#headscale — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #headscale, aggregated by home.social.
-
#netbird ist ja komplett out of control!
Ich wollte per #headscale meine VPS mit meiner homeprod verdrahten.
Netbird ist alles was tailscale per SaaS sein kann, aber #selfhosted.
Das setup ist irre. FW auf auf den relevanten Ports, DNS aufsetzen, script anwerfen, Fertig.Wer wie ich keine Lust auf externe Infrastruktur ausserhalb der eigenen Kontrolle hat und site2site braucht, ich glaube besser gehts nich.
#diy #homelab #overlaynetwork #wireguard
danke @staticvoid für den #nerdsnipe
-
#netbird ist ja komplett out of control!
Ich wollte per #headscale meine VPS mit meiner homeprod verdrahten.
Netbird ist alles was tailscale per SaaS sein kann, aber #selfhosted.
Das setup ist irre. FW auf auf den relevanten Ports, DNS aufsetzen, script anwerfen, Fertig.Wer wie ich keine Lust auf externe Infrastruktur ausserhalb der eigenen Kontrolle hat und site2site braucht, ich glaube besser gehts nich.
#diy #homelab #overlaynetwork #wireguard
danke @staticvoid für den #nerdsnipe
-
#netbird ist ja komplett out of control!
Ich wollte per #headscale meine VPS mit meiner homeprod verdrahten.
Netbird ist alles was tailscale per SaaS sein kann, aber #selfhosted.
Das setup ist irre. FW auf auf den relevanten Ports, DNS aufsetzen, script anwerfen, Fertig.Wer wie ich keine Lust auf externe Infrastruktur ausserhalb der eigenen Kontrolle hat und site2site braucht, ich glaube besser gehts nich.
#diy #homelab #overlaynetwork #wireguard
danke @staticvoid für den #nerdsnipe
-
#netbird ist ja komplett out of control!
Ich wollte per #headscale meine VPS mit meiner homeprod verdrahten.
Netbird ist alles was tailscale per SaaS sein kann, aber #selfhosted.
Das setup ist irre. FW auf auf den relevanten Ports, DNS aufsetzen, script anwerfen, Fertig.Wer wie ich keine Lust auf externe Infrastruktur ausserhalb der eigenen Kontrolle hat und site2site braucht, ich glaube besser gehts nich.
#diy #homelab #overlaynetwork #wireguard
danke @staticvoid für den #nerdsnipe
-
#netbird ist ja komplett out of control!
Ich wollte per #headscale meine VPS mit meiner homeprod verdrahten.
Netbird ist alles was tailscale per SaaS sein kann, aber #selfhosted.
Das setup ist irre. FW auf auf den relevanten Ports, DNS aufsetzen, script anwerfen, Fertig.Wer wie ich keine Lust auf externe Infrastruktur ausserhalb der eigenen Kontrolle hat und site2site braucht, ich glaube besser gehts nich.
#diy #homelab #overlaynetwork #wireguard
danke @staticvoid für den #nerdsnipe
-
Wenn man einmal anfängt ...
Nach Feierabend "bloss" mal eben #crowdsec auf der outpost vps aufsetzen. Ok, geht. Oh, da sieht man ja die ganzen ssh-bruteforces ... Prometheus draussen im Web aufmachen keine so gute Idee, aber will adminp0rn, gibt so schöne Dashboards.Zwischendrin @oli nmap Terror machen geschickt, um die alerts zu testen 🤖
Bis halb 12 #headscale aufgesetzt mit ein paar Stolperern und jetzt ist besser mal Schluss für heute.
Up next: #tailscale IM docker
-
Wenn man einmal anfängt ...
Nach Feierabend "bloss" mal eben #crowdsec auf der outpost vps aufsetzen. Ok, geht. Oh, da sieht man ja die ganzen ssh-bruteforces ... Prometheus draussen im Web aufmachen keine so gute Idee, aber will adminp0rn, gibt so schöne Dashboards.Zwischendrin @oli nmap Terror machen geschickt, um die alerts zu testen 🤖
Bis halb 12 #headscale aufgesetzt mit ein paar Stolperern und jetzt ist besser mal Schluss für heute.
Up next: #tailscale IM docker
-
Wenn man einmal anfängt ...
Nach Feierabend "bloss" mal eben #crowdsec auf der outpost vps aufsetzen. Ok, geht. Oh, da sieht man ja die ganzen ssh-bruteforces ... Prometheus draussen im Web aufmachen keine so gute Idee, aber will adminp0rn, gibt so schöne Dashboards.Zwischendrin @oli nmap Terror machen geschickt, um die alerts zu testen 🤖
Bis halb 12 #headscale aufgesetzt mit ein paar Stolperern und jetzt ist besser mal Schluss für heute.
Up next: #tailscale IM docker
-
Wenn man einmal anfängt ...
Nach Feierabend "bloss" mal eben #crowdsec auf der outpost vps aufsetzen. Ok, geht. Oh, da sieht man ja die ganzen ssh-bruteforces ... Prometheus draussen im Web aufmachen keine so gute Idee, aber will adminp0rn, gibt so schöne Dashboards.Zwischendrin @oli nmap Terror machen geschickt, um die alerts zu testen 🤖
Bis halb 12 #headscale aufgesetzt mit ein paar Stolperern und jetzt ist besser mal Schluss für heute.
Up next: #tailscale IM docker
-
Wenn man einmal anfängt ...
Nach Feierabend "bloss" mal eben #crowdsec auf der outpost vps aufsetzen. Ok, geht. Oh, da sieht man ja die ganzen ssh-bruteforces ... Prometheus draussen im Web aufmachen keine so gute Idee, aber will adminp0rn, gibt so schöne Dashboards.Zwischendrin @oli nmap Terror machen geschickt, um die alerts zu testen 🤖
Bis halb 12 #headscale aufgesetzt mit ein paar Stolperern und jetzt ist besser mal Schluss für heute.
Up next: #tailscale IM docker
-
Be me.
Make a typo `pcke` instead of `pkce` in your NixOS config for headscale.
Config does not get spellchecked, just converted to yml.
Kandidm does not reciece pkce challenge.
Fight for hours over 4 weeks to finally decide to open the generated yml.GG.
-
Be me.
Make a typo `pcke` instead of `pkce` in your NixOS config for headscale.
Config does not get spellchecked, just converted to yml.
Kandidm does not reciece pkce challenge.
Fight for hours over 4 weeks to finally decide to open the generated yml.GG.
-
Be me.
Make a typo `pcke` instead of `pkce` in your NixOS config for headscale.
Config does not get spellchecked, just converted to yml.
Kandidm does not reciece pkce challenge.
Fight for hours over 4 weeks to finally decide to open the generated yml.GG.
-
Be me.
Make a typo `pcke` instead of `pkce` in your NixOS config for headscale.
Config does not get spellchecked, just converted to yml.
Kandidm does not reciece pkce challenge.
Fight for hours over 4 weeks to finally decide to open the generated yml.GG.
-
Be me.
Make a typo `pcke` instead of `pkce` in your NixOS config for headscale.
Config does not get spellchecked, just converted to yml.
Kandidm does not reciece pkce challenge.
Fight for hours over 4 weeks to finally decide to open the generated yml.GG.
-
Do someone know why exactly do #bitwarden is forcing https on self-hosted servers? I have #vaultwarden behind #headscale already, and all the bitwarden clients are refusing to work (unless I stop them from updating). Seems like a dick move. #askfedi
-
Do someone know why exactly do #bitwarden is forcing https on self-hosted servers? I have #vaultwarden behind #headscale already, and all the bitwarden clients are refusing to work (unless I stop them from updating). Seems like a dick move. #askfedi
-
Do someone know why exactly do #bitwarden is forcing https on self-hosted servers? I have #vaultwarden behind #headscale already, and all the bitwarden clients are refusing to work (unless I stop them from updating). Seems like a dick move. #askfedi
-
Do someone know why exactly do #bitwarden is forcing https on self-hosted servers? I have #vaultwarden behind #headscale already, and all the bitwarden clients are refusing to work (unless I stop them from updating). Seems like a dick move. #askfedi
-
Do someone know why exactly do #bitwarden is forcing https on self-hosted servers? I have #vaultwarden behind #headscale already, and all the bitwarden clients are refusing to work (unless I stop them from updating). Seems like a dick move. #askfedi
-
#Tailscale was really decent, but I think #Headscale needs more time to mature
-
#Tailscale was really decent, but I think #Headscale needs more time to mature
-
#Tailscale was really decent, but I think #Headscale needs more time to mature
-
I tried out #tailscale today, and am making a rocky start to hosting my own #headscale server. I normally dislike #Discord, but made an exception to enter their chat forum - where I eventually got helped with my config troubles. I have a working config now, so I'm grateful for the help I got.
#InfoSec #OpenSource -
I tried out #tailscale today, and am making a rocky start to hosting my own #headscale server. I normally dislike #Discord, but made an exception to enter their chat forum - where I eventually got helped with my config troubles. I have a working config now, so I'm grateful for the help I got.
#InfoSec #OpenSource -
I tried out #tailscale today, and am making a rocky start to hosting my own #headscale server. I normally dislike #Discord, but made an exception to enter their chat forum - where I eventually got helped with my config troubles. I have a working config now, so I'm grateful for the help I got.
#InfoSec #OpenSource -
I tried out #tailscale today, and am making a rocky start to hosting my own #headscale server. I normally dislike #Discord, but made an exception to enter their chat forum - where I eventually got helped with my config troubles. I have a working config now, so I'm grateful for the help I got.
#InfoSec #OpenSource -
I tried out #tailscale today, and am making a rocky start to hosting my own #headscale server. I normally dislike #Discord, but made an exception to enter their chat forum - where I eventually got helped with my config troubles. I have a working config now, so I'm grateful for the help I got.
#InfoSec #OpenSource -
Today I applied to do a 30-minute presentation for Bsides 2026. I offered to do a presentation and demo of Wireguard, where Wireguard is used in a TailScale/Headscale sort of way, but somewhat simpler. My solution is much more "pure-play" Wireguard - I wrote no software beyond using the conveniences provided by PiVPN. My "secret sauce" lies in being able to understand, and hand-edit wireguard conf files beyond a simplistic use. My solution has no "mesh" - it just uses a subnet where each node on the subnet is a working Wireguard client. My solution has no AI. I consider this to be a feature, not a bug. My solution uses conventional DNS, there is no "Magic DNS". My solution has no 2FA. It just uses Wireguard's default encryption methods, as are part of the mainline Linux kernel. The advantage to this is that all clients and server components are Open Source, whereas the Tailscale clients (Windows and macOS/iOS) are closed source.
#Wireguard #Tailscale #Headscale #infosec #VPN #OpenSource #linux @bsidesyxe -
Today I applied to do a 30-minute presentation for Bsides 2026. I offered to do a presentation and demo of Wireguard, where Wireguard is used in a TailScale/Headscale sort of way, but somewhat simpler. My solution is much more "pure-play" Wireguard - I wrote no software beyond using the conveniences provided by PiVPN. My "secret sauce" lies in being able to understand, and hand-edit wireguard conf files beyond a simplistic use. My solution has no "mesh" - it just uses a subnet where each node on the subnet is a working Wireguard client. My solution has no AI. I consider this to be a feature, not a bug. My solution uses conventional DNS, there is no "Magic DNS". My solution has no 2FA. It just uses Wireguard's default encryption methods, as are part of the mainline Linux kernel. The advantage to this is that all clients and server components are Open Source, whereas the Tailscale clients (Windows and macOS/iOS) are closed source.
#Wireguard #Tailscale #Headscale #infosec #VPN #OpenSource #linux @bsidesyxe -
Today I applied to do a 30-minute presentation for Bsides 2026. I offered to do a presentation and demo of Wireguard, where Wireguard is used in a TailScale/Headscale sort of way, but somewhat simpler. My solution is much more "pure-play" Wireguard - I wrote no software beyond using the conveniences provided by PiVPN. My "secret sauce" lies in being able to understand, and hand-edit wireguard conf files beyond a simplistic use. My solution has no "mesh" - it just uses a subnet where each node on the subnet is a working Wireguard client. My solution has no AI. I consider this to be a feature, not a bug. My solution uses conventional DNS, there is no "Magic DNS". My solution has no 2FA. It just uses Wireguard's default encryption methods, as are part of the mainline Linux kernel. The advantage to this is that all clients and server components are Open Source, whereas the Tailscale clients (Windows and macOS/iOS) are closed source.
#Wireguard #Tailscale #Headscale #infosec #VPN #OpenSource #linux @bsidesyxe -
Today I applied to do a 30-minute presentation for Bsides 2026. I offered to do a presentation and demo of Wireguard, where Wireguard is used in a TailScale/Headscale sort of way, but somewhat simpler. My solution is much more "pure-play" Wireguard - I wrote no software beyond using the conveniences provided by PiVPN. My "secret sauce" lies in being able to understand, and hand-edit wireguard conf files beyond a simplistic use. My solution has no "mesh" - it just uses a subnet where each node on the subnet is a working Wireguard client. My solution has no AI. I consider this to be a feature, not a bug. My solution uses conventional DNS, there is no "Magic DNS". My solution has no 2FA. It just uses Wireguard's default encryption methods, as are part of the mainline Linux kernel. The advantage to this is that all clients and server components are Open Source, whereas the Tailscale clients (Windows and macOS/iOS) are closed source.
#Wireguard #Tailscale #Headscale #infosec #VPN #OpenSource #linux @bsidesyxe -
Today I applied to do a 30-minute presentation for Bsides 2026. I offered to do a presentation and demo of Wireguard, where Wireguard is used in a TailScale/Headscale sort of way, but somewhat simpler. My solution is much more "pure-play" Wireguard - I wrote no software beyond using the conveniences provided by PiVPN. My "secret sauce" lies in being able to understand, and hand-edit wireguard conf files beyond a simplistic use. My solution has no "mesh" - it just uses a subnet where each node on the subnet is a working Wireguard client. My solution has no AI. I consider this to be a feature, not a bug. My solution uses conventional DNS, there is no "Magic DNS". My solution has no 2FA. It just uses Wireguard's default encryption methods, as are part of the mainline Linux kernel. The advantage to this is that all clients and server components are Open Source, whereas the Tailscale clients (Windows and macOS/iOS) are closed source.
#Wireguard #Tailscale #Headscale #infosec #VPN #OpenSource #linux @bsidesyxe -
En el siguiente #tutorial les muestro como crear una #vpn #mesh y utilizarla con los equipos que desees sin restricciones gracias a #headscale y #tailscale sobre tu propio servidor o #selfhosted. Algo que me pareció muy útil para estos tiempos...
Miralo en : https://luiszambrana.ar/como-instalar-una-vpn-mesh-con-headscale-y-tailscale/
Si te gusto compartilo con los tuyos!!!
-
En el siguiente #tutorial les muestro como crear una #vpn #mesh y utilizarla con los equipos que desees sin restricciones gracias a #headscale y #tailscale sobre tu propio servidor o #selfhosted. Algo que me pareció muy útil para estos tiempos...
Miralo en : https://luiszambrana.ar/como-instalar-una-vpn-mesh-con-headscale-y-tailscale/
Si te gusto compartilo con los tuyos!!!
-
En el siguiente #tutorial les muestro como crear una #vpn #mesh y utilizarla con los equipos que desees sin restricciones gracias a #headscale y #tailscale sobre tu propio servidor o #selfhosted. Algo que me pareció muy útil para estos tiempos...
Miralo en : https://luiszambrana.ar/como-instalar-una-vpn-mesh-con-headscale-y-tailscale/
Si te gusto compartilo con los tuyos!!!
-
En el siguiente #tutorial les muestro como crear una #vpn #mesh y utilizarla con los equipos que desees sin restricciones gracias a #headscale y #tailscale sobre tu propio servidor o #selfhosted. Algo que me pareció muy útil para estos tiempos...
Miralo en : https://luiszambrana.ar/como-instalar-una-vpn-mesh-con-headscale-y-tailscale/
Si te gusto compartilo con los tuyos!!!
-
En el siguiente #tutorial les muestro como crear una #vpn #mesh y utilizarla con los equipos que desees sin restricciones gracias a #headscale y #tailscale sobre tu propio servidor o #selfhosted. Algo que me pareció muy útil para estos tiempos...
Miralo en : https://luiszambrana.ar/como-instalar-una-vpn-mesh-con-headscale-y-tailscale/
Si te gusto compartilo con los tuyos!!!
-
I kind of like Tailscale. Once you get the hang of it, it’s really easy to use, and a lot of it feels almost magical (TLS certificates for internal services, direct connections with hole punching, ACLs/built-in firewall).
And the clients for FLOSS operating systems (i.e., Linux and Android for me, also available on F-Droid) are also FLOSS, so I can use the app without any issues.
*Only* the server is proprietary, though there is also a FLOSS reimplementation available. -
I kind of like Tailscale. Once you get the hang of it, it’s really easy to use, and a lot of it feels almost magical (TLS certificates for internal services, direct connections with hole punching, ACLs/built-in firewall).
And the clients for FLOSS operating systems (i.e., Linux and Android for me, also available on F-Droid) are also FLOSS, so I can use the app without any issues.
*Only* the server is proprietary, though there is also a FLOSS reimplementation available. -
I kind of like Tailscale. Once you get the hang of it, it’s really easy to use, and a lot of it feels almost magical (TLS certificates for internal services, direct connections with hole punching, ACLs/built-in firewall).
And the clients for FLOSS operating systems (i.e., Linux and Android for me, also available on F-Droid) are also FLOSS, so I can use the app without any issues.
*Only* the server is proprietary, though there is also a FLOSS reimplementation available. -
@martin I have the same issue when I started using #headscale , so I write a blog post with my use of ACL
https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment
-
@martin I have the same issue when I started using #headscale , so I write a blog post with my use of ACL
https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment
-
@martin I have the same issue when I started using #headscale , so I write a blog post with my use of ACL
https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment
-
@martin I have the same issue when I started using #headscale , so I write a blog post with my use of ACL
https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment
-
@martin I have the same issue when I started using #headscale , so I write a blog post with my use of ACL
https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment
-
Headscale's documentation of ACLs is funny:
Simple example:
- block all
- allow all
Complex example:
- a network of half a dozen servers, a handful of users, and a bunch of ACLs
Can I get some in-between examples please?
https://headscale.net/stable/ref/acls/
#headscale -
Headscale's documentation of ACLs is funny:
Simple example:
- block all
- allow all
Complex example:
- a network of half a dozen servers, a handful of users, and a bunch of ACLs
Can I get some in-between examples please?
https://headscale.net/stable/ref/acls/
#headscale -
Headscale's documentation of ACLs is funny:
Simple example:
- block all
- allow all
Complex example:
- a network of half a dozen servers, a handful of users, and a bunch of ACLs
Can I get some in-between examples please?
https://headscale.net/stable/ref/acls/
#headscale -
Headscale's documentation of ACLs is funny:
Simple example:
- block all
- allow all
Complex example:
- a network of half a dozen servers, a handful of users, and a bunch of ACLs
Can I get some in-between examples please?
https://headscale.net/stable/ref/acls/
#headscale