Skip to content

Instantly share code, notes, and snippets.

@gbraad
Last active April 20, 2025 10:31
Show Gist options
  • Save gbraad/a3e82b0c6b938948d085877c386b2f07 to your computer and use it in GitHub Desktop.
Save gbraad/a3e82b0c6b938948d085877c386b2f07 to your computer and use it in GitHub Desktop.
Tailscale + RDP on GitHub Windows runners

Tailscale + RDP on GitHub Windows runners

Since tailscale/github-action#157 (comment) it should be possible to use a Windows runner with Tailscale. To test, I'll try to set up an RDP environment.

name: Window RDP

on:
  workflow_dispatch:

jobs:
  test:

    runs-on: windows-latest
    timeout-minutes: 9999

    steps:
      - name: Tailscale
        uses: tailscale/github-action@v3
        with:
          oauth-client-id: ${{ secrets.TAILSCALE_CLIENTID }}
          oauth-secret: ${{ secrets.TAILSCALE_SECRET }}
          tags: tag:actions
      - name: Enable RDP
        run: |
          Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
          Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
          Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
          Set-LocalUser -Name "runneradmin" -Password (ConvertTo-SecureString -AsPlainText "${{ secrets.USER_PASSWORD }}" -Force)
      - name: Hang around
        run: |
          tailscale ip
          Start-Sleep -Seconds 21600

I have tested this with: https://github.com/gbraad-actions/actions-test/blob/main/.github/workflows/windows-rdp-test.yml

Make sure to have the following secrets.

  • TAILSCALE_CLIENTID
  • TAILSCALE_SECRET
  • USER_PASSWORD

and you need to provide a valid tags: value.

Note

I only use this debug purposes in certain workflows. I do not take responsibility for issues on your end.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment