ziti-doc
wg-easy
ziti-doc | wg-easy | |
---|---|---|
23 | 186 | |
34 | 7,136 | |
- | - | |
9.5 | 5.8 | |
2 days ago | 12 months ago | |
HTML | HTML | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ziti-doc
-
OpenZiti - *everything* you need to implement your own secure, zero trust overlay network
OpenZiti vs BoringProxy has some similarities for sure. The simplest OpenZiti deployment is similar to a boring proxy deployment. The main differences will be that the listening ports "on the network" are going to be from the OpenZiti edge-router which will authenticate before allowing any connection using a strong x509 identity (not a token) and then after that the same identity can be authorized to access one or more services. That's one killer difference to me. There are lots of other things OpenZiti is doing that boringproxy isn't trying to as well. I filed an issue to do a comparison to that some day https://github.com/openziti/ziti-doc/issues/176 thanks for the idea! :)
-
Site-to-Site IPsec VPN with dynamic public address at remote site
Use our open source solution, OpenZiti, and host/manage it all yourself - https://openziti.github.io/
-
Extrovert Wednesday - Telling the World about OpenZiti
You can definitely read more about what OpenZiti is over on the docs page if you're looking for more info about the project https://openziti.github.io/
-
How bad it is ? Security of self-hosted server
If you're interested in it, you can find it over at github - https://openziti.github.io. It's one more thing to setup and maintain so maybe that's a dealbreaker but since this is selfhosted - maybe not ;)
-
How to setup OpenZiti on an OpenWRT device as an alternative to VPNs / private APNs
If you want to go fully open source and self-hosted, use an OpenZiti quickstart - https://openziti.github.io/ - while ignoring steps 1, 2, 3, and 5 ... i.e., step 4 is where you deploy an OpenZiti tunneler on an OpenWRT box.
-
Alternative to manual IP exposing
I not long ago discovered OpenZiti, and to be honest I fell in love with it. I also have a dinamic IP, and I have even some other cases wheren from my place some IoT devices need to find my laptop wherever I may go (I travel a lot).
-
How we use and Secure SaltStack
https://openziti.github.io/ - gives a good intro
-
Help making an Ansible collections
More details: What I'm trying to do is setup a Zero Trust Host Access on my Kubernetes cluster using OpenZiti. Ziti has 4 binaries (controller, router, tunneler and admin console), configuring all these to work together is kinda complex, that's why I thought about making custom modules.
-
Recommended solution secure that will allow my assistant to access a vm in my Azure environment
Probably overkill for your need, but you can give access to your VM without requiring a bastion or VPN, only outbound ports on a NAT gateway using opensource OpenZiti - https://openziti.github.io/. The user would load a client on their device and get access only the the specific resources you define (IP, DNS, port etc). This also means you don't need to assign the IP of the users home (added benefit they can access when not at home).
-
Gaming on the go: How I game remotely and keep my firewall “Perfect Dark”
Create the identity for the Hosting workstation. You can assign as many attributes as you want. Openziti works with an "attribute-enabled role-based access control (ARBAC) model. So, if you have used hashtags, you’re probably familiarized with it.
wg-easy
-
Admin-Friendly Mesh VPN with WireGuard?
After browsing through, I've noticed that three options seem to be gaining traction: Netmaker, wg-easy, and headscale. I'm curious to know if these solutions are interchangeable, and if there are specific reasons to choose one over the others. I'd also like to understand if they are complete stacks, meaning, once set up, could I easily replace one admin GUI with another, or would I need to tear down and rebuild the VPN?
-
VPN to bypass Country blocms
WireGuard is the solution to everything! It has an app and they can easily login via a QR code that you send them. For the server I would recommend wg-easy, there you can manage all user accounts in a web interface.
-
Wireguard without VPS?
I use this, https://github.com/WeeJeWel/wg-easy
-
What are some security/VPN features you would like to see in UniFi Network?
Dashboard with access to the QR and config files for clients as well as bandwidth data. Even something as simple as wg-easy would be great.
- Self hosted public DNS Server
-
Build your own private WireGuard VPN with PiVPN
I run wg-easy https://github.com/WeeJeWel/wg-easy for this sort of thing. I use the docker container, and it's great. "Just works".
Also, unrelated, I just decided I don't like the sentiment of "PiMyProjectName" branding. I know most projects don't just run on a Pi, and that the intent is to say "you can self-host thing", but at this point if you want to run a home server sort of thing, just buy some cheap 100-200 dollar minipc thing. That's how much you'd pay for a Pi now anyway, and it comes with such great features as:
* just establishing an ssh connection doesn't take multiple seconds
* the ethernet doesn't go over a usb hub
* it doesn't run on an sd card that is going to fail within a year
I'm pretty dismissive of ARM chips for homelab stuff at this point. There's super cheap minipcs with "real" processors that will just destroy even an expensive ARM board.
Pi's shine with their ability to run both a real/full Linux and also do gpio type stuff that otherwise is usually an arduino board. I don't have anything against low-level programming but damn is it just a lot more fun to do in python. I love the Rpi zero w 2 products for this, just enough juice to run wifi and a python loop, plus the gpio pins. Too bad they've been sold out for literally years.
- Seft-host VPNs recommendation regarding power efficiency
-
[Wireguard] Le serveur ne peut pas faire un ping au client
J'ai installé Wireguard Server sur un VPS en utilisant [https://github.com/weejewel/wg-easy Peer to Peer Ping, mais je ne peux pas ping-ping à des pairs du serveur.
-
Using AWS EC2 as a proxy server to bypass a Minecraft VPNGuard server block or run a Minecraft server from your home while hiding the public IP
To expand: I'd recommend wireguard it's super easy to run with docker, openvpn is way more annoying to setup The Github page for wg-easy docker image
-
Today is a lovely day to setup my new media server. X220 i5, 512GB msata SSD (slow af), 1TB internal HDD, and another terabyte in the dock. Installing Ubuntu server 22.04 LTS. Any fun ideas for what to do with it, aside from a Jellyfin server and samba share?
for wireguard im using wg-easy
What are some alternatives?
ZeroTier - A Smart Ethernet Switch for Earth
wg-manager - A easy to use WireGuard dashboard and management tool
AdGuard-WireGuard-Unbound-Cloudflare - The ultimate self-hosted network security guide ─ Protection | Privacy | Performance for your network 24/7 Accessible anywhere [Moved to: https://github.com/trinib/AdGuard-WireGuard-Unbound-DNScrypt]
wg-gen-web - Simple Web based configuration generator for WireGuard
boundary-reference-architecture - Example reference architecture for a high availability Boundary deployment on AWS.
wireguard-ui - Wireguard web interface
docker-adguard-unbound-wireguard - This solution is a combination of WireGuard, AdGuard Home, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create and deploy a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities (via AdGuard), and DNS caching with additional privacy options (via Unbound).
firezone - Open-source VPN server and egress firewall for Linux built on WireGuard. Firezone is easy to set up (all dependencies are bundled thanks to Chef Omnibus), secure, performant, and self hostable.
Nebula - A scalable overlay networking tool with a focus on performance, simplicity and security
WGDashboard - Simplest dashboard for WireGuard VPN written in Python w/ Flask
ziti - The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
pivpn - The Simplest VPN installer, designed for Raspberry Pi