Were you able to get this to work? I’m having trouble reasoning how that would be possible without ruining tailscale on the machine.
Right now we run tailscale on each machine but there are some downsides and using the subnet routing gets us closer to the ideal.
Namely I’d like to not have to bundle tailscale with each deployment. Or even better, I’d rather not rely on tailscale at all for critical infrastructure.
We can use magicdns but the machine name changes each time so password managers end up being a bit worthless. The ephemeral TS nodes make it unclear which one we should connect to. I know we can clean up those after but that adds complexity to an already complex set up. If we ran a single machine, allowed for downtime, and cleaned up the ephemeral node in TS, perhaps it could work but that’s far from ideal.
Once I found the Shortcuts guide in the tailscale docs I was able to make it a little less annoying on macos. Not so much on my android phone though. Edit: missed --state=mem: flag the first time around on this. This makes cleaning up ephemeral nodes via tailscale logout much easier.
We run a PWA so a stable domain and HTTPS would mean we wouldn’t have to reinstall the staging app on each deploy.
Crunchy bridge worked well for us for our MVP but looking forward to Supabase managed solution so we don’t have to use Tailscale for that connection.
@cs1 thanks for this. Works great. Certs + DNS would make this a killer feature for us. Would happily pay for a turn key solution. I noticed a recent post from fly staff for adding DNS resolution via an env var but unclear if it’s useful in this situation.
The addition of dnsproxy here seems helpful tailscale-router/start.sh at main · fly-apps/tailscale-router · GitHub. With that I bet we could use split DNS with .flycast.