I already host multiple services via caddy as my reverse proxy. Jellyfin, I am worried about authentication. How do you secure it?
I already host multiple services via caddy as my reverse proxy. Jellyfin, I am worried about authentication. How do you secure it?
I’ve been using Tailscale for a few months now and this is my only complaint. On Android and macOS, the Tailscale client gets randomly killed. So it’s an extra thing you have to manage.
It’s almost annoying enough to make me want to host my services on the actual internet… almost… but not yet.
I use plain wireguard on me phone, always on essentially with no issues. I wonder why tailscale app can’t stay open.
Same, wireguard with the 'WG Tunnel" app, which adds conditional Auto-Connect. If not on home wifi, connect to the tunnel.
You don’t need this with Tailscale since it uses a separate IP range for the tunnel.
I also have a different subnet for WG. Not sure I understand what you’re saying…
If you have a separate subnet for it, then why do you only want it to be connected when you’re not on home wifi? You can just leave it connected all the time since it won’t interfere with accessing anything outside that subnet.
One of the main benefits of Wireguard (and Tailscale) is that it’s peer-to-peer rather than client-server. You can use the VPN IPs at home too, and it’ll add barely any overhead.
(leaving it connected is assuming you’re not routing all your traffic through one of the peers)
My network is not publicly accessible. I can only access the internal services while connected to my VPN or when I’m physically at home. I connect to WG to use the local DNS (pihole) or to access the selfhosted stuff. I don’t need to be connected while I’m at home… In a way, I am always using the home DNS.
Maybe I’m misunderstanding what you’re saying…
He’s saying that while there is no benefit to being connect to WG at home, there is also no downside so many people just stay connected all the time.
Oh, I get that, but it just doesn’t make any sense to me to be physically next to the server, and connect to it via VPN…
I just stay connected to wireguard even at home, only downside is the odd time I need to chromecast, it needs to be shut off.
Can you add a split tunnel for just the Chromecast app (I presume that’s how it works idk I don’t use Chromecast) so that just that specific app always ignores your VPN?
I haven’t tried it, but the app has the ability to select which app it tunnels.
When you make a new tunnel, it says “all applications” if you click on that you can select specific ones to include or exclude
I can stay connected, still works, but I don’t think I need the extra hoops.
Look up your phone on dontkillmyapp.com and make sure tailscale is excluded from battery and network “optimization”.
If you make Tailscale your VPN in Android it will never be killed. Mileage may vary depending on flavor of Android. I’ve used this on stock Pixel and GrapheneOS.
Under Settings > Network and internet > VPN
Tap the Cog icon next to Tailscale and select Always-on VPN.
Holy moly, I did not know this existed! Thanks! Just turned this on!
Have you tried disabling battery optimization for tailscale?
Yeah my wife and I are both on Android, and I haven’t been able to figure out why it does that.
The Android client is open-source so maybe someone could figure it out. https://github.com/tailscale/tailscale-android
It loses its foreground notification I’ve found that kills it for me
If I disconnect/reconnect the notification comes back, and I’ve found something even more weird on my device (A Xiaomi with its infamous OOM / background app killer…) is Tailscale still actually works fine most of the time without the foreground notification. I’m hazarding a 70% of the time for me?
A lot of us a while back found v1.5.2 fugged around with the persistent notification going RIP
https://github.com/tailscale/tailscale/issues/10104
Oh the Quick Toggle has never, ever worked correctly. I hoped they fixed it after the UI refresh update but unfortunately not yet.
What device/ROM are you using?
It’s been very iffy for me on and off from Miui > HyperHyperOS, but just checking now?
Works fine
Like I say, the foreground notification seemed to be the lifeline to some of us using it and keeping it alive, even after IIRC some more restrictions came in with future versions of Android (forgive me, I’m very lazy these days and just skim Mishaal’s TG feed 😇)?
deleted by creator