Not that big of a deal IMHO; it’s what verification is for, unlike X’s blue check model.
Obligatory fuck ICE.
Not that big of a deal IMHO; it’s what verification is for, unlike X’s blue check model.
Obligatory fuck ICE.
Ah, sorry I hadn’t appreciated you were after split tunnelling… You can do this with Tailscale for services where you’re connecting to a fixed IP/FQDN, which I think rules out torrenting/P2P unfortunately.
The only way I’ve seen to pass a specific app’s traffic through Tailscale appears to be an Android exclusive feature.
If I’m wrong someone please correct me!
You can absolutely use Tailscale; your host in the unrestricted country needs to be set up as an exit node (CLI argument in Linux, or a menu option in the system tray in Windows.)
Then, your local machine needs to be set up to use that remote machine as its exit node. (tailscale up --exit-node=remote-tailnet-ip-here)
The second option. With the first option you’ll end up in situations where you have spare compute/network resource that isn’t being utilised because all the remaining ones in the current batch of 100 are being handled by other threads / worker processes.


Not a DevOps eng so this might not be the most elegant answer but you could write an Ansible playbook to edit a hosts file on the target server and trigger that after deployment, within your CI/CD pipeline.
In an ideal situation, though, all your servers connect to a centralised DNS server (usually your gateway) where those domain names are managed.
Nobody else mentioned DuckDNS. It’s free and has worked great for me for years.
You’ll need to install a client that syncs/auto-updates your public IP, then pretty much never touch it again.