Hi,

I an currently trying to add remote access to 2 of my servers but didn’t manage to get a working setup as is.

Right now I want to access 2 servers:

  • one is for media stuff (navidrome, jellyfin, managing the arr stack)
  • one is for my data syncing with rsync and after set a backup from borg to another server not on my domain

I was trying at some point to add stuff such as tailscale, but somehow I always had issues with having both servers reachable within the IP range I use on my local network, so everything would work as is with the current config at home being away. I have also heard of cloudflare tunnels as well, but that I didn’t try yet. At some point I tried to do just a regular wireguard from my opnsense, but I would prefer not to have open ports to worry about (and also had issues with internal IP not being assigned from wireguard as well).

Does anyone here has experience with this? If so, what was your solution and/or caviats to it?

  • neon_nova@lemmy.dbzer0.comEnglish
    7·
    21 hours ago

    I was going to say Tailscale. You will need to give more details about what didn’t work with Tailscale, but it has been pretty seamless for me.

    • mrnobody@reddthat.comEnglish
      1·
      16 hours ago

      How did you config tail scale though? Are you using some Apple or MS author account? I want to stay away with using one of their services to “authorize” connecting to my own server

      • neon_nova@lemmy.dbzer0.comEnglish
        1·
        6 hours ago

        As far as I know you need to authenticate through them.

        Alternatively, you could setup your own vpn to do all this, but it is much more work and will likely have some cost.

    • ZeDoTelhado@lemmy.worldOPEnglish
      2·
      21 hours ago

      Basically when I connect to tailscale I just can’t get it to give an internal IP so I can access everything with my configs. Unless I am missing something obvious, I don’t understand what is going on here.

      • neon_nova@lemmy.dbzer0.comEnglish
        5·
        21 hours ago

        When you connect to Tailscale, via cli it should give you a link to use to connect it to your account. You can get the ip address in various ways. One of which is just looking on your Tailscale dashboard. You need to have Tailscale installed on every machine you want to talk with.

          • rtxn@lemmy.worldEnglish
            6·
            20 hours ago

            If you have IPv4 addresses, I guarantee you’re behind at least one NAT gateway. What you need is a Tailscale subnet router, or something equivalent from another service.

            In the most basic configuration, the Tailscale client facilitates communication between one host it is running on and another host it is running on that are both connected to the same tailnet. For this purpose, it uses addresses from the 100.64.0.0/10 “shared address space” subnet. These addresses will only be reachable from within your tailnet.

            If you want an entire subnet (e.g. your LAN) to be accessible within your tailnet, you need to set up a subnet router. This involves configuring the Tailscale client on a device within the target subnet to advertise routes (tailscale set --advertise-routes=192.168.1.0/24), allowing the host to advertise routes in the admin page (Machines -> -> Edit routes), and configuring the Tailscale client on external hosts to accept advertised routes (tailscale set --accept-routes).

            If you want your servers to be accessible from anywhere on the internet, you’ll need Tailscale Funnel. I don’t use it personally, but it seems to work.