bitspook2d ago
Do someone know why exactly do #bitwarden is forcing https on self-hosted servers? I have #vaultwarden behind #headscale already, and all the bitwarden clients are refusing to work (unless I stop them from updating). Seems like a dick move. #askfedi
Fidel Ramos4d ago

🇬🇧 New article in my blog: Self-hosted Tailscale, Part 1: Headscale and clients

https://blog.fidelramos.net/software/tailscale-1-headscale-and-clients

🇪🇦 Nuevo artículo en mi blog: Tailscale autoalojado, Parte 1: Headscale y clientes

https://blog.fidelramos.net/es/software/tailscale-1-headscale-and-clients

#tailscale #selfhosting #headscale

Self-hosted Tailscale, Part 1: Headscale and clients

I had been hearing a lot of people raving about Tailscale as a solution for interconnecting devices, or in other words for creating your own mesh VPN. It does seem great on paper: easy to set up, fast and lightweight, based on an open protocol (WireGuard), works everywhere, solves the …

blog.fidelramos.net
Super OwlMay 1
#Tailscale was really decent, but I think #Headscale needs more time to mature
Root MooseApr 30

Spent some time messing around with Headscale (self-hosted implementation of the Tailscale control server).

I couldn't get "raw" WireGuard to work the way I wanted through nested firewalls and CGNAT so this seems like a good way to blow all that complexity out of the water. Less complexity is usually more reliable.

Headscale is pretty neat. Painless install on Debian.

Configuring Linux and Windows nodes is simple too - at least from a basic connectivity point of view.

I need to figure out how I'm going to deal with multi-homed DNS scenarios for clients. Something with very little thought and work through yet. Ha.

Now the hard part, picking apart the security and edge cases to use it regularly.

#Headscale #Tailscale #VPN #CGNAT #WireGuard #HomeLab #SelfHosted #SelfHosting #VPS

Super OwlApr 30
I tried out #tailscale today, and am making a rocky start to hosting my own #headscale server. I normally dislike #Discord, but made an exception to enter their chat forum - where I eventually got helped with my config troubles. I have a working config now, so I'm grateful for the help I got.
#InfoSec #OpenSource
Super OwlApr 27
Today I applied to do a 30-minute presentation for Bsides 2026. I offered to do a presentation and demo of Wireguard, where Wireguard is used in a TailScale/Headscale sort of way, but somewhat simpler. My solution is much more "pure-play" Wireguard - I wrote no software beyond using the conveniences provided by PiVPN. My "secret sauce" lies in being able to understand, and hand-edit wireguard conf files beyond a simplistic use. My solution has no "mesh" - it just uses a subnet where each node on the subnet is a working Wireguard client. My solution has no AI. I consider this to be a feature, not a bug. My solution uses conventional DNS, there is no "Magic DNS". My solution has no 2FA. It just uses Wireguard's default encryption methods, as are part of the mainline Linux kernel. The advantage to this is that all clients and server components are Open Source, whereas the Tailscale clients (Windows and macOS/iOS) are closed source.
#Wireguard #Tailscale #Headscale #infosec #VPN #OpenSource #linux @bsidesyxe
Show threadThiloApr 22

Jetzt habe ich #CryptPad installiert (per Docker, auf meinen kleinen 2 CPU / 2 GB #ionos Mietserver, der mein #Headscale VPN macht), weiß aber immer noch nicht, was ich eigentlich damit will.

Vielleicht Einkaufsliste, aber dafür fehlt eine praktische, mobile App (gibt wohl gar keine Third-Party-Clients).

Vielleicht die Datei mit den Stromzählerständen von Apple Numbers umziehen?

Vorher aber erstmal ein Backup einrichten (in existierendes #Restic einbinden; SFTP zu #Hetzner Storagebox).

TobiApr 17

Habe ein How to upgrade Headscale / Headplane geschrieben um schmerzfrei auf die letzte Version upzudaten.

https://2tap2.be/headscale-upgrade/

#headscale is an open source, #selfhosted implementation of the #Tailscale control server.

#headplane is a feature-complete Web UI for Headscale.

#opensource #vpn #zerotrust #selfhosting

Headscale / Headplane upgraden

Wie ich Headscale und Headplane zusammen installiert habe, habe ich sehr ausführlich [hier](https://2tap2.be/headscale/) beschrieben. Nun ist die Anleitung knapp ein Jahr alt und es wird mal Zeit, den ganzen Stack auf die neueste Version zu bringen. Aktuell ist das bei Headscale **v0.28** und Headplane **v0.6.2**.

2tap2.be
ThiloApr 5

The Easter Weekend Project:

Set up a cheap rental server (wanted to do #Hetzner, I like their cloud offering and used it to practice the setup, but went with the very aggressively priced low-end #ionos instead; 2€/month) with encrypted #ZFS to run #Headscale via #DockerCompose (with #Dockhand for the pretty UI).

This gives me a personal-use VPN „intranet“ to remotely access my growing self-hosted (#OnPrem #MacMini) zoo (#HomeAssistant, #PaperlessNGX, #VaultWarden, #Gitea) in a secure way.

Luis ZambranaMar 14

En el siguiente #tutorial les muestro como crear una #vpn #mesh y utilizarla con los equipos que desees sin restricciones gracias a #headscale y #tailscale sobre tu propio servidor o #selfhosted. Algo que me pareció muy útil para estos tiempos...

Miralo en : https://luiszambrana.ar/como-instalar-una-vpn-mesh-con-headscale-y-tailscale/

Si te gusto compartilo con los tuyos!!!