openwrt/luci
1
0
Fork 0
mirror of https://github.com/openwrt/luci.git synced 2026-04-15 19:01:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

luci-app-tailscale-community: add new application

Browse Source 
This commit adds a new LuCI application for managing Tailscale on OpenWrt.

The application provides a web interface to view service status,
list network peers, and configure various Tailscale settings,
such as exit nodes, advertised routes, and daemon options.

Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Signed-off-by: Tokisaki Galaxy <moebest@outlook.jp>
This commit is contained in:
Tokisaki Galaxy
2025-11-16 00:05:13 +08:00
committed by Paul Donald
parent 62fd5284f6
commit 471ac6b59c
7 changed files with 1969 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
applications/luci-app-tailscale-community/Makefile Normal file
View File

@@ -0,0 +1,12 @@
include $(TOPDIR)/rules.mk
LUCI_TITLE:=LuCI support for Tailscale
LUCI_URL:=https://github.com/tokisaki-galaxy/luci-app-tailscale-community
PKG_DESCRIPTION:=Provides a LuCI Web management interface for Tailscale, allowing viewing status, configuring nodes and daemons.
PKG_MAINTAINER:=Tokisaki-Galaxy <moebest@outlook.jp>
LUCI_DEPENDS:=+tailscale +ip +luci-base
LUCI_PKGARCH:=all
include ../../luci.mk
# call BuildPackage - OpenWrt buildroot signature

574
applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js Normal file
View File

@@ -0,0 +1,574 @@
'use strict';
'require view';
'require form';
'require rpc';
'require ui';
'require uci';
'require tools.widgets as widgets';
const callGetStatus = rpc.declare({ object: 'tailscale', method: 'get_status' });
const callGetSettings = rpc.declare({ object: 'tailscale', method: 'get_settings' });
const callSetSettings = rpc.declare({ object: 'tailscale', method: 'set_settings', params: ['form_data'] });
const callDoLogin = rpc.declare({ object: 'tailscale', method: 'do_login', params: ['form_data'] });
const callDoLogout = rpc.declare({ object: 'tailscale', method: 'do_logout' });
const callGetSubroutes = rpc.declare({ object: 'tailscale', method: 'get_subroutes' });
const callSetupFirewall = rpc.declare({ object: 'tailscale', method: 'setup_firewall' });
let map;
const tailscaleSettingsConf = [
[form.ListValue, 'fw_mode', _('Firewall Mode'), _('Select the firewall backend for Tailscale to use. Requires service restart to take effect.'), {values: ['nftables','iptables'],rmempty: false}],
[form.Flag, 'accept_routes', _('Accept Routes'), _('Allow accepting routes announced by other nodes.'), { rmempty: false }],
[form.Flag, 'advertise_exit_node', _('Advertise Exit Node'), _('Declare this device as an Exit Node.'), { rmempty: false }],
[form.Flag, 'exit_node_allow_lan_access', _('Allow LAN Access'), _('When using the exit node, access to the local LAN is allowed.'), { rmempty: false }],
[form.Flag, 'runwebclient', _('Enable Web Interface'), _('Expose a web interface on port 5252 for managing this node over Tailscale.'), { rmempty: false }],
[form.Flag, 'nosnat', _('Disable SNAT'), _('Disable Source NAT (SNAT) for traffic to advertised routes. Most users should leave this unchecked.'), { rmempty: false }],
[form.Flag, 'shields_up', _('Shields Up'), _('When enabled, blocks all inbound connections from the Tailscale network.'), { rmempty: false }],
[form.Flag, 'ssh', _('Enable Tailscale SSH'), _('Allow connecting to this device through the SSH function of Tailscale.'), { rmempty: false }],
[form.Flag, 'disable_magic_dns', _('Disable MagicDNS'), _('Use system DNS instead of MagicDNS.'), { rmempty: false }]
];
const accountConf = []; // dynamic created in render function
const daemonConf = [
//[form.Value, 'daemon_mtu', _('Daemon MTU'), _('Set a custom MTU for the Tailscale daemon. Leave blank to use the default value.'), { datatype: 'uinteger', placeholder: '1280' }, { rmempty: false }],
[form.Flag, 'daemon_reduce_memory', _('(Experimental) Reduce Memory Usage'), _('Enabling this option can reduce memory usage, but it may sacrifice some performance (set GOGC=10).'), { rmempty: false }]
];
const derpMapUrl = 'https://controlplane.tailscale.com/derpmap/default';
let regionCodeMap = {};
// this function copy from luci-app-frpc. thx
function setParams(o, params) {
if (!params) return;
for (const [key, val] of Object.entries(params)) {
if (key === 'values') {
[].concat(val).forEach(v =>
o.value.apply(o, Array.isArray(v) ? v : [v])
);
} else if (key === 'depends') {
const arr = Array.isArray(val) ? val : [val];
o.deps = arr.map(dep => Object.assign({}, ...o.deps, dep));
} else {
o[key] = val;
}
}
if (params.datatype === 'bool')
Object.assign(o, { enabled: 'true', disabled: 'false' });
}
// this function copy from luci-app-frpc. thx
function defTabOpts(s, t, opts, params) {
for (let i = 0; i < opts.length; i++) {
const opt = opts[i];
const o = s.taboption(t, opt[0], opt[1], opt[2], opt[3]);
setParams(o, opt[4]);
setParams(o, params);
}
}
function getRunningStatus() {
return L.resolveDefault(callGetStatus(), { running: false }).then(function (res) {
return res;
});
}
function formatBytes(bytes) {
const bytes_num = parseInt(bytes, 10);
if (isNaN(bytes_num) || bytes_num === 0) return '-';
const k = 1000;
const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB'];
const i = Math.floor(Math.log(bytes_num) / Math.log(k));
return parseFloat((bytes_num / Math.pow(k, i)).toFixed(2)) + ' ' + sizes[i];
}
function formatLastSeen(d) {
if (!d) return _('N/A');
if (d === '0001-01-01T00:00:00Z') return _('Now');
const t = new Date(d);
if (isNaN(t)) return _('Invalid Date');
const diff = (Date.now() - t) / 1000;
if (diff < 0) return t.toLocaleString();
if (diff < 60) return _('Just now');
const mins = diff / 60, hrs = mins / 60, days = hrs / 24;
const fmt = (n, s, p) => `${Math.floor(n)} ${Math.floor(n) === 1 ? _(s) : _(p)} ${_('ago')}`;
if (mins < 60) return fmt(mins, 'minute', 'minutes');
if (hrs < 24) return fmt(hrs, 'hour', 'hours');
if (days < 30) return fmt(days, 'day', 'days');
return t.toISOString().slice(0, 10);
}
async function initializeRegionMap() {
const cacheKey = 'tailscale_derp_map_cache';
const ttl = 7 * 24 * 60 * 60 * 1000; // 7 days in milliseconds
try {
const cachedItem = localStorage.getItem(cacheKey);
if (cachedItem) {
const cached = JSON.parse(cachedItem);
// Check if the cached data is still valid (not expired)
if (Date.now() - cached.timestamp < ttl) {
regionCodeMap = cached.data;
return;
}
}
} catch (e) {
ui.addTimeLimitedNotification(null, [ E('p', _('Error reading cached DERP region map: %s').format(e.message || _('Unknown error'))) ], 7000, 'error');
}
// If no valid cache, fetch from the network
try {
const response = await fetch(derpMapUrl);
if (!response.ok) {
return;
}
const data = await response.json();
const newRegionMap = {};
for (const regionId in data.Regions) {
const region = data.Regions[regionId];
const code = (region.RegionCode || '').toLowerCase();
const name = region.RegionName || region.RegionCode || `Region ${regionId}`;
newRegionMap[code] = name;
}
regionCodeMap = newRegionMap;
// Save the newly fetched data to the cache
try {
const itemToCache = {
timestamp: Date.now(),
data: regionCodeMap
};
localStorage.setItem(cacheKey, JSON.stringify(itemToCache));
} catch (e) {
ui.addTimeLimitedNotification(null, [ E('p', _('Error caching DERP region map: %s').format(e.message || _('Unknown error'))) ], 7000, 'error');
}
} catch (error) {
ui.addTimeLimitedNotification(null, [ E('p', _('Error fetching DERP region map: %s').format(error.message || _('Unknown error'))) ], 7000, 'error');
}
}
function formatConnectionInfo(info) {
if (!info) { return '-'; }
if (typeof info === 'string' && info.length === 3) {
const lowerCaseInfo = info.toLowerCase();
return regionCodeMap[lowerCaseInfo] || info;
}
return info;
}
function renderStatus(status) {
// If status object is not yet available, show a loading message.
if (!status || !status.hasOwnProperty('status')) {
return E('em', {}, _('Collecting data ...'));
}
const notificationId = 'tailscale_health_notification';
let notificationElement = document.getElementById(notificationId);
if (status.health != '') {
const message = _('Tailscale Health Check: %s').format(status.health);
if (notificationElement) {
notificationElement.textContent = message;
}
else {
let newNotificationContent = E('p', { 'id': notificationId }, message);
ui.addNotification(null, newNotificationContent, 'info');
}
}else{
try{
notificationElement.parentNode.parentNode.remove();
}catch(e){}
}
if (Object.keys(regionCodeMap).length === 0) {
initializeRegionMap();
}
// --- Part 1: Handle non-running states ---
// State: Tailscale binary not found.
if (status.status == 'not_installed') {
return E('dl', { 'class': 'cbi-value' }, [
E('dt', {}, _('Service Status')),
E('dd', {}, E('span', { 'style': 'color:red;' }, E('strong', {}, _('TAILSCALE NOT FOUND'))))
]);
}
// State: Logged out, requires user action.
if (status.status == 'logout') {
return E('dl', { 'class': 'cbi-value' }, [
E('dt', {}, _('Service Status')),
E('dd', {}, [
E('span', { 'style': 'color:orange;' }, E('strong', {}, _('LOGGED OUT'))),
E('br'),
E('span', {}, _('Please use the login button in the settings below to authenticate.'))
])
]);
}
// State: Service is installed but not running.
if (status.status != 'running') {
return E('dl', { 'class': 'cbi-value' }, [
E('dt', {}, _('Service Status')),
E('dd', {}, E('span', { 'style': 'color:red;' }, E('strong', {}, _('NOT RUNNING'))))
]);
}
// --- Part 2: Render the full status display for a running service ---
// A helper array to define the data for the main status table.
const statusData = [
{ label: _('Service Status'), value: E('span', { 'style': 'color:green;' }, E('strong', {}, _('RUNNING'))) },
{ label: _('Version'), value: status.version || 'N/A' },
{ label: _('TUN Mode'), value: status.TUNMode ? _('Enabled') : _('Disabled') },
{ label: _('Tailscale IPv4'), value: status.ipv4 || 'N/A' },
{ label: _('Tailscale IPv6'), value: status.ipv6 || 'N/A' },
{ label: _('Tailnet Name'), value: status.domain_name || 'N/A' }
];
// Build the horizontal status table using the data array.
const statusTable = E('table', { 'style': 'width: 100%; border-spacing: 0 5px;' }, [
E('tr', {}, statusData.map(item => E('td', { 'style': 'padding-right: 20px;' }, E('strong', {}, item.label)))),
E('tr', {}, statusData.map(item => E('td', { 'style': 'padding-right: 20px;' }, item.value)))
]);
// --- Part 3: Render the Peers/Network Devices table ---
const peers = status.peers;
let peersContent;
if (!peers || Object.keys(peers).length === 0) {
// Display a message if no peers are found.
peersContent = E('p', {}, _('No peer devices found.'));
} else {
// Define headers for the peers table.
const peerTableHeaders = [
{ text: _('Status'), style: 'width: 80px;' },
{ text: _('Hostname') },
{ text: _('Tailscale IP') },
{ text: _('OS') },
{ text: _('Connection Info') },
{ text: _('RX') },
{ text: _('TX') },
{ text: _('Last Seen') }
];
// Build the peers table.
peersContent = E('table', { 'class': 'cbi-table' }, [
// Table Header Row
E('tr', { 'class': 'cbi-table-header' }, peerTableHeaders.map(header => {
let th_style = 'padding-right: 20px; text-align: left;';
if (header.style) {
th_style += header.style;
}
return E('th', { 'class': 'cbi-table-cell', 'style': th_style }, header.text);
})),
// Table Body Rows (one for each peer)
...Object.entries(peers).map(([peerid, peer]) => {
const td_style = 'padding-right: 20px;';
return E('tr', { 'class': 'cbi-rowstyle-1' }, [
E('td', { 'class': 'cbi-value-field', 'style': td_style },
E('span', {
'style': `color:${peer.exit_node ? 'blue' : (peer.online ? 'green' : 'gray')};`,
'title': (peer.exit_node ? _('Exit Node') + ' ' : '') + (peer.online ? _('Online') : _('Offline'))
}, peer.online ? '●' : '○')
),
E('td', { 'class': 'cbi-value-field', 'style': td_style }, E('strong', {}, peer.hostname + (peer.exit_node_option ? ' (ExNode)' : ''))),
E('td', { 'class': 'cbi-value-field', 'style': td_style }, peer.ip || 'N/A'),
E('td', { 'class': 'cbi-value-field', 'style': td_style }, peer.ostype || 'N/A'),
E('td', { 'class': 'cbi-value-field', 'style': td_style }, formatConnectionInfo(peer.linkadress || '-')),
E('td', { 'class': 'cbi-value-field', 'style': td_style }, formatBytes(peer.rx)),
E('td', { 'class': 'cbi-value-field', 'style': td_style }, formatBytes(peer.tx)),
E('td', { 'class': 'cbi-value-field', 'style': td_style }, formatLastSeen(peer.lastseen))
]);
})
]);
}
// Combine all parts into a single DocumentFragment.
// Using E() without a tag name creates a fragment, which is perfect for grouping elements.
return E([
statusTable,
E('div', { 'style': 'margin-top: 25px;' }, [
E('h4', {}, _('Network Devices')),
peersContent
])
]);
}
return view.extend({
load() {
return Promise.all([
L.resolveDefault(callGetStatus(), { running: '', peers: [] }),
L.resolveDefault(callGetSettings(), { accept_routes: false }),
L.resolveDefault(callGetSubroutes(), { routes: [] })
])
.then(function([status, settings_from_rpc, subroutes]) {
return uci.load('tailscale').then(function() {
if (uci.get('tailscale', 'settings') === null) {
// No existing settings found; initialize UCI with RPC settings
uci.add('tailscale', 'settings', 'settings');
uci.set('tailscale', 'settings', 'fw_mode', 'nftables');
uci.set('tailscale', 'settings', 'accept_routes', (settings_from_rpc.accept_routes ? '1' : '0'));
uci.set('tailscale', 'settings', 'advertise_exit_node', ((settings_from_rpc.advertise_exit_node || false) ? '1' : '0'));
uci.set('tailscale', 'settings', 'advertise_routes', (settings_from_rpc.advertise_routes || []).join(', '));
uci.set('tailscale', 'settings', 'exit_node', settings_from_rpc.exit_node || '');
uci.set('tailscale', 'settings', 'exit_node_allow_lan_access', ((settings_from_rpc.exit_node_allow_lan_access || false) ? '1' : '0'));
uci.set('tailscale', 'settings', 'ssh', ((settings_from_rpc.ssh || false) ? '1' : '0'));
uci.set('tailscale', 'settings', 'shields_up', ((settings_from_rpc.shields_up || false) ? '1' : '0'));
uci.set('tailscale', 'settings', 'runwebclient', ((settings_from_rpc.runwebclient || false) ? '1' : '0'));
uci.set('tailscale', 'settings', 'nosnat', ((settings_from_rpc.nosnat || false) ? '1' : '0'));
uci.set('tailscale', 'settings', 'disable_magic_dns', ((settings_from_rpc.disable_magic_dns || false) ? '1' : '0'));
uci.set('tailscale', 'settings', 'daemon_reduce_memory', '0');
uci.set('tailscale', 'settings', 'daemon_mtu', '');
return uci.save();
}
}).then(function() {
return [status, settings_from_rpc, subroutes];
});
});
},
render ([status = {}, settings = {}, subroutes_obj]) {
const subroutes = (subroutes_obj && subroutes_obj.routes) ? subroutes_obj.routes : [];
let s;
map = new form.Map('tailscale', _('Tailscale'), _('Tailscale is a mesh VPN solution that makes it easy to connect your devices securely. This configuration page allows you to manage Tailscale settings on your OpenWrt device.'));
s = map.section(form.NamedSection, '_status');
s.anonymous = true;
s.render = function (section_id) {
L.Poll.add(
function () {
return getRunningStatus().then(function (res) {
const view = document.getElementById("service_status_display");
if (view) {
const content = renderStatus(res);
view.replaceChildren(content);
}
// login button only available when logged out
const login_btn=document.getElementsByClassName('cbi-button cbi-button-apply')[0];
if(login_btn) { login_btn.disabled=(res.status != 'logout'); }
});
}, 10);
return E('div', { 'id': 'service_status_display', 'class': 'cbi-value' },
_('Collecting data ...')
);
}
// Bind settings to the 'settings' section of uci
s = map.section(form.NamedSection, 'settings', 'settings', _('Settings'));
s.dynamic = true;
// Create the "General Settings" tab and apply tailscaleSettingsConf
s.tab('general', _('General Settings'));
defTabOpts(s, 'general', tailscaleSettingsConf, { optional: false });
const en = s.taboption('general', form.ListValue, 'exit_node', _('Exit Node'), _('Select an exit node from the list. If enabled, Allow LAN Access is enabled implicitly.'));
en.value('', _('None'));
if (status.peers) {
Object.values(status.peers).forEach(function(peer) {
if (peer.exit_node_option) {
const primaryIp = peer.ip.split('<br>')[0];
const label = peer.hostname ? `${peer.hostname} (${primaryIp})` : primaryIp;
en.value(primaryIp, label);
}
});
}
en.rmempty = true;
en.cfgvalue = function(section_id) {
if (status && status.status === 'running' && status.peers) {
for (const id in status.peers) {
if (status.peers[id].exit_node) {
return status.peers[id].ip.split('<br>')[0];
}
}
return '';
}
return uci.get('tailscale', 'settings', 'exit_node') || '';
};
const o = s.taboption('general', form.DynamicList, 'advertise_routes', _('Advertise Routes'),_('Advertise subnet routes behind this device. Select from the detected subnets below or enter custom routes (comma-separated).'));
if (subroutes.length > 0) {
subroutes.forEach(function(subnet) {
o.value(subnet, subnet);
});
}
o.rmempty = true;
const fwBtn = s.taboption('general', form.Button, '_setup_firewall', _('Auto Configure Firewall'));
fwBtn.description = _('Experimental: applies minimal firewall and interface setup for Tailscale. It will create/patch network.tailscale (proto none, device tailscale0), add a firewall zone "tailscale" with ACCEPT/ACCEPT/ACCEPT, masq, mtu_fix, and ensure forwarding tailscale<->lan. It reloads network/firewall only if changes are made.');
fwBtn.inputstyle = 'action';
fwBtn.onclick = function() {
const btn = this;
btn.disabled = true;
return callSetupFirewall().then(function(res) {
const msg = res?.message || _('Firewall configuration applied.');
ui.addNotification(null, E('p', {}, msg), 'info');
}).catch(function(err) {
ui.addNotification(null, E('p', {}, _('Failed to configure firewall: %s').format(err?.message || err || 'Unknown error')), 'error');
}).finally(function() {
btn.disabled = false;
});
};
// Create the account settings
s.tab('account', _('Account Settings'));
defTabOpts(s, 'account', accountConf, { optional: false });
const loginBtn = s.taboption('account', form.Button, '_login', _('Login'),
_('Click to get a login URL for this device.')
+'<br>'+_('If the timeout is displayed, you can refresh the page and click Login again.'));
loginBtn.inputstyle = 'apply';
const customLoginUrl = s.taboption('account', form.Value, 'custom_login_url',
_('Custom Login Server'),
_('Optional: Specify a custom control server URL (e.g., a Headscale instance, https://example.com).')
+'<br>'+_('Leave blank for default Tailscale control plane.')
);
customLoginUrl.placeholder = '';
customLoginUrl.rmempty = true;
const customLoginAuthKey = s.taboption('account', form.Value, 'custom_login_AuthKey',
_('Custom Login Server Auth Key'),
_('Optional: Specify an authentication key for the custom control server. Leave blank if not required.')
+'<br>'+_('If you are using custom login server but not providing an Auth Key, will redirect to the login page without pre-filling the key.')
);
customLoginAuthKey.placeholder = '';
customLoginAuthKey.rmempty = true;
const logoutBtn = s.taboption('account', form.Button, '_logout', _('Logout'),
_('Click to Log out account on this device.')
+'<br>'+_('Disconnect from Tailscale and expire current node key.'));
logoutBtn.inputstyle = 'apply';
logoutBtn.id = 'tailscale_logout_btn';
loginBtn.onclick = function() {
const customServerInput = document.getElementById('widget.cbid.tailscale.settings.custom_login_url');
const customServer = customServerInput ? customServerInput.value : '';
const customserverAuthInput = document.getElementById('widget.cbid.tailscale.settings.custom_login_AuthKey');
const customServerAuth = customserverAuthInput ? customserverAuthInput.value : '';
const loginWindow = window.open('', '_blank');
if (!loginWindow) {
ui.addTimeLimitedNotification(null, [ E('p', _('Could not open a new tab. Please check if your browser or an extension blocked the pop-up.')) ], 10000, 'error');
return;
}
// Display a prompt message in the new window
const doc = loginWindow.document;
doc.body.innerHTML =
'<h2>' + _('Tailscale Login') + '</h2>' +
'<p>' + _('Requesting Tailscale login URL... Please wait.') + '</p>' +
'<p>' + _('This can take up to 30 seconds.') + '</p>';
ui.showModal(_('Requesting Login URL...'), E('em', {}, _('Please wait.')));
const payload = {
loginserver: customServer || '',
loginserver_authkey: customServerAuth || ''
};
// Show a "loading" modal and execute the asynchronous RPC call
ui.showModal(_('Requesting Login URL...'), E('em', {}, _('Please wait.')));
return callDoLogin(payload).then(function(res) {
ui.hideModal();
if (res && res.url) {
// After successfully obtaining the URL, redirect the previously opened tab
loginWindow.location.href = res.url;
} else {
// If it fails, inform the user and they can close the new tab
doc.body.innerHTML =
'<h2>' + _('Error') + '</h2>' +
'<p>' + _('Failed to get login URL. You may close this tab.') + '</p>';
ui.addTimeLimitedNotification(null, [ E('p', _('Failed to get login URL: Invalid response from server.')) ], 7000, 'error');
}
}).catch(function(err) {
ui.hideModal();
ui.addTimeLimitedNotification(null, [ E('p', _('Failed to get login URL: %s').format(err.message || _('Unknown error'))) ], 7000, 'error');
});
};
logoutBtn.onclick = function() {
const confirmationContent = E([
E('p', {}, _('Are you sure you want to log out?')
+'<br>'+_('This will disconnect this device from your Tailnet and require you to re-authenticate.')),
E('div', { 'style': 'text-align: right; margin-top: 1em;' }, [
E('button', {
'class': 'cbi-button',
'click': ui.hideModal
}, _('Cancel')),
' ',
E('button', {
'class': 'cbi-button cbi-button-negative',
'click': function() {
ui.hideModal();
ui.showModal(_('Logging out...'), E('em', {}, _('Please wait.')));
return callDoLogout().then(function(res) {
ui.hideModal();
ui.addTimeLimitedNotification(null, [ E('p', _('Successfully logged out.')) ], 5000, 'info');
}).catch(function(err) {
ui.hideModal();
ui.addTimeLimitedNotification(null, [ E('p', _('Logout failed: %s').format(err.message || _('Unknown error'))) ], 7000, 'error');
});
}
}, _('Logout'))
])
]);
ui.showModal(_('Confirm Logout'), confirmationContent);
};
// Create the "Daemon Settings" tab and apply daemonConf
//s.tab('daemon', _('Daemon Settings'));
//defTabOpts(s, 'daemon', daemonConf, { optional: false });
return map.render();
},
// The handleSaveApply function is executed after clicking "Save & Apply"
handleSaveApply(ev) {
return map.save().then(function () {
const data = map.data.get('tailscale', 'settings');
// fix empty value issue
if(!data.advertise_exit_node) data.advertise_exit_node = '';
if(!data.advertise_routes) data.advertise_routes = '';
if(!data.exit_node) data.exit_node = '';
if(!data.custom_login_url) data.custom_login_url = '';
if(!data.custom_login_AuthKey) data.custom_login_AuthKey = '';
ui.showModal(_('Applying changes...'), E('em', {}, _('Please wait.')));
return callSetSettings(data).then(function (response) {
if (response.success) {
ui.hideModal();
setTimeout(function() {
ui.addTimeLimitedNotification(null, [ E('p', _('Tailscale settings applied successfully.')) ], 5000, 'info');
}, 1000);
try {
L.ui.changes.revert();
} catch (error) {
ui.addTimeLimitedNotification(null, [ E('p', _('Error saving settings: %s').format(error || _('Unknown error'))) ], 7000, 'error');
}
} else {
ui.hideModal();
ui.addTimeLimitedNotification(null, [ E('p', _('Error applying settings: %s').format(response.error || _('Unknown error'))) ], 7000, 'error');
}
});
}).catch(function(err) {
ui.hideModal();
//console.error('Save failed:', err);
ui.addTimeLimitedNotification(null, [ E('p', _('Failed to save settings: %s').format(err.message)) ], 7000, 'error');
});
},
handleSave: null,
handleReset: null
});

470
applications/luci-app-tailscale-community/po/templates/community.pot Normal file
View File

@@ -0,0 +1,470 @@
msgid ""
msgstr "Content-Type: text/plain; charset=UTF-8"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:34
msgid "(Experimental) Reduce Memory Usage"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:20
msgid "Accept Routes"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:425
msgid "Account Settings"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:21
msgid "Advertise Exit Node"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:400
msgid "Advertise Routes"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:400
msgid ""
"Advertise subnet routes behind this device. Select from the detected subnets "
"below or enter custom routes (comma-separated)."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:22
msgid "Allow LAN Access"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:20
msgid "Allow accepting routes announced by other nodes."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:26
msgid "Allow connecting to this device through the SSH function of Tailscale."
msgstr ""
#: applications/luci-app-tailscale-community/root/usr/share/rpcd/acl.d/luci-app-tailscale-community.json:3
msgid "Allow user access to tailscale"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:547
msgid "Applying changes..."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:499
msgid "Are you sure you want to log out?"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:408
msgid "Auto Configure Firewall"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:506
msgid "Cancel"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:450
msgid "Click to Log out account on this device."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:429
msgid "Click to get a login URL for this device."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:166
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:363
msgid "Collecting data ..."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:525
msgid "Confirm Logout"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:253
msgid "Connection Info"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:462
msgid ""
"Could not open a new tab. Please check if your browser or an extension "
"blocked the pop-up."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:434
msgid "Custom Login Server"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:442
msgid "Custom Login Server Auth Key"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:21
msgid "Declare this device as an Exit Node."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:27
msgid "Disable MagicDNS"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:24
msgid "Disable SNAT"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:24
msgid ""
"Disable Source NAT (SNAT) for traffic to advertised routes. Most users "
"should leave this unchecked."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:226
msgid "Disabled"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:451
msgid "Disconnect from Tailscale and expire current node key."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:26
msgid "Enable Tailscale SSH"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:23
msgid "Enable Web Interface"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:226
msgid "Enabled"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:34
msgid ""
"Enabling this option can reduce memory usage, but it may sacrifice some "
"performance (set GOGC=10)."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:487
msgid "Error"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:562
msgid "Error applying settings: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:147
msgid "Error caching DERP region map: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:150
msgid "Error fetching DERP region map: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:120
msgid "Error reading cached DERP region map: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:558
msgid "Error saving settings: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:278
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:376
msgid "Exit Node"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:409
msgid ""
"Experimental: applies minimal firewall and interface setup for Tailscale. It "
"will create/patch network.tailscale (proto none, device tailscale0), add a "
"firewall zone \"tailscale\" with ACCEPT/ACCEPT/ACCEPT, masq, mtu_fix, and "
"ensure forwarding tailscale<->lan. It reloads network/firewall only if "
"changes are made."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:23
msgid ""
"Expose a web interface on port 5252 for managing this node over Tailscale."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:418
msgid "Failed to configure firewall: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:488
msgid "Failed to get login URL. You may close this tab."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:493
msgid "Failed to get login URL: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:489
msgid "Failed to get login URL: Invalid response from server."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:568
msgid "Failed to save settings: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:19
msgid "Firewall Mode"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:415
msgid "Firewall configuration applied."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:372
msgid "General Settings"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:250
msgid "Hostname"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:430
msgid ""
"If the timeout is displayed, you can refresh the page and click Login again."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:444
msgid ""
"If you are using custom login server but not providing an Auth Key, will "
"redirect to the login page without pre-filling the key."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:90
msgid "Invalid Date"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:93
msgid "Just now"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:205
msgid "LOGGED OUT"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:256
msgid "Last Seen"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:436
msgid "Leave blank for default Tailscale control plane."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:512
msgid "Logging out..."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:428
msgid "Login"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:449
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:522
msgid "Logout"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:519
msgid "Logout failed: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:87
msgid "N/A"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:216
msgid "NOT RUNNING"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:298
msgid "Network Devices"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:245
msgid "No peer devices found."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:377
msgid "None"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:88
msgid "Now"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:252
msgid "OS"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:278
msgid "Offline"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:278
msgid "Online"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:435
msgid ""
"Optional: Specify a custom control server URL (e.g., a Headscale instance, "
"https://example.com)."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:443
msgid ""
"Optional: Specify an authentication key for the custom control server. Leave "
"blank if not required."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:207
msgid "Please use the login button in the settings below to authenticate."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:472
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:478
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:512
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:547
msgid "Please wait."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:224
msgid "RUNNING"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:254
msgid "RX"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:472
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:478
msgid "Requesting Login URL..."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:469
msgid "Requesting Tailscale login URL... Please wait."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:376
msgid ""
"Select an exit node from the list. If enabled, Allow LAN Access is enabled "
"implicitly."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:19
msgid ""
"Select the firewall backend for Tailscale to use. Requires service restart "
"to take effect."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:195
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:203
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:215
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:224
msgid "Service Status"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:368
msgid "Settings"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:25
msgid "Shields Up"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:249
msgid "Status"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:516
msgid "Successfully logged out."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:196
msgid "TAILSCALE NOT FOUND"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:226
msgid "TUN Mode"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:255
msgid "TX"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:229
msgid "Tailnet Name"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:342
#: applications/luci-app-tailscale-community/root/usr/share/luci/menu.d/luci-app-tailscale-community.json:3
msgid "Tailscale"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:172
msgid "Tailscale Health Check: %s"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:251
msgid "Tailscale IP"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:227
msgid "Tailscale IPv4"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:228
msgid "Tailscale IPv6"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:468
msgid "Tailscale Login"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:342
msgid ""
"Tailscale is a mesh VPN solution that makes it easy to connect your devices "
"securely. This configuration page allows you to manage Tailscale settings on "
"your OpenWrt device."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:553
msgid "Tailscale settings applied successfully."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:470
msgid "This can take up to 30 seconds."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:500
msgid ""
"This will disconnect this device from your Tailnet and require you to re-"
"authenticate."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:120
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:147
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:150
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:493
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:519
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:558
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:562
msgid "Unknown error"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:27
msgid "Use system DNS instead of MagicDNS."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:225
msgid "Version"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:25
msgid ""
"When enabled, blocks all inbound connections from the Tailscale network."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:22
msgid "When using the exit node, access to the local LAN is allowed."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:96
msgid "ago"
msgstr ""

484
applications/luci-app-tailscale-community/po/zh_Hans/community.po Normal file
View File

@@ -0,0 +1,484 @@
msgid ""
msgstr "Content-Type: text/plain; charset=UTF-8\n"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:34
msgid "(Experimental) Reduce Memory Usage"
msgstr "(实验性) 减少内存使用"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:20
msgid "Accept Routes"
msgstr "接受路由"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:425
msgid "Account Settings"
msgstr "账户设置"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:21
msgid "Advertise Exit Node"
msgstr "通告出口节点"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:400
msgid "Advertise Routes"
msgstr "通告路由"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:400
msgid ""
"Advertise subnet routes behind this device. Select from the detected subnets "
"below or enter custom routes (comma-separated)."
msgstr ""
"通告此设备后的子网路由。从下面的子网中选择,或输入自定义路由 (逗号分隔)。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:22
msgid "Allow LAN Access"
msgstr "允许局域网访问"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:20
msgid "Allow accepting routes announced by other nodes."
msgstr "允许接受由其他节点通告的路由。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:26
msgid "Allow connecting to this device through the SSH function of Tailscale."
msgstr "允许通过 Tailscale 的 SSH 功能连接到此设备。"
#: applications/luci-app-tailscale-community/root/usr/share/rpcd/acl.d/luci-app-tailscale-community.json:3
msgid "Allow user access to tailscale"
msgstr "允许用户访问 Tailscale"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:547
msgid "Applying changes..."
msgstr "正在应用更改..."
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:499
msgid "Are you sure you want to log out?"
msgstr "您确定要登出吗?"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:408
msgid "Auto Configure Firewall"
msgstr "自动配置防火墙"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:506
msgid "Cancel"
msgstr "取消"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:450
msgid "Click to Log out account on this device."
msgstr "点击以登出此设备上的账户。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:429
msgid "Click to get a login URL for this device."
msgstr "点击获取此设备的登录 URL。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:166
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:363
msgid "Collecting data ..."
msgstr "正在收集数据..."
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:525
msgid "Confirm Logout"
msgstr "确认登出"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:253
msgid "Connection Info"
msgstr "连接信息"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:462
msgid ""
"Could not open a new tab. Please check if your browser or an extension "
"blocked the pop-up."
msgstr "无法打开新标签页。请检查您的浏览器或扩展程序是否阻止了弹出窗口。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:434
msgid "Custom Login Server"
msgstr "自定义登录服务器"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:442
msgid "Custom Login Server Auth Key"
msgstr "自定义登录服务器认证密钥"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:21
msgid "Declare this device as an Exit Node."
msgstr "将此设备声明为出口节点。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:27
msgid "Disable MagicDNS"
msgstr "禁用 MagicDNS"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:24
msgid "Disable SNAT"
msgstr "禁用 SNAT"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:24
msgid ""
"Disable Source NAT (SNAT) for traffic to advertised routes. Most users "
"should leave this unchecked."
msgstr "为通告路由的流量禁用源地址转换 (SNAT)。大多数用户应保持此项不勾选。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:226
msgid "Disabled"
msgstr "已禁用"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:451
msgid "Disconnect from Tailscale and expire current node key."
msgstr "从 Tailscale 断开连接并使当前节点密钥过期。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:26
msgid "Enable Tailscale SSH"
msgstr "启用 Tailscale SSH"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:23
msgid "Enable Web Interface"
msgstr "启用 Web 界面"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:226
msgid "Enabled"
msgstr "已启用"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:34
msgid ""
"Enabling this option can reduce memory usage, but it may sacrifice some "
"performance (set GOGC=10)."
msgstr "启用此选项可以减少内存使用,但可能会牺牲一些性能 (设置 GOGC=10)。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:487
msgid "Error"
msgstr "错误"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:562
msgid "Error applying settings: %s"
msgstr "应用设置时出错: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:147
msgid "Error caching DERP region map: %s"
msgstr "缓存 DERP 区域地图时出错: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:150
msgid "Error fetching DERP region map: %s"
msgstr "获取 DERP 区域地图时出错: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:120
msgid "Error reading cached DERP region map: %s"
msgstr "读取缓存的 DERP 区域地图时出错: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:558
msgid "Error saving settings: %s"
msgstr "保存设置时出错: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:278
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:376
msgid "Exit Node"
msgstr "出口节点"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:409
msgid ""
"Experimental: applies minimal firewall and interface setup for Tailscale. It "
"will create/patch network.tailscale (proto none, device tailscale0), add a "
"firewall zone \"tailscale\" with ACCEPT/ACCEPT/ACCEPT, masq, mtu_fix, and "
"ensure forwarding tailscale<->lan. It reloads network/firewall only if "
"changes are made."
msgstr ""
"实验性功能:为Tailscale应用所必须最小的防火墙设置。它将创建/修补network."
"tailscale (proto nonedevice tailscale0)添加ACCEPT/ACCEPT/ACCEPT、masq、"
"mtu_fix的防火墙区域“tailscale”并转发tailscale<->lan。反正总之如果你不知道这"
"个是干什么的而且你tailscale网络又有问题说明你需要点这个。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:23
msgid ""
"Expose a web interface on port 5252 for managing this node over Tailscale."
msgstr "在端口 5252 上暴露一个 Web 界面,用于通过 Tailscale 管理此节点。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:418
msgid "Failed to configure firewall: %s"
msgstr "获取防火墙设置失败: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:488
msgid "Failed to get login URL. You may close this tab."
msgstr "获取登录 URL 失败。您可以关闭此标签页。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:493
msgid "Failed to get login URL: %s"
msgstr "获取登录 URL 失败: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:489
msgid "Failed to get login URL: Invalid response from server."
msgstr "获取登录 URL 失败: 服务器响应无效。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:568
msgid "Failed to save settings: %s"
msgstr "保存设置失败: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:19
msgid "Firewall Mode"
msgstr "防火墙模式"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:415
msgid "Firewall configuration applied."
msgstr "已应用防火墙配置"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:372
msgid "General Settings"
msgstr "常规设置"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:250
msgid "Hostname"
msgstr "主机名"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:430
msgid ""
"If the timeout is displayed, you can refresh the page and click Login again."
msgstr "如果显示超时,您可以刷新页面并再次点击登录。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:444
msgid ""
"If you are using custom login server but not providing an Auth Key, will "
"redirect to the login page without pre-filling the key."
msgstr ""
"如果您使用自定义登录服务器但未提供认证密钥,将重定向到登录页面而不会预先填充"
"密钥。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:90
msgid "Invalid Date"
msgstr "无效日期"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:93
msgid "Just now"
msgstr "刚才"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:205
msgid "LOGGED OUT"
msgstr "已登出"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:256
msgid "Last Seen"
msgstr "上次在线"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:436
msgid "Leave blank for default Tailscale control plane."
msgstr "留空以使用默认的 Tailscale 控制平面。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:512
msgid "Logging out..."
msgstr "正在登出..."
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:428
msgid "Login"
msgstr "登录"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:449
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:522
msgid "Logout"
msgstr "登出"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:519
msgid "Logout failed: %s"
msgstr "登出失败: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:87
msgid "N/A"
msgstr "N/A"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:216
msgid "NOT RUNNING"
msgstr "未运行"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:298
msgid "Network Devices"
msgstr "网络设备"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:245
msgid "No peer devices found."
msgstr "未找到对等设备。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:377
msgid "None"
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:88
msgid "Now"
msgstr "现在"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:252
msgid "OS"
msgstr "操作系统"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:278
msgid "Offline"
msgstr "离线"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:278
msgid "Online"
msgstr "在线"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:435
msgid ""
"Optional: Specify a custom control server URL (e.g., a Headscale instance, "
"https://example.com)."
msgstr ""
"可选:指定一个自定义控制服务器 URL (例如,一个 Headscale 实例https://"
"example.com)。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:443
msgid ""
"Optional: Specify an authentication key for the custom control server. Leave "
"blank if not required."
msgstr "可选:为自定义控制服务器指定一个认证密钥。如果不需要,请留空。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:207
msgid "Please use the login button in the settings below to authenticate."
msgstr "请使用下方设置中的登录按钮进行认证。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:472
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:478
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:512
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:547
msgid "Please wait."
msgstr "请稍候。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:224
msgid "RUNNING"
msgstr "正在运行"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:254
msgid "RX"
msgstr "接收"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:472
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:478
msgid "Requesting Login URL..."
msgstr "正在请求登录 URL..."
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:469
msgid "Requesting Tailscale login URL... Please wait."
msgstr "正在请求 Tailscale 登录 URL... 请稍候。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:376
msgid ""
"Select an exit node from the list. If enabled, Allow LAN Access is enabled "
"implicitly."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:19
msgid ""
"Select the firewall backend for Tailscale to use. Requires service restart "
"to take effect."
msgstr "选择 Tailscale 使用的防火墙后端。需要重启服务才能生效。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:195
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:203
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:215
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:224
msgid "Service Status"
msgstr "服务状态"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:368
msgid "Settings"
msgstr "设置"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:25
msgid "Shields Up"
msgstr "开启防护 (Shields Up)"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:249
msgid "Status"
msgstr "状态"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:516
msgid "Successfully logged out."
msgstr "登出成功。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:196
msgid "TAILSCALE NOT FOUND"
msgstr "未找到 TAILSCALE"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:226
msgid "TUN Mode"
msgstr "TUN 模式"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:255
msgid "TX"
msgstr "发送"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:229
msgid "Tailnet Name"
msgstr "Tailnet 名称"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:342
#: applications/luci-app-tailscale-community/root/usr/share/luci/menu.d/luci-app-tailscale-community.json:3
msgid "Tailscale"
msgstr "Tailscale"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:172
msgid "Tailscale Health Check: %s"
msgstr "Tailscale 健康检查: %s"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:251
msgid "Tailscale IP"
msgstr "Tailscale IP"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:227
msgid "Tailscale IPv4"
msgstr "Tailscale IPv4"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:228
msgid "Tailscale IPv6"
msgstr "Tailscale IPv6"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:468
msgid "Tailscale Login"
msgstr "Tailscale 登录"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:342
msgid ""
"Tailscale is a mesh VPN solution that makes it easy to connect your devices "
"securely. This configuration page allows you to manage Tailscale settings on "
"your OpenWrt device."
msgstr ""
"Tailscale 是一个网状 VPN 解决方案,可以轻松地安全连接您的设备。此配置页面允许"
"您在 OpenWrt 设备上管理 Tailscale 设置。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:553
msgid "Tailscale settings applied successfully."
msgstr "Tailscale 设置已成功应用。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:470
msgid "This can take up to 30 seconds."
msgstr "此过程最多可能需要 30 秒。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:500
msgid ""
"This will disconnect this device from your Tailnet and require you to re-"
"authenticate."
msgstr "这将使此设备从您的 Tailnet 断开连接,并需要您重新进行身份验证。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:120
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:147
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:150
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:493
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:519
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:558
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:562
msgid "Unknown error"
msgstr "未知错误"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:27
msgid "Use system DNS instead of MagicDNS."
msgstr ""
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:225
msgid "Version"
msgstr "版本"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:25
msgid ""
"When enabled, blocks all inbound connections from the Tailscale network."
msgstr "启用后,将阻止来自 Tailscale 网络的所有入站连接。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:22
msgid "When using the exit node, access to the local LAN is allowed."
msgstr "使用出口节点时,允许访问本地局域网。"
#: applications/luci-app-tailscale-community/htdocs/luci-static/resources/view/tailscale.js:96
msgid "ago"
msgstr "前"
#~ msgid "Specify an exit node. Leave it blank and it will not be used."
#~ msgstr "指定一个出口节点。留空则不使用。"

10
applications/luci-app-tailscale-community/root/usr/share/luci/menu.d/luci-app-tailscale-community.json Normal file
View File

@@ -0,0 +1,10 @@
{
"admin/services/tailscale": {
"title": "Tailscale",
"order": 90,
"action": {
"type": "view",
"path": "tailscale"
}
}
}

26
applications/luci-app-tailscale-community/root/usr/share/rpcd/acl.d/luci-app-tailscale-community.json Normal file
View File

@@ -0,0 +1,26 @@
{
"luci-app-tailscale-community": {
"description": "Allow user access to tailscale",
"read": {
"ubus": {
"tailscale": [
"get_status",
"get_settings",
"get_subroutes"
]
},
"uci": [ "tailscale" ]
},
"write": {
"ubus": {
"tailscale": [
"do_login",
"do_logout",
"setup_firewall",
"set_settings"
]
},
"uci": [ "tailscale" ]
}
}
}

393
applications/luci-app-tailscale-community/root/usr/share/rpcd/ucode/tailscale.uc Normal file
View File

@@ -0,0 +1,393 @@
#!/usr/bin/env ucode
'use strict';
import { access, popen, readfile, writefile, unlink } from 'fs';
import { cursor } from 'uci';
const uci = cursor();
function exec(command) {
let stdout_content = '';
let p = popen(command, 'r');
sleep(100);
if (p == null) {
return { code: -1, stdout: '', stderr: `Failed to execute: ${command}` };
}
for (let line = p.read('line'); length(line); line = p.read('line')) {
stdout_content = stdout_content+line;
}
stdout_content = rtrim(stdout_content);
stdout_content = split(stdout_content, '\n');
let exit_code = p.close();
let stderr_content = '';
if (exit_code != 0) {
stderr_content = stdout_content;
}
return { code: exit_code, stdout: stdout_content, stderr: stderr_content };
}
function shell_quote(s) {
if (s == null || s == '') return "''";
return "'" + replace(s, "'", "'\\''") + "'";
}
const methods = {};
methods.get_status = {
call: function() {
let data = {
status: '',
version: '',
TUNMode: '',
health: '',
ipv4: "Not running",
ipv6: null,
domain_name: '',
peers: []
};
if (access('/usr/sbin/tailscale')==true || access('/usr/bin/tailscale')==true){ }else{
data.status = 'not_installed';
return data;
}
let status_json_output = exec('tailscale status --json');
let peer_map = {};
if (status_json_output.code == 0 && length(status_json_output.stdout) > 0) {
try {
let status_data = json(join('',status_json_output.stdout));
data.version = status_data?.Version || 'Unknown';
data.health = status_data?.Health || '';
data.TUNMode = status_data?.TUN || 'true';
if (status_data?.BackendState == 'Running') { data.status = 'running'; }
if (status_data?.BackendState == 'NeedsLogin') { data.status = 'logout'; }
data.ipv4 = status_data?.Self?.TailscaleIPs?.[0] || 'No IP assigned';
data.ipv6 = status_data?.Self?.TailscaleIPs?.[1] || null;
data.domain_name = status_data?.CurrentTailnet?.Name || '';
// peers list
for (let p in status_data?.Peer) {
p = status_data.Peer[p];
peer_map[p.ID] = {
ip: join('<br>', p?.TailscaleIPs) || '',
hostname: split(p?.DNSName || '','.')[0] || '',
ostype: p?.OS,
online: p?.Online,
linkadress: (!p?.CurAddr) ? p?.Relay : p?.CurAddr,
lastseen: p?.LastSeen,
exit_node: !!p?.ExitNode,
exit_node_option: !!p?.ExitNodeOption,
tx: p?.TxBytes || '',
rx: p?.RxBytes || ''
};
}
} catch (e) { /* ignore */ }
}
data.peers = peer_map;
return data;
}
};
methods.get_settings = {
call: function() {
let settings = {};
uci.load('tailscale');
let state_file_path = uci.get('tailscale', 'settings', 'state_file') || "/var/lib/tailscale/tailscaled.state";
if (access(state_file_path)) {
try {
let state_content = readfile(state_file_path);
if (state_content != null) {
let state_data = json(state_content);
let profiles_b64 = state_data?._profiles;
if (!profiles_b64) return settings;
let profiles_data = json(b64dec(profiles_b64));
let profiles_key = null;
for (let key in profiles_data) {
profiles_key = key;
break;
}
profiles_key = 'profile-'+profiles_key;
let status_data = json(b64dec(state_data?.[profiles_key]));
if (status_data != null) {
settings.accept_routes = status_data?.RouteAll || false;
settings.advertise_exit_node = status_data?.AdvertiseExitNode || false;
settings.advertise_routes = status_data?.AdvertiseRoutes || [];
settings.exit_node = status_data?.ExitNodeID || "";
settings.exit_node_allow_lan_access = status_data?.ExitNodeAllowLANAccess || false;
settings.shields_up = status_data?.ShieldsUp || false;
settings.ssh = status_data?.RunSSH || false;
settings.runwebclient = status_data?.RunWebClient || false;
settings.nosnat = status_data?.NoSNAT || false;
settings.disable_magic_dns = !status_data?.CorpDNS || false;
settings.fw_mode = split(uci.get('tailscale', 'settings', 'fw_mode'),' ')[0] || 'nftables';
}
}
} catch (e) { /* ignore */ }
}
return settings;
}
};
methods.set_settings = {
args: { form_data: {} },
call: function(request) {
const form_data = request.args.form_data;
if (form_data == null || length(form_data) == 0) {
return { error: 'Missing or invalid form_data parameter. Please provide settings data.' };
}
let args = ['set'];
push(args,'--accept-routes=' + (form_data.accept_routes == '1'));
push(args,'--advertise-exit-node=' + (form_data.advertise_exit_node == '1'));
push(args,'--exit-node-allow-lan-access=' + (form_data.exit_node_allow_lan_access == '1'));
push(args,'--ssh=' + (form_data.ssh == '1'));
push(args,'--accept-dns=' + (form_data.disable_magic_dns != '1'));
push(args,'--shields-up=' + (form_data.shields_up == '1'));
push(args,'--webclient=' + (form_data.runwebclient == '1'));
push(args,'--snat-subnet-routes=' + (form_data.nosnat != '1'));
push(args,'--advertise-routes ' + (shell_quote(join(',',form_data.advertise_routes)) || '\"\"'));
push(args,'--exit-node=' + (shell_quote(form_data.exit_node) || '\"\"'));
if (form_data.exit_node != "") push(args,' --exit-node-allow-lan-access');
push(args,'--hostname ' + (shell_quote(form_data.hostname) || '\"\"'));
let cmd_array = 'tailscale '+join(' ', args);
let set_result = exec(cmd_array);
if (set_result.code != 0) {
return { error: 'Failed to apply node settings: ' + set_result.stderr };
}
uci.load('tailscale');
for (let key in form_data) {
uci.set('tailscale', 'settings', key, form_data[key]);
}
uci.save('tailscale');
uci.commit('tailscale');
// process reduce memory https://github.com/GuNanOvO/openwrt-tailscale
// some new versions of Tailscale may not work well with this method
//if (form_data.daemon_mtu != "" || form_data.daemon_reduce_memory != "") {
// popen('/bin/sh -c ". ' + env_script_path + ' && /etc/init.d/tailscale restart" &');
//}
return { success: true };
}
};
methods.do_login = {
args: { form_data: {} },
call: function(request) {
const form_data = request.args.form_data;
let loginargs = [];
if (form_data == null || length(form_data) == 0) {
return { error: 'Missing or invalid form_data parameter. Please provide login data.' };
}
let status=methods.get_status.call();
if (status.status != 'logout') {
return { error: 'Tailscale is already logged in and running.' };
}
// --- 1. Prepare and Run Login Command (Once) ---
const loginserver = trim(form_data.loginserver) || '';
const loginserver_authkey = trim(form_data.loginserver_authkey) || '';
if (loginserver!='') {
push(loginargs,'--login-server '+shell_quote(loginserver));
if (loginserver_authkey!='') {
push(loginargs,'--auth-key '+shell_quote(loginserver_authkey));
}
}
// Run the command in the background using /bin/sh -c to handle the '&' correctly
let login_cmd = 'tailscale login '+join(' ', loginargs);
popen('/bin/sh -c "' + login_cmd + ' &"', 'r');
// --- 2. Loop to Check Status for URL ---
let max_attempts = 15;
let interval = 2000;
for (let i = 0; i < max_attempts; i++) {
let tresult = exec('tailscale status');
for (let line in tresult.stdout) {
let trline = trim(line);
if (index(trline, 'http') != -1) {
let parts = split(trline, ' ');
for (let part in parts) {
if (index(part, 'http') != -1) {
return { url: part };
}
}
}
}
sleep(interval);
}
return { error: 'Could not retrieve login URL from tailscale command after 30 seconds.' };
}
};
methods.do_logout = {
call: function() {
let status=methods.get_status.call();
if (status.status != 'running') {
return { error: 'Tailscale is not running. Cannot perform logout.' };
}
let logout_result = exec('tailscale logout');
if (logout_result.code != 0) {
return { error: 'Failed to logout: ' + logout_result.stderr };
}
return { success: true };
}
};
methods.get_subroutes = {
call: function() {
try {
let cmd = 'ip -j route';
let result = exec(cmd);
let subnets = [];
if (result.code == 0 && length(result.stdout) > 0) {
let routes_json = json(join('',result.stdout));
for (let route in routes_json) {
// We need to filter out local subnets
// 1. 'dst' (target address) is not' default' (default gateway)
// 2. 'scope' is' link' (indicating directly connected network)
// 3. It is an IPv4 address (simple judgment: including'.')
if (route?.dst && route.dst != 'default' && route?.scope == 'link' && index(route.dst,'.') != -1) {
push(subnets,route.dst);
}
}
}
return { routes: subnets };
}
catch(e) {
return { routes: [] };
}
}
};
methods.setup_firewall = {
call: function() {
try {
uci.load('network');
uci.load('firewall');
let changed_network = false;
let changed_firewall = false;
// 1. config Network Interface
let net_ts = uci.get('network', 'tailscale');
if (net_ts == null) {
uci.set('network', 'tailscale', 'interface');
uci.set('network', 'tailscale', 'proto', 'none');
uci.set('network', 'tailscale', 'device', 'tailscale0');
changed_network = true;
} else {
let current_dev = uci.get('network', 'tailscale', 'device');
if (current_dev != 'tailscale0') {
uci.set('network', 'tailscale', 'device', 'tailscale0');
changed_network = true;
}
}
// 2. config Firewall Zone
let fw_all = uci.get_all('firewall');
let ts_zone_section = null;
let fwd_lan_to_ts = false;
let fwd_ts_to_lan = false;
for (let sec_key in fw_all) {
let s = fw_all[sec_key];
if (s['.type'] == 'zone' && s['name'] == 'tailscale') {
ts_zone_section = sec_key;
}
if (s['.type'] == 'forwarding') {
if (s.src == 'lan' && s.dest == 'tailscale') fwd_lan_to_ts = true;
if (s.src == 'tailscale' && s.dest == 'lan') fwd_ts_to_lan = true;
}
}
if (ts_zone_section == null) {
let zid = uci.add('firewall', 'zone');
uci.set('firewall', zid, 'name', 'tailscale');
uci.set('firewall', zid, 'input', 'ACCEPT');
uci.set('firewall', zid, 'output', 'ACCEPT');
uci.set('firewall', zid, 'forward', 'ACCEPT');
uci.set('firewall', zid, 'masq', '1');
uci.set('firewall', zid, 'mtu_fix', '1');
uci.set('firewall', zid, 'network', ['tailscale']);
changed_firewall = true;
} else {
let nets = uci.get('firewall', ts_zone_section, 'network');
let net_list = [];
let has_ts_net = false;
if (type(nets) == 'array') {
net_list = nets;
} else if (type(nets) == 'string') {
net_list = [nets];
}
// check if 'tailscale' is already in the list
for (let n in net_list) {
if (net_list[n] == 'tailscale') {
has_ts_net = true;
break;
}
}
if (!has_ts_net) {
push(net_list, 'tailscale');
uci.set('firewall', ts_zone_section, 'network', net_list);
changed_firewall = true;
}
}
// 3. config Forwarding
if (!fwd_lan_to_ts) {
let fid = uci.add('firewall', 'forwarding');
uci.set('firewall', fid, 'src', 'lan');
uci.set('firewall', fid, 'dest', 'tailscale');
changed_firewall = true;
}
if (!fwd_ts_to_lan) {
let fid = uci.add('firewall', 'forwarding');
uci.set('firewall', fid, 'src', 'tailscale');
uci.set('firewall', fid, 'dest', 'lan');
changed_firewall = true;
}
// 4. save
if (changed_network) {
uci.save('network');
uci.commit('network');
exec('/etc/init.d/network reload');
}
if (changed_firewall) {
uci.save('firewall');
uci.commit('firewall');
exec('/etc/init.d/firewall reload');
}
return {
success: true,
changed_network: changed_network,
changed_firewall: changed_firewall,
message: (changed_network || changed_firewall) ? 'Tailscale firewall/interface configuration applied.' : 'Tailscale firewall/interface already configured.'
};
} catch (e) {
return { error: 'Exception in setup_firewall: ' + e + '\nStack: ' + (e.stacktrace || '') };
}
}
};
return { 'tailscale': methods };