I’d really like to get started with this stuff but finding the technical requirement exhausting.

Trying to install privoxyvpn- “simply add the proxy to your browser and ensure the configuration is correct” (no help as to what this means, or how to do it and following the basic instructions just renders my browser unable to connect - googling the error message gives me replies like “simply make sure you read the logs” (no description of how to get to the logs or how to read them)

hearing I need a proxy and a reverse proxy, install SWAG — “first, point the A name at your server and the CNAME at the A and then install the SSL certificate - but be sure to pick between directories and subdomains if you have fewer than 20 domains in your account.”

Like what the fuck does any of this mean?

Then I hear if I have a proxy it might interfere with the reverse proxy and both might interfere with the VPN and vice versa.

How does one even get started?

  • funkless_eck@sh.itjust.worksOPEnglish
    2·
    5 months ago

    high-level: in the USA, download TV and movies and watch them on the TV without having to connect a cable from my computer to my TV.

    I have mullvad on my phone, but when I installed it on my Pi it blocks all ssh connections (which was how I was using the pi), some googling told me this was expected behavior and I should configure my proxy/reverse proxy first with the VPN built in.

    the webserver, as I understood it, is so I can watch the movies when it’s done, but again as I understand it, has to be configured alongside the VPN to let me in to watch stuff, but not show the government/police/whatever that I am watching stuff

    • habitualTartare@lemmy.worldEnglish
      2·
      5 months ago

      What your trying to do is a big overkill if you want only one device to connect to a VPN.

      Your VPN installed on your raspberry pi should have a “local network sharing” option. Based on some blogs mullvad had some issues with hostname and network shares (as of 07/2022) and you should try to connect via IP address if you’re having trouble.

      Local network sharing only works on the same subnet (IP address of your computer, Pi, and TV should have the first 3 parts of the IP match, ex: 192.168.4.xxx not 192.168.x.xxx).

      If you’re trying to SSH to the Pi when not connected to the same network it’s going to be much more difficult.

      If all above fails, this GitHub issue suggests advanced split tunneling setup on the Pi so that it can listen for SSH locally.

      • funkless_eck@sh.itjust.worksOPEnglish
        1·
        5 months ago

        but I can’t just have one device connected to the VPN. I have to be able to tell it what to download (from a device) and then watch it (from a device)

        edit: also, from your link there

        “Did you adapt the rules to your setup (IP, port etc)? What if you add a counter to the rules? Can you see them trigger on incoming packets with nft list ruleset?”

        No, I have not adapted and counted the rules to trigger on incoming packets with an nft list ruleset because I have no idea what that means

        From the link inside that link

        "the following rules should be applied.

        table inet excludeTraffic { chain allowIncoming { type filter hook input priority -100; policy accept; tcp dport 2010 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; } chain allowOutgoing { type route hook output priority -100; policy accept; tcp sport 2010 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; } }"

        no idea what any of this means, nor what to do with it, what to change, or where to put it.

        I can’t be a complete idiot for thinking this seems overwhelmingly technical. Like surely you can’t believe you can show that to the average person on the street and they’d be like “ohhh just table inet exclude traffic! of course!”

        and “exclude traffic” sounds like the opposite of what I want - which is to include my ssh traffic.

    • ruplicant@sh.itjust.worksEnglish
      21·
      5 months ago

      ok, maybe someone else might be able to help you properly, since i’m yet to do my planned Jellyfin home setup

      but it seems to me that maybe instead of running the VPN directly from you Pi, you should run it from you router, so your whole subnet is tunneled when going to the internet and inside your home you don’t need those shenanigans to connect to the Pi

      if you did this, then you only need to install your mediaserver on the Pi (either Plex or Jellyfin, and although i haven’t used any yet, Jellyfin seems to be the one not currently being shitified, and the complete FOSS route) and that will probably be a much easier installation

      • funkless_eck@sh.itjust.worksOPEnglish
        1·
        5 months ago

        I have an ATT router in pass-through to an Eero mesh which I control through an app on my phone. there doesn’t seem to be anything about installing a VPN on a router I can find online except for specialist routers

    • MomoTimeToDie@sh.itjust.worksEnglish
      12·
      5 months ago

      without having to connect a cable from my computer to my TV

      Honestly, just buy a Chromecast or something. Way less effort

      • funkless_eck@sh.itjust.worksOPEnglish
        1·
        5 months ago

        I have an NVIDIA shield, but cf my other issues (now mostly fixed hopefully by EOD today) that connections in and out of the pi were either being blocked by VPN or totally exposed without VPN