Tailscale Funnel

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Wireguard VPN Security Networking tailscale

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • awesome-tunneling

    List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.

    • I agree it's not ideal, but I can tell you why I'm excited about things like[0] Tailscale and Cloudflare Tunnel.

    They enable you to move your selfhosted services from expensive, slow VPSes you don't control to fast devices in your own home. IMO this is strictly better than a VPS in terms of privacy and data control. It's a step in the right direction.

    The reality today is that selfhosting is way too hard[1]. It shouldn't be any more complicated or less secure than running an app on your phone.

    I think services like Tailscale are going to enable the first generation of selfhosting that approaches that level of simplicity. Once the market is proven, the second generation is going be designed for selfhosters and have features like end-to-end encryption, domain name integration, and simple GUI interfaces.

    The other key pieces are strong sandboxing, which is now possible on all major desktop OSes through virtualization (mobile is coming[2]), and dead-simple cloud backups.

    The technology for all these things exists, it just hasn't been integrated yet.

    [0]: https://github.com/anderspitman/awesome-tunneling

    [1]: https://moxie.org/2022/01/07/web3-first-impressions.html

    [2]: https://twitter.com/kdrag0n/status/1584017653269958656?lang=...

  • headscale

    An open source, self-hosted implementation of the Tailscale control server

    • Not everyone, we just don't talk about it much. headscale is plenty popular — that's not "everyone" already.

    https://github.com/juanfont/headscale

    In addition to your points, we over here also have our own reasons for self-hosting everything (for example, to protect ourselves from being cancelled at any moment for being forced into a citizenship you didn't ask for by being born at the wrong place).

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • tailscale

    The easiest, most secure way to use WireGuard and 2FA.

    • Thanks, you're right yeah, I've oversimplified things a bit.

    Re: macOS and the Network Entitlements shenanigans: if I understand correctly, it is possible to just run tailscaled unsigned [1] via /dev/utun instead of Apple's APIs. Would it be possible to get this into the GUI so that if you want, you can compile it from source and don't have to do the Apple dance?

    [1]: https://github.com/tailscale/tailscale/wiki/Tailscaled-on-ma...

  • tolocal

    self-hosted reverse proxy from public dns domain to localhost

  • golink

    A private shortlink service for tailnets

    • Something else interesting they're doing is their tsnet package, which lets you join your process to the tailnet and bind tcp listeners/connect to TCP services via their tailnet IP or subnet.

    I'm writing some stuff using this at the moment, but I also just saw https://github.com/tailscale/golink which does the same thing: a single binary that runs a link shortener that joins itself to your tailnet.

    tl;dr: don't run your service on a machine then join that to tailnet, directly bind your service to an in-memory tailnet client

  • innernet

    A private network system that uses WireGuard under the hood.

    • Or why not the open source tool innernet? https://github.com/tonarino/innernet

  • natpunch-go

    NAT puncher for Wireguard mesh networking.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • bitbar

    Put the output from any script or program into your macOS Menu Bar (the BitBar reboot)

    • As an exercise, I've implemented a basic (and very hacky) UI for tailscale(1) as an xbar [1] plugin: https://gist.github.com/notpushkin/aa36c2d34e3e7180aa66ed2a5...

    [1]: https://xbarapp.com/

    tailscaled isn't particularly stable on my machine though, so I guess I'll roll back to the closed source version. However, this could be a starting point for a Linux client!

  • firezone

    Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.

    • I'm fine with companies making profit off of protocols, as long as their code is open source like https://github.com/firezone/firezone or https://github.com/zerotier/ZeroTierOne Tailscale seems great now, but its risky to trust their closed source for this type of service.

  • ZeroTier

    A Smart Ethernet Switch for Earth

    • I'm fine with companies making profit off of protocols, as long as their code is open source like https://github.com/firezone/firezone or https://github.com/zerotier/ZeroTierOne Tailscale seems great now, but its risky to trust their closed source for this type of service.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts