OPNsense和Tailscale是强大的网络工具和技术，可为网络用户提供显著优势。通过将OPNsense整合到 Tailscale 专用网络中，您不仅可以访问特定设备，还可以访问可通过公布的路由访问的任何其他网络设备。

安装Tailscale

1、通过自定义存储库进行安装

进入OPNsense的shell环境下，运行以下命令添加自定义存储库：

fetch -o /usr/local/etc/pkg/repos/mimugmail.conf https://www.routerperformance.net/mimugmail.conf

接着运行以下命令安装tailscale：

pkg update && pkg install tailscale

如下图所示：

2、通过端口树安装

进入OPNsense的shell环境，运行以下命令下载并更新端口树：

opnsense-code ports

应该会看到类似以下的显示输出：

Updating OPNsense repository catalogue...
OPNsense repository is up to date.
Updating SunnyValley repository catalogue...
SunnyValley repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
git: 2.44.0 [OPNsense]
p5-Error: 0.17029 [OPNsense]
Number of packages to be installed: 2
The process will require 24 MiB more space.
4 MiB to be downloaded.
[1/2] Fetching p5-Error-0.17029.pkg: 100% 27 KiB 27.5kB/s 00:01
[2/2] Fetching git-2.44.0.pkg: 100% 4 MiB 2.2MB/s 00:02
Checking integrity... done (0 conflicting)
[1/2] Installing p5-Error-0.17029...
[1/2] Extracting p5-Error-0.17029: 100%
[2/2] Installing git-2.44.0...
===> Creating groups.
Creating group 'git_daemon' with gid '964'.
===> Creating users
Creating user 'git_daemon' with uid '964'.
[2/2] Extracting git-2.44.0: 100%
=====
Message from git-2.44.0:
--
If you installed the GITWEB option please follow these instructions:
In the directory /usr/local/share/examples/git/gitweb you can find all files to make gitweb work as a public repository on the web.
All you have to do to make gitweb work is:
1) Please be sure you're able to execute CGI scripts in
/usr/local/share/examples/git/gitweb.
2) Set the GITWEB_CONFIG variable in your webserver's config to
/usr/local/etc/git/gitweb.conf. This variable is passed to gitweb.cgi.
3) Restart server.
If you installed the CONTRIB option please note that the scripts are
installed in /usr/local/share/git-core/contrib. Some of them require
other ports to be installed (perl, python, etc), which you may need to
install manually.
Cloning into '/usr/tools'...
remote: Enumerating objects: 12943, done.
remote: Counting objects: 100% (1332/1332), done.
remote: Compressing objects: 100% (442/442), done.
remote: Total 12943 (delta 812), reused 1085 (delta 762), pack-reused 11611
Receiving objects: 100% (12943/12943), 10.85 MiB | 1.66 MiB/s, done.
Resolving deltas: 100% (8062/8062), done.
Already on 'master'
Your branch is up to date with 'origin/master'.
Cloning into '/usr/ports'...
remote: Enumerating objects: 2047712, done.
remote: Counting objects: 100% (40869/40869), done.
remote: Compressing objects: 100% (30934/30934), done.
remote: Total 2047712 (delta 9701), reused 38417 (delta 9483), pack-reused 2006843
Receiving objects: 100% (2047712/2047712), 544.18 MiB | 2.43 MiB/s, done.
Resolving deltas: 100% (993993/993993), done.
Updating files: 100% (158731/158731), done.
Already on 'master'
Your branch is up to date with 'origin/master'.

运行以下命令更改工作目录：

cd /usr/ports/security/tailscale

运行下面的命令来构建和安装 Tailscale：

make install

成功安装将显示似于下面的内容：

tailscale.com/ipn/localapi
tailscale.com/ipn/ipnserver
tailscale.com/net/proxymux
tailscale.com/net/socks5
github.com/creack/pty
github.com/kr/fs
github.com/pkg/sftp/internal/encoding/ssh/filexfer
golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
golang.org/x/crypto/ssh
github.com/pkg/sftp
github.com/u-root/u-root/pkg/termios
log/syslog
github.com/anmitsu/go-shlex
tailscale.com/tempfork/gliderlabs/ssh
tailscale.com/ssh/tailssh
github.com/djherbis/times
container/heap
github.com/tailscale/xnet/webdav/internal/xml
github.com/tailscale/xnet/webdav
tailscale.com/tailfs/tailfsimpl/shared
tailscale.com/tailfs/tailfsimpl/compositefs
golang.org/x/sync/singleflight
github.com/jellydator/ttlcache/v3
github.com/tailscale/gowebdav
tailscale.com/tailfs/tailfsimpl/webdavfs
tailscale.com/tailfs/tailfsimpl
tailscale.com/tsweb/varz
tailscale.com/types/flagtype
gvisor.dev/gvisor/pkg/sleep
gvisor.dev/gvisor/pkg/tcpip/header/parse
gvisor.dev/gvisor/pkg/tcpip/transport
gvisor.dev/gvisor/pkg/tcpip/transport/internal/network
gvisor.dev/gvisor/pkg/tcpip/transport/internal/noop
gvisor.dev/gvisor/pkg/tcpip/transport/packet
gvisor.dev/gvisor/pkg/tcpip/transport/raw
gvisor.dev/gvisor/pkg/tcpip/transport/tcp
gvisor.dev/gvisor/pkg/tcpip/transport/udp
gvisor.dev/gvisor/pkg/tcpip/adapters/gonet
gvisor.dev/gvisor/pkg/tcpip/link/channel
gvisor.dev/gvisor/pkg/tcpip/network/hash
gvisor.dev/gvisor/pkg/tcpip/network/internal/fragmentation
gvisor.dev/gvisor/pkg/tcpip/network/internal/ip
gvisor.dev/gvisor/pkg/tcpip/network/internal/multicast
gvisor.dev/gvisor/pkg/tcpip/network/ipv4
gvisor.dev/gvisor/pkg/tcpip/network/ipv6
gvisor.dev/gvisor/pkg/tcpip/transport/icmp
tailscale.com/wgengine/netstack
tailscale.com/cmd/tailscaled
===> Staging for tailscale-1.60.1_1
===> tailscale-1.60.1_1 depends on package: ca_root_nss>0 - found
===> Generating temporary packing list
for t in ./cmd/tailscale ./cmd/tailscaled; do dst=$(echo ${t} | /usr/bin/sed -Ee 's/^[^:]*:([^:]+).*$/\1/' -e 's/^\.$/tailscale/'); src=$(/usr/bin/basename ${dst}); case ${dst} in /*) dst=/usr/obj/usr/ports/security/tailscale/work/stage${dst}; /bin/mkdir -p $(/usr/bin/dirname ${dst}) ;; *) dst=/usr/obj/usr/ports/security/tailscale/work/stage/usr/local/bin/${src} ;; esac; echo "===> Installing ${src} as ${dst}"; install -s -m 555 /usr/obj/usr/ports/security/tailscale/work/bin/${src} ${dst}; done
===> Installing tailscale as /usr/obj/usr/ports/security/tailscale/work/stage/usr/local/bin/tailscale
===> Installing tailscaled as /usr/obj/usr/ports/security/tailscale/work/stage/usr/local/bin/tailscaled
====> Compressing man pages (compress-man)
===> Staging rc.d startup script(s)
===> Installing for tailscale-1.60.1_1
===> Checking if tailscale is already installed
===> Registering installation for tailscale-1.60.1_1
Installing tailscale-1.60.1_1...