TechPulseTechPulse
Back to News
Advertisement

Using Tailscale with an OrbStack VM on macOS

hhighpost 3 days ago 6 commentsRead Article on github.com

DE version is available. Content is displayed in original English for accuracy.

Here's an example of how to build an Ubuntu VM using OrbStack on macOS and then connect to the VM through Tailscale SSH using an auth key stored in Apple Keychain.

For example, I can create a VM on my Mac mini at home that hosts a git repo or even a Forgejo server. A colleague in my Tailnet can then connect to this VM to clone, push or pull source code changes from a coffeeshop or airliner while not exposing the rest of my Mac mini.

Advertisement

⚡ Community Insights

Discussion Sentiment

100% Positive

Analyzed from 259 words in the discussion.

Trending Topics

#tailscale#orbstack#using#each#though#apple#container#dev#docker#repo

Discussion (6 Comments)Read Original on HackerNews

robgough•15 minutes ago
I do all my dev inside docker/orbstack environments. I've been using a Tailscale sidecar for each, which has let me easily spin up second (and third!) copy of each repo without having to worry about them interfering with each other (the same open ports etc.). I've not extended to using worktrees, as right now I prefer entirely separate clone's of a repo, but that may well change and I suspect this would work well for that too.

https://robgough.net/multiple-app-instances-with-tailscale

Also has the handy effect of making it super easy to share my dev environment with anyone else on my tailnet, though this could be locked down if needed.

philips•about 1 hour ago
I recently learned of OrbStack and it feels like the only product that actually makes an effort to integrate VMs and Containers correctly and consistently into macOS.

Docker Desktop and Podman Desktop are both a treadmill made of Lego bricks.

jzelinskie•36 minutes ago
Hi Brandon!

Have you tried Apple's container CLI[0]? I'm still mostly using OrbStack, but container gives me some hope for the future that Apple cares about this experience.

[0]: https://github.com/apple/container

sudosteph•about 1 hour ago
I use tailscale with Orbstack so that my agents on the vm can use tailscale serve to share dashboards I can view on my phone. Works out nicely.

One thing I noticed though, is that even if I set up the VM as a tagged device with limited access rules, if my host machine (the laptop) is connected as my user (which has less limited permissions), the vm uses my host's user permissions, which isn't really what I want. If I disconnect tailscale on the mac and leave the vm tailscale connected it works as intended though - so that's something to look out for.

Also, if you're using orbstack as an agent sandbox, just be aware that they only recently added an option for true filesystem isolation, the default setup doesn't really sandbox effectively.

CalChris•about 1 hour ago
Interesting. Can you do this with Forgejo?
skinfaxi•31 minutes ago
What do you mean?