Comment on Traefik with Socket Activation via Podman Quadlets
starkzarn@infosec.pub 3 days agoThe other poster here is correct, this is just an account of my journey through self hosting traefik, and ultimately headscale, without the hurdles along the way. I tried to include a few links to unclear terms along the way in the narrative, maybe those would help you figure things out. Unfortunately I can’t write for an audience of everyone, but hopefully you can still gain some value or learn some new things! Thank you for the feedback.
deadcatbounce@reddthat.com 3 days ago
Wasn’t being critical at all. Not expecting you to write for anyone.
I wondered what this actually provides. If you were explaining to someone with a good knowledge of the world, not grandma!!
starkzarn@infosec.pub 2 days ago
No worries, and I’ll accept criticism too, that’s how you improve.
Anyway, this is effectively giving you tailscale, a remote access mesh VPN solution, but with total control and ownership of the control plane server, instead of relying on the opaque tailscale owned and controlled infra. I touched on it briefly again the ‘DERP Config’ section of part 2: roguesecurity.dev/blog/headscale-quadlet-part2#DE…
deadcatbounce@reddthat.com 2 days ago
I’m not criticising you. I’m trying to get someone to explain what the end result is; which you did just above.
I don’t know the product names. I don’t tend to be focused on product names because they come and go. Your first message didn’t help me.
Your last precis is just what I needed. Ideal. Thank-you.
starkzarn@infosec.pub 2 days ago
Awesome! Thanks for the banter. It’s easy to get stuck in your own echo chamber working IT every day, so it’s nice to have these kinds of questions. Feel free to drop anything into comments too, maybe other readers will benefit too!