Shadow

Fractal design, node case. One of them is a cube that takes 8x 3.5 and microatx. I used one for years and it was great.

Observium is an easy starting point for network gear, without going down the Zabbix rabbit hole.

Personally I just roll Victoriametrics and Grafana.

https://www.redmine.org/ maybe

Windows wont care either way, it’s just an unreadable partition to it.

You need x on directories and executable files.

Honestly tho you could leave x on absolutely everything and probably be fine. Just pull it off your media / untrusted downloads.

If you use u+rwX style syntax instead of 755, the capital x will only apply to folders. Then you can do it all in one command and don’t need find.

You could do something like nextcloud to solve a lot of issues, but I’d still hesitate to recommend on-prem hardware and managing hardware yourself. It really comes down to the business tolerance for outages though, maybe the computers being down for a day or two doesn’t matter.

Are you providing a support contract long term? Are you backed by multiple people in case you’re away and their business is down? I say this more figuratively than specifically you, this could also apply to their internal IT guy who wants to do this.

I’d strongly suggest deferring to a local business IT services company, unless you’re an active partner in the business. They should find a company they are comfortable with and trust, then use the products they recommend and are comfortable with.

You got it from a friend on a pile of slackware and floppies labeled various letters. It felt amazing and fresh, everything you could need was just a floppy away.

Then we got Gentoo and suddenly it was fun to wait 4 days to compile your kernel.

I can’t imagine a lot of people want to piss off CBP right now. Don’t want to get caught smuggling a laptop and get sent to Venezuela.

The tailscale client should have created an interface, but I’ve never used it on a box also running wg. You don’t have a tailscale specific interface in ip addr show at all? That’s… odd.

Do you have a device at /dev/net/tun?

How do I do this?

Run ip route show table all

I would expect to see a line like:

192.168.178.0/24 dev tailscale0 table 52

Out of curiosity on a remote node do tcpdump -i tailscale0 -n icmp and then do a ping from the other side, does tcpdump see the icmp packets come in?

Relay “ams” means you’re using tailscales DERP node in amsterdam, this is expected if you don’t have direct connectivity through your firewall. Since you opened the ports that’s unusual and worth looking into, but I’d worry about that after you get basic connectivity.

So to confirm your behavior, you can tailscale ping each other fine and tailscale ping to the internal network. You cannot however ping from the OS to the remote internal network?

Have you checked your routing tables to make sure the tailscale client added the route properly?

Also have you checked your firewall rules? If you’re using ipfw or something, try just turning off iptables briefly and see if that lets you ping through.

Can your nodes ping each other on the tailscale ips? Check tailscale status and make sure the nodes see each other listed there.

Try tailscale ping 1.2.3.4 with the internal IP addresses and see what message it gives you.

tailscale debug netmap is useful to make sure your clients are seeing the routes that headscale pushes.

That should be all that’s required. Are you using ACLs? If so you need to provide access to the subnet router as well as a rule to the IP behind it

Did you enable the route in the admin web ui?