this post was submitted on 29 Jul 2025
29 points (100.0% liked)

technology

23901 readers
182 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 5 years ago
MODERATORS
context@hexbear.net
EmmaGoldman@hexbear.net
SexUnderSocialism@hexbear.net
gaycomputeruser@hexbear.net
ZoomeristLeninist@hexbear.net
29
Any VPN Self-hosters about? (hexbear.net)
submitted 1 week ago by aanes_appreciator@hexbear.net to c/technology@hexbear.net
16 comments fedilink hide all child comments
 

Hello comrades! In light of the fucked up state of the UK govt I'm looking at some VPN options to further harden my homelab.

Right now, I have zero VPN coverage for my seedbox/jellyfin server which of course means a major security hole, even if my ISP hasn't shit over me for it yet.

I had a few questions about selfhosting a VPN versus a third party service.

  1. How does a self hosted VPN actually do anything? I was under the impression that VPNs had to be off-site to give the benefits of, say, location spoofing.

  2. Do I need to pay any subscriptions to other services for a self hosted VPN? At least in order to access features such as location spoofing.

  3. We use Cloudflare WARP at work to access internal services. Will a LAN-VPN Fuck this up even if I explicitly avoid spoofing my location to ensure my IT guy doesnt shit a brick?

thanks cumrades!

you are viewing a single comment's thread
view the rest of the comments
[–] aanes_appreciator@hexbear.net 3 points 1 week ago* (last edited 1 week ago) (1 children)

I have a homelab that I could host the VPN on and route traffic through there? Unless the principle is different to how, say, PiHole works?

Does a VPS have its own issues since it would be tied to my banking info should I use it to bypass a government censor? Or are we suggesting:

LAN -> VPS -> VPN -> WAN

Yes ideally I want all network users on that VPN. How would a cheap VPS handle data streaming? I have 500mbps down so I imagine a VPS could be a massive bottleneck unless I pay £££

EDIT: ah looks like there are generally affordable VPS (£8/mo) that offer a good speed.

[–] FuckyWucky@hexbear.net 4 points 1 week ago* (last edited 1 week ago) (1 children)

Melbicom has gigabit servers I think. If it's close enough you could get full speed.

Europe in general you can find cheap gigabit vps. It's Asia where transit is v expensive.

Does a VPS have its own issues since it would be tied to my banking info should I use it to bypass a government censor?

VPS can see ip addresses and encrypted data. Banking sites log your IP so yes they can tag your IP to your identity. Not a problem with shared airvpn and all.

With pihole you can have a different server connected to your router ie your home lab

But for whole network routing through VPN, the router itself must be doing it. Not the home lab.

[–] aanes_appreciator@hexbear.net 3 points 1 week ago* (last edited 1 week ago) (1 children)

Gotcha. I'll make some notes on my options. Thank you!

For now it looks like the goal is:

Client (LAN) -> VPN (Router) -> VPS -> VPN -> WAN

[–] FuckyWucky@hexbear.net 3 points 1 week ago* (last edited 1 week ago)

Client(s) - > Your Router (hosting Wireguard VPN client -> Encrypted Wireguard Tunnel Over Internet - >VPS (Wireguard Server) -> Internet.

With pihole you mentioned before

Your DNS Queries (only DNS on udp port 53) -> Pihole on homelab (blocks/caches and forwards to encrypted dns, either port 443 or 853) -> Router -> DNS Sever listening on same 443/853 (Eg 1.1.1.1) whichever you set in settings of pihole