yeah, I sometimes feel that way (ripped in half) after successfully setting up a new tech stack, too 🤣
Did I read correctly (https://wandering.shop/@valkyrie/110593922625641714) that you're now using both Headscale and Nebula? What's the advantage there (I use Headscale, but haven't used Nebula, but they seem to solve the same problem)?
@mattcen you read correctly! nebula solves a decentralization problem for me. i have multiple machines across multiple environments and want them to all be on a network together, so that makes my own little private "cloud" possible from a deeper infra perspective. tail/headscale can do that too with limitations, but my use case is having client apps on less pliable systems, iOS for example, that i can simply flip a switch and be connected back to home with all the local pihole DNS benefits.
@mattcen so tl;dr is: nebula is my virtual private cloud network that keeps my trust boundaries a lot tighter and exposure extremely minimal, and headscale is the VPN tunnel back to the home network on my mobile devices.
there are probably more optimized ways of doing all this, but that's where i'm currently at!
as for ADHD meds i have no idea, this is my first try ever and i went many many years without ever being diagnosed
@valkyrie Thanks for the explanation! I'm not sure I 100% understand (and maybe it's the "with limitations"* asterisk that I'm unclear on, but I shan't quiz you on it right now, (and shall try to avoid digging down that rabbit-hole myself for now, too 😆 ). I suspect it may also be that since you've just set up *scale, you haven't fully unlocked its potential 🤷 ; in any case, I'm glad you've got something working for you currently both VPN- and ADHD-wise! 😀
@mattcen np! i like having more control over what IP ranges i can use, what machines are assigned what IP, generating the certs myself. there is a lot of overlap with *scale but i like the simplicity of nebula AND i wanted to run the control plane for *scale on my local network instead of on a public-facing VPS. did that so docker swag can automatically manage/renew my TLS certs. either way this is fun to talk about! im gonna look into using it as more than just a VPN tunnel.
@wrentreeco youre welcome!! docker swag for auto TLS cert management and revproxy, slack nebula for truly decentralized overlay networking, and headscale for easy VPN back home when im out and about for w/e i need or just to use pihole for DNS sinking on the move
@trevor lmk if you need any help! i like throwing this kind of thing out on a VPS entrypoint and using slacks' nebula network overlay for an internal network between ALL my systems no matter where they are. makes it a fuckin breeze to reverse proxy and be wholly truly decentralized.
@valkyrie I definitely will if I run into any problems! Just looked into nebula, your setup is such a great solution that I hadn’t seen suggested anywhere for my exact problem
Add comment