I had to add this:
http:
use_x_forwarded_for: true
trusted_proxies:
- 127.0.0.1
to config, but overall it’s very useful article.
I tried all sorts of port forwarding tricks to get wireguard working on the VM that runs my HA instance to no avail. The trailscale solution works really well. The only real problem I had was magic DNS conflicts with DNS66 on my phone (which I use for ad blocking). In the end I just used a hardwired VPN IP for my HA connection.
I did this a while ago. The useful thing (and I don’t know if it’s covered in the blog because I didn’t read it) is setting it up as an exit node.
This is useful because I have other things on my network that I wanna access, like my server, and with the exit node I can type Lan IP addresses into my browser while I’m outside the house and still access them, not just HA
You have to use tailscale VPN for this, right? The article explains how to setup access to HA via the internet, without using tailscale client.
Anyway, the exit node thing is indeed very nice.
I’ve just clicked into the article and no, it’s set up the same way as I have, except I set HA as an exit node in the Tailscale console.
Thank you for bringing this to my attention! I just enabled it, and it’s working flawlessly.
Do you need to use tailscales server for anything (like certs)?
I want to try to set up a network but prefer keeping everything 100% self-hosted.