First application migrated from running in docker to running in my new #homelab #Kubernetes cluster is: Photon. Being a stateless application it was the most straightforward one.
I'm using a very similar setup to what I had before - a cloud instance relaying requests through #Wireguard to my home network. I use an "upstream" block in the nginx config (with multiple k8s nodes for HA) and an ingress controller on the k8s side.
@kuketzforum interessanter Beitrag. Ich nutze #myfritz + #Wireguard intensiv. Da ich Pi-Hole und andere Dienste wie #Jellyfin usw. als LXC über #Proxmox laufen lasse, werde ich mich mal damit beschäftigen, auch WG hierüber zu steuern und den Dienst in der #Fritzbox abzuschalten. Das ganze läuft allerdings seit sehr langer Zeit schon sehr stabil. Bin auf die Diskussion im Forum gespannt.
FFS! A server can't run both #Docker *and* #Wireguard on #Linux.
Docker creates a "bridge" network interface which, apparently, interferes with WireGuard.
That was a depressing evening of eliminating the impossible. Completely stopping Docker allowed my VPN to connect.
And there's no way to actually run a Docker container without the network bridge (any documentation that says otherwise is lying).
First look Midori Browser with browsing VPN.
Midori Browser with VPN.... coming soon.
Behind all this there is @opensuse being the best distro :-)
Ok ##wireguard and #homelab heads. I'm having a hard time figuring this out. I have a service that I'm hosting that I'm currently routing all of it's outbound traffic through a VPN provider and wiregaurd. However, when I do that I lose all connectivity to the service because.. All traffic is moving through wiregaurd. I have tried AllowedIPs= that didn't seem to work. I tried a bunch of Preup and PostUP stuff and that didn't seem to work.
I recently discovered that despite having a business account, my ISP will automatically block #WireGuard traffic if I use a tunnel actively for an extended period, or if there is just a lot of traffic. (Tech support swears they don't do this but the internet suggests otherwise).
The only viable workaround I've found is to somewhat regularly rotate the listen port on the tunnel.
This, it turns out, is a headache with #pfSense.
It's very crude and only supports a single tunnel at the moment, but I just spent an absurd amount of time on a solution - so here it is if anyone is interested:
Odd that /e/os app store fails to find and install #wireguard. Store is logged into google play store. Still it shows some old f-droid version of it, and can't install that either.
New #android phone is only operational after #termux, ssh, #wireguard and #neovim are restored 
Does anyone know a good #SelfHosted #vpn solution, preferably with #SSO?
I’m looking to replace my current #WireGuard setup with something I can easily set up on a new device when away from home. Needs to run in a #Docker container.
Tried #HeadScale this morning which worked well but couldn’t get the exit-node functionality to work, which would be a requirement for me. All suggestions appreciated!
Debian/server/wireguard peeps.
I'm running into a weird issue where no matter what I search I can't figure it out.
When I set everything up on the server at home no issues. The VPS has been challenging me for the last couple hours.
I followed the steps here - https://blog.aiquiral.me/bypass-cgnat.html
the error I'm getting in the picture is where the problem lies -
Qiita - 人気の記事 @qiita@rss-mstdn.studiofreesia.com自宅サーバのOpenHandsに外からアクセスできるようにした(メモ)
https://qiita.com/uist1idrju3i/items/c81735f284c55a8ccab8?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items
Heute war ein erfolgreicher Freifunk-Abend:
Mehr als die Hälfte unserer Uplink Knoten nutzen jetzt WireGuard.
7 Ausfälle haben wir zu beklagen, die restlichen Knoten wurden erflogreich migriert.
Vielen Dank für eure Geduld und viel Spaß mit der besseren Performance!
Und danke an @1977er für's signieren meiner Experimente!
@vmstan @protonprivacy
Switching from #proton was as easy as modifying 3 DNS records, and updating my #wireguard peers.
They will not be missed at all.
@kaybee335 Shout out to #Immich ! I've hosted that for just over a year as a Google Photos supplement. It's a great piece of software!
With #wireguard for remote access.
And it's all enabled by #proxmox on a home server in my basement.
@Blort @x As a selfhoster you can use plain #wireguard instead. Doable as long as your infrastructure does not change all the time. I haven’t tried headscale myself.
@Sauerer
Wir testen derzeit #tailscale aus, das ja auf #wireguard aufsetzt. Könnte für deinen Zweck eine Lösung sein.
Deren privater Tarif ist kostenfrei, aber hinsichtlich Nutzern/Geräten begrenzt.
Man ist dabei aber halt wieder auf einen Webserver eines Anbieters angewiesen, was ich künftig gerne umgehen will. Zumindest da wo es möglich ist.
@Sauerer@sueden.social@cypher2020
Das möchte ich gerne noch hinbekommen, derzeit helfe ich mir mit dem Zugriff über #WireGuard. Bequemer wäre es, wenn die NC bzw. deren Webserver einfach per Browser / NC-Handy-Client errreichbar wäre. Ich bekomme zwar eine halbwegs zuverlässige Subdomain per DDNS (bei mir https://freedns.afraid.org/ ), aber das Routing durch die FritzBox auf den Raspi funktioniert nicht, Ich glaube wegen meinem DSLite. Da bin ich zu wenig Netzwerker, befürchte ich. Wenn jemand einen Tipp hat ... 
My #ProtonVPN connection through the kernel module and #wireguard-tools does support #IPv6 now by the look of it 
According to the latest support entry on the subject (https://protonvpn.com/support/prevent-ipv6-vpn-leaks/), it’s supposed to be only the browser extension and the Linux application.
Hey #homelab users!
You probably already know me by my free @BoxyBSD project and I often got asked about IPv4 addresses. Currebtly, I tinker with a new but also honestly not free service. The idea is creating a static IP service for homelab users. I'm aware that there're already some around, so what could be some benefits here?
- Static single #IPv4 & #IPv6 /48 (so you can subnet your homelab to several /64 without breaking #slacc)
- Bigger subnets (IPv4: /29, /28, /27 | IPv6: /32)
- Full RIPE personalization (inc. abuse & Co)
- #OpenVPN, #Wireguard, #GRE Support
- Auto configure (e.g., you load the wireguard config on any client and the addresses Arena immediately bound to that interface)
- Split usage / multiple tunnels: Use different IPs from your subnets at different locations
- Integration into #BoxyBSD
- Location in Germany or Netherlands (selectable)
- Hosted on redundant #FreeBSD nodes
Pricing:
- The starter package probably around 10€/month (not more) + 15€ setup including 2T traffic
- Pricing for addiriinal/larger subnets not yet sure, probably higher setup fees to avoid hoppers and spamers to keep the addresses clean
- Optional traffic packages (when exceeding speed Limit of 10Mbit which should still be ok for most homelabs)
World this be interesting? Im aware that many ones already do this by VPS themselves, so this might just be a bit easier and optionally offering whole networks including RIPE personalizations.
