That’s a big one too, should catch lots of malware in that!

The Mullvad integration allows you to use Mullvad as your VPN for internet browsing while still being on your tailnet.

So normally, running two different VPN services can cause a bunch of problems, if it even works at all. Tailscale’s Mullvad integration fixes that.

Tailscale by itself is an overlay network. It’s literally a second network that your computer is connected to, but instead of it being a physical network with wires, switches, and routers, it’s a virtual network, a network that runs as software.

So imagine your computer right now at home. You plug into your router, and you have a local IP address, something like 192.168.1.20 right? If you run ipconfig on Windows or ip a on Linux, you’ll see your network adaptors listed with what their current IP address is. So if you’re running Windows, you’ll see your physical network adaptor listed with the IP address of 192.168.1.20

When you install Tailscale on that computer and log into your account, then run that command again, you’ll see a new network device listed, and it will have a totally different IP address, like 100.89.113.14

That is your Tailnet IP address, it works just like your “normal” IP address, but instead of it being a physical Ethernet adaptor on your motherboard and plugged into your home router, it is a virtual adaptor (software) running on your computer, connected to the Tailscale network, which has servers all around the world.

When you install Tailscale on a new device, say an old computer that you are using as a Minecraft server. That computer will get a new IP address on your tailnet, say 100.94.65.132

Because both of those machines were added by you to your own Tailnet, they can see and talk to each other by default. Meaning you could run a ping command from your home computer to your Minecraft server’s Tailscale IP, and it will respond.

Because this runs on the internet through Tailscale’s servers, you can do this from anywhere. That’s the “VPN” type functionality you are talking about. No matter where your home computer is, you can still access your Minecraft server because it is on your Tailnet, just as if it were still plugged into your router right next to you.

This is how I access my entire home lab from anywhere in the world. For example, I have a Jellyfin media server (like Plex) that I have a bunch of movies, TV shows, anime on. It’s running Tailscale and is on my Tailnet. I have Tailscale installed on my Android smartphone too.

So if I am staying at a hotel in another state, or visiting my family on the other side of the country, and I want to watch a movie or show that I have on my server all the way back home. I just run the Tailscale app on my phone, then open the Jellyfin app and I see all my home media right there on my phone and can watch it flawlessly. Even though I am at my parent’s house, on a totally different internet connection, 500 miles away from my home.

No, Tailscale is an overlay network. In it’s simplest form, it can act as a VPN. But it does much more than that.

Tailscale installs a virtual network device and allocates IP addresses to any device you install it on and sign in with your tailnet. Think of it as a virtual meshed LAN that runs on top of your physical network.

Tailscale becomes your control plane and provides advanced access control options for all your users and devices.

I use Tailscale and share out that server machine’s tailscale IP with just my gaming buddies.

But if you wanna live dangerously, you can port forward from your router to your internal mumble server.

I’ve got a Mumble server running on a little Linux container in my home lab.

Easy to set up and configure, very stable. Nothing special, it does what it is supposed to do, be a low latency, stable voip system, and it does great.

Waterfox on Mobile has been working well for me so far.

Netbird and Pangolin too.

Day-mon, every Linux admin I’ve worked with, old and young, pronounces it that way too, so that’s where I picked it up.

I’ve never heard of people deliberately pronouncing it like that to avoid offending Christians though, seems like an American take lol.

I thought that it was just an archaic spelling of the modern demon and an alternative pronunciation to clairify that the speaker is referring to a technical part of an OS, not making a joke about the spiritual nature of the machine lol.

It sounds cooler to say day-mon anyways IMO.

Tailscale, Netbird, or Pangolin. Foss overlay networks have completely eliminated traditional VPN setups for my self-hosting needs.

Pay for your FOSS! I’ve paid far more for my FOSS than for any proprietary software.

If you believe in subscriptions, then subscribe only to FOSS software like Bitwarden, Tailscale/Netbird, etc.

Find your favorite FOSS projects on Open Collective and support them there.

And above all else, treat FOSS devs and maintainers with the utmost respect! They are the unsung heros who are building the only alternatives to the corpo-dystopian hellscape of proprietary, enshitified, slop software.

Send a message to a dev today, just saying thank you to them for everything, and asking if you can send them a tip if possible.

Folks, let’s treat each other lovingly please, FOSS has freed us, give back what you can, and never take it for granted.

To all the devs, maintainers, tinkerers, supporters, FOSS educators, and helpful community members across the FOSS world, thank you so much, and much love. ♥️

Buying my copy soon!

I have tried a bunch of different themes, but Catppuccin is what I always come back to. Lovely theming ❤️

I agree, but then why would they not retracted their support? If it really was an honest mistake and they weren’t aware of the situation, I would think they would apologize, explain that they didn’t know, pull their support, and issue a statement about the kinds of values they want to promote in the FOSS world.

But instead, they have doubled down, the CEO himself. It’s very strange and concerning.

The weird thing for me is the financial support coming from Framework to Hyprland. It would be one thing if Framework was working with Hyprland to test compatibility and functionality on their machines and do specialized bug testing. They could kind of justify that from a purely technical stance.

But the fact that they picked a very niche project for no apparent reason to support with a significant monthly financial contribution is so strange. There are numerous other niche distros/projects that aren’t mired in controversy that Framework could have worked with, (Alpine, Void, ElementaryOS, etc.) so why Hyprland/Omarchy?

Very disappointed. I’ve been pushing Framework computers very strongly for friends and family over the last year, plus I’ve been planning on getting one to replace my aging Thinkpad. Now I am going to hold off until the dust settles on this.

Aegis for time codes, Nitrokey for physical 2FA tokens.

Fair point, I thought Proton went back farther than that.

I think my overall point is right still though, Linux gaming (native or otherwise) has become not just viable, but in some cases objectively superior to gaming on Windows in terms of raw performance. Pretty amazing, and in even less time than I originally thought lol.

Linux mobile phones are the fusion power of the FOSS world, always “right around the corner.”

All the pieces are there, but none of them work together smoothly enough to be functional for anybody except the most hardcore FOSS enthusiasts.

When Proton started, it was kind of a joke, killed the Steam Machine idea in large part because the game compatibility was so limited. A decade later, we have a multi billion dollar handheld PC market lead by the Steam Deck, a Linux handheld that can play tens of thousands of Windows games without issue, in some cases with better performance than their native platform.

So it’s certainly possible for things to completely change, but we need a big player or consortium of players to unite with a shared goal of getting a Linux Phone to the state where it’s genuinely able to replace a traditional Android or Apple phone.

I’m very cautiously optimistic, I think it would come together much faster than Proton did for Linux gaming, but again, there needs to be a really heavy push into a singular device to start off. Like how the Steam Deck was, it allowed devs to have a singular platform to target for compatibility. Then, as the platform matures, competitors & innovators can enter the market and expand options, like how now there are multiple distros with builds for handhelds, like Bazzite, Nobara, and CachyOS.

Favorite heavyweight Type 1 hypervisor: XCP-ng. It’s open source, runs on a ton of enterprise and consumer-grade hardware, has always been rock stable for me, even when forgetting to update it for like 6 months, still ran everything like a champ.

I need to try ProxMox, has some cool features. XCP-ng is pretty intuitive though, UI makes sense and is cleaner than Proxmox. The integration in Proxmox with the Incus project is pretty cool though, especially being able to run VMs and containers and manage them together. I’ve been thinking of trying that and seeing how it goes.

For containers, I just install Debian and run Docker on there. Stable, simple, nothing fancy. If I need something more up to date, I typically use Ubuntu Server.

I used to do this myself, just with OpenVPN instead of Wire guard, worked fine, then I found overlay networks like Tailscale and it changed my life.

Just use an overlay network. Tailscale or Netbird are my personal recommendations, Netbird if you want 100% open source right out of the box, Tailscale if you don’t mind their default coordination server being closed source, (you can run the open source Headscale server if you want)

Overlay networks make all this sooooo much easier. Encrypted secure access to any and all of your internal network devices, with fine tuned access control depending on how you want it set up.

I will never portforward or manually set up a VPN tunnel again, overlay networks perfectly fit my use case and they are so much easier to get working.

They’re saying you’re exposing your goodies to the whole world when you start opening ports to the internet.