search

yellowsink / ouroboros

A minimal headscale manager - goals in README
https://yellows.ink/ouroboros
11 stars 1 forks source link

Is there a way to not expose the app on public network? #2

Closed ilgigante77 closed 3 weeks ago

ilgigante77 commented 3 weeks ago

As per title, I would like to keep my instance of this app in the LAN/VPN side, though HS is exposed for obvious reasons. Is it possible?

yellowsink commented 3 weeks ago

you can access the server's tailscale IP and the correct port /ouroboros and it'll work as you expect, or just reverse proxy however you want (I've been able to find caddy setups that only allow internal connections) but the main feature I really wanted here was the /register override, which obviously needs to be public.

you can make it private though, just don't expose the endpoints via a reverse proxy.

ilgigante77 commented 3 weeks ago

And the GitHub app which callback URL should have in this case?

Il ven 25 ott 2024, 12:05 Hazel Atkinson @.***> ha scritto:

you can access the server's tailscale IP and the correct port /ouroboros and it'll work as you expect, or just reverse proxy however you want (I've been able to find caddy setups that only allow internal connections) but the main feature I really wanted here was the /register override, which obviously needs to be public.

you can make it private though, just don't expose the endpoints via a reverse proxy.

— Reply to this email directly, view it on GitHub https://github.com/yellowsink/ouroboros/issues/2#issuecomment-2437393163, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKCQNHIIITOKZP7NKRS2IY3Z5IJWHAVCNFSM6AAAAABQSYQ6ZWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMZXGM4TGMJWGM . You are receiving this because you authored the thread.Message ID: @.***>

yellowsink commented 3 weeks ago

I don't see why your callback URL couldn't be e.g. http://100.64.0.6:8080/ouroboros/auth/callback

ilgigante77 commented 3 weeks ago

Thanks this was unclear to me

Il ven 25 ott 2024, 12:19 Hazel Atkinson @.***> ha scritto:

I don't see why your callback URL couldn't be e.g. http://100.64.0.6:8080/ouroboros/auth/callback

— Reply to this email directly, view it on GitHub https://github.com/yellowsink/ouroboros/issues/2#issuecomment-2437418991, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKCQNHK424ECBLO7II7E7PDZ5ILJJAVCNFSM6AAAAABQSYQ6ZWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMZXGQYTQOJZGE . You are receiving this because you authored the thread.Message ID: @.***>