nordvpn VS cloudflare-ddns

version: "3.8" services: nordlynx: image: ghcr.io/bubuntux/nordlynx cap_add: - NET_ADMIN # Required environment: # Review https://github.com/bubuntux/nordvpn#environment-variables - PRIVATE_KEY=mykey # Required - CONNECT=United_States - NET_LOCAL=10.20.30.40/24 # So it can be accessed within the local network - ALLOWED_IPS=10.20.30.40/24 ports: - "6881:6881" #qbittorent - "6881:6881/udp" #qbittorrent - "8080:8080" #qbittorrent - "7878:7878" #radarr - "8989:8989" #sonarr - "9696:9696" #prowlarr - "8097:8096" #jellyfin - "5055:5055" #jellyseer sysctls: - net.ipv6.conf.all.disable_ipv6=1 # Recomended if using ipv4 only qbittorrent: image: linuxserver/qbittorrent container_name: qbittorrent network_mode: service:nordlynx environment: volumes: - /path/to/qbittorrent/config:/config - /mnt/share_media:/data depends_on: - nordlynx restart: unless-stopped radarr: image: linuxserver/radarr container_name: radarr network_mode: service:nordlynx environment: volumes: - /path/to/radarr/config:/config - /mnt/share_media:/data depends_on: - nordlynx restart: unless-stopped sonarr: image: linuxserver/sonarr container_name: sonarr network_mode: service:nordlynx environment: volumes: - /path/to/sonarr/config:/config - /mnt/share_media:/data depends_on: - nordlynx restart: unless-stopped prowlarr: image: linuxserver/prowlarr container_name: prowlarr network_mode: service:nordlynx environment: volumes: - /path/to/prowlarr/config:/config depends_on: - nordlynx restart: unless-stopped jellyfin: image: linuxserver/jellyfin container_name: jellyfin network_mode: service:nordlynx environment: - JELLYFIN_PublishedServerUrl=http://10.20.30.184:8097/ volumes: - /path/to/jellyfin/config:/config - /path/to/jellyfin/cache:/cache - /mnt/share_media:/data depends_on: - nordlynx restart: unless-stopped jellyseer: image: fallenbagel/jellyseerr:latest container_name: jellyseer network_mode: service:nordlynx environment: volumes: - /path/to/jellyseer/config:/app/config depends_on: - nordlynx restart: unless-stopped

All the infos you need are on the github page > https://github.com/bubuntux/nordvpn

Issues · bubuntux/nordvpn (github.com)

On https://github.com/bubuntux/nordvpn it mentions that token login is also supported (Nord v3.15.0+). I've used the token login and it works well for me.

There has been an issue reported on github: https://github.com/bubuntux/nordvpn/issues/367

Two of the popular containers are https://github.com/qdm12/gluetun and https://github.com/bubuntux/nordvpn but it's not clear if either of them can use meshnet.

A ubuntu/debian vm with nordvpn official client, use iptables to forward this connection to the vm IP. I've seen a similar approach using docker here https://github.com/bubuntux/nordvpn but this only shares connection to other dockers ct's in the same setup

For anyone following, this was due to user error in that DDNS was not up to date. For reference, https://github.com/timothymiller/cloudflare-ddns

If you want to reach them online, think about using something like this: https://github.com/timothymiller/cloudflare-ddns, this will automaticly update your A records. Or try Cloudflare Tunneling: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps

Try using this container instead. You can update the A record of your domain to your IP dynamically and use a CNAME for each subdomain so you don’t have to worry about them not resolving when your IP changes.

Can you explain the difference between that and this? https://github.com/timothymiller/cloudflare-ddns

I'm out of ideas on this one, I especially don't understand why the nginx container works and others dont. Besides that I'm interested in other solutions that don't route my whole traffic over one company and limit my traffic/what I am allowed to do and what not. Would a dynamic dns updater also work for my use case? Something like cloudflare-ddns?

My recommended roadmap for thing to host is: 1. ssh access * with certificates only and fail2ban config 2. local pihole DNS server * learn how to set up your router and devices to use pihole as DNS 3. local jellyfin * no encryption, no external access, just a simple local network service * Create a domain in pihole, that points to your local jellyfin service 4. a ddns-service like cloudflare-ddns * buy a domain and use ddns to point it to your IP 5. nginx-proxy-manager * enable port-forwarding in your router and obtain a lets-encrypt wildcard-cert for your domain * Create a docker network and add npm, jellyfin, and all other web services that you want to access via your domain * Create a proxy host for each service, give every service a unique subdomain, and use your wildcard cert to enable SSL/TLS for all your services * add all those subdomains to your ddns * use pihhole to point the subdomains to your local IP

Tailscale recently introduced funnel which is currently in beta and has bandwidth limits so it might work, but personally I'd use a dynamic DNS service like cloudflare-ddns