Playing around with a new self-host NAS OS, finally thought about Tailscale. But, I see it wants a login to an account. Checking online, seems I have to use Google, Apple, MS, Github or OIDC (which iassume costs money based on the site).
So how tf y’all setting to your tail scale stuff? I’m not using a big brother us tech account for auth on this thing. Think I’d rather go back to regular wireguard if that’s the case.
Edit: OK I see you can use regular email. It didn’t load the webpage correctly the first time or I missed it. Odd. Anyway, I do don’t want an account add I don’t want to risk any data compromise at some point
I went with GitHub. In the end it’s just an OAuth service, to provide identity. It’s not used to gather data on you (just the same we already share by visiting regular websites).
I’m still gonna lookup Headscale and Wireguard because It’s been on my radar.
Problem with plain Wireguard is if you can’t open ports on some devices to get a direct connection. It should be just fine with hub and spoke model, but NAT Traversal of Tailscale makes a huge difference. I can get a direct connection between 2 devices connected to mobile data and behind CG-NAT.
And also the config management if you have too many devices.
Hub and spoke, you just add new devices to Wireguard on the main device, and the new peer. Full mesh, oof.
But as far as configuring Wireguard goes, that’s pretty simple. And then there’s the weird stuff with MTU and fragmentation… but that’s not something Wireguard-specific.