Important
Important Update (11 Aug 2024): This solution outlined is now outdated. For the most current method of generating SSL certificates for Tailscale, please follow the instructions in the original article by sim642.
This script automates the generation and renewal of Tailscale certificates on a Synology DSM. It ensures that the certificates are up-to-date and will regenerate them if they are about to expire soon.
This script was inspired by the Medium article by Walid Karray on automating Tailscale certificate configuration on Synology DSM.
- Synology DSM with root access.
- Tailscale installed and configured.
- OpenSSL installed.
- Checks if the existing Tailscale certificate is about to expire (within 30 days).
- Automatically generates and installs a new certificate if necessary.
- Restarts the Synology web server to apply the new certificate.
There are two ways to use this script:
- Enable the Task Scheduler in DSM and create a new task that runs the script at a specific interval.
- Open the Task Scheduler in DSM.
- Click on Create > Scheduled Task > User-defined script.
- Enter a name for the task.
- Select the root user.
- Set the schedule to run the script at a specific interval (e.g., every week).
- In the Task Settings tab, enter the following command in the Run command field:
/path/to/tailscale-certificate.sh
- Click OK to save the task.
- Run the script manually whenever you want to check and renew the Tailscale certificate.
- Open a terminal on your Synology DSM.
- Run the following command to make the script executable:
chmod +x /path/to/tailscale-certificate.sh
- Run the script using the following command:
sudo ./tailscale-certificate.sh
This script is open-source and available for use and modification under the MIT License.
Walid Karray for his detailed article on automating Tailscale certificate configuration on Synology DSM.