new_otters_raftTailscale Services GA: App-aware connectivity with more control
Avid AmoebaWhile this is great, especially for smaller self-hosters, as a setup gets more and more dependent on Tailscale, one should think about self-hosting Headscale, and therefore not being over-reliant on services not offered by it. I’m in that boat and I haven’t done the Headscale migration yet.
MatSeFidid it one 8-Months ago or so…just works… like black magic. Fire and forget VPN (But SSO is a must in my opinion otherwise key exchange is too tideous )
I did it about 8 months ago… it just works like black magic. It’s a “fire and forget” VPN, but SSO is a must in my opinion; otherwise, key exchange is too tedious.
You’re talking about Headscale right?
Can you share what components are you using for SSO, UI, etc.?
Never got warm with all the UIs available. But things change very fast on that front. For me it looks like that they only differ by the time it takes to provide support for the newest headscale version. Just take the one supporting yours :)
For SSO , the OIDC provider from Nextcloud is working as good as any other.
Having some kind of static IP also helps but the headscale server runs on HTTPS port plus some optional ones (not sure if I remember correctly) dynamic dns should be ok as well.