I’m looking to obtain an SSL certificate for a tailscale address in a nixos container. I have opened the required firewall ports but the connection request for the certificate is being refused locally:
[root@nextcloud:/etc/default]# tailscale cert ${MACHINE_NAME}.${TAILNET_NAME} 500 Internal Server Error: acme.GetReg: Get "https://acme-v02.api.letsencrypt.org/directory": dial tcp: l ookup acme-v02.api.letsencrypt.org on 127.0.0.53:53: read udp 127.0.0.1:52107->127.0.0.53:53: read: connection refused
The config for my container has firewall has the following setting:
services.tailscale.enable = true; services.tailscale.interfaceName = "userspace-networking"; network.firewall = { enable = true; allowedTCPPorts = [80 443 ]; trustedInterfaces = [ "tailscale0"]; allowedUDPPorts = [53 config.services.tailscale.port]; };
Are there any more settings I need to apply to obtain the SSL certifcate from letsencrypt?