Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
view the rest of the comments
I've been working on the same thing over the past month, with some minor differences. I skipped portainer and am just running LXCs on Proxmox, and built it from the beginning as a *arr/Plex box, so it has 4x4TB internal drives in ZFS RAID6, with the OS on an SSD. I still need to try out the TrueNAS thing, but I'm running a Minecraft server on it, and I just spent the better part of a day figuring out how to run Mullvad on it and force all my torrent traffic to use it.
Also, look at Open Media Vault instead of TrueNAS, honestly so much easier
Now then, you may be my new best friend:
Mine all runs on a Windows machine because I could not work out how to get everything to talk to each other in containers. Then I tried to do the Mullvad thing too. I tried OpenWRT, OpenVPN (docker), Wireguard (Docker), Traffaek (Docker), and even Tailscale (Docker) and couldn't get anything running right.
ATM I just have Mullvad installed on the Windows machine and have it turn on when the VM starts up, but I'd like it all in containers instead.
Do you have any handy links as to how you get Mullvad working?
I think my next project is getting all my Arr working in containers, but I need to get them working through Mullvad to do that, or at least Prowlarr and my Real Debrid or qBittorrent through it
I think when mullavad disabled port forwarding it kinda borked it. I ended up getting my *arr docker stack nested in an LXC along with one of those qbittorrent+VPN containers.
Have a look at my reply to the other guy, I'm pretty sure I've got it working now
Ugh, I wish I could be more help on that, but I couldn't get Mullvad to work that way either. I think what needs to be done is to use pfsense or something to create a virtual LAN, set the container running Mullvad to be the gateway on that network, then give each container a virtual network bridge connected to that virtual network. What I ended up doing was just installing Mullvad (through WireGuard) on the same container as qBitTorrent and telling qBitTorrent to use the virtual network device that Mullvad creates.
Fortunately, that's the only thing that really needs to run through it for me (I think your Real Debrid will need to as well). AFAIK, the *arr stuff doesn't need to be hidden.
As to getting things to talk to each other in containers, where were you having trouble? You should just be able to give all the *arr stuff the addresses where you reach the other ones. That may just be their IP address, or I run PiHole so I can have a local DNS and give them all their own hostnames.
Edit: I'm doing all this in Debian LXCs
Well I've had another go this morning and believe I've managed it. My problem seemed to be that I already had 5 devices in Mullvad through my tinkering, so I deleted one and made a new one (just as an fyi in case you hit the same issue).
So I followed this guy on YouTube to set up an Openwrt router VM https://www.youtube.com/watch?v=3mPbrunpjpk&t=897s
When you are able to route traffic through the VM stop following the tutorial and use this link instead to set up the VPN https://mullvad.net/en/help/running-wireguard-router
And apparently I'm now running the Openwrt router through Mullvad.
I did all the SSH parts in Console and I put my public key into the website through the Mullvad link above and copied the IP addresses from the same page.
So theoretically I just have to set vmbr1 as my bridge to containers and VMS that I want to run through my VPN and set up port forwarding for them in the OpenWRT interface and they'll route through Mullvad
Hope this helps.
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=3mPbrunpjpk&t=897s
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
Nice! Glad to hear that works. I'll have to give it another go. I had spent the whole day trying to get Mullvad (without WireGuard) working, but it kept failing to create the tun device, so by the time I got it working with WireGuard I didn't really feel like trying to figure out the VLAN thing too lol.
This is with Wireguard too, it's just inside OpenWRT.
I've put my Windows VM behind it and checked it's working and it is, but now I can't access Plex and SMB lol, more tinkering when I finish work I guess
I probably can get the container way working now I've had some time with it. The problem is routing it through Mullvad. Prowlarr deffo needs to go through it, otherwise it can't see the indexers (I've been using Prowlarr without a VPN for a while and it's much better with it). Debrid doesn't need a VPN I just prefer it to be there
I watched a YouTube tutorial to get an OpenWRT container set up to route traffic through ,and managed to get it working. I struggled however to set the VPN up through it, I feel like I was in spitting distance!
The bonus of using that method was that I could have multiple containers use the OpenWRT container, meaning they would all share the same IP address and just have different ports, so all my Self Hosted containers would be in the same place on my network.
I'll keep plugging away and give pfsense a look. Now that I have OMV running I can kill my Windows server without losing the media