Go, blog with GoBlog!

A blog about GoBlog

Private diary with GoBlog, Tailscale and HTTPS

Published on in Tips & Tricks
Short link: https://goblog.app/s/7
⚠️ This entry is already over one year old. It may no longer be up to date. Opinions may have changed.

Some time ago I had already described on my private blog how GoBlog and Tailscale can be used to set up a private diary that is not freely accessible via the Internet.

Now Tailscale has announced a new feature: Let’s Encrypt certificates for Tailscale nodes.

I took the chance and added the HTTPS feature to GoBlog. The advantage is that browsers now don’t complain when you enter passwords on unprotected http:// pages.

So, here is an updated Docker Compose configuration for Tailscale and GoBlog:

version: "3"
services:
  goblog:
    container_name: goblog
    image: rg.fr-par.scw.cloud/jlelse/goblog
    restart: unless-stopped
    volumes:
      - ./config:/app/config
      - ./data:/app/data
      - ./tailscale-socket:/var/run/tailscale
    environment:
      - TZ=Europe/Berlin
      - ALL_PROXY=socks5://localhost:1055/
    network_mode: service:tailscale
  tailscale:
    hostname: goblogtest
    container_name: tailscale
    image: shaynesweeney/tailscale
    command: tailscaled --tun=userspace-networking --socks5-server=localhost:1055
    volumes:
      - ./tailscale:/var/lib
      - ./tailscale-socket:/var/run/tailscale

In GoBlog, the following server configuration is also important:

server:
  publicAddress: https://machine-name.tailscale-httpsname.ts.net
  tailscaleHttps: true
  publicHttps: false
privateMode:
  enabled: true

Although publicHttps is disabled by default, care must be taken not to enable publicHttps and tailscaleHttps at the same time. The privateMode is recommended if other people also have access to the tailscale network. This way a login is necessary to view posts.

Tags:

GoBlog
Interactions & Comments