Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
FazJaxton 2 hours ago

Could you give a brief description of your use case? I'm looking at all the tailscale buzzwords on their site, but am not really understanding what I would use this for in my home setup

rpastuszak 2 hours ago | parent | next [-]

Not sure about the parent, but here's what I use it for:

A) easy access my other, older machines from my phone or work laptop to:

- self-host a Coolify server (a "vercel-lite" control panel)

- remote connect to my older laptop to run tests/longer coding tasks for work (e.g. large browser test suites, sandboxed claude running in bg to answer longer code questions, or build fire and forget spikes/experiments)

- control my home cinema remotely (remote+ app bc it's easy and Remote Desktop).

- use w. Mullvad VPN as an exit note (Tailscale has a really easy UI for it nowadays)

B) use it like ngrok to expose my dev servers to the internet (e.g. when sharing a quick demo/pairing with a coworker)

C) cheap NAS - I the old mac is connected to an external HD (the HD itself is archived to Hetzner)

I haven't (yet) tested it as an alternative to Hamachi (is it still a thing?) but I'm planing a LAN party with my brothers who live across the continent.

Like you, I also didn't know what the fuss was about, and I'm generally cautious not to get sidetracked.

ErneX 2 hours ago | parent | prev | next [-]

I have some servers sending their telegraf data to a server in my home using the tailnet instead of opening a port on my firewall for that, to name one use case.

It has a pretty good ACL functionality, you can configure which hosts with certain tag can access certain routes.

mittermayr an hour ago | parent [-]

yeah the amount of nodes I had on the public internet, when all I really needed was some internal connectivity (exactly like you have here, a machine sending logs to an internal-only loki instance, and then a grafana node that is also only internally relevant and never needs to see the public internet), etc.

mittermayr an hour ago | parent | prev | next [-]

I have one VPS node that I use as a connector, where the headscale app is installed. I have this on a domain (for convenience), so think something like:

hs.mygreatplace.com

Now, when I install Tailscale client on any device (phones, tablets, Linux machines, proxmox nodes, etc.), I simply say: don't use the tailscale network for this, please route this over my own network, so you point it to hs.mygreatplace.com as a connectivity server, which is compatible to Tailscale, and that's it. It's officially supported by Tailscale, so that's great and makes it all work.

Then, when pairing for the first time, you'll get a link/code, click it and/or enter it on the hub basically (hs.mygreatplace.com) and it's paired.

That connection is up and will stay up now. So while that new device may be behind a firewall, I can always connect to it. You open Tailscale and see all your paired devices. They basically now get an additional internal ip (100.0.0.1, etc.) and you use that to ssh or connect to it.

I have a beefy Proxmox machine, and used to route many of these services out to the public internet through port mapping, but now I just leave them cut off entirely and only surface them inside of my private network. When connecting to these nodes (from iPhone, Laptops, etc.), there's zero configuration once it is set up, it auto-routes correctly and just acts like those nodes are on the internet, it's a dream.

It also automatically adds the node as a subdomain, so if you pair a proxmox node that runs grafana, and maybe has a hostname "grafana", it will show up and be always reachable as: grafana.hs.mygreatplace.com

It doesn't get much easier than that.

All that said, I HIGHLY recommend Tailscale for anyone who hasn't done much with private networking, just to try out first, and get used to it. Their free tier is very generous and I think they've got a fantastic next-to-zero-config product, truly wonderful. However, my concern was to be trapped with a $160m dollar VC-funded (US-based) company, when the inevitable rug gets pulled (as it always does, and as anyone should come to accept, if you've been on the internet for a minute).

So I was looking for alternatives, and headscale immediately worked out. Of course, Tailscale ever killing their client's ability to use your own infra will lead to a similar end result (dead end), but I am sure those things can eventually be sorted out by open source attempts and clients (which headscale has, I just haven't tried them out yet, https://headscale.net/0.25.0/about/clients/).

I had a Wireguard network before (which this essentially also is, but in a much nicer packaging), but always ran into config problems with the shared profiles and IPs and so forth, so this was just a simpler step.

Worst case, it all goes back to Wireguard.

pydry an hour ago | parent | prev [-]

if you self host immich, homeassistant or jellyfin you can access them while out as easily as you can on home wifi.