utzer [Pleroma]Wie geil ist denn bitte mal <a class="hashtag" href="https://soc.utzer.de/tag/headscale" rel="nofollow noopener" target="_blank">#Headscale</a> und <a class="hashtag" href="https://soc.utzer.de/tag/tailscale" rel="nofollow noopener" target="_blank">#Tailscale</a>
mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit
Administered by:
Server stats:
381Kactive users
mastodon.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-nightly.2025-02-28-security
#headscale
3 posts · 2 participants · 0 posts today
Andrew Williams<p>Actually shocked at how easy <a href="https://mastodon.incognitus.net/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> is to setup, from zero to a working system in about 30 minutes. The only hiccup I had was that the included pfSense version of the tailscale client wasn't supported, but manually installing 1.80 from freshports sorted it out quickly.</p><p>Even nicely integrates with my OIDC…</p>
Andrew Williams<p>I've managed during my OIDC Issuer migration to break <a href="https://mastodon.incognitus.net/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a> support. I've raised a ticket but because the domain i've used isn't used for emails they can't actually verify my request to reset the OIDC connection.</p><p>So, <a href="https://mastodon.incognitus.net/tags/Headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headscale</span></a>? I'm assuming it requires some relatively decent connectivity to act as the middleman, as handles proxying traffic in heavy NAT situations?</p><p>I was going to throw it on a tiny VM in my home network (which has 1gbit), would that be OK?</p><p><a href="https://mastodon.incognitus.net/tags/askhomelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>askhomelab</span></a> <a href="https://mastodon.incognitus.net/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a></p>
jfml - Jonas Laugs<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@tailscale" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tailscale</span></a></span> Hello ^__^ I'm trying to figure out how to use the switch command with a custom (<a href="https://mastodon.art/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a>) server, what's the correct way to do that?</p><p>sudo tailscale switch user@customdomain.tld --login-server=https://customdomain.tld</p><p>gives me an "usage: tailscale switch NAME error" (the username is unfortunately the same in both networks).</p><p><a href="https://mastodon.art/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> <a href="https://mastodon.art/tags/question" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>question</span></a> <a href="https://mastodon.art/tags/help" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>help</span></a></p>
Lucas Janin 🇫🇷 🇨🇦<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@badnetmask" class="u-url mention">@<span>badnetmask</span></a></span> <span class="h-card" translate="no"><a href="https://sometimes.social/@jordan" class="u-url mention">@<span>jordan</span></a></span> I’m very happy with <a href="https://mastodon.social/tags/Headscale" class="mention hashtag" rel="tag">#<span>Headscale</span></a>. My slogan: Your homelab follows you everywhere!</p><p>If you are interested, I did a series of articles on my blog. Especially talking about ACL <a href="https://www.lucasjanin.com/blog-en/" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="">lucasjanin.com/blog-en/</span><span class="invisible"></span></a></p>
A<p>OK, so far I'm enjoying <a href="https://91268476.xyz/tags/headscale" rel="nofollow noopener" target="_blank">#headscale</a> it wasn't super trivial to install, but it is working <a href="https://91268476.xyz/tags/tailscale" rel="nofollow noopener" target="_blank">#tailscale</a></p>
AlexanderMars<p><span class="h-card" translate="no"><a href="https://autonomous.zone/@fivexhotel" class="u-url mention">@<span>fivexhotel</span></a></span> assuming that were talking about someone running a few services like <a href="https://mastodon.social/tags/nextcloud" class="mention hashtag" rel="tag">#<span>nextcloud</span></a> <a href="https://mastodon.social/tags/adguardhome" class="mention hashtag" rel="tag">#<span>adguardhome</span></a> or <a href="https://mastodon.social/tags/jellyfin" class="mention hashtag" rel="tag">#<span>jellyfin</span></a> and wanting to access those services away from their home LAN. </p><p>An off the cuff example, <a href="https://mastodon.social/tags/tailscale" class="mention hashtag" rel="tag">#<span>tailscale</span></a> <a href="https://mastodon.social/tags/headscale" class="mention hashtag" rel="tag">#<span>headscale</span></a> or <a href="https://mastodon.social/tags/nebula" class="mention hashtag" rel="tag">#<span>nebula</span></a> do this with an added layer of security on top whatever authentication is built into said hosted services. </p><p><span class="h-card" translate="no"><a href="https://hachyderm.io/@tailscale" class="u-url mention">@<span>tailscale</span></a></span> is particularly self-hosting novice friendly, though there are security/foss concerns that may put some folks off. </p><p>Hope this helps.</p>
Alexandros J. Kastanis<p>I've finally updated my <a href="https://social.kastanis.gr/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> server<br><a href="https://github.com/juanfont/headscale" rel="nofollow noopener" target="_blank">https://github.com/juanfont/headscale</a><br>after realizing that the refactoring they had going on has excited beta stage for months now.<br>There were some changes in the config file that had to be addressed, but other than that it was a smooth upgrade.<br>The devs discourage the use of a reverse proxy and containers to run it, but as I figured out in the issues section they do that just to discourage newbies from doing something they don't understand and could potentially mess up, thus spamming the issue tracker.</p>
Hydrian<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@photosbykyle" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>photosbykyle</span></a></span> there are also other open-source <a href="https://twit.social/tags/mesh_network" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mesh_network</span></a> software. <a href="https://twit.social/tags/zerotier" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zerotier</span></a> is one of them. <a href="https://twit.social/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a> is a great mesh VPN, with lots of nice features but there are a decent amount of competitors that will work too. <a href="https://twit.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> isn't the only option, Just the easiest.</p>
AlexanderMars<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@mttaggart" class="u-url mention">@<span>mttaggart</span></a></span> first off, let me apologize for just skimming the article at this point. I added it to my weekend reading. So forgive me if you've covered this and I didn't see it. </p><p>Why not use <a href="https://mastodon.social/tags/headscale" class="mention hashtag" rel="tag">#<span>headscale</span></a> or <a href="https://mastodon.social/tags/nebula" class="mention hashtag" rel="tag">#<span>nebula</span></a> ? Just curious and want to inform my reading, at the very least.</p><p>I Already get why you'd not want to offload the lighthousing to third parties like tailscale.</p>
🆃ⓔ🅓🅓🅈<p><span class="h-card" translate="no"><a href="https://piaille.fr/@levieuxtoby" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>levieuxtoby</span></a></span> <span class="h-card" translate="no"><a href="https://piaille.fr/@crisdespluviers" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>crisdespluviers</span></a></span> pour le trad j'auto-héberge nos CD numérisés en FLAC. J'ai utilisé différents systèmes, jellyfin, kodi, navidrome, mpd, moode audio, LMS,... Pour celleux qui ont une connexion suffisante et qui bricolent un peu, c'est pas trop compliqué, avec 1 petit RaspberryPi. À Noël j'ai monté un Pi2B avec <a href="https://piaille.fr/tags/DietPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DietPi</span></a> pour un cadeau. J'ai même ajouté une carte DAC pas cher, dans le cadre de sa fonction première, c'est à dire, streamer de la musique localement avec du bon son sur une chaîne Hi-Fi. Pour la connexion depuis l'extérieur, c'est de caler un petit VPN du style <a href="https://piaille.fr/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a>, ou <a href="https://piaille.fr/tags/Headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headscale</span></a> (auto-hébergé) et ça marche sans ouvrir de port.</p>
AlexanderMars<p><span class="h-card" translate="no"><a href="https://mastodon.social/@hardleft" class="u-url mention">@<span>hardleft</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@Em0nM4stodon" class="u-url mention">@<span>Em0nM4stodon</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.neat.computer/@jonah" class="u-url mention">@<span>jonah</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.neat.computer/@privacyguides" class="u-url mention">@<span>privacyguides</span></a></span> best practices for anonymous cloud is something like <a href="https://mastodon.social/tags/cryptee" class="mention hashtag" rel="tag">#<span>cryptee</span></a> which you can access entirely through a browser.</p><p>Or something like <a href="https://mastodon.social/tags/nextcloud" class="mention hashtag" rel="tag">#<span>nextcloud</span></a> and <a href="https://mastodon.social/tags/headscale" class="mention hashtag" rel="tag">#<span>headscale</span></a> on a secure(yes I know there's no such thing) server, but that's outside the scope of mobile privacy for protesters.</p>
ohmrun<p>Starting to wrap my head around <a href="https://hachyderm.io/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a> and <a href="https://hachyderm.io/tags/Headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headscale</span></a></p>
beyondwatts<p><span class="h-card" translate="no"><a href="https://mastodon.social/@lucas3d" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lucas3d</span></a></span> oh my… I think I may have managed to configure a two node high availability tailscale subnet router set up with a <a href="https://beyondwatts.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> statefulset</p><p><a href="https://beyondwatts.social/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a></p>
beyondwatts<p>Inspired by <span class="h-card" translate="no"><a href="https://mastodon.social/@lucas3d" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lucas3d</span></a></span> I had another go at getting <a href="https://beyondwatts.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> set up in the homelab.</p><p>Last time I managed to connect machines and individual kubernetes pods with sidecars but stumbled getting a subnet router to give access my entire kubernetes cluster and local network so an admin user (me) has the same access today as I do with WireGuard today. </p><p>It turned out everything was in the <a href="https://beyondwatts.social/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> documentation. I just had to find it! <a href="https://github.com/tailscale/tailscale/tree/main/docs/k8s" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/tailscale/tailscale</span><span class="invisible">/tree/main/docs/k8s</span></a></p><p><a href="https://beyondwatts.social/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a></p>
Lucas Janin 🇫🇷 🇨🇦<p>I updated my <a href="https://mastodon.social/tags/Headscale" class="mention hashtag" rel="tag">#<span>Headscale</span></a> and <a href="https://mastodon.social/tags/Tailscale" class="mention hashtag" rel="tag">#<span>Tailscale</span></a> blog post with additional information about the Nginx Proxy Manager section (PiHole with wildcard DNS) and an improved ACL diagram that I believe is clearer and more accurate.</p><p>English: <a href="https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">lucasjanin.com/2025/01/03/head</span><span class="invisible">scale-tailscale-in-a-self-hosted-environment</span></a></p><p>Français: <a href="https://www.lucasjanin.com/2025/01/03/headscale-et-tailscale-dans-un-enviroment-auto-heberge" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">lucasjanin.com/2025/01/03/head</span><span class="invisible">scale-et-tailscale-dans-un-enviroment-auto-heberge</span></a></p><p><a href="https://mastodon.social/tags/VPN" class="mention hashtag" rel="tag">#<span>VPN</span></a> <a href="https://mastodon.social/tags/Headplane" class="mention hashtag" rel="tag">#<span>Headplane</span></a> <a href="https://mastodon.social/tags/ACL" class="mention hashtag" rel="tag">#<span>ACL</span></a> <a href="https://mastodon.social/tags/NginxProxyManager" class="mention hashtag" rel="tag">#<span>NginxProxyManager</span></a> <a href="https://mastodon.social/tags/Synology" class="mention hashtag" rel="tag">#<span>Synology</span></a> <a href="https://mastodon.social/tags/HomeAssistant" class="mention hashtag" rel="tag">#<span>HomeAssistant</span></a> <a href="https://mastodon.social/tags/selfhosted" class="mention hashtag" rel="tag">#<span>selfhosted</span></a> <a href="https://mastodon.social/tags/selfhosting" class="mention hashtag" rel="tag">#<span>selfhosting</span></a> <a href="https://mastodon.social/tags/homelab" class="mention hashtag" rel="tag">#<span>homelab</span></a></p>
Lucas Janin 🇫🇷 🇨🇦<p><span class="h-card" translate="no"><a href="https://mastodon.social/@mazm" class="u-url mention">@<span>mazm</span></a></span> Make sense if you don’t need more than 3 users. In my case, it was an issue and at this moment they didn’t have the personal plus tier. So, Tailscale was too expensive for my budget. </p><p>Now, my <a href="https://mastodon.social/tags/Headscale" class="mention hashtag" rel="tag">#<span>Headscale</span></a> setup is all working and I didn’t regret it. I love to have fewer possible outside dependencies. </p><p>Recently, I posted a blog post on my journey with Headscale if you are curious. </p><p><a href="https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment/" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">lucasjanin.com/2025/01/03/head</span><span class="invisible">scale-tailscale-in-a-self-hosted-environment/</span></a></p>
Taiki<p>I had been thinking about selfhosting headscale but might just get along with tailscale cuz it only manages pub keys anyway <br /><a href="https://mastodon.social/tags/tailscale" class="mention hashtag" rel="tag">#<span>tailscale</span></a> <a href="https://mastodon.social/tags/headscale" class="mention hashtag" rel="tag">#<span>headscale</span></a></p>
Lucas Janin 🇫🇷 🇨🇦<p><span class="h-card" translate="no"><a href="https://beyondwatts.social/@beyondwatts" class="u-url mention">@<span>beyondwatts</span></a></span> My <a href="https://mastodon.social/tags/Headscale" class="mention hashtag" rel="tag">#<span>Headscale</span></a> runs locally in a Proxmox VM in my homelab. Some people mentioned is safer to do it on a VPS. I will investigate this option, but I love to be fully local :-)</p>
beyondwatts<p><span class="h-card" translate="no"><a href="https://mastodon.social/@lucas3d" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lucas3d</span></a></span> are you hosting <a href="https://beyondwatts.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> inside the homelab or outside?</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload