this post was submitted on 19 Aug 2024
27 points (93.5% liked)

Selfhosted

39964 readers
264 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
27
submitted 2 months ago* (last edited 2 months ago) by [email protected] to c/[email protected]
 

I think this fits the rules but If this doesnt let me know and I'll delete. Hey all, Overall problem statement: I'm looking for a small device (SBC if available) that I can use as a tail scale access point for travel and I'm hoping someone has done something similar. Basically I would like to have something small enough that I can toss in my travel bag that I can hook into a hotel network and have access to my home services (mainly jellyfin) on my kindle/work laptop. Not all of my devices support VPN or tailscale and having them already on a known network with built in VPN makes it 10x easier to deal with when traveling (login into hotel WiFi with a kindle Paperwhite sucks!) Ideally it would have dual gig Ethernet and built in WiFi. If this works out well enough I would like to give a few of these to the family so they can access things as well, so cost is a bit important.

I found a banana pi R3-mini that I thought would work out of the box (wifi6 + dual gig + small) but it seems too new for full software support with tail scale and I don't currently have the skills to roll my own software for it. Is there anything out there that you all have used for this type of use case?

I know I can switch to wire guard but I'm not confident I can set that up securely and reliably but if that's my only option I think I did find a good guide.

So I'm at a crossroads of learning to build my own openwrt install with the correct packages, learning how to setup wire guard, or asking for recommendations.

Edit: Thanks for all the recommendations. Looks like openwrt has released a new build for the banana pi that I have so I'm going to try that again before trying to setup wire guard. The GL.inet devices look like they have an older version of openwrt, so they support tailscale via the openwrt package manager but it can be unstable. Some people have even called it alpha on those devices. So I'm hoping the newest version on the bpi-r3 will allow a more stable tailscale. I'll try to report back once I play around with it more.

all 18 comments
sorted by: hot top controversial new old
[–] [email protected] 18 points 2 months ago (3 children)

GL.iNet are good ones, or if you want to go the Rambo mode, then an orange pi r1 plus, one of these will do the work. Good luck

[–] [email protected] 6 points 2 months ago

Plus one for the gli.net router. I've got the Beryl AX and it's great. Ended up going with a wireguard VPN rather than tailscale, but either would work.

[–] [email protected] 4 points 2 months ago (1 children)

GL.iNet actually has a decent UI too. When I’m on the road I don’t necessarily love hitting the CLI (okay fine I secretly do); they keep the updates going for a long time too.

[–] [email protected] 3 points 2 months ago (1 children)

It's only decent until you need to do something the GUI doesn't support. Then it will overwrite whatever you changed in the CLI or luci every time it boots up.

[–] [email protected] 1 points 2 months ago

I’ve noticed that but I thought I just didn’t know how to persist it correctly and never bothered to find out how. If what you’re saying is accurate (which I don’t doubt) that sucks.

[–] [email protected] 2 points 2 months ago

+1 - GL.iNet is cheap as hell and perfectly functional. It runs DD-WRT under the covers, and it’s super easy to “unlock” the full powers of the distro (literally a toggle in the basic ui, iirc). Used it on a longer trip my partner and I took a few months ago, and it was great! On-device storage is paltry, but, well, that’s not what it’s for.

[–] [email protected] 6 points 2 months ago (2 children)
[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

Yes, OP I highly recommend a GL.iNet device. It's pocket sized and always does the job.

It's also great for shitty wifi that tries to limit how many devices you can connect. The router will appear as one MAC and then all your other devices can route traffic through it.

[–] [email protected] 4 points 2 months ago (2 children)

I'd stay away from that particular one. We ui was slow af and whenever wireguard connected it crawled to a stop.

[–] [email protected] 3 points 2 months ago (1 children)
[–] [email protected] 3 points 2 months ago

Probably one of the higher end models?

To be honest, I'll be forever dubious of new products that seem to be in every other YouTube video. I returned this one after a day or two of troubleshooting. It also didn't support openwrt if I recall correctly.

[–] [email protected] 2 points 2 months ago

Second this ^

I have one and it's fine, but not directly supported by OpenWRT. Looks like Beryl and Slate are though

[–] [email protected] 4 points 2 months ago

I don't know if this would fit your needs but I just have a wireguard server and when I travel I just connect to my VPN from my phone and start my access point ..then all the other devices will be connected to my VPN through the phone access point (there is an option to let clients use VPN in access point settings) and watch jellyfin. For me this is the simplest and cheapest option I found.

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

For openwrt+wireguard, see: https://cameroncros.github.io/wifi-condom.html

Looks like tailscale should work in openwrt: https://openwrt.org/docs/guide-user/services/vpn/tailscale/start

For the wireguard server, I am using firezone, but they have pivoted to being a tailscale clone, so I am on the legacy version, which is unsupported: https://www.firezone.dev/docs/deploy/docker

Edit: fixed link

[–] [email protected] 3 points 2 months ago

Here's an idea. Use a mikrotik router board. They are super cheap and support VPN natively. I use wireguard but it should also support openVPN as well. Maybe more I'm not sure. The small hap series are super cheap and works great.

[–] [email protected] 1 points 2 months ago

https://rss.ponder.cat/post/13668

If you want a ton of fun, you can build it yourself!