You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I did not find Discord channel for Tailscale/Headscale, so i drop this here,
not a bug juste some thoughts after starting to use tailscale/headscale.
Hello, i am trying to follow your very interesting tutorials,
but in the context of my home lab i use Headscale instead of Tailscale as server.
In the homelab i have docker on my gaming mashine where i host à WSL/Ubuntu/Ollama with RTX 4090.
And there is a Rocky Linux VM inside proxmox, with podman hosting all apps ans docker containers (including Openweb UI).
I needed overlay network between gaming PC wsl docker and rocky/podman to try to have all containers in the same network.
Unfortunatly Podman does not have overlay network so impossible to connect like two docker servers with overlay network.
So i wondered if Headscale could not have this overlay role to connect wsl/ollama with podman/openwebui.
I started to explore Tailscale/Headscale thing.
So first i run Headscale inside rocky/podman with headscale admin+ui, then routed headscale via traefik to expose it to lan (hsc.l.mydomain.ovh) and internet (hsc.mydomain.ovh), then connected local appletv + iphone + ipad and it works well.
Then added some things to config.yaml to use my AdGuard IP as aditional global dns + extra records to have nice local dns names for my apps...
Now i try to understand the docker thing.
When i look at the TS-MEALIE example : https://github.com/tailscale-dev/docker-guide-code-examples/blob/main/04-ts-mealie/compose.yaml
I understand that for each docker app like mealie i need an ditional tailscale container ? (so there will be as many tailscale containers as apps ?)
Or would it be possible to use only one tailscale client container to route multiple docker apps through it ?
With Gluetun i can specify network_mode: container:${C_GLU} and link many containers to only one gluetun container.
Then i can access all apps locally via gluetun-hostname:app-port.
Is it possible to do the same thing with only one tailscale client container ?
Please do an example with one tailscale client container + multiple apps routed through it.
If one tailscale client container can route many docker/podman apps and expose nice app names to lan or web, this could replace other things (cloudflare tunnels, nginx proxy manager, cloudflare-ddns, docker-traefik-cloudflare-companion).
And there is other usage i would like to test : docker apps > headscale/tailscale > gluetun container as PIA VPN exit node.
I try to find the best solution to :
-have docker server + podman server containers in the same network (because no overlay possible between podman and docker)
-have nice names for apps in the LAN and in the tailscale/headscale network : app.l.mydomain.ovh (with local https) (now i use adguard dns rewrite + traefik + extra_records in headscale config.yaml)
-have nice names exposed to the web for some of them : app.mydomain.ovh
-have automatic CNAM records created in cloudflare (tryed with docker-traefik-cloudflare-companion but looks like you need to restart container to create records in cloudflare, looks like it is not dynamic)
-have some containers like qbittoreent be in the same network as all other containers but use VPN (now using gluetun + PIA)
-would be nice to have a way to connect some docker apps via an other gluetun like VPN and easily change the VPN country : because with gluetun you need to change value in config file then restert gluetun, then restart all containers linked to gluetun via network_mode, (and this breaks watchtower usage because you can not say to watchtower please update/restart gluetun first then update/restart everything that depends)
-oh and for thise who like me have fiber broken every week and you have to use 5g router instead fiber : would be nice to have a way to update local IP witch changes when you go to 5g so your home server updates to cloudflare automaticly and all self hosted services become automaticly awalable on this new IP via 5g - do not know if this is possible with tailscale/headscale
Best regards :)
The text was updated successfully, but these errors were encountered:
I did not find Discord channel for Tailscale/Headscale, so i drop this here,
not a bug juste some thoughts after starting to use tailscale/headscale.
Hello, i am trying to follow your very interesting tutorials,
but in the context of my home lab i use Headscale instead of Tailscale as server.
In the homelab i have docker on my gaming mashine where i host à WSL/Ubuntu/Ollama with RTX 4090.
And there is a Rocky Linux VM inside proxmox, with podman hosting all apps ans docker containers (including Openweb UI).
I needed overlay network between gaming PC wsl docker and rocky/podman to try to have all containers in the same network.
Unfortunatly Podman does not have overlay network so impossible to connect like two docker servers with overlay network.
So i wondered if Headscale could not have this overlay role to connect wsl/ollama with podman/openwebui.
I started to explore Tailscale/Headscale thing.
So first i run Headscale inside rocky/podman with headscale admin+ui, then routed headscale via traefik to expose it to lan (hsc.l.mydomain.ovh) and internet (hsc.mydomain.ovh), then connected local appletv + iphone + ipad and it works well.
Then added some things to config.yaml to use my AdGuard IP as aditional global dns + extra records to have nice local dns names for my apps...
Now i try to understand the docker thing.
When i look at the TS-MEALIE example :
https://github.com/tailscale-dev/docker-guide-code-examples/blob/main/04-ts-mealie/compose.yaml
I understand that for each docker app like mealie i need an ditional tailscale container ? (so there will be as many tailscale containers as apps ?)
Or would it be possible to use only one tailscale client container to route multiple docker apps through it ?
With docker/podman, i also use Gluetun to route some containers via PIA VPN :
https://github.com/qdm12/gluetun
With Gluetun i can specify network_mode: container:${C_GLU} and link many containers to only one gluetun container.
Then i can access all apps locally via gluetun-hostname:app-port.
Is it possible to do the same thing with only one tailscale client container ?
Please do an example with one tailscale client container + multiple apps routed through it.
If one tailscale client container can route many docker/podman apps and expose nice app names to lan or web, this could replace other things (cloudflare tunnels, nginx proxy manager, cloudflare-ddns, docker-traefik-cloudflare-companion).
And there is other usage i would like to test : docker apps > headscale/tailscale > gluetun container as PIA VPN exit node.
I try to find the best solution to :
-have docker server + podman server containers in the same network (because no overlay possible between podman and docker)
-have nice names for apps in the LAN and in the tailscale/headscale network : app.l.mydomain.ovh (with local https) (now i use adguard dns rewrite + traefik + extra_records in headscale config.yaml)
-have nice names exposed to the web for some of them : app.mydomain.ovh
-have automatic CNAM records created in cloudflare (tryed with docker-traefik-cloudflare-companion but looks like you need to restart container to create records in cloudflare, looks like it is not dynamic)
-have some containers like qbittoreent be in the same network as all other containers but use VPN (now using gluetun + PIA)
-would be nice to have a way to connect some docker apps via an other gluetun like VPN and easily change the VPN country : because with gluetun you need to change value in config file then restert gluetun, then restart all containers linked to gluetun via network_mode, (and this breaks watchtower usage because you can not say to watchtower please update/restart gluetun first then update/restart everything that depends)
-oh and for thise who like me have fiber broken every week and you have to use 5g router instead fiber : would be nice to have a way to update local IP witch changes when you go to 5g so your home server updates to cloudflare automaticly and all self hosted services become automaticly awalable on this new IP via 5g - do not know if this is possible with tailscale/headscale
Best regards :)
The text was updated successfully, but these errors were encountered: