view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
I definitely didn't set up any port forwarding or routing tables when setting up the inbuilt VPN.
Tailscale is great, and very handy to edit my compose files from, for example, work. But I didn't think I could use it to access my services?
I've become pretty familiar with docker over the years, so I'm tempted to spin up a container just to see how it works.
I currently expose around 20 services through the reverse proxy, but only those ones that I can set a user/password for.
I don't mind investing the time to learn more about all this. Networking stuff has always been akin to dark magic for me, it's time to jump in..
Thanks!
Tailscale has two features that, when enabled, will let you exit the tailnet through a node to a LAN (subnets) or to the Internet (exit node).
You can use the subnets feature. You can install a Tailscale container on the NAS, mark it as using the subnets feature, and then you have two options:
In that case, enjoy! It's a great feeling when you get it working.
If you're going to do it on your synology, see if you need to fix the TUN error. Also, you need to add ip routes to your synology to have the IP's from your VPN on docker forwarded to docker. Make sure these are persistent or added on every startup.
Make sure you allow the VPN to work by adding it to the synology firewall.
You need to setup port forwarding on your router. It needs to point to your synology to the port which is linked to the docker container. You also need to add the route to your router to be able to access your network. For instance, if your VPN has 10.0.3.* and your LAN uses 10.0.0., your LAN/router won't know where to send the response packets to the VPN network. So when connected to your VPN you will never be able to load stuff. If you add that 10.0.3. needs to route to your synology, and your synology knows that range needs to be routed to the Docker VPN container everybody knows where it needs to go.
Brilliant, many thanks!