Note my bias as I work for Big VPN (Tailscale), but I don't think that teaching people to ignore security warnings is a good thing to do. The CA system is kind of a scam in general, but I think that at least in its current implementation it's better for us to encourage people are aware of those errors and what they mean.
As the sacred texts say: self-signed certificates beget the use of curl -k beget the use of self-signed certificates.
Tailscalar here. Use tailscale serve. It is a reverse proxy inside tailscaled. It will handle HTTPS certificates for you too. As an example, here's a sample HTTP server proxied to both my tailnet via tailscale serve and to the world with Funnel.
Also as far as I know you need to use Serve in order to use Funnel.
Yo ho ho and a bottle of rum for me!
I absolutely love the vibes in this shot. Amazing work!
Carefully.
I personally shove Transmission into Docker:
services:
wireguard:
image: ghcr.io/linuxserver/wireguard
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Stockholm
ports:
- 9091:9091/tcp
volumes:
- ./config:/config
- /lib/modules:/lib/modules
sysctls:
- net.ipv6.conf.all.disable_ipv6=0
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped
transmission:
image: ghcr.io/linuxserver/transmission
container_name: transmission
ulimits:
nofile: 1048576
environment:
- PUID=1000
- PGID=996
- TZ=Europe/Stockholm
- USER=azurediamond
- PASS=hunter2
volumes:
- ./config:/config
- /data:/data
- /data/Torrents/dl:/downloads
- /data/Torrents/inbox/start:/watch
network_mode: "service:wireguard"
depends_on: [ "wireguard" ]
restart: unless-stopped
Make sure your mullvad config is called wg0.conf in ./config.
For the record, I'm pretty sure using Mullvad for XDCC is super overkill, but I wanted to have an excuse to break out userspace wireguard in a project and writing it all in Go made it so damn easy: https://github.com/Xe/x/commit/3d0647e946014516df33de0b18d2a16eec835bed
Generally when you download files over torrent through your ISP, you end up getting love letters from rightsholders. I personally use a homelab NAS as my seedbox and for my public tracker stuff (as well as anime downloads over XDCC) I use Mullvad. I don't seed overly much on public trackers because of it, but my ratio on private trackers is sky high because ISPs won't send love letters for private trackers.
If you have a hackable switch, dump your keys and demo it on your PC assuming it's beefy enough. You'll know if you like it within about an hour or two.
XC2 is a lot better than XCDE, XCDE really suffers from the era it came out of. XC2 was when Monolith really got their stride.
They already are, just not as main processors. They're using it for all the microcontrollers that are essential in modern computers.
No prob! If you run into any problems, feel free to DM me or /u/tailscale@hachyderm.io. We're more than happy to help.