Time Machine network backups via Tailscale

Workarounds

Every good security guy or gal likes his or her backups.  Being the proud owner of an M1 MacBook Air, it was necessary to integrate the thing into my environment and leverage the Time Machine function of MacOS with my infrastructure.

First stop is to configure the Synology NAS I have to be a Time Machine destination.  It’s built into DSM 6.x and 7.x so just needs activating.  The shortcuts for this are:

  • Create accounts for the backup (if your own user is admin then you cannot use quotas)
  • Create a Shared Folder for Time Machine backups as a destination (with Recycle Bin unchecked)
  • Open Control Panel and go to File Services.  In the Advanced tab, ensure Bonjour is off and SMB can be used for Time Machine
  • On your Macbook, open Finder and, from the Go menu, connect to your Synology NAS using smb://tailscale_ip_address. When you click Connect, it will ask for the username and password – remember to check the box at this stage to add the password to your keychain. Then choose your Shared Folder as set up above.
  • On the MacBook, open Preferences and in Time Machine, choose your NAS using the Select Disk option. That’s it!

You don’t need to enable Bonjour for discovery – this will help you avoid confusion. The Time Machine folder needs to be mapped, not discovered.

Once you’ve done this, your backup should be able to run. First time running, it may look like it’s doing nothing but you will see your content growing steadily on the NAS.

Your MacBook will use Time Machine over the Tailscale layer and work wherever you are, assuming you have an Internet connection.

*** Don’t forget to ensure Tailscale loads with each reboot – in System Settings, search for “Login Items” and click the + to add an item for Tailscale (it seems to not respect “Start on Login” option in MacOS) and an item for your mapped folder where the backups will be stored.

Edit: Tailscale on some Synology models might be too slow for this to be sustainable. Results across my two Synology boxes have varied, with my more “lightweight” unit not having the oomph to support a good throughput on the Tailscale interface……

Edit 2: I’ve given up on Time Machine over Tailscale with Synology and have moved to Wireguard on PiVPN.