Product
Solutions
Enterprise
Customers
Docs
Blog
Pricing
Download
Get started - it's free!
Login
© 2025

Access Unraid NAS from anywhere

Unraid OS is a Linux-based network-attached storage (NAS) operating system. Official support for Tailscale was added in Unraid v7.

Unraid allows you to do the following:

  • Pool multiple, mismatched-sized drives into a single array or volume.
  • Use a wide variety of features for remote management.
  • Use built-in docker support for many apps.
  • Use advanced virtual machine engine tools such as libvirt and QEMU to support PCI passthrough for high performance-gaming VMs.

For more information, refer to Unraid's Tailscale documentation.

Requirements

  • At least one Unraid server with administrative access.
  • An existing tailnet with admin access. For instructions, refer to Tailscale quickstart.
  • You must be an Owner, Admin, or IT admin of a tailnet for some actions needed in the admin console.

Install Tailscale in Unraid OS

  1. Open the Unraid OS web interface.

  2. Select the Apps menu.

    1. If this is a brand new Unraid server, select the Install Community Applications plugin option.
    2. Search for the Tailscale plugin.
    3. Select the app labeled Tailscale (Plugin). We recommend this version, which Derek Kaser maintains on behalf of Unraid. Make sure you select this plugin and ignore the other legacy options, such as docker.
    4. Select Install.
    5. After the plug-in is installed, select the Settings menu in the Unraid OS web interface.
    6. Go to the Network Services section, locate and select Tailscale.
    7. Select Reauthenticate, then Connect to add the server to your tailnet. A message may display indicating that the Tailscale key will expire. This message is normal and key expiry can be disabled. For more information, see Key expiry.

  3. Open the Machines page of the Tailscale admin console and verify that the Unraid server is added.

    If device approval is enabled, you may need to approve the server from the Machines page of the admin console to allow the Unraid server to communicate with other devices in your tailnet.

Configure optional settings in Unraid OS

You can make any additional configuration changes in Unraid, as needed.

  1. Select the Settings menu in the Unraid OS web interface.

    1. Go to the Network Services section, locate and select Tailscale.

    2. Select the Settings sub-tab, locate the Basic View option and toggle on to show Advanced View.

    3. (Optional) Set Use Tailscale DNS settings to Yes. This indicates that the tailnet DNS settings will be used when the Unraid server is connected to the tailnet. This is optional but recommended in order for magicDNS and hostname based DNS lookups to work properly. For more information, see DNS in Tailscale.

      Turning on the Use Tailscale DNS settings option can cause issues with Tailscale Serve generating certificates due to the way Unraid modifies the ENTRYPOINT dockerfile command. If you encounter this issue, disable Use Tailscale DNS settings, then stop and start the container. Simply restarting the container will not work. You can then generate the certificates and re-enable the Use Tailscale DNS settings option.

    4. Go to Save Settings and select Apply.

    5. Go to Restart Tailscale and select Restart.

From the Machines page of the admin console, you can locate the tailnet 100.x.y.z IP address for the Unraid server. Use that address, or the tailnet hostname, such as tower, to connect to the Unraid user interface from another device in your tailnet, using a web browser.

Route tailnet traffic through Unraid

You can configure the Unraid server as an exit node to route traffic for other devices in the tailnet through the Unraid server. This can be useful when using an untrusted Wi-Fi connection in a coffee shop or accessing online services (such as banking) that require devices to be in a specific country or region.

  1. Open the Unraid OS web interface.

    1. Select the terminal icon (>_) in the main menu.

    2. Enter the following commands:

      echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf

  2. Go to the Machines page of the Tailscale admin console.

    1. Locate the Unraid server in the list. If configured correctly it will display the Exit Node badge.
    2. Each exit node requires manual approval. To approve devices as an exit node, in the Tailscale admin console, select the ellipsis icon menu next to the node in question, then select Edit route settings.
    3. Check the Use as exit node box, then select Save.

To configure other devices in your tailnet to use the Unraid server as an exit node, refer to Use exit nodes.

Unraid as a Tailscale Subnet Router

You can configure the Unraid server as a subnet router to access any devices or nodes in your physical network that cannot be added to your tailnet. For example, you can remotely connect to a printer.

  1. Open the Unraid OS web interface.

    1. Select the terminal icon (>_) in the main menu.

    2. Enter the following commands:

      tailscale up --advertise-routes=192.0.2.0/24

      If you want to add multiple subnets, you can include additional CIDR IP ranges separated by a comma.

      tailscale up --advertise-routes=192.168.1.0/24,198.160.50.0/24

  2. Go to the Machines page of the admin console and locate the Unraid server in the list. It should display the Subnets badge.

    1. Select the ellipsis icon menu, then select Edit route settings.
    2. Check the IP range boxes that correspond to the subnet routes you want to advertise, then select Save.

  3. Go back to the Unraid OS web interface, open the Tailscale app, and verify that subnets are enabled.

Native docker and Tailscale integration

As of Unraid v7, containers created on an Unraid server can automatically be joined to your tailnet. This allows each container to appear as a unique machine in your tailnet. A case for this would be sharing a service with a non-tailnet user or device, without sharing the Unraid server by way of Tailscale.

See the Unraid maintained documentation for more details about integration.

Automatically join containers to your tailnet

Advanced users can automate the addition of containers to their tailnet. They can do so programmatically using a Tailscale OAuth client secret

  1. Tailscale pre-requisites
    1. Create an appropriate tag in your ACLs.
    2. Generate an OAuth client with permissions to Read and Write Auth Keys.
  2. In the Unraid OS web interface, select a container for creation.

    1. In the Add Container menu, set Use Tailscale to on.

    2. Enter an appropriate hostname for the container in your tailnet.

    3. Select Tailscale Show Advanced Settings.

    4. Enter the following string in the Tailscale Extra Parameters field, making sure to update the values with your own:

      --authkey=tskey-client-kQ3XbSTPg921CNTRL-teMgW7PkZ2No9xr1CRTt1N7k45u3MnKpZ --advertise-tags=tag:example

    5. Select Apply.

    6. Your service should now be available with a TLS certificate from the following location:

      https://myservice.example.ts.net

Last updated Jan 17, 2025