From 474690b946cbb7df5f0c8306c86cb1b3bd501cfd Mon Sep 17 00:00:00 2001
From: Laszlo Magyar <lmagyar1973@gmail.com>
Date: Thu, 18 Jul 2024 11:26:10 +0200
Subject: [PATCH] Make UDP port configurable

---
 tailscale/DOCS.md                                    | 12 ++++++++++++
 tailscale/config.yaml                                |  1 +
 .../rootfs/etc/s6-overlay/s6-rc.d/tailscaled/run     |  6 ++++++
 tailscale/translations/en.yaml                       |  5 +++++
 4 files changed, 24 insertions(+)

diff --git a/tailscale/DOCS.md b/tailscale/DOCS.md
index 7a4b8273..d1e1a886 100644
--- a/tailscale/DOCS.md
+++ b/tailscale/DOCS.md
@@ -80,6 +80,7 @@ tags:
   - tag:example
   - tag:homeassistant
 taildrop: true
+udp_port: 12345
 userspace_networking: true
 ```
 
@@ -311,6 +312,17 @@ When not set, this option is enabled by default.
 
 Received files are stored in the `/share/taildrop` directory.
 
+### Option: `udp_port`
+
+UDP port to listen on for WireGuard and peer-to-peer traffic.
+
+Use this option (and router port forwarding) if you experience that Tailscale
+can't establish peer-to-peer connections to some of your devices (usually behind
+CGNAT networks). You can test connections with `tailscale ping
+<hostname-or-ip>`.
+
+When not set, an automatically selected port is used by default.
+
 ### Option: `userspace_networking`
 
 The add-on uses [userspace networking mode][tailscale_info_userspace_networking]
diff --git a/tailscale/config.yaml b/tailscale/config.yaml
index 484ef7a6..4fbc9753 100644
--- a/tailscale/config.yaml
+++ b/tailscale/config.yaml
@@ -42,4 +42,5 @@ schema:
   tags:
     - "match(^tag:[a-zA-Z][a-zA-Z0-9-]*$)?"
   taildrop: bool?
+  udp_port: port?
   userspace_networking: bool?
diff --git a/tailscale/rootfs/etc/s6-overlay/s6-rc.d/tailscaled/run b/tailscale/rootfs/etc/s6-overlay/s6-rc.d/tailscaled/run
index bbb52847..415f664c 100755
--- a/tailscale/rootfs/etc/s6-overlay/s6-rc.d/tailscaled/run
+++ b/tailscale/rootfs/etc/s6-overlay/s6-rc.d/tailscaled/run
@@ -16,6 +16,12 @@ if ! bashio::debug ; then
   options+=(--no-logs-no-support)
 fi
 
+# Use configured UDP port
+if bashio::config.has_value "udp_port";
+then
+  options+=(--port=$(bashio::config "udp_port"))
+fi
+
 # Use userspace networking by default when not set, or when explicitly enabled
 if ! bashio::config.has_value "userspace_networking" || \
   bashio::config.true "userspace_networking";
diff --git a/tailscale/translations/en.yaml b/tailscale/translations/en.yaml
index 7ab78bd4..93ff68c3 100644
--- a/tailscale/translations/en.yaml
+++ b/tailscale/translations/en.yaml
@@ -90,6 +90,11 @@ configuration:
       This option allows you to enable Taildrop, a file sharing service
       that allows you to share files with other Tailscale nodes.
       When not set, this option is enabled by default.
+  udp_port:
+    name: UDP port
+    description: >-
+      UDP port to listen on for WireGuard and peer-to-peer traffic.
+      When not set, an automatically selected port is used by default.
   userspace_networking:
     name: Userspace networking mode
     description: >-