-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Tailscale formula #42
Comments
Might be more appropriate here. #34 (comment) |
Just an update on this. I have produced what I would say is an almost finished formula. I have not released it cause I didn't test as I didn't create a Tailscale account. |
@ben-grande Happy to test with my account if that would be helpful. |
Please test the formula. I created an account to test and it was useful... else I would deliver something broken as I had to fix some things. |
Can you please test? |
Works as expected @ben-grande many thanks! As a thought experiment, is there any concievable way of splitting this: say, having users connect a disposable to sys-tailscale mesh network without the disposable having tailscale itself? |
Possible if following the Tailscale subnet guide, untested. Converting The problem is some things needs to be done on the Admin interface rather than on the qube side... |
Current problem (if any)
Remote management on restricted network is difficult:
Proposed solution
Add tailscale.
Adding tailscale to a qube can be a security concern. Your OpenID provider can authenticate to your machine, but your can also use your own OpenID instance. Using Tailscale does not open ports to the internet, only your configured nodes can access it, so less dangerous than opening ports on your router in this metric.
The installation will of course be optional and restricted to the qubes you want to have it.
The value to a user, and who that user might be
Users can remotely manage remote qubes and non-qubes more easily without having to setup their tunnel, be it self-hosted VPN, VPS with SSH Tunnel or Hidden service with Onion Authentication.
.
The text was updated successfully, but these errors were encountered: