shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

254
active users

#tailscale

1 post1 participant0 posts today
Alex<p>Anyone here used tailscale? Wonder if it would work well for my RPi4 which is a generic pentesting device I keep around, but haven't done much with in ages. I have used zerotier before and it works pretty well, but wonder if tailscale would work better?</p><p>I could setup an AP and connect via that, but I also have found it that to be a bit meh and there is a project that setups an AP ezpz with a nice UI.</p><p><a href="https://cyberplace.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://cyberplace.social/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> <a href="https://cyberplace.social/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://cyberplace.social/tags/hardware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hardware</span></a></p>
.:. brainsik<p>Ugh. For some reason <span class="h-card" translate="no"><a href="https://hachyderm.io/@tailscale" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tailscale</span></a></span> has stopped renewing certs on one of my machines. Just logs that it’s starting renewal and then nothing after even with a high verbosity level for tailscaled.</p><p>Ended up doing some terrible things with acme and a Tailscale funnel in order to generate valid <a href="https://hachyderm.io/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>letsencrypt</span></a> certs. First time I’ve run into this after a couple of years of things just working. 😔</p><p><a href="https://hachyderm.io/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a></p>
Tailscale<p>JSON or GUI? With Tailscale’s new visual editor, you get both.</p><p>✅ Switch between code + visual views<br>✅ See who has access at a glance<br>✅ No drift — everything stays in sync</p><p>Network policy editing, reimagined.<br>Now in beta: <a href="https://tailscale.com/blog/visual-editor-beta" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tailscale.com/blog/visual-edit</span><span class="invisible">or-beta</span></a><br><a href="https://hachyderm.io/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroTrust</span></a> <a href="https://hachyderm.io/tags/DevTools" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevTools</span></a> <a href="https://hachyderm.io/tags/Tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tailscale</span></a></p>

New blog post!

I've been using TLS certificates generated by Tailscale to access my self-hosted, private services with HTTPS for some time now, but there is one problem with them: they do not auto-regenerate.

So I used some bash and..

*thunder*, *ominous music*

systemd

to create an automated task that autoregenerates them periodically.

To crank the fun to 11, I also use https://ntfy.sh to notify me if the task succeeded or not

https://stfn.pl/blog/78-tailscale-certs-renew/

#blog #tailscale #systemd #lxc #nextcloud

ntfy.shntfy.sh | Push notifications to your phone or desktop via PUT/POSTntfy is a simple HTTP-based pub-sub notification service. It allows you to send notifications to your phone or desktop via scripts from any computer, and/or using a REST API.

Thinking about spinning up a secure, VLAN-isolated (and firewalled via #UniFi) VM on my #Proxmox #homelab server to act as a public-facing edge node powered by #Tailscale Funnel, custom domain, and Tailscale-issued TLS certs.

For routing multiple services (Gitea, SearXNG, blog, etc.) through Caddy, all sandboxed from my main tailnet + LAN. No open ports, no cloud VPS, no trust leaks.

Any thoughts?