Put your external facing services behind the VPN, or at least put them in a separate VLAN that’s firewalled in such a way that they can’t reach the rest of the network if they become compromised.
Put your external facing services behind the VPN, or at least put them in a separate VLAN that’s firewalled in such a way that they can’t reach the rest of the network if they become compromised.
I would advise that you instead also connect the Windows machine to the VPS with WireGuard as 10.1.0.3, basically mirroring what you’ve done on the Ubuntu server. The routing will be a mess otherwise. Another option is running the WireGuard tunnel on your gateway with something like OPNsense.
Does the machine running the WireGuard tunnel to the VPS acts as a “router” aka gateway for the network? Otherwise the windows machine doesn’t have a return path for the connection.
I would assume no since Valetudo has its own API.
S920
I’m running this as my router. It handles a 500/500mbit connection over WireGuard for me without a problem. CPU usage can spike up to 80% when I push it as much as I can, so depending on how it scales I’m not 100% sure how it would handle 1gbit routing+vpn for example.
Make sure mDNS is working properly in your network.
Same! Which version do you use? Small or big?
You probably need to enable some power saving features that Windows does by default but Linux may not. Run something like https://wiki.archlinux.org/title/TLP just to see if it helps, and then do some tuning because it might be too aggressive.
myaccounttag
Why did you add this part? And you’re supposed to add a @ before the channel name. Also, is your channel really called channel-1?
DuckDNS is great but their service went offline often enough for me to actually buy a domain.
I would say there are better methods to solve this problem these days than a script. Check out Ansible or NixOS.