I don’t know why I didn’t think about the fact of having network specific ACLs is probably something we’ve developed since the dawn of the internet.
Also it makes sense that the configurations would be hosted in one place, and I see what Headscale is for now.
Maybe I’ll dump my VPN provider for Tailscale or setup a Headscale instance on a VPS some day. I also saw Netbird, which their $8/month plan gives unlimited users. Seems slightly similar to Tailscale.