If you're just doing hub-and-spoke anyway, yeah, you can do it yourself. I did for years. But holy smokes, is it a PITA to manually copy keys around to devices; especially when they might not even be yours. I have my Tailscale account hooked up to my self-hosted identity server and now it's just a matter of logging in on whatever device I want to be on the network.
Plus, I have the option of spinning up a random EC2 box whenever I want and instantly joining it to the network with basically no fuss.
I feel like articles like this do Tailscale a disservice to a certain degree. Most people know Tailscale helps with managing the mesh of connected devices. And as many people have said here you can do this manually with Wireguard, Netbird, Nebula, ZeroTier and many others. Why Tailscale is so helpful is the ACL system. I have about 40 devices connected to my Tailnet and depending on tags devices can or can't access direct communication and also certain exit node networks. Traditional VPNs generally suck because you dump out of a host and have flat access to everything. Tailscale allows you to segment access without disrupting general Internet access with minimal friction and ACLs allow segmentation to happen at the user / device level. Most people aren't using Tailscale ACLs, in fact I rarely hear it discussed. Also the article fails to mention Tailscale Peer Relays [0] which decreases the dependency on DERP relays significantly and are controlled by, you guessed it, ACLs.
The article does list what Tailscale adds on top of WireGuard:
> WireGuard by itself is mostly the data plane. Tailscale adds the control plane on top: identity/SSO, peer discovery, NAT traversal coordination, ACL distribution, route distribution (including exit node default routes), MagicDNS, and fast device revocation.
I think you missed the point. There's nothing in the article going into any of why this would help differentiate Tailscale from plain-old-Wireguard. Simply saying this and moving on is not that.
I have a phone and laptop; those are my only two "mobile" devices that I might ever use to access my home network remotely. I set them up once, it took a few minutes, and I won't have to do it again unless I replace one of them.
I can completely understand using Tailscale for enterprise networks, but it seems very overengineered for my personal VPN needs.
I have a family of four. Plus a couple relatives who like having access to some of my self-hosted stuff. So, that's 6 people, each with at least one phone and one laptop, but probably an iPad too, or an extra work laptop, or something else random. Plus my youngest is addicted to buying old laptops on eBay and switching to them.
You made me curious, so I looked it up: I have 17 machines. Yeah... I'm not going back to plain WireGuard. :D
i had this issue, with an even more wild set of restrictions, so i used Caddy to "output its own access log" and i had a cron job on any server at home that would hit that caddy server with a pre-defined key, so like `http://caddyserver.example.com/q?iamwebserver2j` for one server and "q?iamVOIP" for another.
And now i have bi-directional IP exposure. it's cute because you can't tell if you just drive by, it doesn't look like it does anything. you have to refresh to see your IP, which is a little obfuscation.
if you care about security, not sure what to tell you. use port knocking.
Please note: this doesn't require installing anything on any remote, just a cron job to curl a specific URL (arbitrary URL). I used it to find the IP to ssh on remote radio servers (like allstar, d-star) for maintenance, for example.
Arg, annoying that it puts its config right in my home folder...
EDIT: Actually, I'm having a heck of a time packaging this properly. Disregard for now!
EDIT2: It was a bit more complicated than a single derivation. Had to wrap it in a security wrapper, and patch out some stuff that doesn't work on the 25.11 kernel.
That’s a great way to get one of the benefits of nix. But you still can check that snapshot into version control, share it with all your machines, etc.
You're right ... you cant check that snapshot into version control and share with your machines etc. When you need that level of control and need to scale your configuration to other machines NixOS sounds like the right choice. If it's for your own machine and you just want to try out a new windows manager non-destructively use snapshots.
How's your French? Sounds like a flippant question, but I hear Parisians are not that... tolerant of even bad French speakers, let alone non-speakers. That stereotype has kept me from visiting, let alone living there, despite it probably being my dream city in every other respect. I'm in my mid 40s, and learning a new (spoken) language has become extremely difficult. I spent 2 years trying to learn German a while back and it was a pretty big failure.
Maybe it's time to stop caring about these stereotypes over-amplified by social media? I'm from Asia and I speak English with a heavy accent, the only French I know is "merci beaucoup", "toilet?", and "au revoir". I've visited Paris twice (1 week each time) and language barrier or the so-called "Parisian elitism" had never prevented me to enjoy my stay there.
That being said, there is still a lot to hate about Paris: dirty and overcrowded subway, shady people everywhere, especially around tourists' places of interest, etc. Not that much different from big cities like NYC, SF, Seattle, etc.
That made me smile. I always felt people in Paris are so unfriendly while in New-York I felt almost aggressed by too much friendliness: Never had so many people asking how my day was going…
Did they really care about your day though? I feel that in France this type of conversation is rare but much more genuine and not a part of a “service”.
I can't comment for anyone else other than me of course, but as a person in NY and who has worked in a customer service job, I do care. I wouldn't ask if I didn't.
I've had a few experiences in France, as recently as a month ago. Not speaking French (I do not) is not generally a problem, no one seems to mind. What some parts of Europe do mind is being too... How do I put this politely... Obviously from certain places with very little sensitivity for where in the the world they happen to be at the time. Often loudly.
When I visited Paris a few years back I found the key was greeting people in French. Maybe spend a couple hours learning how to say hello, how to say "excuse me" and "thank you", how to ask where the nearest toilet is, how to ask for the cheque, etc.
If people see you making the effort, they'll switch to English, in my case, anyway. But you have to show some respect, first. You have to let people know you understand you're a guest in their country.
Of course, this was many years ago. Things may be different now. And of course, if you're going to live there you're going to have to learn the language as quickly as you can.
Prevented from visiting? Paris is one of the most visited cities in the world, and the Parisians are pragmatic people. If you're kind and respectful they'll give you that in return.
I can only say the most basic phrases in French and have experienced zero problems.
It’s probably more similar to Japan in terms of cultural tolerance. I heard the same story years ago and only recently visited (just after the Paris Olympics). I usually try to learn some of the basics of the language before visiting but was incredibly busy and didn’t this trip. I had no issues and I was all over Paris. People were very reasonable, and translation apps/services helped me plenty, but for the most part they spoke English or could understand some basic level of it. If you live there and try to assimilate but speak poorly or little, there may be less tolerance? As a tourist I had not a single incident.
I don’t like to be the ugly American who just assumes the world should speak my language, so I was ready for language barriers, but I had no real issues at all.
Agreed. It seems the Olympics really bolstered both Japan and France from before, where even in remote regions of Japan I had no issue speaking basic English for things I needed.
As a Frenchman living in Paris – we have such a huge expat community already (and many english-speakers, I worked with Brits, Aussies, Kiwis, Americans, Canadians) than one more or less will be a non-event.
Now it's true that Americans tend to love to frighten each other with firecamp stories about the Big Bad Frenchman, but IME it's mostly a mix of latent francophobia and a grapevine of bad experience between what is locally perceived as wholly uneducated Americans and local Frenchmen that the Americans tend to see as arrogant.
The latest if most often due to (i) tourists forgetting that what is a great week you spent years saving for is another Tuesday for the other guys in the street, (ii) many fundamental French etiquette rules (don't shout, say “hello” first when talking to someone, the absence of a hierarchical relationship between hospitality personnel and customers, distant behaviour is not arrogance but a mark of respect, etc.) are completely accessory in the US customs, leading to very strong misunderstandings.
So book a trip for a week and come say hello, we don't bite! (and avoid like the plague any café/restaurant in the touristy areas)
>>> say “hello” first when talking to someone, the absence of a hierarchical relationship between hospitality personnel and customers
These two are generally adhered to in the US as well. May be the hierarchy part is there if you're staying at really exclusive resorts. But by and large, most folks are polite.
There is obviously the random asshole. But those exist everywhere.
> These two are generally adhered to in the US as well
I'm not sure; granted I did not visit a lot of places in the US, but when I was there (Miami/Denver/Phoenix), I virtually never saw e.g. a customer greets the cashier when buying things.
That would have been considered extremely rude in the past. But beginning with millennials, these kinds of "mandatory" niceties began to fall away. Now with smartphones, hardly anyone looks up at each anymore. Why would they? We all know how the transaction is gonna go.
I went to Paris last year and it was not a big deal, as long as you know the basics like excuse me/please/thank you.
A few times someone would correct us (eg "after 6pm we say bonsoir instead of bonjour"), but it never felt like it was done in a dickish way and people were generally pretty accommodating. Perhaps it helps that I went to Paris with low expectations, not thinking it'd live up to the hype, but I had a great time. Definitely don't let the language thing keep you from going!
If you can you should go. Lived there for 12 years and my French was not amazing but no one gave me shit about it. English has been required in schools since 00s basically anyone under 40 should be able to communicate. But knowing some French goes a lot further.
As a Dutch person having spend many summers in France, I can say that the latest generations are much more tolerant and friendly. When I was young (90’s) I saw camping owners with war grudges screaming “Campsite Full!! (Complet!! In French)” To any German. I also had to walk out of a boulangerie without croissants because they couldn’t understand the way I pronounced croissant… but nowadays you can just speak English anywhere.
I'm french, but I have a dozen of friends here that don't speak English and have an active social circle. In some streets of Le Marais you can hear more English than french
I just paid about 2 grand for new tires on my car. That contributed to GDP, but it certainly didn't make me happier than I'd be if I didn't need a car in the first place. GDP is very misleading when it's measuring work that shouldn't need to be done in the first place. Hurricanes and earthquakes are also amazing for GDP, especially in places that never bothered to prepare for them.
I find I'm going even deeper lately. I, obviously, have to completely and _totally_ understand every line written before I will commit it, so if AI spits something out that I haven't seen before, I will generally get nerd sniped pretty good.
I feel like the word "protocol" is tripping you up. This isn't meant to be some standard that gets a bunch of traction in other projects. It's a protocol for the the River compositor; as the name suggests. Before this there was, I believe, river-layout-v3. It's all just getting taken to the next level; from layout to full window management.
reply