added toggle nat added set depends on up being set

2025-10-23 03:28:58 +02:00 · 2025-10-23 03:28:58 +02:00 · fce015279f
commit fce015279f
parent aef338d1f6
1 changed files with 17 additions and 11 deletions
--- a/containers/mikrotik-tailscale/start-tailscale.sh
+++ b/containers/mikrotik-tailscale/start-tailscale.sh
@ -7,22 +7,28 @@ echo "Setting Tailscale ARGS: $set"
 echo 1 > /proc/sys/net/ipv4/ip_forward
 echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
-# Try to enable NAT for Tailscale (may fail on MikroTik due to limited kernel modules)
+# Enable NAT masquerading if requested (nat=true|yes|1)
-# This is optional for basic Tailscale functionality
+case "${nat:-}" in
-# if iptables -t nat -A POSTROUTING -o tailscale0 -j MASQUERADE 2>/dev/null; then
+  true|yes|1)
-#     echo "NAT masquerading enabled"
+    if iptables -t nat -A POSTROUTING -o tailscale0 -j MASQUERADE 2>/dev/null; then
-# else
+      echo "NAT masquerading enabled"
-#     echo "Warning: Could not enable NAT masquerading (kernel modules not available)"
+    else
-#     echo "Tailscale will still work for basic connectivity"
+      echo "Warning: Could not enable NAT masquerading (kernel modules or iptables not available)"
-# fi
+      echo "Tailscale will still work for basic connectivity"
-
+    fi
-tailscale update --yes
+    ;;
  *)
    # nat not set to true/yes/1 — skip NAT setup
    ;;
 esac
 # Initialize and start Tailscale
 tailscaled > /dev/null 2>&1 &
 sleep 5
 tailscale up ${up}
 if [ -n "${set}" ]; then
  tailscale set ${set}
 fi
 while true; do
  tailscale netcheck