Setup a Tailscale Exit Node to act as a VPN proxy.

Creates a container with OpenVPN and Tailscale that,

• Connects to OpenVPN using embedded configuraiton
• Connects to Tailscale using Authkey
• Advertises as an Exit Node on your Tailnet

Enabling as an Exit Node in Tailscale admin console will allow the container to act as a proxy forwarding all traffic over the VPN. This allows funneling all traffic through different locations like Europe or Asia.

Create a Tailscale Auth Key and update the TS_AUTHKEY ENV variable in docker-compose.yml.

Put a valid OpenVPN configuration file for your VPN of choice in the same directory as the docker-compose.yml and name it openvpn.ovpn.

Build the docker image with docker compose build

Run the container with docker compose up

This will connect to the VPN and Tailscale, advertising itself as an Exit Node. You may need to go into your Tailscale account and verify/enable the container on the Tailnet as an Exit Node.

Shell into the running tailscale container with docker compose exec -it proxy and verify the IP returned with curl https://ifconfig.co is your VPN IP.

On another device on your Tailnet, use the new proxy device as the Exit Node and verify https://ifconfig.co is returning your VPN IP.