TailScale to easily limit access to just my devices?

La version française est ici.

I want to make Yunohost only be accessible to my personal devices, but to be accessible from those devices anywhere.

Could I just install TailScale on my Yunohost box and devices that would access it?

I’m thinking I could define the domains just in Yunohost and /etc/hosts on one box with TailScale. Then I would skip setting up domains with a registrar at all, given that I don’t want it publicly accessible.

Is this likely to work without a great deal more effort than just installing TailScale?

If so, eventually I’d love to install the self hosted server component of TailScale on the Yunohost box, too.

what about Wireguard?

I wonder what the difference is between Tailscale and Wireguard…

It sounds like TailScale actually uses WireGuard, but does a lot of autoconfiguration to set up a virtual network between the devices that it’s installed on.

I was told that using WireGuard to do what I want with Yunohost was technically possible but would take a lot of configuration, so…

I second @arkadi ; while reading your question I thought ‘Wireguard should be able to do just that’ (or any VPN, of course).

What kinds of devices do you have? It seems Wireguard is not that difficult to use, and it is gaining popularity on many platforms (not just Linux).

Tailscale can maybe make some things easier, but I expect it to lag Wireguard a bit (either in version, in platforms or in number of users).

Once you have Wireguard on your server, there will be many users who can help with Wireguard on your devices (not only on this forum). With Tailscale it has to be available for the platform, and help has to be specific for Tailscale.

I am ‘in the process’ of doing something like that, these weeks, so maybe I can give a hand, later on.

– edit –
Thinking a bit more about it: a VPN would put your server and your devices on the same virtual private network, so you’d need private DNS as well, besides regular DNS to be able to receive emails from the outside world (I think you would allow connections to the mailserver?)

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.