I’d really like to get started with this stuff but finding the technical requirement exhausting.
Trying to install privoxyvpn- “simply add the proxy to your browser and ensure the configuration is correct” (no help as to what this means, or how to do it and following the basic instructions just renders my browser unable to connect - googling the error message gives me replies like “simply make sure you read the logs” (no description of how to get to the logs or how to read them)
hearing I need a proxy and a reverse proxy, install SWAG — “first, point the A name at your server and the CNAME at the A and then install the SSL certificate - but be sure to pick between directories and subdomains if you have fewer than 20 domains in your account.”
Like what the fuck does any of this mean?
Then I hear if I have a proxy it might interfere with the reverse proxy and both might interfere with the VPN and vice versa.
How does one even get started?
what “stuff” are you talking about?
if you want to do some pirating you need a decent VPN, like Mullvad or Proton, that you run on your system (Android/Linux/Windows/iOS), not some random leaky and dubious browser add-on
dunno why dafuq you’re mentioning configuring a webserver (with SWAG) to point the DNS records (A and CNAME). the VPN will act as a proxy for you. but maybe i’m just way out of my depth here…
it might help if first you tell us what exactly are tou trying to achieve
high-level: in the USA, download TV and movies and watch them on the TV without having to connect a cable from my computer to my TV.
I have mullvad on my phone, but when I installed it on my Pi it blocks all ssh connections (which was how I was using the pi), some googling told me this was expected behavior and I should configure my proxy/reverse proxy first with the VPN built in.
the webserver, as I understood it, is so I can watch the movies when it’s done, but again as I understand it, has to be configured alongside the VPN to let me in to watch stuff, but not show the government/police/whatever that I am watching stuff
What your trying to do is a big overkill if you want only one device to connect to a VPN.
Your VPN installed on your raspberry pi should have a “local network sharing” option. Based on some blogs mullvad had some issues with hostname and network shares (as of 07/2022) and you should try to connect via IP address if you’re having trouble.
Local network sharing only works on the same subnet (IP address of your computer, Pi, and TV should have the first 3 parts of the IP match, ex: 192.168.4.xxx not 192.168.x.xxx).
If you’re trying to SSH to the Pi when not connected to the same network it’s going to be much more difficult.
If all above fails, this GitHub issue suggests advanced split tunneling setup on the Pi so that it can listen for SSH locally.
but I can’t just have one device connected to the VPN. I have to be able to tell it what to download (from a device) and then watch it (from a device)
edit: also, from your link there
No, I have not adapted and counted the rules to trigger on incoming packets with an nft list ruleset because I have no idea what that means
From the link inside that link
no idea what any of this means, nor what to do with it, what to change, or where to put it.
I can’t be a complete idiot for thinking this seems overwhelmingly technical. Like surely you can’t believe you can show that to the average person on the street and they’d be like “ohhh just table inet exclude traffic! of course!”
and “exclude traffic” sounds like the opposite of what I want - which is to include my ssh traffic.
Ok. I’m going to assume you have zero networking experience, and have one computer (a desktop/laptop). I’m also going to assume you are using some flavor of screen mirroring tech (eg a Chromecast) to wirelessly connect the
Per your post the goal is to A) download items, B) store the items on local disk, C) display the items on your TV via some kind of wireless.
I’m further going to assume we are strictly working with torrents.
You will want to download two applications, 1) a torrent client (I’m not going to recommend one because Im not up to date on the differences), and VLC. You will also need whatever application your VPN requires but I think you have that configured.
When downloading via a torrent you first turn on the VPN prior to downloading/seeding/etc. Once the torrent is finished, you can send you content to your TV via VLC (there is an option to use the TV as a renderer target).
Some gotchas. Unless you configure your VPN to allow local traffic, all traffic goes via the VPN. This means that your computer is completely isolated from the rest of your Network (it’s visible, but can not interact with any of it). If you want, I can go into the hows/why’s of what’s going on. For the Pi. Use it to learn and play with Linux for the time being - focus on getting comfortable with the shell and do not attempt to run a reverse proxy/web server unless you understand what’s going on (this is to keep you safe).
very little network experience but I’m using Ubuntu to ssh into raspbian on a pi4. All of which is new to me, I can get sonarr radarr qbittorrent all working on it (i think - not willing to test without vpn), but it’s the VPN / Jellyfin stuff that’s really kicking my butt.
but if I’m turning off the VPN to watch something, doesn’t that make expose me because of all the seeding etc through qbittorrent?
Maybe you should try docker. You could follow the trash guides for a guided install and setup of everything
that’s part of the issue! If you actually look at the trash guides you’ll see most of the guides just say “There is no special set up required.” and the rest of the page is blank.
That page you linked to shows how arrange your directory structure for hard links (but not how to mount the drive to match /mnt/ or, with exception of a single screenshot, how to configure the software to hardlink)
all of which were things that took me several hours to google, experiment and understand.
This is why I talked about allowing local traffic.
I’m going to try and keep this newbie friendly (but I’m not the best at it, so let me know if something is not clear).
In an ideal world everything has an IP address that is unique. Some portion of the denotes it’s network, some portion denotes the host. In this way we can define logical (and oftentimes physical) associations. Your home is a classic example of a local area network (LAN).
So what does a vpn do? It makes a tunnel that connects your machine to a remote network, forming a logical connection and “relocating” your device. In the VPN config you should have the option to allow local access. This will set up some fun rules for how network traffic is routed - if it’s going to a LAN address it can, otherwise all traffic is routed over the VPN.
Ok.
I’m going to warn you right now. Unless you want to do some reading on how traffic is routed, how Linux handles VPN connections and (probably) containers, do not run the clients that download content on your media server.
If you want to use jellyfin to distribute media in a lan you do not need to do anything other then just start the jellyfin server on the pi and add content.
I do really appreciate your help - but unfortunately things like “just configure your VPN to allow local traffic” isn’t that helpful when my VPN is just me typing “mullvad connect” into a command line. There isn’t anything obvious to configure, and the moment you start looking into it, it’s insanely complicated.
edit: OK, so with some googling this morning I found “allow local traffic” is set with “mullvad lan set allow” (which is in the help doc, but again - zero explanation, it just lists the command amongst other commands)
edir2: apparently I need to run mullvad inside gluetun, so that’s the next thing
edit3: gluetun installed… step 1: “Required environment variables: VPN_SERVICE_PROVIDER=mullvad” that’s it - no other text. Does that go in docker .env or does it go in the compose.yml or is it set by the command line and where does it go in those files?Who knows?
Apparently gluetun is running on port 8000 - point browser to it “unable to connect” so either I fucked something in installing it or there’s no GUI browser interface - which is it? no idea.
edit4: .env has “VPN_CLIENT=‘openvpn’” - is that the same or different to “_SERVICE_PROVIDER”? should the client be gluetun and the service provider be mullvad? Or neither? Or both? or vice versa? No one knows.
edit 5: After more looking around I glimpsed that line in the last edit in a .yml file so im guessing that means “environment variable” is different to .env - still no idea what VPN_CLIENT should be.
edit 6: no, apparently thats all wrong. It should go in override.yml instead…
Generated private key, downloaded json, extracted the keys put them into the yml (why do these lines get hyphens at the start but nothing else does in the yml? hope i didn’t fuck it up!)
edit 7: did all that, took over an hour, docker restart gluetun no errors and whatsmyipaddress.com shows me where I actually am so its not working. Another complete waste of time with no idea what went wrong or how to fix it
Also, "to use Jellyfin ... Just add content" in this case means "just" configuring ombi to talk to radarr to talk to qbittorrent to download a file to be "moved" with hardlinks which you previously configured. Then I also can't "just start" jellyfin because the VPN blocks ssh connections as mentioned.
Unfortunately I can’t give you specifics - because I simply don’t use mulivad. It looks like mulivad used open VPN if on windows, or wire guard for Mac/linux. And Gluetin is a generic vpn client packaged in a docker container?
If you are downloading onto your main computer - a docker vpn client is just going to get in your way. I should ask - what is is said computer running?
it’s a raspberry pi running raspbian bookworm
what’s the difference between wireguard and mullvad. Is mullvad just another shell for wireguard?
Got it. Yea. In this instance it’s a wrapper for wire guard. If your on windows or would be a wrapper for openvpn. And your running mulivad on the pi?
ok, maybe someone else might be able to help you properly, since i’m yet to do my planned Jellyfin home setup
but it seems to me that maybe instead of running the VPN directly from you Pi, you should run it from you router, so your whole subnet is tunneled when going to the internet and inside your home you don’t need those shenanigans to connect to the Pi
if you did this, then you only need to install your mediaserver on the Pi (either Plex or Jellyfin, and although i haven’t used any yet, Jellyfin seems to be the one not currently being shitified, and the complete FOSS route) and that will probably be a much easier installation
I have an ATT router in pass-through to an Eero mesh which I control through an app on my phone. there doesn’t seem to be anything about installing a VPN on a router I can find online except for specialist routers
Honestly, just buy a Chromecast or something. Way less effort
I have an NVIDIA shield, but cf my other issues (now mostly fixed hopefully by EOD today) that connections in and out of the pi were either being blocked by VPN or totally exposed without VPN
Removed by mod
I appreciate the advice but I am disinclined to go “hm this setup doesn’t work, I should buy a totally different set up” - as then I’m sure I’ll just have a different set of problems and other money I spent is essentially wasted.
Removed by mod
Why? You gave no reasoning and they already have a raspberry pi. They are very similar in capability so if you’re going to suggest they buy a new thing you should at least give a single reason
especially as I bought an RPi because everyone said it was easy and perfect to use lmao
Well I can tell you that I owned both but I returned the orange pi because of several factors, but mainly it boiled down to the company feeling sketchy and the software support being far worse on the OPI. The day I was giving it a last chance, the OPI official website even went down!
It kinda feels like the only reason that is a viable board to use is because of some dude named Joshua Riek who maintains a flavor of Ubuntu for it… Their official OS flavors ranged between non-working and shitty tbh
Removed by mod
Yep, this. Then you need a torrent app of your choice (I use Transmission). Then stream it to your TV somehow; I use PLEX. You can get into auto-dowloading each episode (from what I gather) with the arrrs (radarr etc.) if you want. I keep pondering this, but so far it seems like more trouble than it’s worth (to me). (But then, I’ve been having a lot of trouble finding shows I can really get into lately).
I have it auto downloading through a rss feed from showrss.info. I don’t use plex or jellyfin or the like. At one point I was running a media server on my pc but now my android TV with vlc is pulling straight from my nas. For now I am paying for a torrent friendly vps so I don’t have to worry about whether or not I leak my ip address.
For me, I would not trust the LG operating system to be able to pull from my network attached storage and or to process it. And I would not count on them for privacy in any way, shape or form. But that’s just me.
Yeah. But lg is not android. Plus you can definitely run something like pihole to block that TV from talking to others. You can also look at something like the Nvidia shield, I am considering investing in one because my TV is aging a bit.
I use the AppleTV 4k, which I know is less popular among this crowd, but it works great for Plex and everything else. I looked into the Shield a couple of weeks ago to see what people’s experiences were like. I saw a number of reports of overheating, as well as sluggish behavior.
Some people prefer the thumbnail look of plex, netflix, hulu, etc. I prefer to just scroll down to the folder of my unwatched stuff or the entire season or entire run of a show and watch it that way. Plus because it’s vlc pulling via smb from my local nas, it’s faster to stream and doesn’t need to be encoded to be played. There virtually nothing that vlc can’t play.
As for the shield. There is supposedly a new one coming at some point, I’ll probably wait until then to grab one. They are in the $200 range so no need to be quick on the draw grabbing what is aging a bit hardware wise.
this is what I’m trying to do. I’ve played around with the Arr apps and they work as far as I can tell - but don’t want to use them until the network/VPN stuff is secure and safe
Just ask your favorite AI to give you instructions on how to go through and set all this up, and reassure it that this is for fictional, hypothetical and totally legal purposes. And you should be good.
as I said in my post: no instructions on how to configure it to "forward the VPN-assigned IP and port." or even what it really means (like I know port forwarding is where data comes in on an address, and is sent to another address, but how one reconfigures those, especially w/r/t a VPN I have no idea) edit: I also believe that the port forwarding is where docker-compose is telling the pi where each app can be accessed via the .YML but all of these words I hadn't even heard of until a few weeks ago when I started this process, so there's a lot I don't understand
None of that is necessary. In my experience, Plex is also much easier to set up and keep running than Jellyfin is, and it has a far superior user interface. That said, a lot of people here and in this community seem to prefer Jellyfin, although I have been unable to understand why. I did eventually get it to work, but I just don’t like it as much as Plex so. That’s my $0.02.
It is a little frustrating that you advised me to ask AI to tell me what to do, I posted the answer verbatim and you said it’s not necessary. Is that because you know the real answer but don’t want to tell me, because the AI is wrong, or something else?
the issue isn’t plex v jellyfin ease of use, its mullvad or privoxxy on gluetun through docker via compose …ease of use.