-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature] Add VPN to access from outside #58
Comments
(sorry for the delay) Yes you're right, it should be a better option than opening ports on your router if you host your services at home. In fact you can already add a wireguard custom service by adding a file in services:
wireguard:
image: lscr.io/linuxserver/wireguard
container_name: wireguard
restart: always
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=${PUID}
- PGID=${PGID}
- TZ=${TZ}
- SERVERURL=auto
- SERVERPORT=51820
- PEERS=1
- PEERDNS=1.1.1.1
- INTERNAL_SUBNET=10.13.13.0
- ALLOWEDIPS=0.0.0.0/0, ::/128, 0.0.0.0/1, 128.0.0.0/1
volumes:
- configwireguard:/config
- /lib/modules:/lib/modules
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
volumes:
configwireguard:
driver: local-persist
driver_opts:
mountpoint: $HOST_CONFIG_PATH/wireguard and in your
But what is missing from the seedbox stack for now:
But I will keep this item in mind. In fact I'd love it for myself, so I will make some tests. |
I do think that on the privacy side it could be fun, but I don't know how it's possible to keep DNS access only via a VPN. But it could be secure if the VPN isn't connected so nobody can see/access the service, and you have to make the connection to access all the LAN services. If you need to, you can take inspiration from dappNode (they use wireguard) and require no accessibility outside VPN, access is very restricted. |
Actually VPN is for service have access to internet tough VPN.
But think another feature can be added, is to need VPN to access service (like Wireguard), and configurable from config.yaml, to check if service need to have VPN access to be join from ext (like deluge or other private access).
The text was updated successfully, but these errors were encountered: