diff options
| author | hyang <hyang@hyang.xyz> | 2023-09-14 21:44:23 -0700 |
|---|---|---|
| committer | hyang <hyang@hyang.xyz> | 2023-09-14 21:44:23 -0700 |
| commit | d2eee3b79256166802729f576227dcb01d5d6556 (patch) | |
| tree | 9be7d875d7507f1d049c300006e91256d7cd484b /content/posts | |
| parent | 3c460d23e168d93790cd548fa90e04b4d91c6fb8 (diff) | |
fix
Diffstat (limited to 'content/posts')
| -rw-r--r-- | content/posts/services.md | 15 | ||||
| -rw-r--r-- | content/posts/setup/images/diagram.svg | 4 | ||||
| -rw-r--r-- | content/posts/setup/index.md | 43 | ||||
| -rw-r--r-- | content/posts/split-tunnelling-for-wireguard-in-linux.md | 79 |
4 files changed, 141 insertions, 0 deletions
diff --git a/content/posts/services.md b/content/posts/services.md new file mode 100644 index 0000000..f01a901 --- /dev/null +++ b/content/posts/services.md @@ -0,0 +1,15 @@ +--- +title: "Topology" +date: 2023-09-14T19:27:08-07:00 +draft: false +weight: true +description: Cool stuff on hyang.xyz +--- + +On top of this blog, I host a bunch of services that I personally use. Available to the public as well! + +<!--more--> + +- [Invidious](https://inv.hyang.xyz) +- [Nitter](https://xitter.hyang.xyz) (Down for now) +- [Fediverse](https://post.hyang.xyz) diff --git a/content/posts/setup/images/diagram.svg b/content/posts/setup/images/diagram.svg new file mode 100644 index 0000000..40bc69e --- /dev/null +++ b/content/posts/setup/images/diagram.svg @@ -0,0 +1,4 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Do not edit this file with editors other than draw.io --> +<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> +<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="551px" height="601px" viewBox="-0.5 -0.5 551 601" content="<mxfile host="app.diagrams.net" modified="2023-08-29T07:34:14.566Z" agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/116.0" etag="26xHjfTncHhI4ojgUgoI" version="21.6.9" type="device">
 <diagram name="Page-1" id="hgxo3fngALHGzTadIB-w">
 <mxGraphModel dx="811" dy="502" grid="1" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="1" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
 <root>
 <mxCell id="0" />
 <mxCell id="1" parent="0" />
 <mxCell id="J6-QY3D9AkztE_XvjYSc-15" value="" style="shape=cylinder3;whiteSpace=wrap;html=1;boundedLbl=1;backgroundOutline=1;size=15;fillColor=#fff2cc;strokeColor=#d6b656;" vertex="1" parent="1">
 <mxGeometry x="190" y="410" width="60" height="120" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-14" value="" style="shape=cylinder3;whiteSpace=wrap;html=1;boundedLbl=1;backgroundOutline=1;size=15;fillColor=#fff2cc;strokeColor=#d6b656;" vertex="1" parent="1">
 <mxGeometry x="240" y="410" width="60" height="120" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-1" value="" style="ellipse;shape=cloud;whiteSpace=wrap;html=1;fillColor=#f8cecc;strokeColor=#b85450;" vertex="1" parent="1">
 <mxGeometry x="530" y="70" width="180" height="110" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-2" value="&lt;div&gt;hyang.xyz&lt;/div&gt;&lt;div&gt;BuyVM&lt;/div&gt;&lt;div&gt;Debian&lt;br&gt;&lt;/div&gt;" style="text;strokeColor=none;align=center;fillColor=none;html=1;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
 <mxGeometry x="590" y="110" width="60" height="30" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-3" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;shadow=0;strokeColor=#FFFFFF;" edge="1" parent="1">
 <mxGeometry width="100" height="100" relative="1" as="geometry">
 <mxPoint x="490" y="270" as="sourcePoint" />
 <mxPoint x="590" y="170" as="targetPoint" />
 </mxGeometry>
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-4" value="" style="rounded=1;whiteSpace=wrap;html=1;rotation=90;" vertex="1" parent="1">
 <mxGeometry x="360" y="300" width="160" height="90" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-5" value="&lt;div&gt;&quot;Gaming&quot;&lt;br&gt;&lt;/div&gt;&lt;div&gt;Computer&lt;/div&gt;&lt;div&gt;NixOS&lt;br&gt;&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
 <mxGeometry x="410" y="320" width="60" height="30" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-6" value="" style="endArrow=none;dashed=1;html=1;dashPattern=1 3;strokeWidth=2;rounded=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;strokeColor=#FFFFFF;" edge="1" parent="1" target="J6-QY3D9AkztE_XvjYSc-7">
 <mxGeometry width="50" height="50" relative="1" as="geometry">
 <mxPoint x="490" y="340" as="sourcePoint" />
 <mxPoint x="570" y="390" as="targetPoint" />
 </mxGeometry>
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-7" value="" style="rounded=0;whiteSpace=wrap;html=1;fillColor=#dae8fc;strokeColor=#6c8ebf;" vertex="1" parent="1">
 <mxGeometry x="555" y="290" width="130" height="70" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-8" value="&lt;div&gt;Docker&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
 <mxGeometry x="590" y="310" width="60" height="30" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-11" value="" style="shape=cylinder3;whiteSpace=wrap;html=1;boundedLbl=1;backgroundOutline=1;size=15;fillColor=#d5e8d4;strokeColor=#82b366;" vertex="1" parent="1">
 <mxGeometry x="240" y="240" width="60" height="90" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-12" value="&lt;div&gt;1TB NVME&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
 <mxGeometry x="240" y="280" width="60" height="30" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-13" value="" style="shape=cylinder3;whiteSpace=wrap;html=1;boundedLbl=1;backgroundOutline=1;size=15;fillColor=#fff2cc;strokeColor=#d6b656;" vertex="1" parent="1">
 <mxGeometry x="220" y="410" width="60" height="120" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-16" value="&lt;div&gt;3x&lt;/div&gt;&lt;div&gt;Mirrored&lt;/div&gt;&lt;div&gt;4TB HDD&lt;br&gt;&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
 <mxGeometry x="220" y="455" width="60" height="30" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-18" value="Backup 4TB HDD" style="shape=cylinder3;whiteSpace=wrap;html=1;boundedLbl=1;backgroundOutline=1;size=15;fillColor=#ffe6cc;strokeColor=#d79b00;" vertex="1" parent="1">
 <mxGeometry x="320" y="530" width="60" height="80" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-21" value="" style="shape=flexArrow;endArrow=classic;startArrow=classic;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;exitPerimeter=0;strokeColor=#FFFFFF;" edge="1" parent="1">
 <mxGeometry width="100" height="100" relative="1" as="geometry">
 <mxPoint x="250" y="540" as="sourcePoint" />
 <mxPoint x="310" y="580" as="targetPoint" />
 </mxGeometry>
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-22" value="" style="shape=hexagon;perimeter=hexagonPerimeter2;whiteSpace=wrap;html=1;fixedSize=1;" vertex="1" parent="1">
 <mxGeometry x="160" y="590" width="120" height="80" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-23" value="&lt;div&gt;Offsite Backup?&lt;/div&gt;&lt;div&gt;TODO&lt;br&gt;&lt;/div&gt;" style="text;html=1;strokeColor=none;fillColor=none;align=center;verticalAlign=middle;whiteSpace=wrap;rounded=0;" vertex="1" parent="1">
 <mxGeometry x="190" y="615" width="60" height="30" as="geometry" />
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-24" value="" style="endArrow=classic;startArrow=classic;html=1;rounded=0;entryX=0.75;entryY=1;entryDx=0;entryDy=0;strokeColor=#FFFFFF;" edge="1" parent="1" target="J6-QY3D9AkztE_XvjYSc-4">
 <mxGeometry width="50" height="50" relative="1" as="geometry">
 <mxPoint x="300" y="480" as="sourcePoint" />
 <mxPoint x="350" y="430" as="targetPoint" />
 </mxGeometry>
 </mxCell>
 <mxCell id="J6-QY3D9AkztE_XvjYSc-25" value="" style="endArrow=classic;startArrow=classic;html=1;rounded=0;entryX=0.5;entryY=1;entryDx=0;entryDy=0;strokeColor=#FFFFFF;" edge="1" parent="1" target="J6-QY3D9AkztE_XvjYSc-4">
 <mxGeometry width="50" height="50" relative="1" as="geometry">
 <mxPoint x="300" y="300" as="sourcePoint" />
 <mxPoint x="350" y="250" as="targetPoint" />
 </mxGeometry>
 </mxCell>
 </root>
 </mxGraphModel>
 </diagram>
</mxfile>
"><defs/><g><path d="M 30 355 C 30 346.72 43.43 340 60 340 C 67.96 340 75.59 341.58 81.21 344.39 C 86.84 347.21 90 351.02 90 355 L 90 445 C 90 453.28 76.57 460 60 460 C 43.43 460 30 453.28 30 445 Z" fill="#fff2cc" stroke="#d6b656" stroke-miterlimit="10" pointer-events="all"/><path d="M 90 355 C 90 363.28 76.57 370 60 370 C 43.43 370 30 363.28 30 355" fill="none" stroke="#d6b656" stroke-miterlimit="10" pointer-events="all"/><path d="M 80 355 C 80 346.72 93.43 340 110 340 C 117.96 340 125.59 341.58 131.21 344.39 C 136.84 347.21 140 351.02 140 355 L 140 445 C 140 453.28 126.57 460 110 460 C 93.43 460 80 453.28 80 445 Z" fill="#fff2cc" stroke="#d6b656" stroke-miterlimit="10" pointer-events="all"/><path d="M 140 355 C 140 363.28 126.57 370 110 370 C 93.43 370 80 363.28 80 355" fill="none" stroke="#d6b656" stroke-miterlimit="10" pointer-events="all"/><path d="M 415 27.5 C 379 27.5 370 55 398.8 60.5 C 370 72.6 402.4 99 425.8 88 C 442 110 496 110 514 88 C 550 88 550 66 527.5 55 C 550 33 514 11 482.5 22 C 460 5.5 424 5.5 415 27.5 Z" fill="#f8cecc" stroke="#b85450" stroke-miterlimit="10" pointer-events="all"/><rect x="430" y="40" width="60" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 55px; margin-left: 431px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><div>hyang.xyz</div><div>BuyVM</div><div>Debian<br /></div></div></div></div></foreignObject><text x="460" y="59" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">hyang.xyz...</text></switch></g><path d="M 347.32 189.75 L 354.75 197.17 L 330.35 199.65 L 332.83 175.25 L 340.25 182.68 L 412.68 110.25 L 405.25 102.83 L 429.65 100.35 L 427.17 124.75 L 419.75 117.32 Z" fill="none" stroke="#ffffff" stroke-miterlimit="10" pointer-events="all"/><rect x="200" y="230" width="160" height="90" rx="13.5" ry="13.5" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" transform="rotate(90,280,275)" pointer-events="all"/><rect x="250" y="250" width="60" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 265px; margin-left: 251px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><div>"Gaming"<br /></div><div>Computer</div><div>NixOS<br /></div></div></div></div></foreignObject><text x="280" y="269" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">"Gaming"...</text></switch></g><path d="M 330 270 L 395 255" fill="none" stroke="#ffffff" stroke-width="2" stroke-miterlimit="10" stroke-dasharray="2 6" pointer-events="stroke"/><rect x="395" y="220" width="130" height="70" fill="#dae8fc" stroke="#6c8ebf" pointer-events="all"/><rect x="430" y="240" width="60" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 255px; margin-left: 431px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><div>Docker</div></div></div></div></foreignObject><text x="460" y="259" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Docker</text></switch></g><path d="M 80 185 C 80 176.72 93.43 170 110 170 C 117.96 170 125.59 171.58 131.21 174.39 C 136.84 177.21 140 181.02 140 185 L 140 245 C 140 253.28 126.57 260 110 260 C 93.43 260 80 253.28 80 245 Z" fill="#d5e8d4" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/><path d="M 140 185 C 140 193.28 126.57 200 110 200 C 93.43 200 80 193.28 80 185" fill="none" stroke="#82b366" stroke-miterlimit="10" pointer-events="all"/><rect x="80" y="210" width="60" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 225px; margin-left: 81px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><div>1TB NVME</div></div></div></div></foreignObject><text x="110" y="229" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">1TB NVME</text></switch></g><path d="M 60 355 C 60 346.72 73.43 340 90 340 C 97.96 340 105.59 341.58 111.21 344.39 C 116.84 347.21 120 351.02 120 355 L 120 445 C 120 453.28 106.57 460 90 460 C 73.43 460 60 453.28 60 445 Z" fill="#fff2cc" stroke="#d6b656" stroke-miterlimit="10" pointer-events="all"/><path d="M 120 355 C 120 363.28 106.57 370 90 370 C 73.43 370 60 363.28 60 355" fill="none" stroke="#d6b656" stroke-miterlimit="10" pointer-events="all"/><rect x="60" y="385" width="60" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 400px; margin-left: 61px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><div>3x</div><div>Mirrored</div><div>4TB HDD<br /></div></div></div></div></foreignObject><text x="90" y="404" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">3x...</text></switch></g><path d="M 160 475 C 160 466.72 173.43 460 190 460 C 197.96 460 205.59 461.58 211.21 464.39 C 216.84 467.21 220 471.02 220 475 L 220 525 C 220 533.28 206.57 540 190 540 C 173.43 540 160 533.28 160 525 Z" fill="#ffe6cc" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/><path d="M 220 475 C 220 483.28 206.57 490 190 490 C 173.43 490 160 483.28 160 475" fill="none" stroke="#d79b00" stroke-miterlimit="10" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 513px; margin-left: 161px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Backup 4TB HDD</div></div></div></foreignObject><text x="190" y="516" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Backup 4TB...</text></switch></g><path d="M 103.45 484.98 L 97.63 493.71 L 90.42 470.28 L 114.82 467.92 L 109 476.66 L 136.55 495.02 L 142.37 486.29 L 149.58 509.72 L 125.18 512.08 L 131 503.34 Z" fill="none" stroke="#ffffff" stroke-miterlimit="10" pointer-events="all"/><path d="M 20 520 L 100 520 L 120 560 L 100 600 L 20 600 L 0 560 Z" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/><rect x="30" y="545" width="60" height="30" fill="none" stroke="none" pointer-events="all"/><g transform="translate(-0.5 -0.5)"><switch><foreignObject style="overflow: visible; text-align: left;" pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 560px; margin-left: 31px;"><div style="box-sizing: border-box; font-size: 0px; text-align: center;" data-drawio-colors="color: rgb(0, 0, 0); "><div style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><div>Offsite Backup?</div><div>TODO<br /></div></div></div></div></foreignObject><text x="60" y="564" fill="rgb(0, 0, 0)" font-family="Helvetica" font-size="12px" text-anchor="middle">Offsite Ba...</text></switch></g><path d="M 144.5 405.5 L 230.5 319.5" fill="none" stroke="#ffffff" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 140.79 409.21 L 143.27 401.78 L 144.5 405.5 L 148.22 406.73 Z" fill="#ffffff" stroke="#ffffff" stroke-miterlimit="10" pointer-events="all"/><path d="M 234.21 315.79 L 231.73 323.22 L 230.5 319.5 L 226.78 318.27 Z" fill="#ffffff" stroke="#ffffff" stroke-miterlimit="10" pointer-events="all"/><path d="M 145.76 232.73 L 229.24 272.27" fill="none" stroke="#ffffff" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 141.01 230.48 L 148.83 230.31 L 145.76 232.73 L 145.84 236.64 Z" fill="#ffffff" stroke="#ffffff" stroke-miterlimit="10" pointer-events="all"/><path d="M 233.99 274.52 L 226.17 274.69 L 229.24 272.27 L 229.16 268.36 Z" fill="#ffffff" stroke="#ffffff" stroke-miterlimit="10" pointer-events="all"/></g><switch><g requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"/><a transform="translate(0,-5)" xlink:href="https://www.drawio.com/doc/faq/svg-export-text-problems" target="_blank"><text text-anchor="middle" font-size="10px" x="50%" y="100%">Text is not SVG - cannot display</text></a></switch></svg>
\ No newline at end of file diff --git a/content/posts/setup/index.md b/content/posts/setup/index.md new file mode 100644 index 0000000..b635f94 --- /dev/null +++ b/content/posts/setup/index.md @@ -0,0 +1,43 @@ +--- +title: "My Setup" +date: 2023-08-27T18:09:49-07:00 +description: Hello again +draft: false +--- + + +## Hello Once Again +Welcome to my ~~third~~, first iteration of hyang.xyz. Now that my hosting stuff is stable again, I hope that I can finally stop messing around with Linux and start doing things that I can look back on years later. And what better way to do that than start writing blog posting? + +(I also need an excuse to get better at writing…) + +## The Setup +My adventures with hosting things on the online has been quite a wild ride for me. Until now, it has mostly been more of a learning experience thing. I had mostly focused on hosting stuff like SearX, Nitter, and Fediverse instances, with it lasting two weeks at most, before I got bored and just nuke it all. I also distro-hopped a lot, from Debian → Arch → OpenBSD → FreeBSD → NixOS. + +Now that I have gotten old, now I just want things to just work! + +So, I've decided to start over again. This time, I had to devise a set of goals that made operating this mess as “comfy” as possible. I settled on the following: +- Sane, easy to use backups +- No Cloudflare, (various reasons: mostly just want to host other stuff like email) +- Affordable (am broke) +- Make deploying stuff repetitive, and easy to maintain + +Here's my setup: + + + +In essence: +- Small BuyVM VPS for connecting to the big Internet without revealing my residential address. + - Also runs my email server. +- Docker for running/managing services +- Loads of storage: + - 1TB NVME for running NixOS + - 3x 4 TB Hard Drives on ZFS RAID1 (mirror) +- 1x 4 TB Hard Drives (Backups) + - Using rsnapshot + - Backups for both my NVME and HDD. + - (Might be a problem in the future… Might move it to my 3x 4 TB drives) + +My small VPS contains a WireGuard server, which allows my home PC to securely communicate with my VPS. Along with that, it also contains Certbot for managing HTTPS certificates, and Nginx for reverse proxying. It also contains my Email server too. + +Originally, everything was managed via Nginx. However, logging into my VPS and reconfiguring Nginx every time I wanted to deploy something new was just cumbersome. I decided to try out Traefik, which works alongside Docker to handle most of the routing configurations. Thus, my Nginx now simply reverse proxies everything on port 80 and 443… to another reverse proxy! diff --git a/content/posts/split-tunnelling-for-wireguard-in-linux.md b/content/posts/split-tunnelling-for-wireguard-in-linux.md new file mode 100644 index 0000000..a2ab221 --- /dev/null +++ b/content/posts/split-tunnelling-for-wireguard-in-linux.md @@ -0,0 +1,79 @@ +--- +title: "Split Tunnelling for Wireguard in Linux" +date: 2023-09-08T17:18:39-07:00 +description: How to split tunnel in Wireguard on Linux +ShowToc: true +draft: false +--- + +If you're under a VPN with WireGuard on Linux, as of writing this, there seems to be a surprising lack of documentation for selectively split tunneling certain applications. Fortunately, with Linux [network namespaces](https://en.wikipedia.org/wiki/Cgroups), we are able to do just that. + +## TL;DR +[Use my script :)](https://github.com/yanghuaxuan/stun) + +## How +Assuming that your WireGuard configuration is up and running, using something akin to what `wg-quick` does, it'll do the following to route all traffic to a WireGuard interface. +``` +# wg set wg0 fwmark 1234 +# ip route add default dev wg0 table 2468 +# ip rule add not fwmark 1234 table 2468 +# ip rule add table main suppress_prefixlength 0 +``` +Take note of the third command. The third command is a rule policy which routes all packets not marked with `fwmark` 1234. This means all packets, except for the packets used for communicating with the WireGuard endpoint, will be routed using WireGuard's routing tables. + +Therefore, to split tunnel, all we have to do is create a separate Linux namespace, which allows us to make a new routing table isolated from the main namespace. + +## Turn on IP forwarding +Before we get started, it is crucial that you have ipv4 forwarding set to 1 +``` +sysctl -w net.ipv4.conf.all.forwarding=1 +``` + +## Setup Linux namespace +To add a new network namespace, using ip(8), where the name of the namespace will be called *split* +``` +ip netns add split +``` + +Next, we're going to assign the loop back interface, set up a virtual Ethernet pair for communicating between the main and *split* namespace, and set the namespace routing table. +``` +ip netns exec split ip link set lo up +ip link add veth0 type veth peer name veth1 +ip addr add 10.1.1.1/24" dev veth0 +ip link set veth0 up + +ip link set veth1 netns split +ip netns exec split ip addr add 10.1.1.2/24" dev veth1 +ip netns exec split ip link set veth1 up +ip -n split route add default dev veth1 via 10.1.1.1" +``` + +Now, back to the main namespace; we route all traffic coming from 10.1.1.2 (the IP assigned to the veth interface inside the namespace) using the main table the computer booted up with. +``` +ip rule add from 10.1.1.2 table main priority 99 +``` + +## Firewall setup +Finally, we will now access the Worldwide Series of Tubes on the split tunnel namespace. Using IPTables, we can forward packets coming from veth0 (remember, packets sent from one end of the pair will flow to the other end). +``` +iptables -t nat -A POSTROUTING -s 10.1.1.1/24" -o $IF -j MASQUERADE +iptables -A FORWARD -i $IF -o veth0 -j ACCEPT +iptables -A FORWARD -o $IF -i veth0 -j ACCEPT +``` +## DNS +You may need to manually configure the DNS server. We will use Cloudflare's 1.1.1.1 to resolve DNS queries inside the network namespace. +``` +mkdir -p /etc/netns/split +echo "nameserver 1.1.1.1" > /etc/netns/split/resolv.conf +``` + +## Conclusion +That's it! Now to test it +``` +ip netns exec split curl ifconfig.me +``` +Your residential IP should now show up instead of your VPN's IP. + +## Credits +- https://www.procustodibus.com/blog/2023/04/wireguard-netns-for-specific-apps/ +- https://www.wireguard.com/netns/#the-new-namespace-solution |
