Fork me on GitHub
#clojure-europe
<
2022-05-23
>
reefersleep06:05:31

Good morning 🙂

genRaiy07:05:28

Good morning

🙌 1
genRaiy07:05:53

That was taken last night but is inspiring me this morning

simongray07:05:40

good morning

dharrigan08:05:17

Good Morning!

simongray08:05:18

Have people here tried Tailscale? Kind of amazing tech. A shame that it’s proprietary, though.

dharrigan08:05:15

I run my own wireguard VPN

simongray08:05:18

I am looking into self-hosting a bunch of stuff and I would obviously prefer things to be open source, but it is so damn convenient to not have to deal with security at all.

dharrigan08:05:22

It's pretty straight-forward to setup

dharrigan08:05:40

(I also use zerotier)

simongray08:05:07

Hm… maybe I should look into that. But it does require some extra setup on every client right? Tailscale is just: install app, login, done.

dharrigan08:05:27

wireguard or zerotier?

simongray08:05:02

I am not that familiar with either. I know that Tailscale is a layer on top of Wireguard.

dharrigan08:05:28

That's pretty much it. They've made it pretty. If you want something that is a little bit easier to setup, Zerotier is pretty darn awesome.

simongray08:05:39

Ok, will definitely look into that.

dharrigan08:05:48

Wireguard is super awesome too and everywhere.

simongray08:05:57

ZeroTier seems a lot like Tailscale, but they have a self-hosted option?

dharrigan08:05:09

You can run your own "planets" and "moons"

simongray08:05:16

yeah, I gather that wireguard is worth learning

dharrigan08:05:20

which are like the concentrators of VPNs

dharrigan08:05:52

However, since everything is encrypted, even the keys between clients, I just use the UI that zerotier provides. They offer like 100 devices for free

dharrigan08:05:00

which is ample for my needs 🙂

dharrigan08:05:20

There are clients for all major OS's and also for phones too

dharrigan08:05:58

One of the neato things about zerotier is it acts like a global sized ethernet switch

dharrigan08:05:13

so you can apply rules (ingress/egress) rules at the network layer between clients

dharrigan08:05:49

so you can (as something I do), is that I spin up a zerotier network, allow a friend to connect, and only give their machine access to port 80 on my machine (for serving up stuff)

dharrigan08:05:59

and I do that on the zerotier UI

dharrigan08:05:21

Natch, you can acomplish the same thing using wireguard and your OS level packet filtering too

simongray08:05:58

Nice. Seems very similar to Tailscale. The thing I like about Tailscale is that only the first packet has a bit of lag since it does the handshake part, while all following network packets are routed optimally between the nodes. I guess ZeroTier is the same?

simongray08:05:47

This whole VPN mesh architecture thing is messing with my understanding of what a VPN is.

simongray08:05:54

Ah, I found a comparison: https://tailscale.com/kb/1139/tailscale-vs-zerotier/ So ZeroTier doesn’t use wireguard, apparently.

dharrigan08:05:02

That is correct

dharrigan08:05:21

They are different technologies (that achieve the same thing - secure communication between N clients)

maleghast09:05:21

Madainn mhath

maleghast09:05:40

Not such a bad morning in The Central Belt this morning...

lread11:05:28

groggy mornin’