Cool.

In other news, Swiss law makers claim opening and reading all mail sent to make sure it doesn’t include the phrase “monty bojangles” is “not a privacy concern”

My point is that in order to block a specific domain, you necessarily need to check it against a list of all legitimate domains being accessed

maybe silly question but does tailscale tunnel operate in a similar fashion to a cloud flare tunnel? as in you can remotely access your internal service over https?

So i’ve been trying to set this up this exact thing for the past few weeks - tried all manner of different Nginx/Tailscale/VPS/Traefik/Wireguard/Authelia combos, but to no avail

I was lost in the maze

However, I realised that it was literally as simple as setting up a CloudFlare Tunnel on my particular local network I wanted exposed (in my case, the Docker network that runs the JellyFin container) and then linking that domain/ip:port within CloudFlare’s Zero Trust dashboard

Cloudflare then proxies all requests to your public domain/route to your locally hosted service, all without exposing your private IP, all without exposing any ports on your router, and everything is encrypted with HTTPS by default

And you can even set up what looks like pretty robust authentication (2FA, limited to only certain emails, etc) for your tunnel

Not sure what your use case is, but as mine is shared with only me and my partner, this worked like a charm