Casey LissOct 28

This is super hot. I had been relying on the excellent, but seemingly abandoned, TSDProxy. Happy to see an equivalent come in-house.

https://tailscale.com/blog/services-beta

tl;dr: expose a particular service on your tailnet, with full ACL grant support.

So, I could have Tailscale expose…

https://n8n.fancy-name.ts.net/

…with full TLS/SSL and ACL support, even though in actuality the _real_ address for this service is

http://synology.fancy-name.ts.net:8089/

Very cool.

Tailscale Services: Define resources on your tailnet, with granular controls

Tailscale Services is a new way to define available resources on your network and expand the granularity of your access controls to resources that may not have Tailscale installed on them.

Show threadDaniel Nelson
@caseyliss it looks very nice but the “During our open beta period, we won’t be charging customers or capping usage” makes me very nervous to rely on it.
Oct 28 at 4:58pmIceCubesApp
Show threadJosh RiversOct 28
@dnelson @caseyliss I’m with you. I was pretty excited until I got to that vague statement. It’s not that much work for me to self manage service location and TLS termination. I’d be glad to hand that off to TS, but I won’t spend time on it until they are explicit about what the free limits will be.
Show threadAlex KretzschmarOct 28

@dnelson @caseyliss part 2 of the sentence you omitted for some reason? We are not out to entrap our free users via enshittification.

“and we’ll provide a legacy exception for your usage.”

Show threadDaniel NelsonOct 28
@ironicbadger @caseyliss The email I quoted didn’t say that. Screenshot attached:
Show threadAlex KretzschmarOct 28

@dnelson @caseyliss fair enough! Apologies for the confusion.

In the post Casey linked it’s stated you’ll be grandfathered in. HTH

Show threadDaniel NelsonOct 28
@ironicbadger All good. It seems like nice functionality, just not something I’m going to rely on for my home lab usage if I don’t know exactly how the grandfathering will work (for instance, being able to add new hosts and services after the beta period, since I don’t want to maintain multiple service routing systems). In a corporate environment I’d have no objection to paying for it