tailscale
headscale
| tailscale | headscale | |
|---|---|---|
| 1,040 | 231 | |
| 22,612 | 28,654 | |
| 3.8% | 8.1% | |
| 9.9 | 9.5 | |
| 8 days ago | 1 day ago | |
| Go | Go | |
| BSD 3-clause "New" or "Revised" License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tailscale
-
Ditching Obsidian and building my own
Tailscale has made all of their client source code available for anyone to view so if you want to confirm that you’re not sending unencrypted data or keys through their servers you’re more than free to do so.
https://github.com/tailscale/tailscale
I think there is some merit to setting up wireguard (e.g. you want more devices than what Tailscale offers for free, or their servers become unreliable for some reason)
But people who push the “scarey boogeyman will look at your data” with Tailscale are either technically illiterate or overly-paranoid.
-
The Umbrel OS for home-lab, self-hosted tech solutions
For example, the home networking, personal VPN, we may use Tailscale. https://tailscale.com/ which is also listed on the Umbrel App Store.
-
How I made my Home Server accessible outside my home
Here then comes VPN (Virtual Private Network) which is basically establishes a protected network connection when using public networks. I already have relevant experiences with this one as some of my previous projects involves private repositories that can only be accessed by connecting into the client's VPN. There are many solutions for this specific use case like WireGuard, but in this particular blog, I chose Tailscale.
-
Optimizing My Dev Workflow in 2025
I had 2 old laptops sitting around, both 10 years old. I turned both into a home server. Installed Ubuntu Server, set up Docker, and now I run all my containers remotely. With Tailscale, I can securely connect to it like it's on the same network. This way, my MacBook doesn't have to run MongoDB, Redis, or RabbitMQ anymore. That alone freed up a lot of memory. I can even run other services like HomeAssistant, MailHog, Immich, etc.
-
Again self-hosting! on k3s
Then I wanted to add Tailscle which besides being a "best in class VPN" for the homelabbers, allows you to add k8s services directly into your tailnet. What does it mean? The Tailscale operator allows you to access your k8s applications only when you are logged into your private network (tailnet), with the usage of your domain for ended with ts.net. You can configure it in two ways on the resource side, with ingress or with service annotation.
-
An open source, self-hosted implementation of the Tailscale control server
here's the GitHub issue tracking the problem:
https://github.com/tailscale/tailscale/issues/3363
-
Porting Tailscale to Plan 9
We actually have that nowadays... the config file support to tailscaled, as Irbe mentioned on the bug Jan 2024: https://github.com/tailscale/tailscale/issues/1412#issuecomm...
- Tailscale Enterprise Plan 9 Support
-
Ask HN: What is the most secure way of baby monitoring?
I dunno if the CIA would trust them but I like Amcrest cameras
https://amcrest.com/
because they have a wide range of different price points and capabilities. Use these with software like
https://zoneminder.com/
which you could run on a cheap Linux box. For secure access use
https://tailscale.com/
-
DiceDB
Vertical scaling this language also gets into painful territory quite often, I’ve had to workaround this problem before but never with a thing that felt like this: https://github.com/tailscale/tailscale/blob/main/syncs/shard...
headscale
- Ditching Obsidian and building my own
-
Tailscale has raised $160M
I've always been on the outside looking in, so I've never used Tailscale or its open-source brethren.
Would this service be comparable to Headscale[0]?
[0] https://github.com/juanfont/headscale
-
An open source, self-hosted implementation of the Tailscale control server
I think it would be neat if headscale allowed peering / federating between instances. (Maybe after the ACL rework.) One of the main problems is address collisions.
So here's my proposal: commit to ipv6-only overlay network in the unique local address (ULA) range, then split up the remaining 121 bits into 20 low bits for device addresses (~1M) and 101 high bits that are the hash of the server's public key. Federate by adding the public key of the other instance and use policy and ACLs to manage comms between nodes.
I think it's a nice idea, but the maintainer kradalby said it's out of scope when I brought it up in 2023: https://github.com/juanfont/headscale/issues/1370
-
Ask HN: How did you replace Teleport?
I think it does:
https://sourcegraph.com/search?q=context:global+repo:github....
https://github.com/juanfont/headscale/pull/847
I’m not sure how well does it support it though, and I can’t open the docs for some reason right now.
-
Set up: VPN - Part 1
root@hz-headscale-tmp-1:~# export HEADSCALE_VERSION="0.23.0" \ && export HEADSCALE_ARCH="arm64" \ && wget --output-document=headscale.deb "https://github.com/juanfont/headscale/releases/download/v${HEADSCALE_VERSION}/headscale_${HEADSCALE_VERSION}_linux_${HEADSCALE_ARCH}.deb" <...redacted for brevity..> 2024-09-28 12:24:54 (189 MB/s) - ‘headscale.deb’ saved [17022910/17022910]
-
The New Internet
> I still have to rely on a landlord.
This is a very good point. Counterpoint is self-hosting Headscale which I mentioned in another comment here: https://github.com/juanfont/headscale
Works with native Tailscale clients with a few config changes. I use it myself.
-
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
headscale - Open source implementation of Tailscale control server. Can be used with Tailscale's official open source client. Written in Go.
-
Building a Managed Service Provider Business With Open Source
Headscale
-
Russia has started indiscriminately blocking all OpenVPN/WireGuard connections
You can always use headscale. https://github.com/juanfont/headscale
-
Securely Accessing Private AWS Resources from GitHub Actions with TailScale
One more thing, you can host Tailscale Control Server yourself if you want, which is a plus.
What are some alternatives?
netbird - Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
AdGuardHome - Network-wide ads & trackers blocking DNS server
Netmaker - Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
ZeroTier - A Smart Ethernet Switch for Earth
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.