Skip to main content

friendica - Link to source

Tailscale:Remotely access and share your self-hosted services

Share your service with other people safely with Tailscale VPN

#selfhosting #tailscale #remote #safely #vpn #server #video #youtube

#Server #video #selfhosting #YouTube #vpn #REMOTE #Tailscale #safely
in reply to Anomaly

Blort™ 🐀Ⓥ🥋☣️
mastodon - Link to source
Blort™ 🐀Ⓥ🥋☣️

I understand people sharing TailScale for convenience.

I have trouble understanding people sharing #TailScale for #SelfHosting though. Their server software isn't hostable. Even if you use their server, which seems contrary to *self* hosting, well you also have to use servers from either Google, Apple or Microsoft, just to log in unless you also want to maintain an OIDC provider, which negates the "convenience" always touted.

Run what you wish, but recommending for SelfHosting seems odd.

Screenshot from TailScale. It reads "Sign up with your identity provider You'll use this provider to log in to your network (more)" then there are buttons reading "Sign up with Google, Sign up with Microsoft, sign up with GitHub, Sign up with Apple " an last of all "Sign up with OIDC "
#selfhosting #Tailscale
This entry was edited (2 weeks ago)

Tech Cyborg reshared this.

in reply to Blort™ 🐀Ⓥ🥋☣️

jgkawell
mastodon - Link to source
jgkawell
@Blort Agreed. The only truly safe tunnel is one where you are the only one who has access to the private keys. Tailscale is a great product and has its uses, but you are having to trust them both that they can adequately secure things and that they don't become a malicious actor.
@Blort™ 🐀Ⓥ🥋☣️
in reply to Blort™ 🐀Ⓥ🥋☣️

jalict
mastodon - Link to source
jalict
Sharing for awareness by Headscale is a thing. It is self-hosted server part of Tailscale, not client unfortunantely. I otherwise agree full with your post!
This entry was edited (2 weeks ago)
in reply to Blort™ 🐀Ⓥ🥋☣️

Patrick
mastodon - Link to source
Patrick
@Blort As a selfhoster you can use plain #wireguard instead. Doable as long as your infrastructure does not change all the time. I haven’t tried headscale myself.
#wireguard @Blort™ 🐀Ⓥ🥋☣️
in reply to Patrick

eshep
friendica (DFRN) - Link to source
eshep
I'd argue it's still quite doable as long as you have routable addresses to point to. The configs fer wireguard really ain't that hard to understand, even for novice technical readers. 😜
in reply to eshep

Patrick
mastodon - Link to source
Patrick
@eshep @Blort My sole problem is distributing updated configs to mobile devices of friends. I wrote a script to create config files with secret keys and IPv6 config, that’s a little cumbersome by hand but, again, doable for a limited number of devices.
@Blort™ 🐀Ⓥ🥋☣️ @eshep