Tailscale on Kubernetes/Beta3

Has anybody gotten the new Tailscale functionality working on Kubernetes? I deployed with Helm and added this to values.yaml to configure it:

  - '--certificatesresolvers.myresolver.tailscale=true'

With that done, the Tailscale resolver seems to be there; however, the Traefik pod can't access the Tailscale socket (from the container log):

2023-09-26T23:15:26Z ERR Unable to fetch certificate for domain "codeserver  .my-lizard.ts.net" error="Get \"http://local-tailscaled.sock/localapi/v0/cert/codeserver.my-lizard.ts.net?type=pair\": dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory" providerName=myresolver.tailscale

This makes sense as the container is running as a non-root user and /var/run/tailscale/tailscaled.log isn't mounted in the container; however, I'm a bit stuck on the right way to make this work.