Hello nerds!
How do you go about accessing your self-hosted resources when you’re away from home?
I’ve used portforwarding, VPN, Tailscale and Headscale in that order but recently switched to Nebula.
Tailscale/Headscale was probably better than Nebula, but I just couldn’t stand trusting either Tailscale or the VPS used to host Headscale.
With Nebula I don’t need to trust the lighthouses, because they can’t access my network even if compromised. I also really like the built-in firewall that’s looking at node certs when filtering traffic.
Choose either or with or many upto you.
Tailscale, Wireguard server, zerotier, Cloudflare Tunnels
My primary are Tailscale for LAN only applications on cloud and home. Cloudflare tunnels for access over internet for some applications.
Mainly i stick with Tailcsale but for few applications to share with friends and family whom i don’t want to have the access of the whole Tailscale network so CF tunnel with Zero Trust authentication on all applications with OCID hosted at home (Authentik)
Currently working on deploying Headscale (Self hosted Tailscale) to have complete control over my network rather than relying on Tailscale Control node.