hntrmrrs · July 9, 2021 22:26 · Mar 10, 2021 · Dec 26, 2020
diff --git a/adding-tailscale-to-edgerouter.md b/adding-tailscale-to-edgerouter.md
@@ -47,7 +47,9 @@ tailscale up
 ```shell
 sudo bash    # if you havent already
 curl https://pkgs.tailscale.com/unstable/tailscale_XYZ_mips.tgz | tar xvz -C /tmp
+systemctl disable --now tailscaled
 cp /tmp/tailscale_*/{tailscale,tailscaled} /config/
+systemctl enable --now tailscaled
 ```
 
 &nbsp;

diff --git a/adding-tailscale-to-edgerouter.md b/adding-tailscale-to-edgerouter.md
@@ -0,0 +1,79 @@
+# Adding tailscale to an EdgeRouter (and surviving system upgrades)
+
+I suggest you run `sudo bash` on all of these so you're the `root` user.
+
+## Installing
+
+1. Download tailscale and put the files in `/config/`. Find the latest [stable](https://pkgs.tailscale.com/stable/#static) or [unstable](https://pkgs.tailscale.com/unstable/#static) version for your EdgeRouter's processor (ex. ER4 is `mips` and ERX is `mipself`)
+
+```shell
+sudo bash    # if you havent already
+curl https://pkgs.tailscale.com/unstable/tailscale_XYZ_mips.tgz | tar xvz -C /tmp
+cp /tmp/tailscale_*/* /tmp/tailscale_*/systemd/* /config/
+```
+
+2. Create the `/config/scripts/firstboot.d/tailscale.sh` file which gets run once every system upgrade. Reminder that `/config` survives upgrades. Don't forget to set the execute flag on the script inside `firstboot.d`
+
+```shell
+cat << EOF > /config/scripts/firstboot.d/tailscale.sh
+#!/bin/sh
+ln -s /config/tailscaled.service /lib/systemd/system/tailscaled.service
+ln -s /config/tailscaled.defaults /etc/default/tailscaled
+ln -s /config/tailscale /usr/bin/tailscale
+ln -s /config/tailscaled /usr/sbin/tailscaled
+mkdir -p /var/lib/tailscale/
+touch /config/auth/tailscaled.state
+chmod 0400 /config/auth/tailscaled.state
+ln -s /config/auth/tailscaled.state /var/lib/tailscale/tailscaled.state
+systemctl enable --now tailscaled
+EOF
+chmod +x /config/scripts/firstboot.d/tailscale.sh
+```
+
+3. And run this script now to get things going (or manually run the commands if you'd like), and then run `tailscale up` to login. Feel free to use other parameters like `tailscale up --advertise-routes=10.0.1.0/24`
+
+```shell
+/config/scripts/firstboot.d/tailscale.sh
+tailscale up
+```
+
+4. That's it, you're done! If you found this useful, i'd super appreciate if you could Star up top. Like everyone, I like Internet points too! :)
+
+&nbsp;
+## Upgrading to a new version
+
+1. Download the version you want into a folder like `/tmp` and then copy the binaries over. Perhaps in future versions there may be more/less files or config changes, so make sure you take a look at what's now.
+
+```shell
+sudo bash    # if you havent already
+curl https://pkgs.tailscale.com/unstable/tailscale_XYZ_mips.tgz | tar xvz -C /tmp
+cp /tmp/tailscale_*/{tailscale,tailscaled} /config/
+```
+
+&nbsp;
+## Removing
+
+1. Stop the service if its still running
+
+```shell
+sudo bash    # if you havent already
+systemctl disable --now tailscaled
+```
+
+2. Delete all the files tailscale uses
+
+```shell
+rm /lib/systemd/system/tailscaled.service
+rm /etc/default/tailscaled
+rm /usr/bin/tailscale
+rm /usr/sbin/tailscaled
+rm -rf /var/lib/tailscale
+```
+
+3. Remove your configs and persistent files (this includes your `tailscaled.state` which has your private key)
+
+```shell
+rm /config/tailscale*
+rm /config/auth/tailscaled.state
+rm /config/scripts/firstboot.d/tailscale.sh
+```