Wireguard VPN
-
@dylightful We just pushed out jitsi last month or so and it's still stabilizing, so you know what's next then
@girish bump
-
@girish bump
@dylightful Ping ^^
-
@dylightful Ping ^^
@kallados
https://github.com/ngoduykhanh/wireguard-uiPretty neat on this one. Because it already made on web gui.
-
Even more useful now Contabo has a UK location, we can use this for our Hetzner Gemany hosted VDIs to tunnel out to the web in the UK for a better localised experience for our primarily UK users.
Web Design https://www.evergreen.je
Development https://brandlight.org
Life https://marcusquinn.com -
Even more useful now Contabo has a UK location, we can use this for our Hetzner Gemany hosted VDIs to tunnel out to the web in the UK for a better localised experience for our primarily UK users.
@marcusquinn said in Wireguard VPN:
we can use this for our Hetzner Gemany hosted VDIs to tunnel out to the web in the UK for a better localised experience for our primarily UK users.
That's sounds interesting, could you please elaborate?
As an aside, Contabo don't use renewable energy, which makes them climate criminals in my mind.
Here are the cheapest renewably powered VPS in UK I've found so far (in order of cheapness)
https://www.vpsserver.com/vps-london/
https://krystal.uk/cloud-vps
https://cloudabove.com/hosting/cloud-servers -
@dylightful We just pushed out jitsi last month or so and it's still stabilizing, so you know what's next then
@girish said in Wireguard VPN:
so you know what's next then
Can we please get an update on Wireguard? Seems to be a lot of apps getting published that don't have anywhere near the number of votes as WG....
-
@girish said in Wireguard VPN:
so you know what's next then
Can we please get an update on Wireguard? Seems to be a lot of apps getting published that don't have anywhere near the number of votes as WG....
@dylightful Yes, on our list. After 7.2 is completely rolled out (should be out later today).
Is your use case the same as the existing OpenVPN app use case? i.e a self service portal where Cloudron acts as the VPN server?
-
@dylightful Yes, on our list. After 7.2 is completely rolled out (should be out later today).
Is your use case the same as the existing OpenVPN app use case? i.e a self service portal where Cloudron acts as the VPN server?
@girish Our use-case would be using some mini-Cloudrons as relays for traffic from VDIs, so the users appear to be browsing from the country they are in, as opposed to where the VDI VPS is hosted.
-
@dylightful Yes, on our list. After 7.2 is completely rolled out (should be out later today).
Is your use case the same as the existing OpenVPN app use case? i.e a self service portal where Cloudron acts as the VPN server?
@girish Exactly like the OpenVPN app, Wireguard will provide MUCH better speed!
-
For interest: ivpn.net comes recommended on privacytools.io with Wireguard very easily implemented and, formerly, I always found the Wireguard speed on azirevpn.com to be very fast.
-
@dylightful Yes, on our list. After 7.2 is completely rolled out (should be out later today).
Is your use case the same as the existing OpenVPN app use case? i.e a self service portal where Cloudron acts as the VPN server?
-
A nice list:
https://github.com/HarvsG/WireGuardMeshes -
An example config of WG-Easy deployment from:
https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-nginx-SSLdocker-compose.yml:
version: "3.8" services: wg-easy: environment: # ⚠️ Change the server's hostname (clients will connect to): - WG_HOST=wg-easy.myhomelab.com # ⚠️ Change the Web UI Password: - PASSWORD=foobar123 image: weejewel/wg-easy container_name: wg-easy hostname: wg-easy volumes: - ~/.wg-easy:/etc/wireguard ports: - "51820:51820/udp" restart: unless-stopped cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.ip_forward=1 - net.ipv4.conf.all.src_valid_mark=1 nginx: image: weejewel/nginx-with-certbot container_name: nginx hostname: nginx ports: - "80:80/tcp" - "443:443/tcp" volumes: - ~/.nginx/servers/:/etc/nginx/servers/ - ./.nginx/letsencrypt/:/etc/letsencrypt/~/.nginx/servers/wg-easy.conf:
server { server_name `⚠️wg-easy.myhomelab.com`; location / { proxy_pass http://wg-easy:51821/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; } } -
An example config of WG-Easy deployment from:
https://github.com/WeeJeWel/wg-easy/wiki/Using-WireGuard-Easy-with-nginx-SSLdocker-compose.yml:
version: "3.8" services: wg-easy: environment: # ⚠️ Change the server's hostname (clients will connect to): - WG_HOST=wg-easy.myhomelab.com # ⚠️ Change the Web UI Password: - PASSWORD=foobar123 image: weejewel/wg-easy container_name: wg-easy hostname: wg-easy volumes: - ~/.wg-easy:/etc/wireguard ports: - "51820:51820/udp" restart: unless-stopped cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.ip_forward=1 - net.ipv4.conf.all.src_valid_mark=1 nginx: image: weejewel/nginx-with-certbot container_name: nginx hostname: nginx ports: - "80:80/tcp" - "443:443/tcp" volumes: - ~/.nginx/servers/:/etc/nginx/servers/ - ./.nginx/letsencrypt/:/etc/letsencrypt/~/.nginx/servers/wg-easy.conf:
server { server_name `⚠️wg-easy.myhomelab.com`; location / { proxy_pass http://wg-easy:51821/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; } }@robi lots of solutions/apps for WG on the web, not entitely sure whats stopping/preventing the CLoudron team packaging and deploying considerings it one of the most upvoted wishlist items currently, especially when plenty of low upvote apps are getting published before WG.
Care to enlight us? @girish
-
@robi lots of solutions/apps for WG on the web, not entitely sure whats stopping/preventing the CLoudron team packaging and deploying considerings it one of the most upvoted wishlist items currently, especially when plenty of low upvote apps are getting published before WG.
Care to enlight us? @girish
@dylightful possibly the low vote apps don't have the complexity of integration into the Cloudron 'opinionated' environment. But I don't know really.
-
@robi lots of solutions/apps for WG on the web, not entitely sure whats stopping/preventing the CLoudron team packaging and deploying considerings it one of the most upvoted wishlist items currently, especially when plenty of low upvote apps are getting published before WG.
Care to enlight us? @girish
@dylightful I hear you.. it has not been made clear yet.
I just managed to deploy wg-easy in fly.io and it's simple UI is great, doesn't need a username, and similar to our OpenVPN app, easily generates .conf files for download for the clients.
For some of the things we wanted to do with VPNs for Apps which were a lot more complex, a lot more integrations were needed, and the people who started doing those didn't manage to complete them and the chain of events stopped progress.
What we perceive being reality, this can affect much simpler things from being re-prioritized; and of course life happens.
Un/fortunately those are not blockers for Cloudron having a fast personal VPN experience via Wireguard.
As I have a bit more time this month, I may start packaging wg-easy, and if someone else is interested in lending a helping hand, many hands make short work. (Send a PM to collaborate)
-
@dylightful I hear you.. it has not been made clear yet.
I just managed to deploy wg-easy in fly.io and it's simple UI is great, doesn't need a username, and similar to our OpenVPN app, easily generates .conf files for download for the clients.
For some of the things we wanted to do with VPNs for Apps which were a lot more complex, a lot more integrations were needed, and the people who started doing those didn't manage to complete them and the chain of events stopped progress.
What we perceive being reality, this can affect much simpler things from being re-prioritized; and of course life happens.
Un/fortunately those are not blockers for Cloudron having a fast personal VPN experience via Wireguard.
As I have a bit more time this month, I may start packaging wg-easy, and if someone else is interested in lending a helping hand, many hands make short work. (Send a PM to collaborate)
@robi wg-easy seems to be a nice alternative to the openvpn solution, it's also dockered: https://hub.docker.com/r/weejewel/wg-easy but I'm not sure how stable it is?
-
@robi wg-easy seems to be a nice alternative to the openvpn solution, it's also dockered: https://hub.docker.com/r/weejewel/wg-easy but I'm not sure how stable it is?
-
@robi wg-easy seems to be a nice alternative to the openvpn solution, it's also dockered: https://hub.docker.com/r/weejewel/wg-easy but I'm not sure how stable it is?
@timka Can confirm it works great and is very stable.
I ended up deploying a cluster a couple of months after apps with not even 1/3 of the upvotes were getting deployed before Wireguard. Very frustrating and disappointing.
