Mastodawn

This is super hot. I had been relying on the excellent, but seemingly abandoned, TSDProxy. Happy to see an equivalent come in-house.

https://tailscale.com/blog/services-beta

tl;dr: expose a particular service on your tailnet, with full ACL grant support.

So, I could have Tailscale expose…

https://n8n.fancy-name.ts.net/

…with full TLS/SSL and ACL support, even though in actuality the _real_ address for this service is

http://synology.fancy-name.ts.net:8089/

Very cool.

Tailscale Services: Define resources on your tailnet, with granular controls

Tailscale Services is a new way to define available resources on your network and expand the granularity of your access controls to resources that may not have Tailscale installed on them.

Show thread

Casey Liss Oct 28

I don't _love_ that this requires serving devices to be tagged (and thus no longer user-owned), but I do understand it. Makes me a little nervous to dive in, though. 🫣

Show thread

Casey Liss Oct 30

Update: I have now switched over all the services on my Tailnet that were previously hosted by TSDProxy to the new Services approach that @tailscale debuted this week, and it's 😗👌🏻

Had no issues switching my Synology from user-owned to tagged, either.

Recommended for those of you running internal services on your Tailnet.

Show thread

Jon Mullins

@caseyliss @tailscale It's on my to-do list for this evening. I'm just upset that I'm learning about TSDProxy just now. 😵‍💫

Show thread

Casey Liss Oct 30

@jxmullins You gotta pay attention to @ironicbadger! He knows all the good shit!

https://www.youtube.com/watch?v=5lJrXEXF8eM

No more docker sidecars! TSDProxy for Tailscale

YouTube