While this is great, of course, it's definitely not feature parity with Tailscale, which currently allows me to have nothing listening on the opening internet and still form a private network spanning hosts all over the world, share resources within that network with 3rd parties trivially and send files across my network, android/iOS apps, etc.
I still posit the alternative to Tailscale is simply just wireguard. I don't see huge value in hosting my own Tailscale over just using Tailscale.
You don’t think Tailscale has things listening on the open internet? When you use their control plane you are just outsourcing doing this to someone else (who is probably better at it than you but it’s still someone else). Lack of “feature parity” is a strange term for something that completely replicates a third party service but requires self-hosting.
Of course they do -- that's why I use them. I don't have to.
> Lack of “feature parity” is a strange term for something that completely replicates a third party service but requires self-hosting.
It doesn't completely replicate it though, does it? No iOS app, no file sending -- heck the entire premise of Tailscale is oriented around SSO as they are explicitly not an IdP.
I don't mean to knock this effort -- it's great! -- but even if I were to switch to this today, there is a ton of missing functionality, and I'd need to do a ton of work beyond the scope of Headscale just to get this running in my corp.
I still posit the alternative to Tailscale is simply just wireguard. I don't see huge value in hosting my own Tailscale over just using Tailscale.