Are there any plans to make this work with AWS free tier? #35
Comments
|
There's no technological limit that can prevent it from running on AWS, But if I remember correctly you get 750 monthly hours of EC2 only for 12 months per account. |
|
The script will work on AWS, and other cloud service providers. If you run through it and find a specific issue, I'm happy to provide support. As mentioned above, be aware that the free tier is not forever. Oracle provides an always-free tier account, which is great for Full Tunnel configurations. Oracle decides your Home Region automatically, from this list: https://docs.cloud.oracle.com/en-us/iaas/Content/General/Concepts/regions.htm |
|
@rajannpatel hey thanks, I disabled the iptables on my Oracle vm and now my wireguard connections works. The only problem now is that I can't access the pi-hole web interface |
When the Wireguard connection is active, what is the output of You can redact your public IP address and mangle your keys on the printouts. |
Using one client on my phone, and another one on my PC: Sorry for bothering you |
About Oracle's Always Free Tier, it's well worth noting that you get 10 TB of egress for completely free, in comparison to GCP only giving us 1 GB for free. That's a game changer as most of us will not even use most of that even if we go full tunnel! Also you get 1 GB of RAM instead of 640 MB, and 100 GB of storage... and all of that is per machine (which we're allowed to have 2 of!) In other words, an Oracle specific guide might be nice and handy; especially if you can add Shadowsocks into the mix for those intrusive/restrictive public hotspots! 😉 |
|
The only caveat on Oracle Free Tier is you have to manually disable (i prefer to uninstall) iptables. There should be guides that help you spin up an Ubuntu 20.04 instance on Oracle Free Tier, and expose a port in the firewall. I'll try to make some time to draft a guide, but it may not be in the near future. |
I might try to make a guide myself then. I have had a little bit of experience with GCP from working on other personal projects, so I think I might be able to piece something together. The issue is, I don't even have enough money in my PayPal account to cover the "payment verification" charge. At least with GCP they don't try to immediately charge your account with direct deposit setup, but actually they pay you a tiny amount. So that's something to note for a positive on GCP, if you're completely broke you can still sign up for the GCP always free tier... this is not so with Oracle Cloud. Edit: If anyone wants to help me with the guide or the fee, feel free to message me. |
Wish I could help - would be exciting to see an Oracle guide so that we could use full tunnel. Unless I’m missing something, seems like Oracle is a no brainer.... Not sure what fee you’re talking about, there is no fee. They are just asking for payment verification in case you upgrade |
Sure, you can maybe help out. About the fee, it's a temporary hold charge. If you don't have money in your account, payment verification would fail... which means you can't sign up. I did some signups for pay on Reddit r/signupsforpay and got that taken care of. After you sign up for Oracle Cloud Platform, you get a free trial credit. After the trial is over you still keep access to your always free resources, unlike Google Cloud Platform which forces you to upgrade to a pay as you go plan. This IMHO is better, as you don't have to upgrade your Oracle account to continue to use the freebies. With that said, I'm available today to try to work on a guide. I also plan on implementing shadowsocks so we can maybe have a better chance of the VPN working on public hotspots that use DPI firewalls and captive portals that basically MITM it's users (to force data collection, sign in, restrictions, ect.) this way we can take back a little bit of privacy and security. |
Would the script run "as is" without modification? |
When this is all said and done, do you expect to use this for full VPN, whether you're watching netflix or just browsing? Will this also mask our IP address? For example if at home, my WAN IP address will look not be from my own router? I'm just going to cancel my google cloud account. |
I expect to use this as my full VPN on pretty much every device I own. I would like to have it setup as both full and split tunnel, but with shadowsocks I'll proabably just have to use it as full tunnel. The positive of Split Tunnel is that you can use resources on your local network (for example I have a private Nextcloud instance), however you give up full encryption (only your DNS queries are encrypted then). |
So if you're on the VPN and on your LAN, you'll need to access Nextcloud as if you're are on a public network? |
Basically here's how it works from what I understand (somebody correct me if I'm wrong). If you are on your home network, but full tunnel... you can't use your local network resources. If you are on a public network, but full tunnel... you can't use your local network resources. |
Gotcha that makes sense, thank you. I suppose once you have this guide created, and since there are 2 free oracle instances, perhaps we could have 1 instance running split and 1 running full. Then we could switch from one to the other depending on what we're doing.... |
|
The Wireguard VPN does not provide network isolation the way a firewall would. It's just a new network adapter with its own set of rules. You could configure the outbound rules to capture all outbound traffic, and send outbound traffic over that adapter. Or you can be a little more specific, and only allow outbound traffic for certain IP subnets. |
You can run both on the same VPN server, you just have separate profiles. But I don't know if it would still work the same with shadowsocks. Perhaps it's only full tunnel then, since shadowsocks encrypts the traffic (not just DNS queries). My other server is being used to host my own website and email. https://randomfandom.cf |
Alright, so I'm having a similar issue. I cannot access the PiHole panel, and my DNS is failing on dnsleaktest.com (it's not showing Cloudflare, but only my shit ISP's DNS). |
The script did not work for me on Oracle Cloud it seems...
|
|
have you opened the appropriate ports in Oracle's firewall to allow the Wireguard traffic through? |
I opened 51515. Ports 80, 443, 53 were already open (as I setup a webserver on the other free VM). I also disabled iptables.
|
|
@Fanboy-Studios @rajannpatel Many thanks |
I got it mostly working recently, now I'm just working on trying to get it implemented in my router running OpenWrt. The guide will be here: https://github.com/FanboyStudios/PiHole-Wireguard-VPN_on_Oracle-Cloud-Platform-Free-Tier |
|
Created setup and documents for using Oracle cloud always free tier. Hope it will be helpful. https://github.com/anbuchelva/Pi-hole-and-Wireguard-on-Oracle-Cloud-always-free-tier |
Since the Google Cloud free tier only allows US servers, it can potentially slow things down for other users. As far as I know, the AWS free tier is available in every region. Is there anything preventing this from working with AWS?
The text was updated successfully, but these errors were encountered: