I need a tailscaled running as a service on my android boot so I can ssh it anytime (yes sshd is already up and running).
Tailscale does have an android app which utilize the andoird vpn service as a tun stack. Unfortunately android vpn is an exlusive service, meaning I cannot use other vpn services when using the tailscale app.
The solution, is to run tailscale arm binary directly in termux, just like sshd. Better, I can create a service.
[!IMPORTANT] The kernal mode in android will likely fail due to iptables incompatibility. As a consequence I have to use userspace networking mode, under which the device can be reached by will not have a transparent proxy to other devices in the subnet. See https://tailscale.com/kb/1112/userspace-networking.
## download tailscale
mkdir -p $PREFIX/opt/tailscale
cd $PREFIX/opt/tailscale
## see https://pkgs.tailscale.com/stable/#static
wget https://pkgs.tailscale.com/stable/tailscale_1.78.1_arm64.tgz
tar xf tailscale_1.78.1_arm64.tgz
## create service run
mkdir -p $PREFIX/var/service/tailscaled/log
tee $PREFIX/var/service/tailscaled/run <<EOF
PREFIX=/data/data/com.termux/files/usr/
sudo $PREFIX/opt/tailscale/tailscaled -tun=userspace-networking --state=$PREFIX/var/lib/tailscale/tailscaled.state --socket=$PREFIX/run/tailscale/tailscaled.sock --port=41641 --no-logs-no-support
EOF
## create service log
tee $PREFIX/var/service/tailscaled/log/run <<EOF
#!/data/data/com.termux/files/usr/bin/sh
# Get the name of the service from the PWD, this assumes the name of the
# service is one level above the log directory.
pwd=${PWD%/*} # $SVDIR/service/foo/log
service=${pwd##*/} # foo
mkdir -p "$LOGDIR/sv/$service"
exec svlogd -tt "$LOGDIR/sv/$service"
EOF
## start service
sv up tailscaled
## login
sudo $PREFIX/opt/tailscale/tailscale --socket=$PREFIX/run/tailscale/tailscaled.sock upTo start services on boot, see https://wiki.termux.com/wiki/Termux:Boot