this post was submitted on 01 Oct 2023
20 points (88.5% liked)

Selfhosted

39228 readers
483 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud
Loki
CannaVet
devve
HybridSarcasm
[email protected]
20
Is it better to put OpenVPN (for PIA) on my OPNsense router, as an LXC on Proxmox, or the (soon to be deprecated) feature in my TrueNAS Scale VM? (lemmy.ml)
submitted 11 months ago by [email protected] to c/selfhosted
13 comments fedilink hide all child comments
 

I was going to use the built-in OpenVPN in TrueNAS until I found out it's going to be deprecated.

I only really need it for the qbitorrent/transmission and prowlarr/jackett (haven't decided yet) apps in TrueNAS, so I don't know what the next best option is.

I have found plenty of documentation on how to use the integrated OpenVPN feature of TrueNAS, but since the announcement of it's deprecation and future elimination is only ~2 months old, I haven't found any new documentation yet on alternate methods.

I see stuff about tailscale but that doesn't seem to be what I'm trying to do.

Thanks.

top 13 comments
sorted by: hot top controversial new old
[–] [email protected] 26 points 11 months ago (2 children)

Check out wireguard, its way smaller and faster than OpenVPN and still FOSS.

https://www.privateinternetaccess.com/vpn-features/wireguard

Very user friendly if you install it with a GUI, almost to plug and play level.

[–] peregus 5 points 11 months ago

I'd go this route directly on OPNsense.

[–] [email protected] 1 points 11 months ago (1 children)

In order to use PIA in the Wireguard app, don't I have to select

OpenVPN (deprecated)

in the dropdown for VPN? I'm trying to avoid something that will be removed in the near future. Or am I reading that wrong?

[–] [email protected] 8 points 11 months ago

Did a little research and seems to be a PIA issue; they don't provide config files.. But there is a workaround: https://github.com/pia-foss/manual-connections

Or a Python script to obtain a config file: https://github.com/hsand/pia-wg

But there are other VPNs that will let you download config files for use, I have no idea why PIA makes it hard.

You would need to create a docker image or some sort of container/VM (container preferred) to host wireguard. This is what I personally use: https://github.com/wg-easy/wg-easy

[–] [email protected] 8 points 11 months ago* (last edited 11 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
LXC Linux Containers
PIA Private Internet Access brand of VPN
VPN Virtual Private Network

2 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.

[Thread #178 for this sub, first seen 1st Oct 2023, 07:05] [FAQ] [Full list] [Contact] [Source code]

[–] [email protected] 7 points 11 months ago* (last edited 11 months ago) (2 children)

If you plan to use docker containers for qbittorrent. gluetun is a pretty good way to put everything behind a vpn. It supports openvpn and wireguard, with presets for many providers

[–] [email protected] 6 points 11 months ago

This is what I do for downloading Linux ISOs. It works a treat.

[–] [email protected] 1 points 11 months ago

This is what I do with qbitttorrent and PIA. But I don't have the *rr apps using the VPN, just torrenting. And now I basically never use it since I have usenet ¯\_(ツ)_/¯

[–] xhenon 2 points 11 months ago (1 children)

For me this depends if you switch off any device in the year, for example, in my case when I'm on holidays usually out home, I switch off the proxmox server but I don't switch off my router so, in my case I'll choose to install in the router.

Maybe you will ask why I switch off my proxmox and basically the answer is because if something fails and I'm not at home to solve it, I don't want the server running wrongly until I'm back.

[–] [email protected] 1 points 11 months ago (1 children)

Ah that makes sense. I plan to run this thing 24/7

[–] xhenon 2 points 11 months ago

Then I'll prefer to install in the router, usually maintenance is less and shortest in the router. If you stop the proxmox server or the truenas for maintenance, you will stop the VPN. In my case it will cause an issue to my family

[–] ikidd 2 points 11 months ago* (last edited 11 months ago)

Use the wireguard plugin directly on your OPNsense router.

I've heard the Tailscale plugin is good as well, maybe easier to set up. I've never used it though. Overall, Tailscale seems very approachable and is based on wireguard as well.

[–] [email protected] 1 points 11 months ago

I use Tailscale on PFsense. Just advertise the route to the local subnet and accept routes on whatever machine you're accessing from and you've got yourself a pretty much plug and play solution.