Just a guide on how OP selfhosts headscale using postman with a few nice features enabled
Comment on Traefik with Socket Activation via Podman Quadlets
deadcatbounce@reddthat.com 4 days ago
Excuse the ignorance, what am I actually reading about here?
I read the first few paragraphs and an out of my league.
What are ‘we’ trying to achieve?
mitram2@lemm.ee 4 days ago
deadcatbounce@reddthat.com 3 days ago
Thanks fella. What do they actually do? Elevator pitch stylie!
starkzarn@infosec.pub 3 days ago
The other poster here is correct, this is just an account of my journey through self hosting traefik, and ultimately headscale, without the hurdles along the way. I tried to include a few links to unclear terms along the way in the narrative, maybe those would help you figure things out. Unfortunately I can’t write for an audience of everyone, but hopefully you can still gain some value or learn some new things! Thank you for the feedback.
deadcatbounce@reddthat.com 3 days ago
Wasn’t being critical at all. Not expecting you to write for anyone.
I wondered what this actually provides. If you were explaining to someone with a good knowledge of the world, not grandma!!
starkzarn@infosec.pub 2 days ago
No worries, and I’ll accept criticism too, that’s how you improve.
Anyway, this is effectively giving you tailscale, a remote access mesh VPN solution, but with total control and ownership of the control plane server, instead of relying on the opaque tailscale owned and controlled infra. I touched on it briefly again the ‘DERP Config’ section of part 2: roguesecurity.dev/blog/headscale-quadlet-part2#DE…
deadcatbounce@reddthat.com 2 days ago
I’m not criticising you. I’m trying to get someone to explain what the end result is; which you did just above.
I don’t know the product names. I don’t tend to be focused on product names because they come and go. Your first message didn’t help me.
Your last precis is just what I needed. Ideal. Thank-you.