Polite_Crocodile

joined 1 year ago
[–] Polite_Crocodile@lemmy.dbzer0.com 1 points 2 months ago (1 children)

Plex is shared with family so the door is open. But if I'm getting this right, since it runs in docker and I've enabled 2fa and a strong password it's fine.

[–] Polite_Crocodile@lemmy.dbzer0.com 1 points 2 months ago (1 children)

Maybe I asked the wrong question. I meant to ask: this is what I came up with. It works. Some containers in docker and the only open ports are the Wireguard one and Plex. Is it safe to have everything on http inside my home network or should I look into hardening it?

 

So, here's what I set up:

Docker with some containers behind Gluetun

Gluetun gives access to the local network so I can access the containers on my home network through http.

The only port I exposed to the internet is the 32400 for Plex.

I reach my home network remotely only through Wireguard, my fritzbox router has a guided setupt that gives me a wg configuration so I just scanned the QR code with my phone. I learned this opens the default wg port.

Now, you can never be 100% safe, but is my simple setup safe/solid enough?

9 times out of 10 I thinker with it when I am at home

It's still a work in progress and I am open to any kind of suggestions

[–] Polite_Crocodile@lemmy.dbzer0.com 9 points 2 months ago (1 children)

It was! Every DNS setting off and still I had to restart the whole stack twice

[–] Polite_Crocodile@lemmy.dbzer0.com 4 points 2 months ago (3 children)
 

So, I'm trying to set up gluetun. I linked a Firefox container to it and apparently every check of DNS leaks shows that it's leaking. Cloudflare and quad9 are the servers, the same names that I've set to dot providers. So I am gathering from all of this that these leaks are to be expected? And non of the DNS servers show my real IP, always one of mullvad IPS. Am I getting this right?

[–] Polite_Crocodile@lemmy.dbzer0.com 5 points 3 months ago (1 children)

I simply enable the killswitch in mullvad settings and get all the Linux isos I need. But I'm thinking to keep gluetun enabled since I've already configured it

[–] Polite_Crocodile@lemmy.dbzer0.com 5 points 3 months ago (4 children)

Ok, thanks. So if I'm getting this right every container should return the VPN IP with curl ifconfig.me

 

I honestly can't get my head around this. I have a machine with Linux (endeavouros), and docker with a few containers. Since I want all the traffic from this system to go through the VPN, do I need to set up gluetun? I think not, but I am not 100% sure...