Yeah it’s definitely not possible to reach 50MB with a Node.js Docker image, but <150MB should be doable with a distroless base image + compiling the app into one JS file (for example, using Parcel or esbuild).

It’s possible to reach ~50-60MB Docker image with a C# app. Rust and Go definitely produce more compact binaries though.

This makes sense! You get the same advantage if the app uses Go or C# though, and both of those can compile to a single statically-linked executable too.

if it were written in NodeJS or Python or something I’d be less interested.

Does it matter if it’s running in Docker and the container is lightweight (say less than 50MB), though? I like apps being written in a language I know well so I can contribute if needed, but other than that, I mostly treat a Docker image as a black box.

Looks like a good project, but I genuinely don’t quite get why Rust projects feel the need to advertise “written in Rust” as a feature. Do you find that a lot of users care which programming language your app is written in? Does it help with finding contributors?

I don’t know which programming language most of my self-hosted apps use, and I don’t mind since they all work well and do their job.

This is a decent idea. You can configure the VPS to be an exit node on the Tailnet, and configure the clients to use it as their exit node. Then you’d just need to configure some nftables rules to masquerade (source NAT) to the VPN network interface.

Having said that… At that point, why do you need the other VPN? You can just use the VPS as your exit node.

Tailscale is “mostly” self-hosted, in that the VPN connection itself is peer-to-peer almost all the time. You can host your own Headscale and DERP/Relay servers to make it fully self-hosted, but tbh I’m fine not self-hosting the control plane.

The relay server is only used if both ends have very restrictive NAT and none of the NAT hole punching techniques work, which is rare other than on very locked down corporate networks. If you have IPv6 enabled on both ends, you shouldn’t have issues making a direct connection, as IPv6 doesn’t use NAT. Even with regular NAT (like a home internet connection) on both ends, Tailscale can use UDP hole punching on both ends to establish a direct connection.

The book was written to sell Windows Home Server. https://en.wikipedia.org/wiki/Windows_Home_Server

How’s it compare to Hoarder/Karakeep?