elpatron/octo-funnel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Activity
Files
eef0bb13c8ba23aa9cc348eec035eb60359e3f71
octo-funnel/octoprint_tailscale_funnel/README.md

113 lines
4.5 KiB
Markdown
Raw Blame History

# OctoPrint Tailscale Funnel Plugin
This plugin makes your OctoPrint instance accessible from anywhere via Tailscale Funnel, without needing to configure port forwarding, dynamic DNS, or complex firewall settings.
Disclaimer: *This plugin was partially vibe-coded*.
## Features
* Enable/disable Tailscale Funnel access directly from OctoPrint's settings
* Monitor the current Funnel connection status
* Display the public URL for accessing OctoPrint remotely
* Configure the port to expose via Funnel
## Screenshot
![Tailscale Funnel Settings](octoprint_tailscale_funnel/octoprint_tailscale_funnel/docs/screenshots/funnel-settings.png)
## Requirements
* OctoPrint 1.3.0 or higher
* Tailscale installed and configured on the system
* Python 3.7 or higher
## Installation
1. Install Tailscale on your system and ensure it's running (see https://tailscale.com/download/linux or run `curl -fsSL https://tailscale.com/install.sh | sh`)
2. Start Tailscale on your system (run `sudo tailscale up`)
3. Authenticate using the Tailscale URL (e.g. https://login.tailscale.com/a/<some random characters>)
4. Install the plugin through OctoPrint's plugin manager (go to Settings -> Plugins -> Install and search for "Tailscale Funnel")
5. Configure the plugin settings in OctoPrint's settings panel
6. Enable Funnel through the plugin interface
### Latest Release
Get the latest packaged release (wheel, sdist, zip) from Gitea: [Releases](https://gitea.elpatron.me/elpatron/octo-funnel/releases)
## Building from Source
If you want to build the plugin from source, please refer to the [BUILDING.md](BUILDING.md) file for detailed instructions.
## Configuration
The plugin adds a new section to OctoPrint's settings panel with the following options:
* **Port**: The port to expose via Funnel (default: 80)
* **Confirm Enable**: Require confirmation before enabling Funnel (default: True)
## Runtime Permissions (sudo)
Some Tailscale operations (serve/funnel) may require elevated privileges depending on your setup. The plugin executes `tailscale` from the OctoPrint process user. If enabling/disabling Funnel fails with permission errors or HTTP 500, configure passwordless sudo for the OctoPrint user to run `tailscale`:
1. Determine the OctoPrint service user (common: `octoprint` or `pi`):
```bash
systemctl show -p User octoprint | sed 's/User=//'
```
2. Allow passwordless sudo for `tailscale` for that user (replace <USER>):
```bash
echo '<USER> ALL=(root) NOPASSWD: /usr/bin/tailscale *' | sudo tee /etc/sudoers.d/octoprint-tailscale
sudo chmod 440 /etc/sudoers.d/octoprint-tailscale
sudo visudo -cf /etc/sudoers.d/octoprint-tailscale
```
3. Test (should not prompt for a password):
```bash
sudo -n tailscale status --json >/dev/null && echo OK || echo FAIL
```
Security note: Restricting the sudo rule to `/usr/bin/tailscale *` limits elevated access to the Tailscale CLI.
## Initial Tailscale Serve/Funnel setup (optional)
If you prefer preconfiguring Tailscale manually (instead of letting the plugin set it up), these commands map OctoPrint on port 80 to the root path and enable Funnel using current Tailscale CLI syntax:
```bash
# Tailnet-only mapping at /
sudo tailscale serve --bg --http 80 http://127.0.0.1:80
# Public internet via Funnel (HTTPS will be available on 443)
sudo tailscale funnel --bg 80
```
Disable/reset if needed:
```bash
sudo tailscale serve --http=80 off
sudo tailscale funnel reset
```
## Security Considerations
Enabling Funnel makes your OctoPrint instance accessible from the public internet. Only enable it when needed and disable it when finished. The plugin will show a confirmation dialog before enabling Funnel if the "Confirm Enable" option is checked.
## API Endpoints
The plugin exposes the following API endpoints:
* `GET /api/plugin/tailscale_funnel/status` - Get current Funnel status
* `POST /api/plugin/tailscale_funnel/enable` - Enable Tailscale Funnel
* `POST /api/plugin/tailscale_funnel/disable` - Disable Tailscale Funnel
## Updates via Gitea (update.json)
This plugin can announce new versions via a JSON file hosted in your Gitea repo. The plugin is configured to read:
`https://gitea.elpatron.me/elpatron/octo-funnel/raw/branch/main/update.json`
Workflow for a new release (example to bump 0.1.1 → 0.1.2):
1. Update the version in `setup.py` (`plugin_version = "0.1.2"`).
2. Build artifacts (sdist/wheel/ZIP).
3. Upload the ZIP to Gitea Releases or ensure the archive URL resolves for the tag.
4. Commit and push `update.json` with the new version:
```json
{ "version": "0.1.2" }
```
5. In OctoPrint: open Software Update and trigger a re-check (or restart).
## License
AGPLv3
Reference in New Issue View Git Blame Copy Permalink