Conversation
While I was pretty happy with my headscale/tailscale setup, I missed one part: Vanity hostnames for services. In my tailnet, only machines get nice hostnames, but for example I want access to a host like http://grafana/ for my central Grafana (a service on a random port on one box). It took a total of 49 lines of go code to build a reverse-proxy that does this. This proxy is it's own node on the tailnet, therefore it gets a hostname and takes part in the usual routing. It then uses the reverse proxy lib built into golang to proxy to the real host.
1
0
1
The next step could be adding automatic LetsEncrypt support via a DNS-01 challenge, as my tailnet uses a completely valid domain that I could get validated certificates for - but that doesn't really matter much to me, given I'd rather use the short hostnames made possible by a correctly set search-domain and it's all encrypted with wireguard anyway.
0
0
0