- 0 Posts
- 13 Comments
4·8 days agoTailscale is just a bunch of extra fancy stuff on top of Wireguard. If you don’t need the fancy stuff, using raw Wireguard can be more lightweight, but might require more networking knowledge.
The biggest thing Tailscale brings you the table is NAT traversal. On top of that it uses direct Wireguard tunnels as necessary instead of creating a mesh like you usually would if you were using raw Wireguard. It also offers convenient bits of sugar like internal DNS, and it handles key exchanges for you so it’s just generally easier to configure. When you do raw Wireguard you’re doing all the config yourself, which could be a pro or a con depending on your needs—and you’ll be editing config files, unlike Tailscale which has a GUI for most things. It also supports some more detailed security options like ACLs and I think SSO, while Wireguard is reliant on your existing firewall for that.
Here’s what Tailscale has to say about it: https://tailscale.com/compare/wireguard
I’ve messed around with Tailscale myself, but ultimately settled on running Wireguard. The reason I do that though is because I trust my LAN, and I only run Wireguard at the edge. Tailscale really wants to be run on every node, which in turn is something that raw Wireguard theoretically can do but would be onerous to maintain. If I didn’t trust my LAN, I’d probably switch to Tailscale.
A lot of people have suggested Tailscale and it’s basically the perfect solution to all your requirements.
You keep saying you need ProtonVPN which means you can’t use Tailscale, but Tailscale actually supports setting up an exit node which is what you need. Put Protonvpn on the Raspberry Pi, then set it up as an exit node for your tailnet. There’s a lot of people talking about how they did this online. It looks like they even have native support for bypassing the manual setup if you use Mullvad.
As long as every client has the ability to use Tailscale (I.e. no weird TVs or anything) this seems like it checks all your boxes. And since everything is E2EE from Tailscale, TLS is redundant and you can just use HTTP.
One use for wireguard in a container is that if you’re using other containers on the same host you can use container magic to route the traffic of specific containers through the wireguard tunnel, while other containers bypass the tunnel.
deleted by creator
deleted by creator
I think your take is reductive. Gender isn’t about stereotypes. I’m sure that for many trans people, part of their trans discovery was not feeling like a stereotypical member of their sex, but there’s more to it than that. You can say that gender relates to a lot of things. Gender is ultimately an internal experience that means different things to different people, and isn’t necessarily related to identifying or not identifying with any given stereotype.
Bioessentialism in turn reduces people to genitals, and sort of refuses to address intersex people because something something “outliers don’t count”. At best it says sure, you can dress up however you want, but it’s super important that everyone know What You Really Are so they can put you in a box and appropriately segregate society.
8·17 days agoPeople posting blobfish always makes me sad. Poor things don’t actually look like that…
It’s like it aliens took humans into space and our corpses got all bloated from the lack of pressure and then the aliens laugh at our corpses and assume that’s what humans always look like…
I don’t think “identifying with social stereotypes” is really an accurate representation of what being trans is.
Sure, there are some people who transition and identify as stereotypical members of their desired gender, but there are also people who transition and are gender nonconforming after their transition, but still identify as binary trans.
Identifying with social stereotypes also doesn’t account for physical dysphoria, which is very real for a lot of trans folks. Some trans folks change little about their presentation when they transition but still want hormones and/or surgery.
32·23 days agoI kinda of lean towards the idea of “private accounts” being a bad idea as a result, just because it creates a false sense of security. But I’m not in the target demographic so idk
The issue is that if you don’t default to federation, it becomes essentially impossible for new instances to join the fediverse. A potential new instance would have to go around to every single existing instance and ask to be allowlisted, which is onerous for both the new instances and for the large server admins who would be getting tons of requests. It would also essentially kill small-scale selfhosting as a result.
I’ve noticed this too and it’s so sad because I love em dashes, but whenever anyone uses them it puts me on guard. I still use them from time to time, but I’m more self-conscious about it now
A big part of IPv4’s persistence I think is that people insist that IPv6 is complicated, but then refuse to learn it or think outside their IPv4-brain. It’s just different enough that it’s easier to stay in v4, even if it requires a million hackjob fixes to keep around.
If anything is to blame for that, it’s the lack of momentum behind IPv6. We’re out of IPv4, so NAT is inevitable, and IPv6 doesn’t have enough inertia for single-stack to be viable (certainly wouldn’t be described as “no drama” at least).
The cursed LLM thing uses buttplug.io on the backend, I just wanted to share it because the premise is very funny to me.