Comment

dan@upvote.au ⁨3⁩ ⁨days⁩ ago

I used to use Wireguard, but Tailscale is a lot easier and has a lot of useful features. Tailscale is built on top of Wireguard but automates all the configuration - all you need to do is install it and log in on all devices. It handles NAT traversal using techniques like UDP hole punching, so you don’t need to configure port forwarding and it works behind firewalls.

What do you want to run in a VM that can’t run in Docker? If you’re using a VPN for torrents or whatever, you can easily use Gluetun and configure the Docker containers so that only done of them use Gluetun’s VPN connection, while the other containers directly connect to the internet.

source

Sort:hotnew top

Nighed@feddit.uk ⁨3⁩ ⁨days⁩ ago

What do you want to run in a VM that can’t run in Docker?

a VM with torrent client and a killswitched VPN was the easiest way to get a secure setup. also meant if it ever got virused I could just roll it back. I need to look more into what docker can actually do by the looks of it.

You are the second person to suggest unraid - is it ok to sit on the perpetual license (for a few years at a time), or are the updates really required? It supports GPU passthrough right, so I can have a ‘normal’ linux desktop for gaming while running the other stuff in the background?

TY for the response!

source
- dan@upvote.au ⁨3⁩ ⁨days⁩ ago
  
  a VM with torrent client and a killswitched VPN
  
  You can use Docker for the same setup using the –network container:vpn flag to docker run or network_mode: “container:vpn” option in docker-compose.yml where vpn is the name of the container to route through. This makes one Docker container use the network of another (the VPN one), so both containers will share the same internal IP address, and you’ll have to map any ports on the VPN container rather than the torrent/whatever one. This is just as safe as a killswitched VPN.
  
  also meant if it ever got virused I could just roll it back
  
  Consider using a file system that has snapshots, like ZFS. Then you can get this same behaviour for your whole system rather than just a VM :)
  
  is it ok to sit on the perpetual license (for a few years at a time), or are the updates really required?
  
  I’m not sure, as the new licensing model is pretty new. I purchased Unraid in 2023, and back then, all licenses included lifetime updates. They switched to a subscription mode to make the business more viable long-term and afford to hire more developers, which I definitely understand.
  
  It supports GPU passthrough right
  
  It does. You can pass through any PCIe devices, so for example if you have multiple network cards, you can pass one directly to a VM (it’s a bit more efficient compared to using a virtual Ethernet adapter)
  
  source
  - Nighed@feddit.uk ⁨2⁩ ⁨days⁩ ago
    That’s a lot of useful info, thanks!
    
    source