Access your tailnet from Gitpod

Gitpod is a way to spin up automated development environments for each task, in the cloud, in seconds, from any Git context you want.

Tailscale can be installed within a Gitpod workspace to be able to access private resources securely, such as package registries, or to share an environment with your colleagues for code review or pair programming.

Start Tailscale

If you’re already using Gitpod, Tailscale is installed in the default full workspace base image for Gitpod. To use it, in your workspace:

  1. Run sudo tailscaled in a separate shell to start the process.
  2. In your main shell, run tailscale up and authenticate using your browser or using an auth key.

Add Tailscale to a custom base image

If you’re managing your own base image instead of using the default full workspace image, you can still use Tailscale as part of a custom Docker image for your project in Gitpod. The following files from the gitpod-io/template-tailscale repository or the tailscale/gitpod repository will need to be incorporated:

  1. .gitpod.Dockerfile should be a layer in the build, or incorporated into the project Dockerfile.
  2. The Tailscale task in .gitpod.yml needs to be incorporated into the project .gitpod.yml file.

Authenticate to Tailscale

To allow the Gitpod workspace to join the tailnet, create an auth key for your tailnet and add it as a Gitpod environment variable named TAILSCALE_AUTHKEY.

Once you’re connected, you should see your Gitpod workspace in your tailnet following the naming convention gitpod--{user-name}--{repo-name}. Consider enabling MagicDNS to get a stable domain for your workspace, reachable from other nodes in your tailnet, such as your local machine.

Use an ephemeral auth key for ephemeral workspaces

If you use a normal auth key, the Tailscale machine state will be stored in your Gitpod account, and your workspace will always reconnect as the same node.

Several Gitpod workspaces started relatively close together will get incrementing hostnames like gitpod--{user-name}--{repo-name}-1 and gitpod--{user-name}--{repo-name}-2.

If you want to treat your Gitpod workspaces as ephemeral, instead use an ephemeral auth key.

Gitpod composing some Markdown