this post was submitted on 29 Jul 2025
29 points (100.0% liked)

technology

23903 readers
292 users here now

On the road to fully automated luxury gay space communism.

Spreading Linux propaganda since 2020

Rules:

founded 5 years ago
MODERATORS
 

Hello comrades! In light of the fucked up state of the UK govt I'm looking at some VPN options to further harden my homelab.

Right now, I have zero VPN coverage for my seedbox/jellyfin server which of course means a major security hole, even if my ISP hasn't shit over me for it yet.

I had a few questions about selfhosting a VPN versus a third party service.

  1. How does a self hosted VPN actually do anything? I was under the impression that VPNs had to be off-site to give the benefits of, say, location spoofing.

  2. Do I need to pay any subscriptions to other services for a self hosted VPN? At least in order to access features such as location spoofing.

  3. We use Cloudflare WARP at work to access internal services. Will a LAN-VPN Fuck this up even if I explicitly avoid spoofing my location to ensure my IT guy doesnt shit a brick?

thanks cumrades!

you are viewing a single comment's thread
view the rest of the comments
[–] communism@lemmy.ml 1 points 1 week ago

My ISP doesn't block commercial VPN usage but assuming the block is of known IP addresses of commercial VPNs, what I would do is:

  • rent a VPS offshore
  • OpenWRT router with wireguard through the VPS
  • Wireguard on devices through a commercial VPN

So this would route your traffic home -> personal VPS -> commercial VPN

forgoing the block, whilst still meaning that websites see your IP address as being from the commercial VPN, avoiding de-anonymising you since your VPS IP address will only be used by you

The reason for the OpenWRT router is because generally you can't have multiple wireguard connections on the same device. I've found that wireguard on the router then wireguard on device connected to the router allows me to route my traffic in that way, easily.

Now if your government tries detecting and blocking wireguard connections you're probably more cooked, however in that case I imagine the kickback from businesses that need to use wireguard would be enough for your government to reconsider? The UK probably doesn't want a reputation for being a bad place to set up a business.