• 0 Posts
  • 14 Comments
Joined 2 years ago
Cake day: June 4th, 2024
  • Sickday@kbin.earthtoSelfhosted@lemmy.worldVPN Tradeoffs
    3·
    4 days ago

    You register a new device on your tailnet and advertise it as an exit node. When other devices on your tailnet use the exit node all of their traffic goes through that device. If that exit node has a wireguard connection setup, all other devices using it will also use that same connection. The only tricky part was making sure wg-quick’s systemd service starts before tailscaled’s does (mentioned that in my op).

    Tailscale offers this as a service but I dont use tailscale directly. I basically set this up manually and use headscale as my control server instead of using tailscale’s control servers.

  • Sickday@kbin.earthtoSelfhosted@lemmy.worldVPN Tradeoffs
    3·
    6 days ago

    personally I just use headscale with tailscale clients and mullvad vpn via wireguard on the control server. there’s a bit of systemd magic required to make sure wg-quick starts before headscale does. dns is setup via a pihole device and I just point headscale’s config at that device for dns. it’s a pretty simple setup, but I have no issue doing everything via cli so this works well for me.