Skip to content
This repository has been archived by the owner on Feb 3, 2023. It is now read-only.

Add ability to terminate TLS with tailscale cert. #5

Open
colek42 opened this issue Oct 15, 2022 · 3 comments
Open

Add ability to terminate TLS with tailscale cert. #5

colek42 opened this issue Oct 15, 2022 · 3 comments

Comments

@colek42
Copy link

colek42 commented Oct 15, 2022

The load balancer should configure HA proxy with certificates obtained from tailscale cert {hostname}
@colek42
Copy link
Author

colek42 commented Oct 15, 2022
edited
Loading

I got this working as a POC with caddy here: https://github.com/testifysec/tailscale-svc-lb. I need to clean it up a bit, and store the certs as secrets.

I'll make a PR when it is ready.

@clrxbl
Copy link
Owner

clrxbl commented Oct 15, 2022

Personally not a user of Tailscale TLS certificates but I can see the appeal of this + Caddy/HAProxy.
Initially this project used HAProxy but I switched over to iptables DNAT since I managed to make it work for my usecase.

Feel free to PR something once it's ready.

@cedi
Copy link

cedi commented Nov 25, 2022

I am doing this by having cert-manager configured with a DNS01 challenge to obtain a letsencrypt certificate

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cedi @colek42 @clrxbl