Shameless self-plug here. I wrote a blog post to document my methodology after having some issues with publicly available examples of using Podman and traefik in a best-practices config. Hopefully this finds the one other person that was in my shoes and helps them out. Super happy for feedback if others care to share.
Wasn’t being critical at all. Not expecting you to write for anyone.
I wondered what this actually provides. If you were explaining to someone with a good knowledge of the world, not grandma!!
No worries, and I’ll accept criticism too, that’s how you improve.
Anyway, this is effectively giving you tailscale, a remote access mesh VPN solution, but with total control and ownership of the control plane server, instead of relying on the opaque tailscale owned and controlled infra. I touched on it briefly again the ‘DERP Config’ section of part 2: https://roguesecurity.dev/blog/headscale-quadlet-part2#DERP Config
I’m not criticising you. I cannot validity criticise you, even if I was so inclined (I’m not), because I cannot proficiently grasp the subject matter. I would like to understand, NOT criticise. You’ve written an engaging piece which is opaque to me; apparently a contradiction. Hopefully I’ve rephrased that enough times to get across that no criticism is intended. 😁
I don’t know the product names. I don’t tend to be focused on product names because they come and go. Your first message didn’t help me.
Your last precis is just what I needed. Ideal. Thank-you. I now know what you’re trying to achieve.
deleted by creator