Comment by sebws
19 hours ago
You can fix them both in one. In your local network you host a local DNS, in my case I’m using pihole. It has records which point to the local IP of a reverse proxy. With this setup you can have SSL for your domain names on your local network.
To make it then work outside your local network, in tailscale settings you use “split dns” to set your DNS to be the IP of your pihole in the tailnet for your domain. Now when you try hit your local domains you should receive the same local IPs that you do at home. Then in the tailscale route settings of your machine hosting the reverse proxy you make it advertise the subnet of those local IPs. Now when you receive the local IPs your devices using the tailscale VPN should go to your home server with SSL and no external DNS.
Hope that’s somewhat clear enough
No comments yet
Contribute on Hacker News ↗