Unraid and Twingate Setup?

Dsunn · August 30, 2023, 1:02pm

I have an unraid server and I’m trying to figure out how to connect my unraid to Twingate, does anyone have a guide?

Arthur · August 30, 2023, 7:34pm

Hi Dsunn,

I’m not sure if you’re talking about deploying a connector on your unRAID box, but here’s how to do that:

Log in to your Twingate dashboard.
Click on the remote network you want to deploy a connector for.
Click on “Add Connector”

Screenshot 2023-08-30 at 12.31.26 PM320×640 24.7 KB
Click on the newly created Connector - It will be called wacky-dolphin or electrified-aardvark, or some other adjective/animal combination. In my case, it’s “Invisible Tarantula”.
Leave Docker selected as your deployment method, and click “Generate Tokens” (This will prompt you to reauthenticate for security reasons)

Screenshot 2023-08-30 at 12.33.33 PM1226×895 84.6 KB
In the entry for Step 4, you’ll see a docker command block you could normally copy and paste into a Linux shell to do everything for you, but in our case we need to do it a bit differently. The command block is going to look something like this:

docker run -d --sysctl net.ipv4.ping_group_range="0 2147483647" 
--env TWINGATE_NETWORK="[your twingate network name]" 
--env TWINGATE_ACCESS_TOKEN="blah blah blah" 
--env TWINGATE_REFRESH_TOKEN="even more blah blah blah"  
--env TWINGATE_LABEL_HOSTNAME="`hostname`" 
--name "twingate-invisible-tarantula" 
--restart=unless-stopped 
--pull=always twingate/connector:1

Either copy this out to a text editor, or open a new tab with your unRAID Administration GUI

In the unRAID GUI, Click on “Docker” (I know, I need to update my machine)

Screenshot 2023-08-30 at 12.25.59 PM747×136 8.3 KB
Click on “Add Container”
At the top of the window, click on the toggle next to Basic View to switch to Advanced view

Screenshot 2023-08-30 at 12.40.07 PM1943×49 2.98 KB
Add the following data to the fields available:
Template - leave as “Select a Template”
Name - “Twingate Connector - invisible-tarantula” (note: this can be whatever you want. It’s just what shows in the unRAID containerlist)
Additional Requirements - Leave Blank
Repository - twingate/connector:1
Registry URL, Icon URL, WebUI - Leave Blank
Extra Parameters - --sysctl net.ipv4.ping_group_range="0 2147483647" --name "twingate-invisible-tarantula" --restart=unless-stopped --pull=always
Network Type - in most cases, you can leave this as “Bridge” but if you’re going to be connected to Twingate on the same network you’re running the connector on, you may want to switch this to “Host” to improve performance.
Privileged - Toggle this on to allow for one of our docker flags to work correctly. Without a privileged container and the --sysctl net.ipv4.ping_group_range="0 2147483647" argument, you may not be able to ping Twingate resources through this connector.

Click on “Add another Path, Port, Variable, Label or Device” above the “Apply” button, and Change the values in the modal as follows:
Config Type - Change to “Variable”
Name - Twingate Network
Key - TWINGATE_NETWORK
Value - yournetworkslug (if your twingate url is mycompany.twingate.com you would just enter mycompany. No quotes., No https. No spaces. No .twingate.com

and Click Add.

Click on “Add another Path, Port, Variable, Label or Device” above the “Apply” button, and Change the values in the modal as follows:
Config Type - Change to “Variable”
Name - Twingate Access Token
Key - TWINGATE_ACCESS_TOKEN
Value - [the long string from that docker command block you copied in step 6 that matches the TWINGATE_ACCESS_TOKEN value. In my example it would be blah blah blah. No quotes. No spaces. Nothing extra. Just that string.

and Click Add.

Click on “Add another Path, Port, Variable, Label or Device” above the “Apply” button, and Change the values in the modal as follows:
Config Type - Change to “Variable”
Name - Twingate Refresh Token
Key - TWINGATE_REFRESH_TOKEN
Value - [the long string from that docker command block you copied in step 6 that matches the TWINGATE_REFRESH_TOKEN value. In my example it would be even more blah blah blah. No quotes. No spaces. Nothing extra. Just that string.

and Click Add.

Click on “Add another Path, Port, Variable, Label or Device” above the “Apply” button, and Change the values in the modal as follows:
Config Type - Change to “Variable”
Name - Twingate Log Settings
Key - TWINGATE_LOG_ANALYTICS
Value - v2

and Click Add.
Screenshot 2023-08-30 at 1.17.23 PM

Click on “Add another Path, Port, Variable, Label or Device” above the “Apply” button, and Change the values in the modal as follows:
Config Type - Change to “Variable”
Name - Twingate Hostname Settings
Key - TWINGATE_LABEL_HOSTNAME
Value - `hostname` (this is the word hostname in “grave” quotes/backticks)
and Click Add.
At this point, your “Add Container” screen should look similar to the following:

Screenshot 2023-08-30 at 1.27.56 PM1028×1257 55.4 KB

If it does, you can go ahead and click “Apply”

You’ll see something like the following:

Screenshot 2023-08-30 at 1.29.34 PM539×765 81 KB
If we go back to our Docker list in unRAID we should see the container up and healthy:

Screenshot 2023-08-30 at 1.31.39 PM1535×73 16.3 KB
And if we go back to our Twingate dashboard, and click on the new connector, we should see something like the following:

Screenshot 2023-08-30 at 1.32.44 PM692×755 35.9 KB

And with that, we have a new container running on our unRAID server, and all we have to do is add a resource for the local IP of that server as a Twingate resource, and we should be able to access it remotely!

This guide is a bit messy as I just threw it together, but let me know if it helps you get up and running or if I totally lost the plot here.

Thanks,

-arthur