Joe Steinbring 
I saw this morning that #NordVPN is getting rid of #Meshnet in December, and I have no fucking idea what to replace it with.
https://www.tomsguide.com/computing/vpns/nordvpn-axes-meshnet-heres-why
Brett@joe wouldn't Tailscale be wildly superior to this considering they only handle auth for your nodes and I'm just guessing that NordVPN routed the mesh network traffic through their infrastructure.
@bflipp I've tried using Tailscale + NordVPN before and it gets fragile from time to time because the clients fight each other. Being able to connect to a single VPN was much easier.
@joe I can't speak to your reasons for using a commercial VPN but if you're just changing geo-location then a tailscale exit node on a vps in digital ocean or aws would probably get you what you need with a dramatically simpler config.
@bflipp NordVPN has something that they call "Threat Protection Pro" which blocks things like ad servers, trackers, tracking parameters in URLs, malicious / scam / fraud websites, etc. You can use something like Pi-Hole on your network to do the same thing but being able to pay ~$25/yr and have it work on any network and all of my devices has a lot of value to me. Any replacement would have to be able to do the same and not be something that I have to admin myself.
For me, I use a mini-PC with OPNsense which has checkboxes for setting up their firewall for all of those things and I haven't logged in to the web gui to manage anything in maybe a year or so.
When I'm outside the house my phone and laptop automatically connect to Tailscale and route traffic through my home office where I have an exit node that's always turned on so my devices always take advantage of OPNsense killing any traffic at the DNS level I don't want.
Yes I had to set it up but I also don't think about it at all anymore and haven't for a long time.
I will say this though, NordVPN is owned by a venture capital firm called Tesonet so your data and your traffic is not safe at all with them. I would heavily advise rolling your own depending on your use case if your use case is at all privacy related.
Tesonet owns multiple VPN providers as well as a literal data harvesting and web scraping company called Oxylabs.
@bflipp The chances that I'll set up my own solution are pretty minimal. My rule for self-hosted services is "If it can't be down for two weeks without crippling me, I don't do it." That means no self-hosted email, mastodon, etc. Doing that would likely fit in the same category.
My setup has been running and stable for years at this point. I run everything through tailscale. Including cloud storage to my office with NextCloud. My mom who's nearly 90 even uses tailscale on her AppleTV to watch movies off my Jellyfin server.
I'm not "self hosting" anything the way you're talking about it. Just using tailscale to route all the traffic from my tailscale clients through my firewall in my home office which also puts all my clients on my "internal" network. No need for certs or even playing with ports. No software beyond tailscale to install or setup.
I don't consider installing OPNsense much maintenance.