Stefan 
#wireguard mit #ipv6 mal testen. 🤔
#wireguard mit #ipv6 läuft. Jetzt muss ich mir nur noch überlegen, was ich damit mache,...
Tim SchuppFinally there 100% using #nixos for all my private devices ( except #grapheneos on my phone ); have a #docker image for my system and even an .iso generator for future systems. Never felt my system to be more stable!
Next up is to migrate all my servers also to #nixos
Would also love to extend this with a #wireguard managed nix config based mesh network set-up.
Also #gaming on nix via #steam with no issues.
Have a #gnome setup for touch screens and #i3 for my keyboard driven daily drivers.
Next up is to migrate all my servers also to #nixos
Would also love to extend this with a #wireguard managed nix config based mesh network set-up.
Also #gaming on nix via #steam with no issues.
Have a #gnome setup for touch screens and #i3 for my keyboard driven daily drivers.
defguard🚀 Defguard 2.0 Alpha 2 is out — nearly feature-complete!
🆕 What's new:
- Quick Setup Wizard & OVA images
- High Availability (multi-gateway + Envoy LB)
- Firewall management
- Static IP assignment
- Easier Edge & Gateway deployment
Not for production yet — but great for PoCs and early testing. Beta with 1.6 migration wizard coming soon.
Pete KeenOn the plus side, I have _almost_ all machine to machine comms going over my static #IPv6 #wireguard mesh. The couple remaining things are related to my certificate and DNS setup which are things I hesitate to change at the end of a long day. One of them is going to require moving an authoritative DNS server elsewhere.
"Musty Bits" McGeeAfter much tears I was able to get this working...sort of. Site A router (opnsense) has a client on site B router (openwrt) working. From site B I'm at least able to ssh into the OPNsense router, so I'm calling that good enough for now.
I've set up a wireguard server on site B openwrt, that looks fine. Generated a client for it and ...well there's no client option on opnsense. Instructions look like it's just another peer as Hugo pointed out, meshily.
There's no direct "import this client config" option so I rammed the settings into a peer config but no dice yet.
Before I go checking firewall settings and whether tethering impacted - I definitely need this parallel peering setup right? It seems like it could have worked both ways with one pair...
Site 2 Site Wireguard AllowedIPs question.
IPv4 both sites are private address ranges with no overlap, so to do split tunnel I just configure the client AllowedIPs to match the server's untunneled LAN range. Easy enough.
However for IPv6 everything has GUA addresses thanks to prefix delegation. Thing is, the ISP won't guarantee my prefix. So how do I guard against prefix changes... Or do I just have to update the client config then?
Deven Phillips@Larvitz I went a different direction. I have #OpenVPN on my servers and only allow SSH from OpenVPN connected hosts. I originally started with #WireGuard, but too many public Wifi block WireGuard.
bram dingelstad 
cpunkEs wird von Raspbian nicht empfohlen, aber der im Grunde standardmäßige Debian-Prozess hat ohne Probleme funktioniert. Ausführlich angegeben hier:
https://forum.iobroker.net/topic/81187/upgrade-von-debian-12-bookworm-auf-debian-13-trixie
handelt es sich eigentlich nicht um mehr, als die Standardprozedur:
https://www.debian.org/releases/trixie/release-notes/upgrading.html
Allerdings laufen hier auch nicht besonders viele Dienste: Im Wesentlichen Pi-Hole und Wireguard.
#raspberry #raspbian #debian #bookworm #trixie #pihole #wireguard #upgrade
