Guide - Tailscale on Umbrel
Tailscale
Tailscale connects your online devices together using end to end encryption. It can be used to connect your phone running a bitcoin wallet to your Umbrel bitcoin node.
You will log into Tailscale, install Tailscale on your Umbrel and Phone and connect your wallet.
Tailscale Account
Use simplelogin to create a new email address, make a new GitHub account with this email, set up 2FA and use it to sign into Tailscale at https://login.tailscale.com.
Tailscale App on Umbrel
Install the Tailscale app from the Umbrel app store. Open it and follow the setup (login with your GitHub username and password).
Tailscale on Mobile
You can only run one system managed VPN at a time, so check that there is no other VPN running on your phone. If you are using the CalyxOS Android operating system you can create a work profile to isolate your bitcoin wallets in a separate profile which has Tailscale installed.
Download the Tailscale app from your app store and follow the setup. You are prompted to login with your account details. Toggle the VPN on (1).
Look up your IP for your Umbrel node in the Tailscale app, it will be in the format 100.x.x.x (2).
You can also use the web admin panel https://login.tailscale.com/admin/machines
Connecting to Zeus
In the Umbrel home screen open the Core Lightning app.
In your Zeus wallet node configuration
- Change LND to c-ligtning-REST
- Press the SCAN C-LIGHTNING-REST QR button and scan the QR code shown in the Core Lightning Umbrel app (1) above
- Name your configuration Umbrel (Tailscale)
- Change the Host to the Tailscale IP address. It should start with http://100.
Press save node config.
Complete
Your Zeus wallet is now connected to your Umbrel
Privacy
The Tailscale server (tailscale.com) knows your IP addresses but the packets are end to end encrypted. The private keys to decrypt the packets never leave your devices.
Alternative Methods
There are other ways to connect your mobile wallet to your home node.
Tor
Tor can connect your bitcoin wallet to your node, even if they are on different networks, using an onion service. There is no signup requirement and no central party coordinating the connections. When it works, it is hard to beat. Unfortunately tor is vulnerable to denial of service attacks which have reduced network reliability. This can cause long delays when loading a bitcoin wallet to make a payment or check a balance. It is useful to have an alternate connection option ready to use if tor is unavailable.
Manual Configuration
A technical person could set a static IP address, configure their network firewall and open public-facing ports. For a non technical person this can be hard, and opens your home network to attack from the outside.
Lightning Node Connect
A new system called Lightning Node Connect is under development which simplifies the connection between a node and a web or mobile application. It will be for LND users only and will also require LITD/Lightning terminal.
ZeroTier
Similar in practice to Tailscale, easy to install on a Raspiblitz. Guide
Thank you to Selfbankt, BitcoinQnA and Evan Kaloudis for their feedback and suggestions to the ZeroTier guide on which this guide was based.
