gambler32k Posted April 16, 2023 Share Posted April 16, 2023 Used to use wireguard plugin on my unraid server to access LAN from my phone but recently switched to tailscale in docker on my opnsense box i recently purchased. Have that as a "exit" node i think its called and its working fine with my phone so i can close the portforward on the router. Now iam looking for a way to close my portforward(NPM) to my jellyfin and audiobookshelf that my family uses, Would be nice to get them to install tailscale on their devices and ONLY have access to the jellyfin and audiobookshelf docker on the unraid system. is that possible? And how exactly would i set this up? i read that tailscale have somwthing called ACL rules. Can someone who have this setup show me a example? Should i setup a new tailscale docker without exit node on the unraid docker system? Quote Link to comment
EDACerton Posted April 16, 2023 Share Posted April 16, 2023 Tailscale can do what you're asking about, but it seems like there might be some confusion about how the features work. An exit node in Tailscale isn't for access to your devices -- exit nodes are used for traffic that is destined for the internet. You might be thinking of a subnet router -- that allows access to devices on your LAN. Personally, I prefer to install Tailscale on the devices that I'm trying to access remotely (e.g., Unraid) instead of just using a subnet router. That allows for things like MagicDNS / Taildrop to work, and it spreads the encryption overhead around more (if using a subnet router, that device has to do encryption/decryption for all traffic). Shameless plug: I'd recommend using the Tailscale plugin instead of the Docker image on Unraid: Here's the documentation for Tailscale ACLs: https://tailscale.com/kb/1018/acls/ Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.