asd vs Tailscale Funnel

	Tailscale Funnel	`asd`
Public HTTPS URL	✅ (`*.ts.net`)	✅ (your tunnel server)
Private mesh between machines	✅ (the main product)	❌ (out of scope)
Mobile + desktop app	✅ (polished)	❌ (CLI only)
MagicDNS	✅	❌
ACLs / identity-based auth	✅ (Tailscale ACL system)	Manual (basic auth / OIDC via caddy-security)
Multiple services per host	One funnel per host (one port public)	✅ (one manifest per service, all public)
Reverse proxy you control	❌ (Tailscale terminates)	✅ (full Caddy under your config)
Declarative routes in git	❌ (CLI: `tailscale funnel`)	✅ (YAML manifests)
Account required	Tailscale account	None (or your own tunnel server)
Self-hostable	Headscale (community fork)	Yes (asd-cli + sish)
Dev tools bundled	❌	✅ (code-server, DbGate, ttyd, mitmproxy)
Free tier limit (Funnel)	1 device, 3 ports	None (depends on tunnel server)

¶ asd vs Tailscale Funnel