MoshpitDaddy

joined 1 year ago
[–] MoshpitDaddy 1 points 1 year ago (1 children)

Yes. I installed a browser on the androidTV and it showed my local ip from back home (where the wireguard host runs) but no ipv6.

I have to look into the exit node thing as it doesn't say anything to me but thanks for the Idea!

Tailscale should have the same problem as it basically runs on wireguard as far as I know. Are there any other things tailscale itself changes? I will try it tho because why not. I could probably also try headscale as I rather stay on the open source side ?

[–] MoshpitDaddy 1 points 1 year ago* (last edited 1 year ago) (1 children)

This would be complicated as you can use the Netflix service on a new device for at least 30 days without issues

 

Hey guys,
I selfhost a server at home where I run a couple of services. Wireguard is one of them. I also have another house where I live every couple of weeks for a few days. Netflix blocked me on the second house for account sharing. As I run my own wireguard and the tv in the second house runs AndroidTV I created a wireguard config (I run wg-easy) and installed the official Wireguard app on AndroidTV. Sadly netflix still blocks me which is weird because all traffic of that tv seems to be running over the tunnel.

Here is the config:

` [Interface] PrivateKey = XXX Address = 10.8.0.3/24 DNS = 1.1.1.1 MTU = 1420

[Peer] PublicKey = XXX PresharedKey = XXX AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 0 Endpoint = vpn.XXXde:51820 `

I also posted this on reddit selfhosted where it sadly got removed. Some suggestions were that somehow DNS requests or IPv6 traffic still got through without using the wireguard tunnel which doesn't make much sense because usually the wireguard app puts everything through the tunnel.
I also edited the conf to also tunnel all ipv6 traffic with adding ::/0 under allowed IPs but that also didn't resolved the problem.
Is there anything else I could try? Are there different solutions? I'm aware that there are other approaches to this problem (using Jellyfin) but I really want to figure out this problem as it doesn't make any sense to me. The whole traffic should be going over my home server and it seems it doesn't.
Has anyone gotten this kind of setup to work?

Thanks for any help, have a good day!

[–] MoshpitDaddy 6 points 1 year ago (1 children)

I don't know if it was mentioned already but how could I check if my ports are under "attack"? OPs graphic looks really nice

[–] MoshpitDaddy 3 points 1 year ago (1 children)

That worked, thanks a ton! :-)

 

Hey guys what's up, first post on Lemmy here. I tried to get a SearXNG instance to run on my home server but cannot seem to get it to work.

.env

# By default listen on https://localhost
# To change this:
# * uncomment SEARXNG_HOSTNAME, and replace  by the SearXNG hostname
# * uncomment LETSENCRYPT_EMAIL, and replace  by your email (require to create a Let's Encrypt certificate)

SEARXNG_HOSTNAME=search.xxxxx.com
# LETSENCRYPT_EMAIL=

docker-compose.yml

version: '3.7'

services:

#  caddy:
#    container_name: caddy
#    image: caddy:2-alpine
#    network_mode: host
#    volumes:
#      - ./Caddyfile:/etc/caddy/Caddyfile:ro
#      - caddy-data:/data:rw
#      - caddy-config:/config:rw
#    environment:
#      - SEARXNG_HOSTNAME=${SEARXNG_HOSTNAME:-http://localhost:80}
#      - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal}
#    cap_drop:
#      - ALL
#    cap_add:
#      - NET_BIND_SERVICE

  redis:
    container_name: redis
    image: "redis:alpine"
    command: redis-server --save "" --appendonly "no"
    networks:
      - searxng
    tmpfs:
      - /var/lib/redis
    cap_drop:
      - ALL
    cap_add:
      - SETGID
      - SETUID
      - DAC_OVERRIDE
    restart: always

  searxng:
    container_name: searxng
    image: searxng/searxng:latest
    networks:
      - searxng
    ports:
     - "127.0.0.1:8181:8080"
    volumes:
      - ./searxng:/etc/searxng:rw
    environment:
      - SEARXNG_BASE_URL=https://${SEARXNG_HOSTNAME:-localhost}/
    cap_drop:
      - ALL
    cap_add:
      - CHOWN
      - SETGID
      - SETUID
    logging:
      driver: "json-file"
      options:
        max-size: "1m"
        max-file: "1"
    restart: always
networks:
  searxng:
    ipam:
      driver: default

#volumes:
#  caddy-data:
#  caddy-config:

settings.yml

# see https://docs.searxng.org/admin/engines/settings.html#use-default-settings
use_default_settings: true
server:
  # base_url is defined in the SEARXNG_BASE_URL environment variable, see .env and docker-compose.yml
  secret_key: "THE_SECRET_KEY"  # change this!
  limiter: true  # can be disabled for a private instance
  image_proxy: true
ui:
  static_use_hash: true
redis:
  url: redis://redis:6379/0

I commented out the caddy stuff in the docker-compose.yml as I have an extra instance of caddy that handles all the reverse proxy and cert stuff. Even if I run this with caddy not commented out I get the same errors.

Logs

SearXNG version 2023.8.8+b8352eca0
Create /etc/searxng/uwsgi.ini
cp: can't create '/etc/searxng/uwsgi.ini': Permission denied
sed: /etc/searxng/uwsgi.ini: No such file or directory
Use existing /etc/searxng/settings.yml
Listen on 0.0.0.0:8080
realpath() of /etc/searxng/uwsgi.ini failed: No such file or directory [core/utils.c line 3662]
SearXNG version 2023.8.8+b8352eca0
Create /etc/searxng/uwsgi.ini
cp: can't create '/etc/searxng/uwsgi.ini': Permission denied
sed: /etc/searxng/uwsgi.ini: No such file or directory
Use existing /etc/searxng/settings.yml
Listen on 0.0.0.0:8080
realpath() of /etc/searxng/uwsgi.ini failed: No such file or directory [core/utils.c line 3662]
SearXNG version 2023.8.8+b8352eca0

Any help is appreciated. This doesn't seem to be a common error out there as there is not much info on the web.

Thanks and have a good day!