from kiol@discuss.online to selfhosted@lemmy.world on 17 Nov 16:58
https://discuss.online/post/30666333
cross-posted from: discuss.online/post/30666278
Headscale - The main objective of Headscale is to provide a non-proprietary implementation of the Tailscale protocol & control server for hobbyists and self-hosters. Acts as a replacement for the listening servers while allowing you to continue using your existing clients applications. Funnel functionality is currently considered in beta status. Does not include a web ui by default.
Netbird - Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls. You can try their hosted service or selfhost it, or whatever.
Pangolin - is a self-hosted tunneled reverse proxy server with identity and context aware access control, designed to easily expose and protect applications running anywhere. Pangolin acts as a central hub and connects isolated networks — even those behind restrictive firewalls — through encrypted tunnels, enabling easy access to remote services without opening ports or requiring a VPN. Combines traefik reverse proxy with Single Sign On and Wireguard. Meant to be selfhosted, but they do offer a hosted instance.
Pin codes, temporary links, password links for exposing services as a “funnel”. Similar to cloudflare tunnels, where users cannot be bothered to sort things out and just want a service exposed.
threaded - newest
Guess lemmy just pulls in all those notes, but still curious on how people like running these services. Headscale is a really nice project, but so are Netbird and Pangolin. I’ve been enjoying Netbird, but heard some people run into battery drain issues on clients. Was curious what other sorts of things crop up for people running these services themselves, or if it is smooth sailing.
I’ve been using NetBird for quite a while now. It has grown from an experiment in connecting to the server without exposing it to quite a stable setup that I make use of every day, and even got my partner and some of my family to use. That is the hosted offering, however, not me self hosting my own server component.
For a couple of months now, I’ve been eyeing pangolin though. It just seems like such an upgrade concerning identity and SSO - but equally a complete overhaul of my infrastructure and a steep learning curve.
I am itching to get it running but would probably have to approach it step-by-step, and roll it out pretty slowly, while transferring the existing services.
Do you find they cover different use cases? Would it make sense to just selfhost Netbird, or to use a selfhosted Netbird in place of Pangolin?
I’ve used both Headscale and a while ago, Netbird. Some of this will be in comparison to raw Wireguard, which I’m also using.
I’m currently using Headscale, but it does have some annoyances. There were breaking changes fairly often for a while, although it looks to have mostly stabilised now. Tailscale itself is pretty invasive with its routing rules and DNS which can break things or cause unexpected behaviour, which doesn’t occur with raw Wireguard which is more predictable once you understand it. The Tailscale android client has been somewhat unreliable and clunky, although getting better, although third party Android clients for Wireguard, in turn, have also improved Wireguard usage dramatically. On the other hand, Headscale (or Netbird) are pretty much necessary if you are on a CG-NAT and need ipv4 access, and more usable if you want to build a mesh network.
I can’t remember if I tested the service Netbird or the self-hosted version (I think both) but the main thing I remember is that it had poor support for ipv6, which I consider mandatory. Otherwise, the Android client seemed solid and it felt well-designed overall. And maybe the ipv6 support is better now.
Pangolin is a reverse proxy implementation, so it doesn’t really achieve the same thing as VPN software.
Fair, but it can pair a VPN
Pangolin is not a VPN. But it does magical things like allowing you to manage reverse proxy from both VPS and homelab within one UI interface.
It does bundle a lot of cool stuff together that you’d normally have to piece together.
Right, it could be a pairing for a VPN to connect services in the VPS and homelab
No, they added a beta vpn feature.
Holy missing paragraphs Batman!
That is just how Lemmy handles Castopod. Nothing to be done about it afaik.
Wow, ok. I was having difficulty reading. Me skuzi
The actual post is below. That is just Lemmy rendering the description from the link. Filed an issue: code.castopod.org/adaures/castopod/-/issues/575
I apologize. I didn’t mean to make a big deal of it. I really meant my remark in jest as all the words were blurring. Old age and old eyes.
I honestly find the fact that happens annoying, haha. Totally get it.
Headscale is great! Netbird is easier, but their client for ios is soo battery hungry (at least the last time I tried).