OMG #WireGuard can be a pain to debug but OMG it works well once all is sorted.
The work on #EU_OS continues. In the last days, the Proof-of-Concept pages at https://eu-os.eu/poc/ have received a few updates on provisioning, branding and thoughts on user data backups. Open questions and issues are listed at https://gitlab.com/eu-os/eu-os.gitlab.io/-/issues
Please lend us your helping hand, reshare ♻️ and spread the word 🗣️!
1/3
2/3 Topics #EU_OS needs help with:
1) What is the best way to backup user data for Linux EU OS users? https://gitlab.com/eu-os/eu-os.gitlab.io/-/issues/46 #borgbackup #btrfsbk #btrfs#nextcloud
2) How can unattended deployment with #foreman look like during pilot stage (thus without reconfiguring the network/DHCP yet)? https://gitlab.com/eu-os/eu-os.gitlab.io/-/issues/39 #foreman
3) How can a modern VPN provide extra security for people in home offices or on business trips? https://gitlab.com/eu-os/eu-os.gitlab.io/-/issues/47 #tailscale #headscale #rosenpass #wireguard #openvpn
How are you integrating #WireGuard with an identity provider like OpenID, MS, or Goog for MFA?
welp, my latest Fedora KDE update borked my Wireguard installation. No discernable errors. It just... won't connect to its peer.
Maybe it's time to do something other than Fedora...
I've got a OpenBSD VPS with a WireGuard connection to a server on my home network. I can ssh and ping both ways through the WireGuard tunnel.
Would it be possible to use relayd on the VPS to direct traffic to different services running on the server at home?
service1.example.com -> server:8443
service2.example.com -> server:8090
It kind of looks that way from:
https://mutualaid.info/posts/using-relayd-as-a-reverse-proxy-on-openbsd/
I can add DNS records to the domain in question.
(I'm new to OpenBSD, but not Linux)
What is the preferred method to setup a #Wireguard client ?
I find adding/removing routes for multiple clients painful if I have to send a new config file to 50 people.
I just stopped myself from legacy IP thinking.
I'm planning a new Wireguard link between a pair of servers and was about to use a small IPv6 subnet when I caught myself.
Thanks to our amazing home ISP, not only do we have fixed IPv6 and legacy IP addresses, but we have a massive /48 of IPv6 space available so for a home network, plus guest and iot WiFi, and a few lab vlans, we really do have a practically unlimited amount of address space available (65535 /64's, each with 18 quintillion addresses).
So, even though it's a point to point link, I can just allocate a /64 and pick a pair of addresses from that range. This isn't legacy IP anymore, stop thinking that way.
I could of course just use a pair of link local addresses and the traffic would (should...) still flow but if I use GUA's from my allocation instead, I'll get proper responses in traceroute if I need to troubleshoot.
Sigh. Search for information about configuring #Wireguard on #FreeBSD. Second result on #DuckDuckGo is a slop web site, which initially looks plausible but then runs a bunch of configuration commands that don't exist on FreeBSD. It does make up plausible output from the FreeBSD equivalents of those commands though!
I wonder how much of the productivity gains of using GenAI are simply slightly offsetting the productivity loses that come from everyone else using it.
I wanted a #Wireguard GUI client for #FreeBSD and there wasn't none so I put this QT6 thing together last night.
Would you be interested into an alternative #IPv6 Tunnelbroker service? Hosted and located in Germany, offering free IPv6 subnets (not sure about sizes, sth. between /64 - /48) that can be used by #SIT, #GRE, #OpenVPN or #Wireguard tunnels. Currently, this is already available but only for @BoxyBSD users.