An open source, self-hosted implementation of the Tailscale control server

1vuio0pswjnm7 4/3/2025|

"To me, not giving your Tailscale implementation any way for the user to understand or veto what the control server is instructing the clients to do while also not auditing your servers code at all sure seems daring..."

This statement sugggests that publishing the Headscale control server source code is not enough to allow the user to "understand or veto what the control server is instructing the clients to do".

If using the Headscale control server, the user can "understand or veto" anything "the control server is instructing the clients to do". This may be accomplished by reading, editing and compiling the source code.

If using the Tailscale control server, the user can only "understand or veto what the control server is instruction the clients to do" to the extent that the Tailscale company permits. The user is prohibited from editing or compiling the source code.

Not all users want the option to read, edit and compile third party software that they use. Some users may be comfortable relying on the ongoing assurances of companies funded by Silicon Valley VC. For those users that want the option of 100% open source projects, not dependent on venture capital, Headscale can be useful.

The author of Headscale calls the Tailscale coordination server "essentially a shared dropbox for public keys".

udev4096 4/3/2025||

How does headscale hold up when you're streaming video over jellyfin/plex?

scottyeager 4/3/2025||

Do you mean when using it as a relay because p2p connectivity isn't possible? The preferred operating mode of Tailscale networks is for the bulk of traffic to go p2p, using various tricks for NAT and firewall traversal.

cassianoleal 4/3/2025||

I’ve used it extensively to stream video across continents. No issues as long as you can get a P2P connection going. If it needs to go through a DERP server, then it may suffer but in my experience that’s pretty rare.

watusername 4/3/2025||

> If it needs to go through a DERP server, then it may suffer but in my experience that’s pretty rare.

It's semi-frequent in my case, and it's painful every time it does that since Tailscale's official DERP servers are very slow (they seem to have some aggressive QoS). It would be nice if Tailscale supported using regular TURN servers so I could just use one of the hosted solutions.

cassianoleal 4/3/2025||

You can self-host DERP if you're up for it.

LilBytes 4/3/2025||

Yep and most of us are already using Subnet routers it's not technically much harder.

Finding a cloud or VPS provider with free or cheap bandwidth (egress and ingress) is likely the biggest issue.

pluto_modadic 4/3/2025|

wonder if some of the bugs with self-managing it have been worked out :)