nostr:npub14cgq353exzmhdsvqjtmw4dq7fvyleuls8umyrvd5umhr4gtx6asq7hqjhl you mentioned Tailscale to me before. Do you remember what it was about?
A way to get your tor node out to clearnet
Easy setup
Free
Easily install on a pi or any Linux system.
Guide is here👇
https://tailscale.com/kb/1031/install-linux
TLDR;
0) sign up for tailscale (free)
1) run CURL command on start9
2) copy the URL the end command gives you and visit
3) add that device to your tailscale dashboard
Visit your local home node, on the clearnet address tailscale gives you*
*you can redirect this public IP to a domain you own easily & free (mywebsite. com)
Thanks again for this!
So I would be able to enter that clearnet address into the Nextcloud app and use it as if I were at home?
nostr:note1yyz49e5rfvy4v73xxgheqz4jt0atkvpuej803ycja3ucqqrw7rls9dckdj
Yes exactly
Damn alright, I’m really motivated to get on this now. 🦾
So I just tried this out and was able to access my Start9 admin panel with the Tailscale-provided IP.
But, once I click on the LAUNCH UI button in Nextcloud, I’m taken to the .local address (which of course doesn’t work if I’m not on my local network).
Am I missing something? 
hm, Nextcloud has a local link hardcoded in their button (lol) or else there may be a Nextcloud setting that makes it sensitive to this environment difference? I don't know enough about Nexrcloud, but this is definitely their UIs fault.
do you know what path that button is supposed to bring you to? might be able to navigate to it directly at the tailscale URL?
ah sorry, this is a start9 issue, not Nextcloud.
hm yea you might run into auth problems, too...
i think I dealt with this with Umbrel and tailscale too... let me see if I can figure out how I handled it
Thanks. I’m not sure what path the .local address points to, I could probably try some guesses later. Maybe this is what people mean when they’re waiting for clearnet support for Start9. 🤔
Just worth mentioning: whatever device you are accessing _FROM_ also needs to be running Tailscale. It's basically a little personal VPN
Their signup requirements suck fucking balls.
Sign up with Google. Fuck no.
Sign up with Microsoft. Fuck no.
Sign up with GitHub. I already said fuck no to signing up with Microsoft.
Sign up with Apple. Fuck no.
Sign up with OIDC?
Never figured out how to accomplish this one for free gracefully.
Use whatever OIDC provider you want 😏
Does this require being on a server with a public IP address, or could this theoretically be utilized on a dedicated home server with NixOS installed on a local network?
It **needs** a public IP, but where you point it is up to you. A VPS is easier than routing it to a selfhosted VM, but both options work.
There in lays my issue. I gotta cough up money monthly for a VPS, or run a public facing server from my home. Last time I did that from my house I was hacked in such a glorious manner that I swore I would never do it again.
This project though is pretty amazing. If I ever have a FOSS project that I start paying for a vps service again. It is totally going on it.
Thank you for sharing.
It can absolutely be on a private LAN. I access a local server on my network via Tailscale from outside the house. No public IP.
Holy shitballs. Gonna do some experimenting this weekend.
Know of any tutorials on how you accomplished this goal gracefully?
Yep I was totally wrong up above; **tailscale** absolutely works on local lan! It's the app that punches through routers no matter where your device goes. It's the whoke point, and it works great!
(I had posted about headscale today too in another note, which does need a public IP, so I got confused)
The tailscale documentation on their website is very good, they have plenty of use-case tutorials.
I don't think this is true. I use Tailscale on a local machine on a private LAN
#Tailscale is great*
#VPN means "virtual private network".
Tailscale lets you setup your VPN, as you see fit, wherever your devices go, without any router stuff. It makes it easy and natural.
Mull, express, proton et al are...kinda VPNs? "Proxies" describe them better.
If you're already using nostr, and want to "host" something, look into tailscale (or #headscale, or just #wireguard) as a prerequisite.
*not perfect
