from stratself@lemdro.id to selfhosted@lemmy.world on 06 Nov 15:20
https://lemdro.id/post/31430096
Hi all, I made a simple container to forward tailscale traffic towards a WireGuard interface, so that you can use your commercial VPN as an exit node. It’s called tswg
Previously I also tried Gluetun + Tailscale like some guides suggested, but found it to be slow and the firewall too strict for direct connections. Tswg doesn’t do much firewalling aside from wg-quick rules, and uses kernelspace networking which should improve performance. This enables direct connections to other Tailscale nodes too, so you can hook up with DNS apps like Pi-hole/AdguardHome.
I’ve shilled for this previously, but now I wanna promote with an actual post. Having tested on podman, I’d like to know if it also works on machines behind NATs and/or within Docker. Do be warned though that I’m a noob w.r.t. networking, and can’t guarantee against IP leaks or other VPN-related problems. But I’d like to improve.
Let me know your thoughts and any issues encountered, and thank you all for reading
threaded - newest
If you are interested in alternatives, there is frp github.com/fatedier/frp
I’ll have to check this out. I’ve been meaning to rig up a container for this same scenario.
Oh this looks promising. TS + Gluetun does tend to be super slow, so routing just the outbound traffic through the chained VPN is excellent. I’ll give this a try this weekend.
Just found out someone else has a similar thing too:
github.com/juhovh/tailguard
It seems more flexible and can be used site-to-site, for anyone interested