zlacker

[parent] [thread] 2 comments
1. bakugo+(OP)[view] [source] 2025-01-05 17:18:43
Important to note that, even if you use Tailscale, the firewall punching happens regardless, so you still have to make sure you either:

1. Have some external firewall outside of the Docker host blocking the port

2. Explicitly tell Docker to bind to the Tailscale IP only

replies(1): >>aaomid+qg
2. aaomid+qg[view] [source] 2025-01-05 19:23:59
>>bakugo+(OP)
> the firewall punching happens regardless

Does it? I think it only happens if you specifically enumerate the ports. You do not need to enumerate the ports at all if you're using Tailscale as a container.

replies(1): >>bakugo+ej
◧◩
3. bakugo+ej[view] [source] [discussion] 2025-01-05 19:47:26
>>aaomid+qg
Oh, I didn't realize you meant running Tailscale in docker, my bad. Then yeah, that's safe.
[go to top]