Right now I’ve been using Tailscale because it automatically adapts to my network conditions. If I’m at home, it’ll prioritize local network connection, but when I’m out and about, it’ll automatically beam a direct connection or use a relay.
One gripe I have about it is I can’t run it alongside my normal VPNs on my mobile devices. I have to choose between one or the other.
I have tried Cloudflare Tunnel before, but using it for streaming, like Jellyfin, is forbidden. There’s also the added latency and slowness to having to hop through multiple DCs to reach Cloudflare and back.
How does your dynamic DNS work? When does it resolve to your local network addresses and your public domains?
Not OP but DynDNS entries will always point to your current external IP and are renewed every hour.
Internally I run an AdGuard Home instance for adblocking. All my domains are rewritten by it to use the local IP while I’m in the same network.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
| Fewer Letters | More Letters |
|---|---|
| CGNAT | Carrier-Grade NAT |
| DNS | Domain Name Service/System |
| IP | Internet Protocol |
| NAT | Network Address Translation |
| SSL | Secure Sockets Layer, for transparent encryption |
| SSO | Single Sign-On |
| VPN | Virtual Private Network |
| VPS | Virtual Private Server (opposed to shared hosting) |
7 acronyms in this thread; the most compressed thread commented on today has 15 acronyms.
[Thread #33 for this sub, first seen 13th Aug 2023, 06:05] [FAQ] [Full list] [Contact] [Source code]
I run Wireguard VPN on my router that’s using OpenWrt
I just have all my services exposed through reverse proxy with whatever authentication they have on their webpage. I see most people using VPN which I know is the more secure option but I like the zero setup of just typing in the name of the service I want to go to and just having it work. Is there a better way to secure this?
I’ve tried quite a few services and eventually I mostly settled on running my own WireGuard VPN.
But honestly these days I just use tailscale.
The convenience is really unmatched, and my only qualm was that you had to let them hold the keys in exchange for the convenience of a cloud service to manage everything.
But now with Tailnet Lock you can designate devices as signing nodes which effectively means those devices now hold your keys and tailscale really has no disadvantage over setting up your own WireGuard server manually.
While also being loads easier and more feature-rich.
If anything the user-friendliness probably ultimately makes it more secure than for inexperienced users to try to set up something similar manually.
Their free plan is also quite comfortable with 3 users and 100 devices and virtually all of the features available in the premium/enterprise plans.
Honestly I was very wary of them at first but I’ve really grown to appreciate tailscale to the point I probably sound like a shill
I stay away from anything not selfhosted. Any third party, no matter how good and friendly it seems now, will eventually screw you once they get big.
Besides, even if it doesn’t, I don’t want them to have access to my data.
You can use headscale with tailscale if you want to self host it. Headscale is a community made server implementation for tailscale
Headscale is a community made server implementation for tailscale
Well, it was until they hired the guy who made it. He’s still doing it but, technically, it’s being made by Tailscale themselves now ;)
