# MikroTik Tailscale Setup Script
# Created: 2026-01-25
# Repository: https://git.xtrm-lab.org/jazzymc/infrastructure
#
# Prerequisites:
# - RouterOS 7.4+ with container package
# - USB storage mounted as usb1
# - Container mode enabled: /system/device-mode/update container=yes
# - containers-br bridge already exists (from adguard setup)

#------------------------------------------------------------
# Variables
#------------------------------------------------------------
:local containerName "tailscale"
:local containerImage "tailscale/tailscale:latest"
:local vethName "veth-tailscale"
:local containerIP "172.17.0.3"
:local gatewayIP "172.17.0.1"
:local containerBridge "containers-br"

#------------------------------------------------------------
# 1. Create veth interface
#------------------------------------------------------------
/interface veth add name=$vethName address=$containerIP/24 gateway=$gatewayIP

#------------------------------------------------------------
# 2. Add veth to container bridge
#------------------------------------------------------------
/interface bridge port add bridge=$containerBridge interface=$vethName

#------------------------------------------------------------
# 3. Create container mount for state persistence
#------------------------------------------------------------
/container/mounts/add list=ts-state src=usb1/tailscale/state dst=/var/lib/tailscale

#------------------------------------------------------------
# 4. Create environment variables
#------------------------------------------------------------
/container/envs/add list=ts-env key=TS_USERSPACE value=true
/container/envs/add list=ts-env key=TS_STATE_DIR value=/var/lib/tailscale
/container/envs/add list=ts-env key=TS_SOCKET value=/var/run/tailscale/tailscaled.sock

#------------------------------------------------------------
# 5. Create container
#------------------------------------------------------------
/container/add remote-image=$containerImage interface=$vethName \
    root-dir=usb1/tailscale/root logging=yes start-on-boot=yes \
    dns=8.8.8.8 name=$containerName

# Wait for image extraction
:log info "Waiting for Tailscale image extraction..."
:delay 60s

#------------------------------------------------------------
# 6. Add mountlists and envlists to container
#------------------------------------------------------------
/container/set [find name=$containerName] mountlists=ts-state envlists=ts-env

#------------------------------------------------------------
# 7. Start container
#------------------------------------------------------------
/container/start [find name=$containerName]

:log info "Tailscale container started"
:log info "Check logs for authentication URL: :log print where message~\"login.tailscale\""