CollabNet Guide: Difference between revisions

CollabNet Guide (view source)

Revision as of 21:10, 15 June 2024

158 bytes removed , 15 June

→‎VPN

VisualWikitext

Elijah

Bureaucrats, Check users, Interface administrators, Push subscription managers, Suppressors, Administrators

427

edits

Revision as of 20:51, 20 May 2024 (view source) MDMCK10 (talk \| contribs) (resolvconf -> openresolv, finish e2g restart part) ← Older edit		Revision as of 21:10, 15 June 2024 (view source) Elijah (talk \| contribs) (→‎VPN) Newer edit →
(4 intermediate revisions by 2 users not shown)
This guide will walk you through setting up a Virtual Network for your VMs. This will allow you to route your VM traffic behind a VPN (strongly recommended for several reasons), filter web traffic, and prevent access to your local network from the VMs. https://computernewb.com/w/index.php?title=CollabNet_Guide&action=edit = Prerequisites = * An hour or two of your time }} To make sure the bridge is started properly at system boot, run `<code>sudo crontab -e`</code> and add the following line to the bottom of the file that opens, then save it: {{code\| @reboot sleep 10; ip link set collabnet up {{code\| sudo curl 'https://computernewb.com/~elijah/dnsmasq.conf' -o /etc/dnsmasq.conf }} ~~{{ombox~~ ~~\| type = speedy~~ ~~\| image = [[File:Ambox_important_red.svg\|40px]]~~ ~~\| text = For the time being (a.k.a until [[User:Elijah\|Elijah]] updates the file above), you also need to add these two lines to the bottom of `dnsmasq.conf`: {{code\|~~ ~~<nowiki>~~ ~~server=1.1.1.1~~ ~~server=1.0.0.1</nowiki>~~ }} }} If you don't want users to be able to make traffic from your IP address (you almost definitely do not), you should set up a VPN, for all your users' traffic to be run through. You'll need a VPN that supports wireguard (and additionally you'll want to make sure that this usecase is allowed by their Terms of Service). Here are a few: * [https://protonvpn.com/ ProtonVPN] (Free plan allows WireGuard, premium plan $10/month) * CloudFlare WARP: You can use the [https://github.com/ViRb3/wgcf wgcf] third party CLI tool to generate a WireGuard profile. Mileage may vary. * [https://mullvad.net/en Mullvad] ($5 a month) * [https://protonvpn.com/ ProtonVPN] (Premium plan is $10 a month, however their free plan allows WireGuard making this one preferable if you don't want to spend money) Once you have your VPN picked out, register an account and generate a WireGuard profile. This varies by VPN but its usually in the Downloads section or its own category. It should give you a wireguard configuration either as a downloadable file or to copy and paste. }} If all went well, your VMs should now be connected to the VPN == E2Guardian == E2Guardian can be used to implement network filtering on your VM. It supports transparent HTTP and HTTPS filtering making it ideal for a setup like CollabVM where the client can't be trusted to always use a proxy or DNS server. Here's how to set it up. Copy <code>examplef1.story</code> to <code>group1.story</code>: {{code\| cp -p examplef1.story group1.story }} === Filter lists ===