headscale icon indicating copy to clipboard operation
headscale copied to clipboard
verified publisher icon juanfont

[Bug] headscale server + user credentials are not memorized by Tailscale client (macOS)

Open ndx1905-github opened this issue 1 month ago • 0 comments

Is this a support request?

  • [x] This is not a support request

Is there an existing issue for this?

  • [x] I have searched the existing issues

Current Behavior

Headscale server seems to work well. This is a problem with the Tailscale client on a machine with MacOS. However, Tailscale does not take bug requests unless you are connected to the Tailscale server, not a head scale server. Also, headscale is only usable if the Tailscale clients work properly, so I share this with you.

Problem is pretty simple : each time I want to connect with the macOS client, it forgets the head scale configuration and reverts back to Tailscale server, which means I need to reauthenticate completely every time I connect : add the head scale ODIC server name again in the debug options and authenticate on the OIDC webpage.

If I disconnect from headscale, even without exiting the Tailscale client, then all head scale credentials are immediately lost and I need to add the OIDC server again in the debug options, to reauthenticate again.

As a consequence, every new connection appears in headscale server side as a new client and is assigned a new ip on the talent. So the same mac appears multiple times, each new session is seen as a new machine Mac 100.64.0.18 05/11/2025 18:50:22 Mac-rxu03fzh 100.64.0.19 06/11/2025 18:30:28 Mac-xdjaux5o 100.64.0.20 07/11/2025 09:41:19 Mac-e1ai0wtk 100.64.0.21 07/11/2025 15:23:34 Mac-tea2r3mg 100.64.0.22 08/11/2025 18:46:17 and so forth

See screen recording here :

https://github.com/user-attachments/assets/f7ed41ae-9dc5-4e49-b496-169796ec8c94

Expected Behavior

Headscale OIDC server address and user credentials should be memorized by the Tailscale client.

Steps To Reproduce

On MacOS ventura 13.7.8, with Tailscale 1.90.6 standalone variant, set up a head scale server instead of Tailscale server, connect to it. Disconnect from it. Next time you want to connect you have to set up the head scale server again.

Environment

- OS: debian 12, installation of headscale + OIDC managed by yunohost
- Headscale version: 0.26.1~ynh3
- Tailscale version: macOS 1.90.6 standalone variant

Runtime environment

  • [ ] Headscale is behind a (reverse) proxy
  • [ ] Headscale runs in a container

Debug information

don't have access to debug info that can help. And again, Tailscale does not take bug submissions if you're not connected to their servers.

Image

ndx1905-github avatar Nov 08 '25 06:11 ndx1905-github