Comment by pSYoniK
2 days ago
I want to make a few points to help clarify some of the choices and why I made them. This is very helpful and I appreciate all the comments as it highlights how some things are clear in our head but we don't end up sharing that with anyone reading. So:
1. I looked at AdGuardHome but I preferred PiHole because I found its documentation a bit more helpful for my purpose (the Unbound sample, the Wireguard setup, etc)
2. I saw the docker compose package, but I wanted something that runs at the OS level. There are docker packages for Wireguard too and I had also a look at Mistborn (https://gitlab.com/cyber5k/mistborn)
3. The VPN is the main thing I wanted setup to reach resources on my home network, adblocking and DNS came a bit later, so you can run this without a VPN, but its central for my setup.
4. I really wanted this setup at the OS level and to hopefully learn more about the whole process.
Thanks again for the suggestions though!
> 1. I looked at AdGuardHome but I preferred PiHole because I found its documentation a bit more helpful for my purpose (the Unbound sample, the Wireguard setup, etc)
Probably the right call, but funnily enough, I had to go the other way. PiHole started using 100% of the CPU on my Raspberry Pi 1B after an update to version 6.x, which then obviously slowed the entire network to a crawl and made it unusable. Although later versions supposedly fixed that, whatever was the latest version at the time still had that problem for me, even on a completely fresh install.
AdGuardHome worked for me without any hassle, but I would never have even considered it, given I'd been happy with PiHole for 5+ years, if it hadn't been for the fact that whatever update PiHole did completely borked its usability.
> I saw the docker compose package, but I wanted something that runs at the OS level
For my curiosity: because you wanted to use systemd or didn't want to run another piece of software (docker) or something else?
I had wireguard on docker before for some containers, but it felt clunky and it over complicated the network stack in my head (I'm unfortunately not very skilled in networking in general). So I said that I'd go back to the root and run it at OS level because then I can expose Proxmox to the world or any of the other VMs I run by having them join the wireguard network. Which in turn means that I can connect to any machine I want/need directly. I am also playing around with writing my own dynamic DNS worker in C# and I was curious on how I could have that run as a systemd process but bypass the wireguard tunnel to keep updating IP addresses. A lot of these were tied to me just being a bit more curious about the whole stack.
Understood. Thank you!