Lucas Janin 🇨🇦🇫🇷<p><span class="h-card" translate="no"><a href="https://bsd.network/@ledeuns" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ledeuns</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@ChrisRichner" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ChrisRichner</span></a></span> </p><p><a href="https://mastodon.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> + <a href="https://mastodon.social/tags/headplane" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headplane</span></a> <a href="https://mastodon.social/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a> :-)</p>
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
8.7Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.2
#headscale
1 post · 1 participant · 0 posts today
Andrej<p>Ah finally after 4 days of struggle I have <a href="https://mas.to/tags/Headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headscale</span></a> + <a href="https://mas.to/tags/Pocket" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pocket</span></a>-ID running, works great except mobile <a href="https://mas.to/tags/Firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Firefox</span></a> doesn't work with passkeys? or works in some strange way</p>
Lucas Janin 🇨🇦🇫🇷<p><span class="h-card" translate="no"><a href="https://91268476.xyz/users/a" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>a</span></a></span> I know it can be challenging. I did a blog post on <a href="https://mastodon.social/tags/Headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headscale</span></a> with a section dedicated to the <a href="https://mastodon.social/tags/acl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>acl</span></a>. This may be useful for you. </p><p><a href="https://www.lucasjanin.com/2025/01/03/headscale-tailscale-in-a-self-hosted-environment" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">lucasjanin.com/2025/01/03/head</span><span class="invisible">scale-tailscale-in-a-self-hosted-environment</span></a></p>
a<p>It was more annoying than I thought but I was able to define some ACL using <a class="hashtag" href="https://91268476.xyz/collections/tags/headscale" rel="nofollow noopener" target="_blank">#headscale</a></p>
Andrej<p>Is <a href="https://mas.to/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> worth it? Not sure about using tailscale clients, why they just change their mind one day</p>
Lucas Janin 🇨🇦🇫🇷<p><span class="h-card" translate="no"><a href="https://kolektiva.social/@rae" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rae</span></a></span> This is the way! </p><p>My setup is very similar to your plan. I have 4 VMs on my public VLAN: <a href="https://mastodon.social/tags/Headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headscale</span></a>, <a href="https://mastodon.social/tags/PocketID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PocketID</span></a>, Podsync and <a href="https://mastodon.social/tags/Caddy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Caddy</span></a> as a reverse proxy. </p><p>Like your plan, all my other services are only accessible via <a href="https://mastodon.social/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a>. So, I cut the Tailscale server dependency</p>
Kiraso<p>Hey <a href="https://mastodon.online/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> <a href="https://mastodon.online/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a> crowd, I need your wisdom! In my network I run a few services, some of them are on tailnet, some of them aren't. My clients are mostly on tailnet, but some aren't. I don't have DNS server for local name resolution - I just use <a href="https://mastodon.online/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> DNS extra records to point clients to most important services. </p><p>Now, I want <a href="https://mastodon.online/tags/pihole" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pihole</span></a>. How to make it available for both Tailscale and non-tailscale clients? Am I reading correctly that I'll need another DNS server to resolve local names?</p>
crodges<p>I’m self hosting for a while. Suddenly I found out about <a href="https://fosstodon.org/tags/headscale" class="mention hashtag" rel="tag">#<span>headscale</span></a>. What a revelation! Previously I used manually constructed WireGuard tunnels for each of my services.<br />I’m super amazed!</p>
HoldMyType<p>Affinity labels are a way to specify a preferred or required relationship between resources, such as VMs, in <a href="https://mathstodon.xyz/tags/GCP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GCP</span></a> . You can use affinity labels to indicate that certain VMs should be placed on the same physical host, or that certain VMs should not be placed on the same host.</p><p>Sole tenancy in VMs, on the other hand, is a feature that allows you to create a dedicated host for your <a href="https://mathstodon.xyz/tags/VMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VMs</span></a>, so that your VMs are the only ones running on that host. This can be useful for compliance or regulatory requirements, as well as for performance and security purposes. <br>Sole-tenant nodes are not covered by the Google Cloud Free Trial credits. If you create or enable a sole-tenant node during your free trial, you will be billed for its usage according to the sole-tenant node pricing, and this cost is separate from the free trial credit</p><p><a href="https://mathstodon.xyz/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> ssh needs that and that's how tailscale makes money <a href="https://mathstodon.xyz/tags/bigtech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bigtech</span></a> <br><a href="https://mathstodon.xyz/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a></p>
warthog9<p>guh, <a href="https://social.afront.org/tags/HeadScale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HeadScale</span></a> did something messy between 0.25 and 0.26, and now it can't load because my policy doesn't comply <em>AND</em> they didn't didn't do some migration thing, <em>AND</em> the older version isn't available in the copr repo so I can't roll back easily, backup and wipe, and then restore</p><p><strong>facepalm</strong></p><p>Seriously, there's days when it's obvious that some developers never deal with the admins or users on things 😕</p>
DocYeet :verified:<p>Speaking of which, has anyone around here deployed a headscale server, bonus if with a web GUI, on Kubernetes ?</p><p>As in, not just an access pod, the whole management shebang as Kubernetes resources </p><p>I’ll have to double check helm charts and other documentation, but if anyone has/had first hand experience, I’d be more than curious to hear more about it 😁</p><p><a href="https://mastodon.halis.io/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a> <a href="https://mastodon.halis.io/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> <a href="https://mastodon.halis.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://mastodon.halis.io/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> <a href="https://mastodon.halis.io/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> <a href="https://mastodon.halis.io/tags/wireguard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wireguard</span></a> <a href="https://mastodon.halis.io/tags/vpn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vpn</span></a></p>
DocYeet :verified:<p>Frustration of the day </p><p>NetBird wouldn’t let me login after going through Zitadel for SSO, complaining about invalid token </p><p>I killed the NetBird pod, it got rescheduled on the same node as Zitadel, now it works </p><p>It is most likely a time issue (those two nodes are like 2 mins apart) because of a skill issue in my side, but the more those kind of frictions with NetBird happen, the more I want to switch to Headscale/Tailscale</p><p><a href="https://mastodon.halis.io/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a> <a href="https://mastodon.halis.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://mastodon.halis.io/tags/vpn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vpn</span></a> <a href="https://mastodon.halis.io/tags/netbird" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>netbird</span></a> <a href="https://mastodon.halis.io/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> <a href="https://mastodon.halis.io/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> <a href="https://mastodon.halis.io/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a></p>
Emory<p>if you're interested in <a href="https://soc.kvet.ch/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> their github repo is here: <a href="https://github.com/juanfont/headscale" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/juanfont/headscale</span><span class="invisible"></span></a></p><p>> Headscale aims to implement a self-hosted, open source alternative to the <a href="https://soc.kvet.ch/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a> control server. Headscale's goal is to provide self-hosters and hobbyists with an open-source server they can use for their projects and labs. It implements a narrow scope, a single Tailscale network (tailnet), suitable for a personal use, or a small open-source organisation.</p><p>:cool: <a href="https://soc.kvet.ch/tags/sdwan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sdwan</span></a> <a href="https://soc.kvet.ch/tags/vpn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vpn</span></a> <a href="https://bsd.network/@dexter/114629204452324842" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">bsd.network/@dexter/1146292044</span><span class="invisible">52324842</span></a></p>
Geekland<p>Cómo instalar Headscale, tu propio servidor de Tailscale <a href="https://mastodon.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> <a href="https://mastodon.social/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> <a href="https://mastodon.social/tags/self_hosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>self_hosted</span></a> <a href="https://mastodon.social/tags/vpn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vpn</span></a> <a href="https://hdsplus.co/como-instalar-headscale-tu-propio-servidor-de-tailscale/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hdsplus.co/como-instalar-heads</span><span class="invisible">cale-tu-propio-servidor-de-tailscale/</span></a></p>
kaspa<p>aight, I'm in. time for <a href="https://mastodon.originalsinners.org/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> </p><p>any of ya'll got this up? good?</p>
kgoetz<p>So then my next problem: I can't seem to get my configs to stick.</p><p>Selected 'Edit config' and replaced the default contents with something I'd already prepared.<br>Selected 'Apply Config' (only working button in the admin ui FWIW).</p><p>Change to routes, change back to ACLs/Config and the code I just added is still gone. Guess arcoast's fix doesn't cover that issue.</p><p>Edit config<br>Paste in settings again<br>Selected apply config<br>*Selected Save Config*</p><p>"Saved ACL Configuration" appears at the bottom of my screen.</p><p>Change <a href="https://aus.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a>-admin routes, change back to ACLs/Config and the code is still there.</p><p>OMFG. I just... I ... aaaargh.</p><p> <a href="https://aus.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a></p>
kgoetz<p>Using <a href="https://aus.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a>-admin with <a href="https://aus.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> and kept getting an error "Unable to get policy from server.: loading ACL from database: acl policy not found" . OK this sucks, <a href="https://aus.social/tags/DuckDuckGo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DuckDuckGo</span></a> isn't producing any results.<br><a href="https://aus.social/tags/Ecosia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ecosia</span></a> did, thank you 🙏 </p><p>Fix: "You need to go to the tab on the furthest right on the ACL page and paste a config and click save config."</p><p>Clicked save and the error stopped! Yay! Thank you arcoast of Reddit.</p>
JM<p>Estoy usando actualmente como VPN <a href="https://meetiko.org/tags/Tailscale" rel="nofollow noopener" target="_blank">#Tailscale</a> y llevo ya un tiempo investigando la alternativa de <a href="https://meetiko.org/tags/Headscale" rel="nofollow noopener" target="_blank">#Headscale</a><span> para usarla definitivamente como servidor, gestionar usuarios, dispositivos, etc.<br><br>Como ya lo tengo todo montado, con una red para compartir subscripciones de streaming y demás asuntillos... me da pereza cambiarlo.<br><br>Por eso Mastodontes, ¿alguno tiene corriendo headscale? ¿merece la pena sustituirlo por el oficial? ¡Gracias!</span></p>
Anurag Bhatia<p>Checkout latest blog post on Passwordless VPN authentication with <a href="https://social.anuragbhatia.com/tags/passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkeys</span></a>: <a href="https://anuragbhatia.com/post/2025/05/headscale-pocketid-integration" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">anuragbhatia.com/post/2025/05/</span><span class="invisible">headscale-pocketid-integration</span></a></p><p><a href="https://social.anuragbhatia.com/tags/Headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Headscale</span></a> <a href="https://social.anuragbhatia.com/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a> <a href="https://social.anuragbhatia.com/tags/PocketID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PocketID</span></a></p>
Lucas Janin 🇨🇦🇫🇷<p><span class="h-card" translate="no"><a href="https://framapiaf.org/@sebsauvage" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sebsauvage</span></a></span> De mon côté, j'ai deux <a href="https://mastodon.social/tags/Pihole" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pihole</span></a>, <a href="https://mastodon.social/tags/unbound" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unbound</span></a> avec <a href="https://mastodon.social/tags/headscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>headscale</span></a> et <a href="https://mastodon.social/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a>. Résultat : Pas de blocage chez moi et en ballade.</p><p>1.ivesoccer.sx n’est pas bloqué. Juste pour l'exercice théorique, je ne regarde pas le foot :-)</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload