Title. I looked at how to configure anything and found Caddy to be much easier to use. Aside from a lot of docker images integrating with it, why is everyone using it?
First of all: not everyone can publish port 80 or even has a public IP.
Why is everyone using Tailscale?
Submitted 8 hours ago by uranibaba@lemmy.world to selfhosted@lemmy.world
Comments
korn@feddit.org 8 hours ago
Onomatopoeia@lemmy.cafe 6 hours ago
Because I don’t need a reverse proxy?
undefined@lemmy.hogru.ch 5 hours ago
I prefer nginx to Caddy myself for reverse proxies. As far as VPN technologies go, Tailscale and WireGuard are where it’s at.
Not sure why we’re comparing Caddy and Tailscale though.
kayzeekayzee@lemmy.blahaj.zone 2 hours ago
I use both, since they do different stuff. I actually remote into my servers with wireguard, but I like to install tailscale as well as a backup. Since each device gets a unique tailnet ip, I can usually still connect even if I’ve fucked up some network config that breaks wireguard.
Jason2357@lemmy.ca 7 hours ago
I use both. Caddy on a VPS that reaches into my Tailscale network and proxies services hosted on a computer in my basement.
vostrik@pol.social 7 hours ago
@Jason2357 @uranibaba does it pay out? I mean, you can also forward a port from one interface to another on the VPS and have one service less, am I missing something?
Onomatopoeia@lemmy.cafe 5 hours ago
Using a mesh network like Wireguard/Tailscale enables you to have a public interface that’s not on your home router, but the VPS instead.
Jason2357@lemmy.ca 6 hours ago
The VPS is a $2 instance and very under powered, however it has a dedicated static IP and some Ddos protection. The basement computer is powerfully and capable of providing various services, but I don’t want any trouble with my home IP address. Tailscale let’s the VPS see the home computer securely.
Xanza@lemm.ee 8 hours ago
A reverse proxy like Caddy or Nginx is like a bouncer for your web services. It sits out front, deciding who gets in and where they’re allowed to go. It’s great for stuff you want to expose to the internet – like a website or web app – because it hides your actual servers, can handle HTTPS for you, and lets you set up some basic access rules.
A VPN is more like a secret underground tunnel between you and your server. Everything that goes through it is locked down to only members of the VPN. This is what you want when you’re dealing with private stuff you don’t want exposed to the open internet, like your home lab dashboard or some internal tools. The beauty of a VPN is that it works for everything–not just web traffic. SSH, file transfers, databases. All of it gets the same protection.
irmadlad@lemmy.world 7 hours ago
Yup. I use it for sftp, ssh. I’ve never used in relation to a database. Is that for remote db? I am working on routeing mail through tailscale to a relay, since my host, for whatever reason, blocks mail ports and charges to have them turned on. I just wanted alert emails from a couple apps.
Xanza@lemm.ee 4 hours ago
Should work fine. Your provider can’t stop you from opening ports unless its a shared environment and you don’t have permission/the port is already in use. Generally what they do is just block connections from outside. So if you use a VPN you’re sidestepping that issue. With the VPN in place, and the server online and running you should be able to connect via
{VPN_IP}:995, etc.