Using Tailscale with Docker for Secure Database Backups

Learn how to securely backup Dockerized databases using Tailscale, eliminating the need for a jump or bastion host. This step-by-step tutorial guides you through the process of setting up a Tailscale connection within a Docker container for hassle-free, private backups.

In this tutorial, you will learn how to set up Tailscale within a Docker container to enable secure backups of private Docker databases and files. By using Tailscale, you can establish a secure connection between your containerized database and SimpleBackups without the need for an intermediate jump or bastion host.


  1. Docker installed on your machine.
  1. A running Docker database container.
  1. An account with Tailscale and an API Key generated from there.


1. Setting up Tailscale with Docker

The first step is to run a new Docker container that will act as a connector between your private Docker database and SimpleBackups.

Here's the command to start a Tailscale container:

docker run -d --name=database-sb-connector --network container:NAME-OF-DATABASE-CONTAINER --cap-add=NET_ADMIN --cap-add=NET_RAW --env TS_AUTHKEY=API_KEY_FROM_TAILSCALE_ACCOUNT tailscale/tailscale

Breakdown of the command:

  • -name=database-sb-connector: Names the Tailscale container.
  • -network container:NAME-OF-DATABASE-CONTAINER: Connects the Tailscale container to the network namespace of your database container.
  • -cap-add=NET_ADMIN --cap-add=NET_RAW: Grants the necessary capabilities to the Tailscale container.
  • -env TS_AUTHKEY=API_KEY_FROM_TAILSCALE_ACCOUNT: Sets the Tailscale authentication key.
  • tailscale/tailscale: The Tailscale Docker image.

Make sure to replace NAME-OF-DATABASE-CONTAINER with the actual name of your database container and API_KEY_FROM_TAILSCALE_ACCOUNT with the API Key generated from your Tailscale account.

2. Verifying the Connection

Once the Tailscale container is up and running, it will establish a connection to the Tailscale network. You can verify the connection by executing:

docker exec -it database-sb-connector tailscale status

This command should display the status of the Tailscale connection and the private IP address assigned to the container.

3. Backing up your Database with SimpleBackups

With the Tailscale container in place, you can now use the private IP assigned by Tailscale to connect your database to SimpleBackups:

  • Navigate to the SimpleBackups dashboard.
  • Set up a new backup and use the private IP assigned by Tailscale as the database host address.

The beauty of this approach is that you are using a Tailscale-secured connection without exposing your database to the public internet or setting up complicated VPN configurations.


You've now learned how to use Tailscale with Docker containers to securely backup private databases and files. This approach provides a seamless and secure connection between your database and SimpleBackups, ensuring your data's safety during backups.

Did this answer your question?

Last updated on September 22, 2023