It’s been a game changer for me also. One feature that no one seems to address is the tailnet lock function. A common complaint is that tailscale being a 3rd party service could see your data (not true). The more valid concern that tailnet lock addresses is the situation where a hacker could add a malicious node – if they were to get access to the control plane. Tailnet lock addresses this by giving complete control plane approval to you. The alternative is to go full self hosted with the headscale implementation, but I personally don’t feel any need to switch at this point.
It’s been a game changer for me also. One feature that no one seems to address is the tailnet lock function. A common complaint is that tailscale being a 3rd party service could see your data (not true). The more valid concern that tailnet lock addresses is the situation where a hacker could add a malicious node – if they were to get access to the control plane. Tailnet lock addresses this by giving complete control plane approval to you. The alternative is to go full self hosted with the headscale implementation, but I personally don’t feel any need to switch at this point.