• 0 Posts
  • 17 Comments
Joined 2 years ago
cake
Cake day: June 12th, 2023

help-circle

  • I’d give Hetzner a try. The VPS they offer come with 20TB of bandwidth and they only count outgoing traffic(bottom of this page is the source -> https://docs.hetzner.com/robot/general/traffic/) One thing to note with Hetzner VPS is the port speed is not guaranteed to be 1G only on their dedicated servers is 1G guaranteed. In my experience with their VPS I always got over 500M so is wasn’t an issue. I’ve since moved to a dedicated server in Finland for the horse power and the flexibility of running my own VM platform(Proxmox)

    There’s also Netcup but I’ve never used them so can’t speak to quality but I’ve heard good things about them.

    Edit: totally forgot to mention BuyVM. I have one of their 1GB VPS in Luxembourg. Speed is good to Finland but not so great to Canada but that’s not their fault. More to do with latency which is to be expected given the distance.


  • Mandos and wireguard inside initramfs.

    Wireguard connects to a cloud VPS that acts as the mandos server and then grabs the key from mandos.

    All my systems are protected by LUKS aside from /boot which in my case simply holds the wireguard config and what’s required to get the key from mandos. Yes this leaves the wireguard keys exposed but I’m not concerned since in my case they’re only good for this purpose and it’s easy to disable a peer. Plus the VPS has nftables rules that only allow traffic on the wireguard interface to a single port that the mandos server listens on.
















  • I’ve been using it for a few months now and love it. I have it on 2 VMs. 1 at home and 1 on my dedicated server in the cloud.

    I have a horribly written script that stops the vaultwarden container on the home VM, it copies the db.sqlite3 files to the VM in the cloud using SCP, copies everything inside the attachments folder using SCP and then starts the container again. I then have the same type of script on the cloud VM that stops the container, grabs the db and attachments from the temp folder and moves them to the correct directories and starts the container.

    I only use the instance on the VM at home, the cloud VM is only used if something has happened to the VM at home. I do the same with my netbox instance.

    I also don’t expose anything to the internet. Everything is behind WireGuard. I have my phone setup with Tasker to automatically connect the tunnel when my phone disconnects from my home WiFi SSID.