I’ve spent too many hours googling this stuff without a solution in sight that I’m able to understand.

I am moderately new to selfhosting, especially the networking aspect. To put it simply, all I want is to be able to access my services through Tailscale by using subdomain.mydomain.com.

I have gotten so far to point my domain to my Tailscale IP (using Cloudflare’s DNS), so that I don’t have to copy paste the Tailscale IP, but that means I still have to type in the ports to the services. Between the posts saying Tailscale can handle this, to the ones saying Synology can do it, and the remaining posts saying to use a reverse proxy (and the ones saying reverse proxy are a bad idea because of Synology stuff) I am now very lost. The terminology is exhausting and everyone is already so knowledgeable that they skip the basic steps and go straight to complex, short answers.

I’d like to keep using Tailscale, as I don’t want to deal with security issues and SSL certificates and all that, and if possible I’d like to avoid using a reverse proxy such as npm or Caddy if there’s a built in Tailscale/Synology solution that works.

To me more services just means more stuff that can break, and I really just want this stuff to work without fiddling with it.

Thanks for any help you can provide

  • lemmyvore
    link
    fedilink
    English
    07 months ago

    You can’t reach a Tailscale device from the internet the way you’re trying because their IPs are from private ranges reserved for CGNAT use. They’re not routable on public internet.

    What you want is called Tailscale Funnel but it uses their domain (.ts.net) not yours.

    You can also try using a CloudFlare Tunnel but they force you to host your DNS server with them.

    Both Tailscale and Cloudflare will be decrypting and re-encrypting your HTTPS traffic so please note that.