Replies: 2 comments 1 reply
-
|
I guess people using https://github.com/tsujamin/hass-addons/tree/main/tailscale would be happy to have this. I was wondering if the Caddy part could be independent and took a look at your code. I did not understand how you can enable or not the proxy mode. The option |
Beta Was this translation helpful? Give feedback.
-
I had used a configuration option for this in an earlier version, but have adjusted the logic to always enable Caddy proxy when HTTPS is active for the used Tailnet. I will remove the option from the translation in the next release - I simply forgot.
That's why I started the discussion. If there is an interest I would open a PR, if not then not. :) |
Beta Was this translation helpful? Give feedback.
-
|
If you need/want a proxy, please use a proxy addon. It should not belong inside this addon. Indeed I probably won't add it in here. |
Beta Was this translation helpful? Give feedback.
-
I forked this repo a while ago to add some options like SSH and different subnets. Long story short, recently I came across this announcement from Tailscale.
With the beta release of Caddy 2.5, Caddy automatically recognizes and uses certificates for your Tailscale network (*.ts.net), and can use Tailscale’s HTTPS certificate provisioning when spinning up a new service.
This allows Caddy servers proxy functionality to manage Tailscale certificates without any effort, making it possible to access Home Assistant securely (I know that the connection is secure even without HTTPS, as it is routed through Tailscale Wireguard VPN, but browsers aren't aware) via
https.The Caddy service coding itself is a no brainer:
https://github.com/elcajon-tech/addon-tailscale/blob/8541d83baf2193c2d5ed15ffe9ba2055822d669b/tailscale/rootfs/etc/services.d/caddy/run
Is there any interest in including the function in this add-on? I guess it will also solve the main use case described in #62 and #89.
Beta Was this translation helpful? Give feedback.
All reactions