cassianoleal a day ago

As opposed to what? This seems pretty normal.

We considered it as well but there was a feature missing that meant we couldn’t use it for one of our main requirements. Had that not been the case, we’d have rolled it out.

Reply View 2 replies
  • mrklol a day ago

    Mind sharing which feature?

    Reply View 1 reply
    • cassianoleal a day ago

      Honestly I'm hazy on the details but we're running a fairly complex environment in GCP with PSC everywhere, connections to on-prem and other external environments, and something wouldn't quite work due to all that.

      Sorry I can't provide any more details but I really don't remember the specifics. We were in touch with Tailscale engineers and they offered some workarounds that we had already worked out but that wouldn't help us achieve what we were after.

      Reply View 0 replies
sshine 2 days ago

I’d love to see a write-up on that.

Especially in the unlikely event that you used Nix for the deployment.

Reply View 4 replies
  • benley 2 days ago

    I've done exactly that: headscale in production at work, a few hundred client devices, infrastructure mostly powered by nix. What would you want to hear about it?

    Reply View 3 replies
    • squiggleblaz a day ago

      * Does it work well? * Do you recommend it? * Do your users care? * Is it difficult? Do you have to maintain it or is it basically set it and forget it? * What was memorable about setting it up? * Why did you go for Headscale vs Tailscale or Netbird or some other solution?

      Reply View 0 replies
    • sshine a day ago

      > headscale in production at work

        - How much effort do you put into key management compared to plain WireGuard?
  - How automated is the onboarding process; do you generate and hand over keys?
  - How do you cope without the commercial Tailscale dashboard?
  - Do you run some kind of dashboard or metrics system?
  - How long did it take to set up?
  - Were there any gotchas?
      Reply View 1 reply