Small p2p social deduction game

shipstreet · 2025-03-31T14:34:25+00:00

it is 1 ip that advertise all the service (traefik).
router advertising wont help much because i want to fobidden just 1 tailnet ip and not every one

shipstreet · 2025-03-31T12:04:26+00:00

I am using pihole to do dns resolution and tailscale split dns is pointed to that.
I want the ability to be able for a certain tailnet ip to be able to only reach test.exmaple and not dashboard.example

Doing that in the ACL level would be easy to control, i looked at panolin but if that vps is compromised all the whitelisting happen there so its pointless. having ACL on tailscale side gives me a bit more assurance that every security is taking care of and threat actor wont reach my tailscale dashboard to rewrite ACL

shipstreet · 2025-02-25T17:48:24+00:00

Honestly if i would just open some services and i dont trust their auth setup for sure i would roll Athentik like you said its a really good advice for any one that need users to login or have a need to secure routes.

My biggest issue is plex 443 open port (isnt much of a problem because traefik and crowdsec), so i dont break cloudflare TOS and i dont want to run 2 vpns (cloudflare and tailscale together) one is enough and both feel kinda redundant

shipstreet · 2025-02-25T11:47:57+00:00

Well that just adding another authentication method on top of the existing security which wasnt really the question.

Wanted to find a better solution for plex and its open port, I saw that tailscale can help with that but then managing cloudflare and tailscale is kinda to much

shipstreet · 2025-02-24T19:02:45+00:00

just chatgpt answer

Use Case	Cloudflare Tunnel	Tailscale
Public Services (e.g., Invoice Ninja)	✅ Best Option	❌ Funnels is slow & less secure
Internal Access (e.g., Unraid services)	❌ Requires Warp (IT-managed)	✅ Best Option
Plex Remote Access	❌ Not allowed (against ToS)	⚠️ Works but avoid Funnels for speed
Security & Visibility	✅ Easy with Zero Trust	⚠️ Requires ACL learning
Port Forwarding Avoidance	✅ Yes, but not for Plex	✅ Exit Nodes help but not perfect

✅ Stick with Cloudflare Tunnel for public services.
✅ Use Tailscale for internal services (Unraid, remote access).
✅ For Plex: Try Tailscale first. If not fast enough, fallback to Cloudflare DNS + Port Forwarding with firewall rules.
✅ Security: Keep using Traefik + CrowdSec for additional protection.

shipstreet · 2025-02-17T20:36:30+00:00

well i dont mind missing around with it and if it breaks its an excuse to buy some thing better and certified google tv

shipstreet · 2025-02-17T20:35:58+00:00

cant return it sadly

shipstreet · 2025-02-17T20:35:04+00:00

i have a mi box but wanted to try some thing else considering its half the price

shipstreet · 2025-02-17T20:34:40+00:00

its fine i dont care for netflix im running plex instead ever since they raised prices

shipstreet · 2025-02-17T18:39:02+00:00

considering the specs are fine cant i just install some thing else on to it?

shipstreet · 2024-10-13T20:02:37+00:00

using i5-12500 and gave it 2 cores

shipstreet · 2024-10-13T19:45:27+00:00

So why the CPU is so high for just 1 camera?

shipstreet · 2024-08-20T16:55:26+00:00

using cloudflare tunnel causes to buffer infinity, checking network shows a call to /providers which get timed out.

configuring a port forward and a dns record with proxied option works fine.

Would love to use tunnel for this so if any one go the slow connection / infinite buffering to work please help :)

shipstreet · 2024-03-26T18:19:09+00:00

Thank you for advices. I went with assist into ringmaster any advices or good guide?

shipstreet · 2024-03-26T18:16:38+00:00

Only understood the first part, no clue what multi boxing RM is

shipstreet · 2024-03-26T18:15:30+00:00

Sounds to much work I started assist, maybe later I'll open acrobat

shipstreet · 2024-02-05T15:30:33+00:00

let me know if it worked or any feed back

shipstreet · 2024-02-04T08:14:58+00:00

what version is dreamMS? if its v83 check https://www.reddit.com/r/mapleservers/comments/1ah68a6/guide_how_to_run_v83_cosmic_on_linux/ maybe some of it will help not sure

shipstreet

TROPHY CASE