From fe03fa9fb0a4f6992c51e012dfc3d20b1799968f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20Bara=C3=BAna?= Date: Mon, 17 Feb 2025 23:50:46 -0300 Subject: [PATCH 1/2] Update Tailscale docs Tailscale can be installed in more than way on macOS. The docs were handling just one way. --- docs/authentication/tailscale.md | 39 ++++++++++++++++++++++++-------- 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/docs/authentication/tailscale.md b/docs/authentication/tailscale.md index a671f46a2a0..9eeaead7991 100644 --- a/docs/authentication/tailscale.md +++ b/docs/authentication/tailscale.md @@ -25,19 +25,38 @@ on how Tailscale authentication works. ### macOS -On macOS, when Tailscale is installed via the Mac App Store, no unix socket is exposed. -Instead, a TCP port is made available and protected via a password, which needs to be located. -Tailscale itself uses lsof for this. This method is replicated in the bash script below, -which will start Livebook with your Tailscale IP and correct port and password. +On macOS, Tailscale uses a password-protected TCP port instead of a unix socket. The following script automatically detects the port and password, then starts Livebook with the correct Tailscale configuration: ```bash #!/bin/bash -addr_info=$(lsof -n -a -c IPNExtension -F | sed -n 's/.*sameuserproof-\([[:digit:]]*-.*\).*/\1/p') -port=$(echo "$addr_info" | cut -d '-' -f 1) -pass=$(echo "$addr_info" | cut -d '-' -f 2) -LIVEBOOK_IP=$(exec $(ps -xo comm | grep MacOS/Tailscale$) ip | head -1 | tr -d '\n') \ -LIVEBOOK_IDENTITY_PROVIDER=tailscale:http://:$pass@127.0.0.1:$port \ -livebook server +# This is script is adatpated from https://github.com/tailscale/tailscale/blob/v1.80.2/safesocket/safesocket_darwin.go#L69-L160 + +# When Tailscale was installed via Mac App Store. Adapteed from +port_and_token=$(lsof -n -a -c IPNExtension -F | grep -o "sameuserproof-[0-9]*-[a-f0-9]*" | head -1) +if [ ! -z "$port_and_token" ]; then + port=$(echo "$port_and_token" | cut -d'-' -f2) + token=$(echo "$port_and_token" | cut -d'-' -f3) +else + # When Tailscale was installed using the Standandalone variant + port=$(readlink /Library/Tailscale/ipnport) + if [ ! -z "$port" ]; then + token=$(cat "/Library/Tailscale/sameuserproof-$port") + fi +fi + +# Get Tailscale IP +tailscale_ip=$(exec $(ps -xo comm | grep MacOS/Tailscale$) ip | head -1 | tr -d '\n') + +if [ ! -z "$port" ] && [ ! -z "$token" ] && [ ! -z "$tailscale_ip" ]; then + LIVEBOOK_IP=$tailscale_ip \ + LIVEBOOK_IDENTITY_PROVIDER=tailscale:http://:$token@127.0.0.1:$port \ + livebook server +else + echo "Error: Missing required configuration" + [ -z "$port" ] && echo "- Could not determine port" + [ -z "$token" ] && echo "- Could not determine token" + [ -z "$tailscale_ip" ] && echo "- Could not determine Tailscale IP" +fi ``` ## Livebook Teams From d4d665a3b0e6cca25a66075f9fc7043a5e5fea77 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20Bara=C3=BAna?= Date: Tue, 18 Feb 2025 00:12:15 -0300 Subject: [PATCH 2/2] Fix typos --- docs/authentication/tailscale.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/docs/authentication/tailscale.md b/docs/authentication/tailscale.md index 9eeaead7991..c5133acac03 100644 --- a/docs/authentication/tailscale.md +++ b/docs/authentication/tailscale.md @@ -29,22 +29,21 @@ On macOS, Tailscale uses a password-protected TCP port instead of a unix socket. ```bash #!/bin/bash -# This is script is adatpated from https://github.com/tailscale/tailscale/blob/v1.80.2/safesocket/safesocket_darwin.go#L69-L160 +# This is script is adapted from https://github.com/tailscale/tailscale/blob/v1.80.2/safesocket/safesocket_darwin.go#L69-L160 -# When Tailscale was installed via Mac App Store. Adapteed from +# When Tailscale was installed via Mac App Store. port_and_token=$(lsof -n -a -c IPNExtension -F | grep -o "sameuserproof-[0-9]*-[a-f0-9]*" | head -1) if [ ! -z "$port_and_token" ]; then port=$(echo "$port_and_token" | cut -d'-' -f2) token=$(echo "$port_and_token" | cut -d'-' -f3) else - # When Tailscale was installed using the Standandalone variant + # When Tailscale was installed using the standalone variant port=$(readlink /Library/Tailscale/ipnport) if [ ! -z "$port" ]; then token=$(cat "/Library/Tailscale/sameuserproof-$port") fi fi -# Get Tailscale IP tailscale_ip=$(exec $(ps -xo comm | grep MacOS/Tailscale$) ip | head -1 | tr -d '\n') if [ ! -z "$port" ] && [ ! -z "$token" ] && [ ! -z "$tailscale_ip" ]; then