Private diary with GoBlog, Tailscale and HTTPS
source link: https://goblog.app/tips/diary-tailscale-https
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Private diary with GoBlog, Tailscale and HTTPS
Some time ago I had already described on my private blog how GoBlog and Tailscale can be used to set up a private diary that is not freely accessible via the Internet.
Now Tailscale has announced a new feature: Let’s Encrypt certificates for Tailscale nodes.
I took the chance and added the HTTPS feature to GoBlog. The advantage is that browsers now don’t complain when you enter passwords on unprotected http:// pages.
So, here is an updated Docker Compose configuration for Tailscale and GoBlog:
version: "3"
services:
goblog:
container_name: goblog
image: rg.fr-par.scw.cloud/jlelse/goblog
restart: unless-stopped
volumes:
- ./config:/app/config
- ./data:/app/data
- ./tailscale-socket:/var/run/tailscale
environment:
- TZ=Europe/Berlin
- ALL_PROXY=socks5://localhost:1055/
network_mode: service:tailscale
tailscale:
hostname: goblogtest
container_name: tailscale
image: shaynesweeney/tailscale
command: tailscaled --tun=userspace-networking --socks5-server=localhost:1055
volumes:
- ./tailscale:/var/lib
- ./tailscale-socket:/var/run/tailscale
In GoBlog, the following server configuration is also important:
server:
publicAddress: https://machine-name.tailscale-httpsname.ts.net
tailscaleHttps: true
publicHttps: false
privateMode:
enabled: true
Although publicHttps is disabled by default, care must be taken not to enable publicHttps and tailscaleHttps at the same time. The privateMode is recommended if other people also have access to the tailscale network. This way a login is necessary to view posts.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK