• 0 Posts
  • 25 Comments
Joined 1 year ago
cake
Cake day: July 15th, 2023

help-circle
  • If you do not trust Tailscale as a company, here is an open source re-implementation of the server called headscale. Some/all clients are open source as well. So, you can review all components yourself or pay for a professional third-party review. Otherwise, if you take a binary blob from any origin, including Tailscale, and have it run with privileges on your server, there are few limits on what this blob can do. Yes, backdoors are technically possible, but probably bad for Tailscale’s business if that ever came to light.







  • Maybe the first question is what your budget is, both regarding money and time. For example, you could buy a pre-configured NAS from Synology or QNAP, which requires less technical skills but more money, or a home-made solution reusing used components (but fresh disks for reliability). Depending on your electricity costs, you may want to choose a low-power solution or something which you power off when not used. For storage, maybe a three-disk RAID5 is a good compromise. For backups, plain S3 cloud storage encrypted via restic is a good idea.









  • There is some information missing in the problem description. For example, if you close the lid, does the computer suspend/sleep/hibernate? It may be that when the computer sleeps something “breaks” or it may be that the act of physically closing/opening the lid has an effect (e.g. because the WiFi antenna is embedded in the display frame).

    Some time ago I had a similar problem with Tailscale and sleeping. When Tailscale initializes itself (at boot), it has to interact with another service to communicate which DNS servers have become available (e.g. 100.100.100.100). Several implementations of such services exist (resolvconf, openresolv), in my case systemd-resolved. During normal operation, resolvectl status (if using systemd-resolved) shows which DNS servers and which search domains are configured for each network interface such as tailscale0. Now, there is a bug (or feature) that systemd-resolved “forgets” the DNS configuration it got from Tailscale when the computer is put to sleep. So, when the computer wakes up, name resolution via Tailscale no longer works, giving you the impression that Tailscale itself is not working, although Tailscale’s low-level functions are still operational. My “solution” was to write a small script that gets executed when the computer wakes up which sets again DNS server and search domain for network device tailscale0.