Accessing Internal Services via Tailscale

Many of our non-public services, those hosted on servers physically located in the Aula Associazioni, are only accessible from within our VPN.

VPN Access via Tailscale

We use Tailscale to manage our internal VPN. Tailscale is a mesh VPN that simplifies access to our local infrastructure.

Headscale Deployment

We run a self-hosted Headscale instance, which serves as the coordination server for our Tailscale network. You will need to authenticate through it in order to join the VPN.

Important Notes

1. This VPN does not provide an exit node: your external IP address will remain unchanged.
2. The VPN only allows access to internal services—we do not route general internet traffic through it.
3. Once connected, you'll be able to reach services hosted in the Aula Associazioni using their Tailscale IPs or hostnames thanks to the MagicDNS. On each service page, the Property:Service URI (and port, if necessary) should be available in the infobox on the right side.

Access

1. Follow the Tailscale client install guide for your operating system.
2. Use the following command to login our tailnet

tailscale login --login-server=https://vpn.muhack.org

Then open the link you'll get in the terminal, and log in with your MuHack workspace account

Note: this also works with the mobile app

brew install tailscale
tailscale login --login-server=https://vpn.muhack.org