As OP said, it’s fine if you still use some corporate services, I think this one should be in the bottom of the list

Wireguard can easily replace simple Tailscale usages, like if you only have 2 nodes to connect and have a static IP address. One thing Tailscale is good at is creating an overlay network, where if you have more than 2 nodes, you only need to configure each one to connect to the central server which will allow the nodes to connect to each other (internally it uses a wireguard connection). With plain wireguard if you have 4 nodes, you need to configure on each one the configuration to the 3 other. Another thing Tailscale is good at is Nat hole punching, if your ISP provider doesn’t give you a static IP address or if you don’t want to open a port in the firewall of your home router, Tailscale will allow you to access services hosted on your local network (another commercial solution for this is cloudflare tunnel), wireguard doesn’t provide this

When you’re using tailscale, they get a lot of metadata about your hosts, but the data transfered between your nodes is encrypted (by wireguard)

By replacing the tailscale servers which are ran by the tailscale company with headscale which is the self hostable open source solution, tailscale won’t be able to get the metadata of your nodes. Tailscale clients are oss and compatible with headscale, but headscale is not on par for features (like tailscale serve or funnel).

For headscale to really make sense it usually needs to run on a pubicly accessible host like a vps, and not in your home network. For other selfhosted alternative to tailscale there is netbird, or pangolin with a different approach

Hope this helps

It would be really nice to have ansible playbooks with the instructions