I love Tailscale but I am wary of allowing them access into my personal network. This way, I can use them for my stuff without my paranoia getting in the way, and I can recommend the hosted option for work, as it works perfectly.
I don't really understand how self-hosting headscale is actually any more secure. The control server needs a stable IP address, so I'd need to run it on a VPS or something, which means I'm still trusting a third-party to not mess with my network.
My home machine has a static IP, so I run it there. Does it need a static IP, or just a hostname?
Maybe headscale could run at home, served over a tunnel[1] to a VPS. But honestly, if I ever lost confidence in the trustworthiness of Tailscale the company, I would just connect my devices with some other overlay network like Yggdrasil[2] or Tor.
[1]: https://github.com/anderspitman/awesome-tunneling [2]: https://yggdrasil-network.github.io/