• 0 Posts
  • 27 Comments
Joined 1 year ago
cake
Cake day: July 4th, 2023

help-circle

















  • Interestingly, I get a better result with only nextdns profile with hagi pro on iOS 87%, compared to nextdns + iCloud private relay 37%. What gives? Nextdns still handles my requests with private relay enabled, I can see it in the logs of nextdns.

    I also use the Firefox focus safari extension.

    Score is also slightly less with nextdns and proton vpn at 81%.

    I rather liked to iCloud private relay nextdns combo, should i change.

    Orion gave me 100%, but that browser isn’t as polished compared to safari on iOS.


  • goodhunter@lemm.eetoSelfhosted@lemmy.worldSetting up your own VPN
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    hi, i finally found some time to dig into this. Oddly, I think I got a functioning setup, although it did a bit differently in the end. If you may, please advise if I indeed reached completion, or I have it set suboptimal.

    1. I installed Tailscale gui natively on my mac mini, and ios devices.
    2. I tried following up on your advise of creating DNS records. First in Cloudflare, but since I already set a wildcard entry as type CNAME/*/mydomain.com/DNSonly/TTLauto I wasn’t allowed to add type A record with a similar wildcard entry. I need this existing CNAME line for Traefik to work my SSL certificates (as far i understood). Then I tried setting it up through the DNS>custom Namespaces within Tailscale admin console instead. An entry would look like service.mydomain.com and for ipv4 the local ip of the mac mini. But I wasn’t sure about the config as it wasn’t working. Then i tried the Tailscale ip 100.xx.xx.xx, to no avail.
    3. I thought I needed to advertise routes for my local network, so I did. As similar to --advertise-routes=192.168.68.0/24. And later instead the docker network 172.23.0.0/16. Still didn’t do it.
    4. As I am a NextDNS user I set the ID number in Tailscale>DNS>Nameservers as the Global nameserver and checked Override local DNS.
    5. In the NextDNS config I defined a Rewrite function as *.mydomain.com to the Tailscale IP of the local machine 100.xx.xx.xx . And boom, I can access the servers from my idevices over the Tailscale vpn tunnel.
    6. I then tried to tear down the setup again. It seems the advertise routes from (3) doesn’t do anything, so I removed it again.

    Open for any suggestions on this hacked attempt.

    Update: yes found an issue. I can only access the services with tailscale enabled. I suspect the rewrite is causing an inproper pass through without the tunnel, as that the tailscale ip cannot be reached.

    Update 2: I changed to rewrite to the local ip address instead, similar to 192.168.68.110. I think it works now when accessing within the local network without tunnel and externally with the tunnel.


  • Me too. Definitely comes from having less flexible free time now compared to when I was younger. Having a kid (and wife, and responsibilities) really sees me only having about an hour a day that i truly can kick back. And then I am too tired to do anything.

    Backlog: finish Elden ring (I am 110h in). Finish BoTW (I am 100h in). TLOU2, God of War 2, Cyberpunk, finish Persona 5 (I’m in 50h in), crosscode, mass effect trio,

    Want to play: Metroid dread, a plaque tale requiem , nier replicant. Armored Core, Hollow knight silk song

    Look, I am not complaining, things are great. Just need to find a way to play all this inmensive quality. Maybe when I am stuck in a retirement home.