Setup

I've been meaning to set up a better option for remotely accessing my home network than opening up and forwarding ports. I tried out Cloudflare Zero Trust Network Access last year, but I don't entirely trust something that's trying to be such a monolith. Tailscale is built on WireGuard and I love open source software, so when a colleague set Tailscale up for their NAS I decided to give it a try.

Synology offers a Tailscale package, so it was an easy one-click install on my NAS. I also downloaded the Android and Mac apps. Later today I'll install it on my Linux desktop and laptop. On each platform it was a simple process of signing in with my SSO provider of choice, and I was good to go.

The one customization I've made so far was to add NextDNS as a global nameserver and override local DNS. Now, my connected devices will default to my NextDNS config!

Why?

So, what's the point of using Tailscale? Mainly, it allows me to connect to hosts at home running services like an RSS reader or bookmark manager, or mess with Docker containers, from any of my devices on any network, without worrying about whether I've exposed a port to the open Internet. I can also turn off the QuickConnect service on my Synology NAS, keeping it more under my own control.