Once the port is open, you should be able to access it via the tailscale IP just as you would locally on your network
Once the port is open, you should be able to access it via the tailscale IP just as you would locally on your network
Ahhh i gotcha, so basically it forwards traffic through the pi so that you can send traffic through tailscale on devices that don’t support it? Sounds like a cool idea tbh
Good on ya for the tailscale/syncthing though, off-site backups are super important! If Jellyfin supported federation you could merge your library and your parents library and have it all accessible through each of your local instances. Maybe one day they’ll add it, i think it would be a killer feature.
Glad the write-up helped though, it should at least help you move towards single instances (at least for immich) since you can just backup on tailscale via the dns entry!
Glad to help, yes that is a perfect example of how you could use this to your benefit. Much easier to just tell people to enable VPN (tailscale) and navigate to an easy to remember URL.
I’m somewhere in the middle, I do cybersecurity professionally so i work a lot with technical stuff but my hobbies are much deeper in it so theres a lot of stuff i don’t know. But, thanks to these communities i was able to learn how to do a lot of things and have now levelled up into doing the research on my own and trying to give back :)
In your dream scenario, is that each family member would be hosting immich/jellyfin on their pi zero? Or is the pi zero somehow routing traffic for them back to your server for jellyfin and immich?
Happy to help!
Side note, if you want to make publicly available services, you could use cloudflare tunnels. They work in a similar way – letting your services be accessible over the Internet without needing to open ports. Some other people in the comments have mentioned that Tailscale funnel can also work for this, but i haven’t used it so I can’t really advise on that front
Just looked it up, seems to pretty cool. Does it only work with one service though? You proxy one port to your tailscale domain name, but does it do routing for additional ports at the same time?
I’ve only done surface level research into it, and honestly didn’t come across this when i was doing the research for NGINX Proxy Manager, but it seems a little limited in comparison.
Happy to be proven wrong though, any easy solution is a good solution :)
That does work great, but when I’m on mobile i find it a lot easier to just go straight to the service rather than using a dashboard (although i have one set up)
Interesting, i didn’t know that but that is definitely something worth looking into if you need it for your usecase:
https://tailscale.com/kb/1223/funnel
Personally, I use a cloudflare tunnel for that. I’ll probably end up checking out tailscale funnel at some point for fun though
To my understanding, yes! I touched on it in the post but since tailscale is a VPN that doesn’t require open ports to access other devices in the tailnet, you don’t need to worry about CGNAT
Same thing,
CNAME: * -> @
Which translates to: * -> example.org
* Is a wildcard DNS character, basically meaning any subdomain will get forwarded to the root domain
Where? All the keys in the screenshots are sample keys
First SS: its 01234456789abcdef repeated Second SS: it just says yourapikeyhere
Yes, that is the intention. I suppose I probably could have just edited it to read ‘example.org’. But, it’s the shorthand notation @ refers to your domain name.
So the A record @ -> [Tailscale IP]
which DNS translates to example.org -> [Tailscale IP]
🫡 just doing my part, when i set it up it was a lot of digging through documentation and videos (the information is there, but it definitely requires some commitment in the research lol). Wanted to make something that gives it all in one go & helps the community out :)
Honestly, this is probably the enhancement to my homelab which has yielded the greatest QoL improvement. Prior to this, I would have to remember port numbers for every service and every ip address that i have something running on (and as my lab has expanded, this has become a lot more challenging).
https://lemmy.browntown.dev/post/1440768
Not sure if you getting mentioned in the post gives you a notification, but just wanted to drop the link here! Hope it helps, I tried to make the walkthrough pretty basic while still keeping it high level where it matters (like I assume anyone attempting this is familiar enough with selfhosting that they can install a docker container without me walking through the entire process)
Sounds good! I’ll write something up & post on selfhosted
Just give me a couple days :)
IMO, trying to avoid CLI in server administration is doing yourself a long term disservice. Its not that challenging and you’ll learn a lot more about how everything works. Plus, you’re pretty much not going to be able to avoid the terminal forever.
Had a hunch from the bg color: Source
Edit: Paywall Bypass
Jakob is super cool!! I got to meet him in person at LTX 2023, he gave me a mic and told me to start streaming :)
They did, but I’m not sure that applies in this case unless for some reason OpenAI signed a deal with SAG. Otherwise, they aren’t beholden to any protections not afforded by the law.
At least, AFAIK. Someone with more legal knowledge should probably chime in
It would probably be mail.x[.]com