tiyn/wiki
1
0
Fork 0
mirror of https://github.com/tiyn/wiki.git synced 2025-04-04 07:47:45 +02:00
Code Issues Projects Releases Wiki Activity

vpn: split the vpn article into openvpn and wireguard

Browse Source
This commit is contained in:
tiyn 2023-08-18 01:41:12 +02:00
parent 29ad3eec17
commit 75929dd327
12 changed files with 138 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wiki/docker/dyonr_-_jackettvpn.md
View File

@ -1,6 +1,6 @@
# dyonr - jackettvpn # dyonr - jackettvpn
This is a [Docker](/wiki/docker.md) container for a [VPN](/wiki/vpn.md) This is a [Docker](/wiki/docker.md) container for a [OpenVPN](/wiki/openvpn.md)
protected [Jackett](/wiki/jackett.md) server. protected [Jackett](/wiki/jackett.md) server.
The official container and documentation was made by The official container and documentation was made by
[dyonr](https://github.com/DyonR/docker-Jackettvpn). [dyonr](https://github.com/DyonR/docker-Jackettvpn).

2
wiki/docker/dyonr_-_qbittorrentvpn.md
View File

@ -2,7 +2,7 @@
This is a [Docker](/wiki/docker.md) container for a This is a [Docker](/wiki/docker.md) container for a
[qBittorrent](../qbittorrent.md) server that is connected to the internet via [qBittorrent](../qbittorrent.md) server that is connected to the internet via
an [openVPN tunnel](/wiki/vpn.md). an [openVPN tunnel](/wiki/openvpn.md).
The official container and documentation was made by The official container and documentation was made by
[dyonr](https://github.com/DyonR/docker-qbittorrentvpn). [dyonr](https://github.com/DyonR/docker-qbittorrentvpn).

2
wiki/docker/haugene_-_transmission-openvpn.md
View File

@ -2,7 +2,7 @@
This is a [Docker](/wiki/docker.md) container for a This is a [Docker](/wiki/docker.md) container for a
[transmission](../transmission.md) server that is connected to the internet via [transmission](../transmission.md) server that is connected to the internet via
an [openVPN tunnel](/wiki/vpn.md). an [openVPN tunnel](/wiki/openvpn.md).
The official container and documentation was made by The official container and documentation was made by
[haugene](https://github.com/haugene/docker-transmission-openvpn). [haugene](https://github.com/haugene/docker-transmission-openvpn).

2
wiki/docker/jonohill_-_docker-openvpn-proxy.md
View File

@ -1,7 +1,7 @@
# jonohill - docker-openvpn-proxy # jonohill - docker-openvpn-proxy
This is a [Docker](/wiki/docker.md) container for an This is a [Docker](/wiki/docker.md) container for an
[OpenVPN proxy](/wiki/vpn.md#proxy-ovpn). [OpenVPN proxy](/wiki/openvpn.md#proxy).
The official container and documentation was made by The official container and documentation was made by
[jonohill](https://github.com/jonohill/docker-openvpn-proxy). [jonohill](https://github.com/jonohill/docker-openvpn-proxy).

4
wiki/docker/kylemanna_-_openvpn.md
View File

@ -1,7 +1,7 @@
# kylemanna - openvpn # kylemanna - openvpn
This is a [Docker](/wiki/docker.md) container for an This is a [Docker](/wiki/docker.md) container for an
[OpenVPN server](/wiki/vpn.md). [OpenVPN server](/wiki/openvpn.md).
The official container and documentation was made by The official container and documentation was made by
[kylemanna](https://hub.docker.com/r/kylemanna/openvpn). [kylemanna](https://hub.docker.com/r/kylemanna/openvpn).
@ -26,7 +26,7 @@ Afterwards run `./rebuild.sh`.
### Create Certificates ### Create Certificates
Each device that connects to the [OpenVPN](/wiki/vpn.md#openvpn) server should Each device that connects to the [OpenVPN](/wiki/openvpn.md) server should
have a certificate to connect by. have a certificate to connect by.
Create a certificate and retrieve it by running the following commands. Create a certificate and retrieve it by running the following commands.
Change all occurences of `<CLIENTNAME>` to the name of the client. Change all occurences of `<CLIENTNAME>` to the name of the client.

4
wiki/docker/linuxserver_-_wireguard.md
View File

@ -1,7 +1,7 @@
# linuxserver - airsonic-advanced # linuxserver - airsonic-advanced
This is a [Docker](/wiki/docker.md) container for a This is a [Docker](/wiki/docker.md) container for a
[WireGuard](../vpn.md#WireGuard) server. [WireGuard](/wiki/wireguard.md) server.
The official container and documentation was made by The official container and documentation was made by
[linuxserver](https://hub.docker.com/r/linuxserver/wireguard). [linuxserver](https://hub.docker.com/r/linuxserver/wireguard).
@ -12,7 +12,7 @@ Change the settings according to your needs.
Especially change `<VPN.SERVERNAME.COM>` to the URL the VPN is accessible at. Especially change `<VPN.SERVERNAME.COM>` to the URL the VPN is accessible at.
If not already done set a port forward or something similar. If not already done set a port forward or something similar.
`PEERS` is given the number of configs to create for different `PEERS` is given the number of configs to create for different
[clients](/wiki/vpn.md#client-wg). [clients](/wiki/wireguard.md#client).
It is also possible to give a list of clients separated by commas It is also possible to give a list of clients separated by commas
(`first,second,third`) to create. (`first,second,third`) to create.
The following shows the two options. The following shows the two options.

3
wiki/firefox.md
View File

@ -28,7 +28,8 @@ They can be removed and configured under `about:config`.
- [Firefox Multi-Account Containers](https://addons.mozilla.org/en-GB/Firefox/addon/multi-account-containers) - [Firefox Multi-Account Containers](https://addons.mozilla.org/en-GB/Firefox/addon/multi-account-containers)
lets you separate cookies in different containers on a per site base. lets you separate cookies in different containers on a per site base.
With this add-on a proxy can be selected for each container which enables With this add-on a proxy can be selected for each container which enables
usage of [a VPN proxy](/wiki/vpn.md#openvpn). usage of a [VPN](/wiki/vpn.md) that acts as a Proxy like a
[OpenVPN Proxy](/wiki/openvpn.md#proxy).
- [Temporary Containers](https://addons.mozilla.org/en-GB/Firefox/addon/temporary-containers) - [Temporary Containers](https://addons.mozilla.org/en-GB/Firefox/addon/temporary-containers)
opens tabs and websites, that are not already managed by opens tabs and websites, that are not already managed by
`Firefox Multi-Account Containers` in a new container. `Firefox Multi-Account Containers` in a new container.

8
wiki/linkding.md
View File

@ -12,10 +12,16 @@ The software can be setup via [Docker](/wiki/docker.md) with the
This section addresses various features of Linkding. This section addresses various features of Linkding.
### Browser add-on ### Browser Add-on
[On the firefox add-on site](https://addons.mozilla.org/de/firefox/addon/linkding-extension/) [On the firefox add-on site](https://addons.mozilla.org/de/firefox/addon/linkding-extension/)
you can find an add-on for linkding. you can find an add-on for linkding.
You need to configure it by giving the URL for your linkding instance and the You need to configure it by giving the URL for your linkding instance and the
REST API token which can be found in the settings of linkding under the REST API token which can be found in the settings of linkding under the
integrations tab. integrations tab.
### Mobile Phone Integration
For mobile phones the RSS-Feed of the service can be used.
The Feed can be found under the Integrations Tab inside the settings.
This feed can be used with an [RSS-Feed reader](/wiki/rss.md#clients).

29
wiki/openvpn.md Normal file
View File

@ -0,0 +1,29 @@
# OpenVPN
[OpenVPN](https://openvpn.net) is a free software to create a VPN via an
encrypted TLS connection.
## Set up
In the following sections the different set ups of OpenVPN usages are described.
### Server
The software can be set up via [Docker](/wiki/docker.md) with the
[kylemanna image](./docker/kylemanna_-_openvpn.md).
Additionally to this a client is needed on the system that need access to the
server software.
### Client
OpenVPN clients can be found for many devices.
For Android for example there is
[OpenVPN for Android in the F-Droid store](https://f-droid.org/de/packages/de.blinkt.openvpn/).
For most linux distributions there is a package called `openvpn`.
### Proxy
For OpenVPN a proxy acts as an intermediary between the system communicating
with the proxy and the OpenVPN server.
A proxy can be set up via [Docker](/wiki/docker.md) with the
[jonohill image](./docker/jonohill_-_docker-openvpn-proxy.md).

2
wiki/qbittorrent.md
View File

@ -7,7 +7,7 @@ open-source [BitTorrent client](/wiki/bittorrent.md#clients).
The software can be setup via [Docker](/wiki/docker.md) with the The software can be setup via [Docker](/wiki/docker.md) with the
[dyonr image](/wiki/docker/dyonr_-_qbittorrentvpn.md) that [dyonr image](/wiki/docker/dyonr_-_qbittorrentvpn.md) that
includes an [OpenVPN](/wiki/vpn.md#openvpn) tunnel. includes an [OpenVPN](/wiki/openvpn.md) tunnel.
## Limiting Upload and Download ## Limiting Upload and Download

119
wiki/vpn.md
View File

@ -6,119 +6,10 @@ It can be used to display another IP address but does not make tracking or
fingerprinting of the device impossible. fingerprinting of the device impossible.
VPNs feature a server and a client side. VPNs feature a server and a client side.
## OpenVPN ## VPN implementations
[OpenVPN](https://openvpn.net) is a free software to create a VPN via an This section lists various VPN implementations.
encrypted TLS connection.
### OVPN Set up - [OpenVPN](/wiki/openvpn.md) is probably the most well known VPN implementation.
- [WireGuard](/wiki/wireguard.md) is a modern, fast and secure implementation of the VPN protocol.
In the following sections the different set ups of OpenVPN usages are described. It is free and open-source.
#### OVPN Server
The software can be set up via [Docker](/wiki/docker.md) with the
[kylemanna image](./docker/kylemanna_-_openvpn.md).
Additionally to this a client is needed on the system that need access to the
server software.
#### OVPN Client
OpenVPN clients can be found for many devices.
For Android for example there is
[OpenVPN for Android in the F-Droid store](https://f-droid.org/de/packages/de.blinkt.openvpn/).
For most linux distributions there is a package called `openvpn`.
#### OVPN Proxy
For OpenVPN a proxy acts as an imntermediary between the system communicating
with the proxy and the OpenVPN server.
A proxy can be set up via [Docker](/wiki/docker.md) with the
[jonohill image](./docker/jonohill_-_docker-openvpn-proxy.md).
## WireGuard
[WireGuard](https://www.wireguard.com/) is a free and open-source software that
implements encrypted VPNs.
It was designed to be especially fast and secure.
This section including its subsections - especially the [usage](#usage-wg) is
based on an extensive guide on WireGuard by
[DigitalOcean](https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04#step-9-connecting-the-wireguard-peer-to-the-tunnel).
### WG Setup
In the following sections the different set ups of WireGuard usages are described.
#### WG Server
The software can be set up via [Docker](/wiki/docker.md) with the
[linuxserver image](/wiki/docker/linuxserver_-_wireguard.md).
Additionally to this a [client](#client-wg) is needed on the system that
accesses the server.
#### WG Client
WireGuard clients can be found for many devices.
For Android for example there is
[Wireguard for Android in the F-Droid store](https://f-droid.org/de/packages/com.wireguard.android/).
For most linux distributions there is a package called `wireguard-tools`.
### WG Usage
Wireguard clients connect to servers by using a `.conf` file.
For mobile devices often times a QR-code can also be used.
In Linux based operating systems the `.conf` can be placed at
the path `/etc/wireguard/wg0.conf`.
Afterwards wireguard can be started and stopped by running the following
commands.
```
wg-quick up wg0
wg-quick down wg0
```
When using multiple `.conf` files the number behind `wg` can be incremented.
When starting and stopping wireguard with `wg-quick` the corresponding number
should be used.
Alternatively also other names not including `wg` can be used.
The term `wg0` the incremented version of it has to be changed accordingly then.
#### Setting Up Local DNS
This section focusses on the usage of a [local DNS](/wiki/dns.md) like
[bind9](/wiki/bind.md#configure-local-dns-server-with-forwarding).
This can be especially useful for using
[local domains](/wiki/bind.md#configure-local-domains).
The following guide is based on a comments by the Reddit users
[orthecreedence and rptb1](https://www.reddit.com/r/WireGuard/comments/cmhap6/use_both_wireguard_and_local_dns_servers/).
To set up the usage of a local DNS the WireGuard configuration file needs to be
changed.
The following lines have to be appended under the `[Interface]` section and the
DNS IP address (in this case `192.168.178.1`) has to be changed as needed.
`wg0` is the name of the configuration file (see [the usage section](#wg-usage))
for reference.
```txt
PostUp = resolvectl dns wg0 192.168.178.1
PostDown = resolvconf -d %i -f
```
The `PostUp` line sets up the DNS while the `PostDown` line shuts it down after
wireguard is closed.
### WG Troubleshooting
This section addresses various errors and ways how to troubleshoot them.
#### Unknown Device Type / Protocol Not Supported
Especially when running `wg-quick up wg0` this error can appear.
The most probable source of this error is that the version of the package
`linux` doesn't match with the version of the [wireguard package](#client-wg) or
the system has been updated and the system wasn't restarted causing the same
problem.
To fix this `linux` can be reinstalled but a full update of the system is
recommended.
Because it changes the kernel the system needs to be restarted afterwards.

86
wiki/wireguard.md Normal file
View File

@ -0,0 +1,86 @@
# WireGuard
[WireGuard](https://www.wireguard.com/) is a free and open-source software that
implements encrypted VPNs.
It was designed to be especially fast and secure.
This section including its subsections - especially the [usage](#usage-wg) is
based on an extensive guide on WireGuard by
[DigitalOcean](https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04#step-9-connecting-the-wireguard-peer-to-the-tunnel).
## Setup
In the following sections the different set ups of WireGuard usages are described.
### Server
The software can be set up via [Docker](/wiki/docker.md) with the
[linuxserver image](/wiki/docker/linuxserver_-_wireguard.md).
Additionally to this a [client](#client-wg) is needed on the system that
accesses the server.
### Client
WireGuard clients can be found for many devices.
For Android for example there is
[Wireguard for Android in the F-Droid store](https://f-droid.org/de/packages/com.wireguard.android/).
For most linux distributions there is a package called `wireguard-tools`.
## Usage
Wireguard clients connect to servers by using a `.conf` file.
For mobile devices often times a QR-code can also be used.
In Linux based operating systems the `.conf` can be placed at
the path `/etc/wireguard/wg0.conf`.
Afterwards wireguard can be started and stopped by running the following
commands.
```
wg-quick up wg0
wg-quick down wg0
```
When using multiple `.conf` files the number behind `wg` can be incremented.
When starting and stopping wireguard with `wg-quick` the corresponding number
should be used.
Alternatively also other names not including `wg` can be used.
The term `wg0` the incremented version of it has to be changed accordingly then.
### Setting Up Local DNS
This section focusses on the usage of a [local DNS](/wiki/dns.md) like
[bind9](/wiki/bind.md#configure-local-dns-server-with-forwarding).
This can be especially useful for using
[local domains](/wiki/bind.md#configure-local-domains).
The following guide is based on a comments by the Reddit users
[orthecreedence and rptb1](https://www.reddit.com/r/WireGuard/comments/cmhap6/use_both_wireguard_and_local_dns_servers/).
To set up the usage of a local DNS the WireGuard configuration file needs to be
changed.
The following lines have to be appended under the `[Interface]` section and the
DNS IP address (in this case `192.168.178.1`) has to be changed as needed.
`wg0` is the name of the configuration file (see [the usage section](#wg-usage))
for reference.
```txt
PostUp = resolvectl dns wg0 192.168.178.1
PostDown = resolvconf -d %i -f
```
The `PostUp` line sets up the DNS while the `PostDown` line shuts it down after
wireguard is closed.
## Troubleshooting
This section addresses various errors and ways how to troubleshoot them.
### Unknown Device Type / Protocol Not Supported
Especially when running `wg-quick up wg0` this error can appear.
The most probable source of this error is that the version of the package
`linux` doesn't match with the version of the [wireguard package](#client-wg) or
the system has been updated and the system wasn't restarted causing the same
problem.
To fix this `linux` can be reinstalled but a full update of the system is
recommended.
Because it changes the kernel the system needs to be restarted afterwards.