Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
need to create the company in a legally safe country (and outside the fourteen eyes...)
hope you'll have a zero logging policy ð€ -
@coffeeholic I'll only log every connection without timestamp. Solely to prevent abuse. Because only then I can limit the amount of connections per account.
-
@xalys I've never worked with ldap, what's the advantage to mysql?
@XiovV I'll see ;)
But first setting up a network of servers with all the works, legal stuff and business stuff ð¬ -
Gophyr19216yYou should really look at WireGuard for running a VPN. The more I read about it, the more I am convinced that it is better than any other option out there.
https://wireguard.com -
endor57516yNot sure about mysql auth, but setting up an ovpn server is quite straightforward - I was pleasantly surprised when everything worked exactly the way I wanted it on the first try!
-
al3xst776y@Gophyr I'm currently setting up my private wireguard setup (rpi at home <-> my vserver <-> some VPN host who supports wireguard <-> the interwebz) and I'm astonished how easy and fast wireguard is! Unfortunately I still need an openvpn fallback solution for my Laptop and mobile phone because my university doesn't support UDP with eduroam :(
-
@Gophyr I can't find a single documentation or guide thingy as for how to setup username/password auth :/ (with wireguard)
-
@endor I've setup loads of vpn servers myself, the challenge is the mysql part ð
-
Gophyr19216y@linuxxx that's because it's public-key auth. Bit harder to steal credentials they way.
-
Condor324966y@linuxxx I'm around but I've only got experience in the setup of the service myself.. the key infrastructure is still a huge barrier for me as well, especially since professional VPN providers tend to not disclose this stuff. Perhaps if I get a server or two for experiments where I could actually probe real internet addresses and address it as if it was in prod etc, I could look into it.. but for now it's just a shiny gem full of revenue potential for me as well...
-
@Condor I could genuinely get you a vps to tweak around with if needed. I can get quite far but my knowledge is limited to the point that I don't get how to setup the networking part ð¬
-
Condor324966y@linuxxx Hmm.. IPsec.. those are territories that I haven't gone through myself to be honest. Here I went with OpenVPN to build my VPN servers. The key infrastructure on that (which is currently held in /root/openvpn-ca/ on both of my servers could be merged into a shared storage server I think, and its key generation could be scripted out and have an API developed for. The shared storage part is similar to what I've been planning out for my mailers as well. The networking part shouldn't be too hard in OpenVPN at least.. it's got some options into the server config for that, which by default assign 10.8.0.0/24 to tun0 - which is fine - and on other servers you'd want to have incremented by 1 as 10.8.1.0/24 and similar. This doesn't make much of a difference to the clients, but it makes multiple simultaneous connections to various VPN servers a lot easier.
-
Condor324966y@linuxxx As for the OpenVPN part (which I've missed because I'm really tired but I have to switch sleep schedules from night to day wake for an appointment on Friday), personally I'd prefer an in-house solution or at least something that I fully understand inside out. I've had far too many issues with certified shitdesigns in the past and the present to settle with glorified black boxes in this regard. If they're open source (which I haven't checked due to lack of energy), great! The source code would be a great indicator of whether it'd be worth adopting into the infrastructure. If it doesn't suit the needs of the infrastructure however (and can't be configured to do so) I'd look into developing an in-house solution.
Related Rants
-
linuxxx57So, recently, a person in the US was arrested for stalking people. The evidence was some data from google, a ...
-
the-mrcoder8The most easiest explanation of VPNð
-
CoolGuy18On Slack Me: I can't access the VPN Network team: You have to create a user incident My browser: 403 Network t...
Tonight I want to try to setup an openvpn server with mysql based authentication because I'd love to somehow setup/become a vpn provider.
Of course there's a huge ass legal part but let's first make sure I know the technology of the top of my head!
Just ranting this out because I'm excited ð
rant
vpn
openvpn
mysql vpn authentication