itzg
Questions about the tailscale example
Enhancement Type
Improve an existing feature
Describe the enhancement
Right now the example says:
services:
tailscale-client:
image: tailscale/tailscale:latest
container_name: tailscale
hostname: tailscale-minecraft # This name will be the one on the tailscale network
environment:
TS_AUTHKEY: "tskey-auth-PLACE-YOUR-KEY-HERE"
TS_STATE_DIR: "/var/lib/tailscale"
TS_USERSPACE: "FALSE" # If not using Auto-pause it can be set as true
volumes:
- ./ts-minecraft/state:/var/lib/tailscale
- /dev/net/tun:/dev/net/tun
cap_add:
- net_admin
- sys_module
restart: unless-stopped
# ports: # Not needed, tailscale is directly linking to the container.
# - "25565:25565"
minecraft-server:
image: itzg/minecraft-server
network_mode: container:tailscale
stdin_open: true
tty: true
environment:
EULA: "TRUE"
# ENABLE_AUTOPAUSE: "TRUE"
# AUTOPAUSE_KNOCK_INTERFACE: "tailscale0"
# MAX_TICK_TIME: "-1"
volumes:
- minecraftserver:/data
restart: unless-stopped
volumes:
minecraftserver:
I get that IF you use auto-pause you might need the host network but the nice thing about the Side Container is that you don't need the host network at all so as auto-pause is disabled by default we should use safer defaults?
services:
tailscale-client:
image: tailscale/tailscale:latest
container_name: tailscale
hostname: tailscale-minecraft # This name will be the one on the tailscale network
environment:
TS_AUTHKEY: "tskey-auth-PLACE-YOUR-KEY-HERE"
TS_STATE_DIR: "/var/lib/tailscale"
TS_USERSPACE: "TRUE" # When auto-pause is required set this to "FALSE"
volumes:
- ./ts-minecraft/state:/var/lib/tailscale
restart: unless-stopped
minecraft-server:
image: itzg/minecraft-server
network_mode: container:tailscale
stdin_open: true
tty: true
environment:
EULA: "TRUE"
# ENABLE_AUTOPAUSE: "TRUE"
# AUTOPAUSE_KNOCK_INTERFACE: "tailscale0"
# MAX_TICK_TIME: "-1"
volumes:
- minecraftserver:/data
restart: unless-stopped
volumes:
minecraftserver:
Furthermore when sticking to the defaults as it is right now - /dev/net/tun is a device and not a volume:
services:
tailscale-client:
image: tailscale/tailscale:latest
container_name: tailscale
hostname: tailscale-minecraft # This name will be the one on the tailscale network
environment:
TS_AUTHKEY: "tskey-auth-PLACE-YOUR-KEY-HERE"
TS_STATE_DIR: "/var/lib/tailscale"
TS_USERSPACE: "FALSE" # If not using Auto-pause it can be set as true
volumes:
- ./ts-minecraft/state:/var/lib/tailscale
devices:
- /dev/net/tun:/dev/net/tun
cap_add:
- net_admin
- sys_module
restart: unless-stopped
# ports: # Not needed, tailscale is directly linking to the container.
# - "25565:25565"
minecraft-server:
image: itzg/minecraft-server
network_mode: container:tailscale
stdin_open: true
tty: true
environment:
EULA: "TRUE"
# ENABLE_AUTOPAUSE: "TRUE"
# AUTOPAUSE_KNOCK_INTERFACE: "tailscale0"
# MAX_TICK_TIME: "-1"
volumes:
- minecraftserver:/data
restart: unless-stopped
volumes:
minecraftserver:
What is considered best practice? Using auto-pause or not?
I get that IF you use auto-pause you might need the host network but the nice thing about the Side Container is that you don't need the host network at all so as auto-pause is disabled by default we should use safer defaults?
I don't know what part you're concerned about. Can you mention the specific attributes that worry you instead of pointing to a complete yaml document?
Furthermore when sticking to the defaults as it is right now -
/dev/net/tunis a device and not a volume:
Linux exposes devices as files, so volumes is fine but I agree devices would be better. Feel free to PR that.
What is considered best practice? Using auto-pause or not?
There is no best practice. I'd say don't use it if you're not sure. As of 1.21.2 I would however stick with Minecraft's built in auto-pause.
https://docker-minecraft-server.readthedocs.io/en/latest/misc/autopause-autostop/autopause/
