← go back

dndw: headscale + tailscale

“Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.”

— George Orwell, 1984

Tailscale is a great tool for cybersecurity nerds like me. I especially use it to securely link all of my devices on my own home network. This is great especially for when I’m trading, and I want to be sure that my financial data is extremely secure.

that’s great! is there any way to self-host a server?

That’s a great question!

I actually do self-host my own tailscale server for when I’m away from home. Headscale makes it really easy to set up my own server and connect to it.

what do I need to get started?

You’re going to want two things for this:

i have those things. how do I get started?

  1. Allocate a new VPS and assign a static IP. Link this IP to your desired subdomain using an A record (if you’re using Cloudflare, deselect proxy).
  2. Install Headscale ↗
  3. Make the following changes to the config file:
    • Set server_url: https://your.domain.io:443
    • Set listen_addr: 0.0.0.0:443
    • In derp, enable server and set ipv4 to your assigned static IP
    • Set the acme_email and tls_letseencrypt_hostname: your.domain.io
  4. Restart Headscale using sudo systemctl restart headscale
  5. Install Tailscale on the server
  6. Register the server as an exit node using sudo tailscale up --login-server https://your.domain.io --advertise-exit-node
  7. Log the server in using a separate shell
  8. Run sudo tailscale set --advertise-exit-node and then sudo tailscale down
  9. List the routes using headscale routes list
  10. For every named node, run headscale routes enable -r <id> for its ID.
  11. Start Tailscale using the previous tailscale command

how do I connect?

On your own computer, run sudo tailscale up --login-server https://your.domain.io --exit-node <node-name>. Log the client in. The node name is the one that’s named in the previous step 9.

privacy ~ freedom

To add a footnote, I’d like to assert that privacy and freedom go hand in hand. When freedom is given, you must fight for your right to privacy.

Tailscale gives you freedom; use it to gain your privacy.