Rykzon

Hello! I have some experience with tailscale but just started to try out this plugin. I have a working custom network setup with traefik and some containers behind that. This is working just fine locally, via wireguard and public internet. Traefik listens on the unraid host IP:443. I was trying to migrate some currently public containers to tailscale. Basic connectivity is working fine. I have setup my public dns to point to the unraid tailscale IP instead of my public ip, connection works when in tailnet. I have setup everything to allow direct connections whenever possible, this seems to work as far as I can observe. Sadly when using the plugin I am mostly extremely limited in bandwidth >1Mbps, sometimes after restarting tailscale it works fine but then breaks down again. Much much worse than straight internet or locally, everything using the same traefik configuration. Using the tailscale container provides better bandwidth but I would like to avoid that. Right now I can only assume that some unraid internal networking is screwing with me. Tower-tailscale-diag-20240401-163235.zip

Crowdsec can be a bit of a struggle to setup correctly 1. access logs are certainly the main source of data for crowdsec, you can also install "collections" for other applications and point those to the relevant logs. This is just additional though and crowdsec will always provide baseline security with just access logs. 2. I'm not sure but you can check yourself with... 3. login to your crowdsec container and run "cscli metrics", at the top under "acquisition metrics" you should see your logs with some statistics Since you are using cloudflare as your bouncer, are you 100% only cloudflare can reach your endpoints?