Probably everyone is familiar with a regular VPN. The traditional use case is to connect to a corporate or home network from a remote location, and access services as if you were there. But these days, the notion of “corporate network” and “home network” are less based around physical location. For instance, a company may … Continue reading Easily Accessing All Your Stuff with a Zero-Trust Mesh VPN→| The Changelog
Expose your Tailscale hosts as Ansible facts. Make peer node IPs and tags available in your playbooks| Ideas.Offby1
A short intro to the idea of serving an S3 bucket on your tailnet| Ideas.Offby1
Putting a single, secured webserver| Ideas.Offby1
Exposing web APIs on my tailnet to the world| Ideas.Offby1
How the wandering.shop is laid out as of today, and where it needs to go next.| Ideas.Offby1
I inherited the system admin role for a Mastodon instance a couple of months ago, and recently I've needed to scale it. Here's a bit of how that went (and it's not done yet!)| Ideas.Offby1
Post describing how I've configured pihole to return different results to clients on my tailnet than those on the LAN.| www.bentasker.co.uk
Hiding my home IP address but still hosting my websites and services on my home server| thedabbler.patatas.ca
It’s been over a month since I set up Miniflux and I love it. It has made my feed reading experience so much better with filters and other goodies. Pushing the feed polling into its own service removed from my main machines has been great from an application performance standpoint—NetNewsWire practically flies now—and for controlling what I lovingly refer to as my addiction, where I impulsively refresh my feed reader multiple times an hour.| Luke's Wild Website
This post explains about integration of Pocket ID with headscale for passwordless VPN authentication| Personal blog of Anurag Bhatia
Join me on an exploration of FreshRSS as an alternative to the gone-but-not-forgotten Google Reader. We'll even walk through setting it up locally with Docker and Tailscale for easy access.| Eric Mann's Blog
I’ve got a new configuration for sending Signal messages on the command line, and it’s powerful and flexible and finally gives me a nice ergonomic interface to use from other programs. Even cooler, it is accessible over Tailscale from any of my devices, which means I can securely reach it from multiple machines without going through the rigmarole of configuring and maintaining multiple copies of signal-cli.| parker higgins dot net
Who Needs Kubernetes?| aaronstannard.com
This post covers understanding about how headscale/tailscale ACL work| Personal blog of Anurag Bhatia
I wrote a valedictory blog post about the instrumentation we're adding to the Tailscale client to get a handle on battery life issues. It's been an interesting "full-stack" project, involving thinking about cell phone internals, hacking on the Go standard library, and exploring visualization options.| persistent.info
Darwin was one of the first things Apple open-sourced (24 years ago). It's been mostly a "throw it over the wall" approach, but being able to peek under the hood has been very handy.| persistent.info
One of the less visible changes in Tailscale v1.36 is that the macOS binary is 35MB smaller. I wrote a post on the Tailscale blog about the chance observation and investigations that led to this size win. If you're interested in this kind of low-level shennanigans, we are hiring iOS and macOS engineers.| persistent.info
I worked on adding iOS and macOS Shortcuts support for Tailscale's latest release. I wrote a blog post with examples of shortcuts and automations that the Tailscale actions could be combined with. One that didn't make the cut was using sound recognition, for things like “In case of an emergency, break glass to activate Tailscale”.| persistent.info
I've been running lolcommits for 10 years, and it's captured some interesting moments from my time at Quip and Tailscale.| persistent.info
Account switching is one of the less fun parts of modern computing -- for a while I had registered giveupandusemultiplebrowsers.com. Even when software tries to accomodate these scenarios, the heuristics for when to switch can be tricky, and in some cases require the user to maintain a complex mental model of what state they're in and where they're trying to get to.| persistent.info
It was a lot of fun turning Brad's Taiscale-on-Wasmprototype into Tailscale SSH Console. I wrote a post for the Tailscale blog with more details (you can tell it wasn't ghost-written because it has my link-heavy style).| persistent.info
One of the things that attracted me to Tailscale was their in-depth technical blog posts, like Josh's hacking on Go internals to get iOS memory use down, or Dave's epic treatise on NAT traversal. It was therefore nice to be able to contribute a debugging story: The Case of the Spiky File Descriptors. There's nothing epic about it, but it was still a satisfying problem to troubleshoot.| persistent.info
Happy New Year! The wireguard-go port is still sitting around in my fork. I don't know when I will have the energy for the next attempt to get it upstream. In the meantime, I've made some fun progress on the Tailscale side. Taildrive The Tailscale folks have shipped Taildrive (currently| Nahum Shalman
Recently I was planning to self host a service I'm using and I was immediately stuck on a decision: should I just buy a Raspberry Pi 5 or rent a VPS?| Andrea Grandi
Tailscale and Docker Remote| The Grumpy Troll
These notes are a riff on a post by Chris Short. The biggest difference is that I will use the Tailscale TLS support rather than using external DNS access and a custom DNS record. This removes the need for a sensitive DNS API key. Chris's post is definitely worth a| Nahum Shalman
Current status: Up to date with Tailscale 1.24.2. My SMF manifest and build script are checked in to my branch. I've added notes on how to set up an exit node.| Nahum Shalman
I recently used Tailscale to add an authenticated portion to a public website, hosted via Fly.io.| fREW Schmidt's Foolish Manifesto