Our great sponsors
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
outline-apps
Outline Client and Manager, developed by Jigsaw. Outline Manager makes it easy to create your own VPN server. Outline Client lets you share access to your VPN with anyone in your network, giving them access to the free and open internet.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
outline-server
Outline Server, developed by Jigsaw. The Outline Server is a proxy server that runs a Shadowsocks instance and provides a REST API for access key management.
-
Yes, fly.io allows you to expose a UDP port. See the [fly.toml](https://github.com/patte/fly-tailscale-exit/blob/main/fly.to...) in the repo. To make, the tailscale port [is pinned](https://github.com/patte/fly-tailscale-exit/blob/main/start....) to the exposed port (41641 in that case).
I just tested it again and the connections are made directly (after the first 2,3 go via DERP):
Isn't the problem that the exit IPs will be flagged / blocked, meaning at best you'll get a ton of captchas etc.? I have set up personal Wireguard VPNs with Algo[1] before on DO, and while they work fine, they cause a lot of friction for that reason.
1: https://github.com/trailofbits/algo
I've recently built something similar [0], but the complete opposite. I wanted to forward traffic onto my homeserver without a public IPv4. I've tried Tailscale Funnel, but the inability to use custom domains made me look for other solutions. I ended up with a fly.io app acting as a TCP proxy over Tailscale. Considering how crappy the setup is, it's surprisingly reliable. Great job fly.io and Tailscale teams! I haven't had any issues in the month or so I've been using it.
[0]: https://github.com/vakabus/flyio-tailscale-gateway
I added updates at https://github.com/spotsnel/tailscale-tailwings to make this more 'practical'.
If you just want to run a simple wireguard vpn from fly.io, without tailscale, I wrote a script to spin one up[0]
[0]: https://github.com/magJ/fly-wireguard-vpn-proxy
Outline[1] is significantly easier to use. They have out of the box support for AWS, GCP and Digital Ocean. You can have your own VPN setup on digital ocean for $5 a month, and you can generate keys and share the VPN with friends/family who then only need to download the Outline app on their device. I have zero affiliation with outline but it's an incredibly useful tool, I was looking to build something similar when I discovered it.
[1] http://getoutline.org
Tailscale makes outbound connections so it circumvents the need for IPv6 with things like CGNAT.
OP, why not use an open source equivalent to Tailscale Funnel? For example, I work on the OpenZiti project and we created zrok.io which is fully open source alternative - https://github.com/openziti/zrok.
It's private in that it's your own VM you're running the VPN on. No one else has access to it. Whether you trust Google or not, it's all open source[1].
[1] https://github.com/Jigsaw-Code/outline-server
I've been running wireguard on my own for a few years. I like it, but wish there was a better GUI.
I tried installing headscale. I didn't feel like I got the immediate rush of "cool, I have the baseline thing working" without reading the docs. And, I needed to use this for a GUI: https://github.com/gurucomputing/headscale-ui. I love the command line and am happy to use that, but I'm unsure if there is a benefit to headscale over wireguard if I'm doing that.
I just read this article on tailscale vs. openziti and it mentioned netmaker (a YC company). I tried installing it, but out of the box, "DNS" did not seem to work correctly.
Is anyone here a power user that also benefits from a full fledged GUI? Is tailscale the only option there? I prefer to self-host whenever I can, despite loving tailscale and the people behind it.