sickprodigy/home-server
1
0
Fork 0
Code Issues 15 Pull Requests Packages Projects Releases Wiki Activity

wireguard #11

New Issue
Open
opened 2023-10-26 23:54:09 -04:00 by sickprodigy · 4 comments
sickprodigy commented 2023-10-26 23:54:09 -04:00
Owner
Copy Link

Setup, and have running just in case I need to access something locally externally.

Setup, and have running just in case I need to access something locally externally.
sickprodigy commented 2023-11-23 13:22:46 -05:00
Author
Owner
Copy Link

The thing I don't like about wireguard, it's a closed source setup. Wireguard is a vpn/tunnel.

WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.

WireGuard aims to be as easy to configure and deploy as SSH. A VPN connection is made simply by exchanging very simple public keys – exactly like exchanging SSH keys – and all the rest is transparently handled by WireGuard. It is even capable of roaming between IP addresses, just like Mosh. There is no need to manage connections, be concerned about state, manage daemons, or worry about what's under the hood. WireGuard presents an extremely basic yet powerful interface.

Alternative could be openvpn,

TunSafe

A high performance and secure VPN client that uses the WireGuard protocol. TunSafe makes it extremely simple to setup blazingly fast and secure VPN tunnels between Windows and Linux.

Tailscale - - Tailscale is a WireGuard-based app that makes secure, private networks easy for teams of any scale.

https://github.com/cedrickchee/awesome-wireguard - # A curated list of WireGuard tools, projects, and resources.

Just a bit more additional information for later use.

The thing I don't like about wireguard, it's a closed source setup. Wireguard is a vpn/tunnel. WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry. WireGuard aims to be as easy to configure and deploy as SSH. A VPN connection is made simply by exchanging very simple public keys – exactly like exchanging SSH keys – and all the rest is transparently handled by WireGuard. It is even capable of roaming between IP addresses, just like Mosh. There is no need to manage connections, be concerned about state, manage daemons, or worry about what's under the hood. WireGuard presents an extremely basic yet powerful interface. Alternative could be openvpn, TunSafe A high performance and secure VPN client that uses the WireGuard protocol. TunSafe makes it extremely simple to setup blazingly fast and secure VPN tunnels between Windows and Linux. Tailscale - - Tailscale is a WireGuard-based app that makes secure, private networks easy for teams of any scale. https://github.com/cedrickchee/awesome-wireguard - # A curated list of WireGuard tools, projects, and resources. Just a bit more additional information for later use.
sickprodigy commented 2024-01-05 22:38:24 -05:00
Author
Owner
Copy Link

Example wireguard configured container

# version: "2.1" # Kind of old school and not needed with portainer
services:
# Subtitle software tv/movies
  bazarr:
    image: lscr.io/linuxserver/bazarr:latest
    container_name: bazarr
    environment:
      - PUID=1000
      - PGID=1006
      - TZ=America/New_York
    volumes:
      - /home/terry/Documents/docker-containers/bazarr:/config
      - /srv/samba/media/Movies/Main-Library:/movies #optional
      - /srv/samba/media/TvShows:/tv #optional
    ports:
      - 6767:6767
    restart: unless-stopped
    stdin_open: true    # to attach to containers
    tty: true           # also used to attach to containers
    network_mode: service:wireguard     # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined
    networks:           # Specify network for container
      - homelab
networks:    # I don't know why but you have to specify the network 2x. In service, and in this tag area..

  homelab:
#    name: homelab      # Networks can also be given a custom name, not needed if existing
    external: true      # This option causes compose to join the above network instead of making a _default one (supposedly)
Example wireguard configured container ``` # version: "2.1" # Kind of old school and not needed with portainer services: # Subtitle software tv/movies bazarr: image: lscr.io/linuxserver/bazarr:latest container_name: bazarr environment: - PUID=1000 - PGID=1006 - TZ=America/New_York volumes: - /home/terry/Documents/docker-containers/bazarr:/config - /srv/samba/media/Movies/Main-Library:/movies #optional - /srv/samba/media/TvShows:/tv #optional ports: - 6767:6767 restart: unless-stopped stdin_open: true # to attach to containers tty: true # also used to attach to containers network_mode: service:wireguard # To run through vpn service container, in turn UI port must be forwarded inside vpn. No local access unless otherwise defined networks: # Specify network for container - homelab networks: # I don't know why but you have to specify the network 2x. In service, and in this tag area.. homelab: # name: homelab # Networks can also be given a custom name, not needed if existing external: true # This option causes compose to join the above network instead of making a _default one (supposedly) ```
sickprodigy commented 2024-01-28 01:15:04 -05:00
Author
Owner
Copy Link

http://192.168.86.239:49860/

Issues with it currently. connected on phone before but just realized wireguard.rcs1.xyz isn't even setup. So how could it connect.
If i use a different port through cloudflare it may be more accessible, but less likely to get found if using the upper range like that.

http://192.168.86.239:49860/ Issues with it currently. connected on phone before but just realized wireguard.rcs1.xyz isn't even setup. So how could it connect. If i use a different port through cloudflare it may be more accessible, but less likely to get found if using the upper range like that.
sickprodigy commented 2024-12-14 12:19:45 -05:00
Author
Owner
Copy Link

Another thing, the way they define apps to run through wireguard is quite annoying. Basically disables ngninx since you can't have everything running through nginx network. Unless you have wireguard in a network and then every other service you want wireguard users to access also. Probably the better solution instead of my other though
wg-easy is also a better alternative, it just works. I didn't realize the linuxserver version require more setup than just run in compose not portainer etc.

Another thing, the way they define apps to run through wireguard is quite annoying. Basically disables ngninx since you can't have everything running through nginx network. Unless you have wireguard in a network and then every other service you want wireguard users to access also. Probably the better solution instead of my other though wg-easy is also a better alternative, it just works. I didn't realize the linuxserver version require more setup than just run in compose not portainer etc.
sickprodigy added the
Kind/Feature
Priority
Low
Reviewed
Confirmed
Status
Abandoned
 labels 2025-06-29 21:11:07 -04:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Compat/Breaking
Breaking change that won't be backward compatible
Kind/Bug
Something is not working
Kind/Documentation
Documentation changes
Kind/Enhancement
Improve existing functionality
Kind/Feature
New functionality
Kind/Security
This is security issue
Kind/Testing
Issue or pull request related to testing
Priority
Critical
The priority is critical
Priority
High
The priority is high
Priority
Low
The priority is low
Priority
Medium
The priority is medium
Reviewed
Confirmed
Issue has been confirmed
Reviewed
Duplicate
This issue or pull request already exists
Reviewed
Invalid
Invalid issue
Reviewed
Won't Fix
This issue won't be fixed
Status
Abandoned
Somebody has started to work on this but abandoned work
Status
Blocked
Something is blocking this issue or pull request
Status
Need More Info
Feedback is required to reproduce issue or to continue work
No Label
Kind/Feature
Priority
Low
Reviewed
Confirmed
Status
Abandoned
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
sickprodigy
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sickprodigy/home-server#11
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?