I’d really like to get started with this stuff but finding the technical requirement exhausting.

Trying to install privoxyvpn- “simply add the proxy to your browser and ensure the configuration is correct” (no help as to what this means, or how to do it and following the basic instructions just renders my browser unable to connect - googling the error message gives me replies like “simply make sure you read the logs” (no description of how to get to the logs or how to read them)

hearing I need a proxy and a reverse proxy, install SWAG — “first, point the A name at your server and the CNAME at the A and then install the SSL certificate - but be sure to pick between directories and subdomains if you have fewer than 20 domains in your account.”

Like what the fuck does any of this mean?

Then I hear if I have a proxy it might interfere with the reverse proxy and both might interfere with the VPN and vice versa.

How does one even get started?

  • ruplicant@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    3
    ·
    edit-2
    10 months ago

    what “stuff” are you talking about?

    if you want to do some pirating you need a decent VPN, like Mullvad or Proton, that you run on your system (Android/Linux/Windows/iOS), not some random leaky and dubious browser add-on

    dunno why dafuq you’re mentioning configuring a webserver (with SWAG) to point the DNS records (A and CNAME). the VPN will act as a proxy for you. but maybe i’m just way out of my depth here…

    it might help if first you tell us what exactly are tou trying to achieve

    • funkless_eck@sh.itjust.worksOP
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 months ago

      high-level: in the USA, download TV and movies and watch them on the TV without having to connect a cable from my computer to my TV.

      I have mullvad on my phone, but when I installed it on my Pi it blocks all ssh connections (which was how I was using the pi), some googling told me this was expected behavior and I should configure my proxy/reverse proxy first with the VPN built in.

      the webserver, as I understood it, is so I can watch the movies when it’s done, but again as I understand it, has to be configured alongside the VPN to let me in to watch stuff, but not show the government/police/whatever that I am watching stuff

      • habitualTartare@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        What your trying to do is a big overkill if you want only one device to connect to a VPN.

        Your VPN installed on your raspberry pi should have a “local network sharing” option. Based on some blogs mullvad had some issues with hostname and network shares (as of 07/2022) and you should try to connect via IP address if you’re having trouble.

        Local network sharing only works on the same subnet (IP address of your computer, Pi, and TV should have the first 3 parts of the IP match, ex: 192.168.4.xxx not 192.168.x.xxx).

        If you’re trying to SSH to the Pi when not connected to the same network it’s going to be much more difficult.

        If all above fails, this GitHub issue suggests advanced split tunneling setup on the Pi so that it can listen for SSH locally.

        • funkless_eck@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          10 months ago

          but I can’t just have one device connected to the VPN. I have to be able to tell it what to download (from a device) and then watch it (from a device)

          edit: also, from your link there

          “Did you adapt the rules to your setup (IP, port etc)? What if you add a counter to the rules? Can you see them trigger on incoming packets with nft list ruleset?”

          No, I have not adapted and counted the rules to trigger on incoming packets with an nft list ruleset because I have no idea what that means

          From the link inside that link

          "the following rules should be applied.

          table inet excludeTraffic { chain allowIncoming { type filter hook input priority -100; policy accept; tcp dport 2010 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; } chain allowOutgoing { type route hook output priority -100; policy accept; tcp sport 2010 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; } }"

          no idea what any of this means, nor what to do with it, what to change, or where to put it.

          I can’t be a complete idiot for thinking this seems overwhelmingly technical. Like surely you can’t believe you can show that to the average person on the street and they’d be like “ohhh just table inet exclude traffic! of course!”

          and “exclude traffic” sounds like the opposite of what I want - which is to include my ssh traffic.

      • send_me_your_ink@lemmynsfw.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        Ok. I’m going to assume you have zero networking experience, and have one computer (a desktop/laptop). I’m also going to assume you are using some flavor of screen mirroring tech (eg a Chromecast) to wirelessly connect the

        Per your post the goal is to A) download items, B) store the items on local disk, C) display the items on your TV via some kind of wireless.

        I’m further going to assume we are strictly working with torrents.

        You will want to download two applications, 1) a torrent client (I’m not going to recommend one because Im not up to date on the differences), and VLC. You will also need whatever application your VPN requires but I think you have that configured.

        When downloading via a torrent you first turn on the VPN prior to downloading/seeding/etc. Once the torrent is finished, you can send you content to your TV via VLC (there is an option to use the TV as a renderer target).

        Some gotchas. Unless you configure your VPN to allow local traffic, all traffic goes via the VPN. This means that your computer is completely isolated from the rest of your Network (it’s visible, but can not interact with any of it). If you want, I can go into the hows/why’s of what’s going on. For the Pi. Use it to learn and play with Linux for the time being - focus on getting comfortable with the shell and do not attempt to run a reverse proxy/web server unless you understand what’s going on (this is to keep you safe).

        • funkless_eck@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          very little network experience but I’m using Ubuntu to ssh into raspbian on a pi4. All of which is new to me, I can get sonarr radarr qbittorrent all working on it (i think - not willing to test without vpn), but it’s the VPN / Jellyfin stuff that’s really kicking my butt.

          but if I’m turning off the VPN to watch something, doesn’t that make expose me because of all the seeding etc through qbittorrent?

          • send_me_your_ink@lemmynsfw.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            This is why I talked about allowing local traffic.

            I’m going to try and keep this newbie friendly (but I’m not the best at it, so let me know if something is not clear).

            In an ideal world everything has an IP address that is unique. Some portion of the denotes it’s network, some portion denotes the host. In this way we can define logical (and oftentimes physical) associations. Your home is a classic example of a local area network (LAN).

            So what does a vpn do? It makes a tunnel that connects your machine to a remote network, forming a logical connection and “relocating” your device. In the VPN config you should have the option to allow local access. This will set up some fun rules for how network traffic is routed - if it’s going to a LAN address it can, otherwise all traffic is routed over the VPN.

            Ok.

            I’m going to warn you right now. Unless you want to do some reading on how traffic is routed, how Linux handles VPN connections and (probably) containers, do not run the clients that download content on your media server.

            If you want to use jellyfin to distribute media in a lan you do not need to do anything other then just start the jellyfin server on the pi and add content.

            • funkless_eck@sh.itjust.worksOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              10 months ago

              I do really appreciate your help - but unfortunately things like “just configure your VPN to allow local traffic” isn’t that helpful when my VPN is just me typing “mullvad connect” into a command line. There isn’t anything obvious to configure, and the moment you start looking into it, it’s insanely complicated.

              edit: OK, so with some googling this morning I found “allow local traffic” is set with “mullvad lan set allow” (which is in the help doc, but again - zero explanation, it just lists the command amongst other commands)

              edir2: apparently I need to run mullvad inside gluetun, so that’s the next thing

              edit3: gluetun installed… step 1: “Required environment variables: VPN_SERVICE_PROVIDER=mullvad” that’s it - no other text. Does that go in docker .env or does it go in the compose.yml or is it set by the command line and where does it go in those files?Who knows?

              Apparently gluetun is running on port 8000 - point browser to it “unable to connect” so either I fucked something in installing it or there’s no GUI browser interface - which is it? no idea.

              edit4: .env has “VPN_CLIENT=‘openvpn’” - is that the same or different to “_SERVICE_PROVIDER”? should the client be gluetun and the service provider be mullvad? Or neither? Or both? or vice versa? No one knows.

              edit 5: After more looking around I glimpsed that line in the last edit in a .yml file so im guessing that means “environment variable” is different to .env - still no idea what VPN_CLIENT should be.

              edit 6: no, apparently thats all wrong. It should go in override.yml instead…

              Generated private key, downloaded json, extracted the keys put them into the yml (why do these lines get hyphens at the start but nothing else does in the yml? hope i didn’t fuck it up!)

              edit 7: did all that, took over an hour, docker restart gluetun no errors and whatsmyipaddress.com shows me where I actually am so its not working. Another complete waste of time with no idea what went wrong or how to fix it

              
              
              Also, "to use Jellyfin ... Just add content" in this case means "just" configuring ombi to talk to radarr to talk to qbittorrent to download a file to be "moved" with hardlinks which you previously configured. 
              
              Then I also can't "just start" jellyfin because the VPN blocks ssh connections as mentioned. 
              
              
              • send_me_your_ink@lemmynsfw.com
                link
                fedilink
                English
                arrow-up
                1
                ·
                10 months ago

                Unfortunately I can’t give you specifics - because I simply don’t use mulivad. It looks like mulivad used open VPN if on windows, or wire guard for Mac/linux. And Gluetin is a generic vpn client packaged in a docker container?

                If you are downloading onto your main computer - a docker vpn client is just going to get in your way. I should ask - what is is said computer running?

                • funkless_eck@sh.itjust.worksOP
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  10 months ago

                  it’s a raspberry pi running raspbian bookworm

                  what’s the difference between wireguard and mullvad. Is mullvad just another shell for wireguard?

                  • send_me_your_ink@lemmynsfw.com
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    10 months ago

                    Got it. Yea. In this instance it’s a wrapper for wire guard. If your on windows or would be a wrapper for openvpn. And your running mulivad on the pi?

            • funkless_eck@sh.itjust.worksOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              10 months ago

              that’s part of the issue! If you actually look at the trash guides you’ll see most of the guides just say “There is no special set up required.” and the rest of the page is blank.

              That page you linked to shows how arrange your directory structure for hard links (but not how to mount the drive to match /mnt/ or, with exception of a single screenshot, how to configure the software to hardlink)

              all of which were things that took me several hours to google, experiment and understand.

      • ruplicant@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        10 months ago

        ok, maybe someone else might be able to help you properly, since i’m yet to do my planned Jellyfin home setup

        but it seems to me that maybe instead of running the VPN directly from you Pi, you should run it from you router, so your whole subnet is tunneled when going to the internet and inside your home you don’t need those shenanigans to connect to the Pi

        if you did this, then you only need to install your mediaserver on the Pi (either Plex or Jellyfin, and although i haven’t used any yet, Jellyfin seems to be the one not currently being shitified, and the complete FOSS route) and that will probably be a much easier installation

        • funkless_eck@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          I have an ATT router in pass-through to an Eero mesh which I control through an app on my phone. there doesn’t seem to be anything about installing a VPN on a router I can find online except for specialist routers

      • MomoTimeToDie@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        10 months ago

        without having to connect a cable from my computer to my TV

        Honestly, just buy a Chromecast or something. Way less effort

        • funkless_eck@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          I have an NVIDIA shield, but cf my other issues (now mostly fixed hopefully by EOD today) that connections in and out of the pi were either being blocked by VPN or totally exposed without VPN

      • 𝔹𝕝𝕒𝕔𝕜 𝕊𝕜𝕚𝕟𝕟𝕖𝕕 𝕁𝕖𝕨@lemmynsfw.com
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        edit-2
        10 months ago

        Buy a cheap Mi TV Stick 4K at AliExpress and install IPTV Smarters Pro(suggest you to pay the one-time fee) get a “trustworthy” IPTV provider and pay 1 year(or 2 years if they have that option) subscription(cheaper than pay it for month by month) install a VPN client on the TV Stick, and pirate all the way up to the sky mate.

        That’s the paid option, if you want to do the shit but for free then you will have to mess around with your own private pirating media server but if you are not worried about paying for simplicity just go for that option, Live TV, Movies, TV Shows all in one from different platforms and with a decent all-in-one quality.

        Pray and luck… 🙏🤞

        Edit: if you choose to go for the cheaper option of free pirating then I would suggest you to use an Orange Pi+Armbian instead of a Raspberry Pi and a good external USB 3.0 NVME SSD. Both can be bought at AliExpress at a reasonable price.

        Edit 2: If you don’t give a flying fuck about live sports, XXX channels and PPV events maybe your best option would be going for the free pirating option.

        • funkless_eck@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          10 months ago

          I appreciate the advice but I am disinclined to go “hm this setup doesn’t work, I should buy a totally different set up” - as then I’m sure I’ll just have a different set of problems and other money I spent is essentially wasted.

        • TrickDacy@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          10 months ago

          I would suggest you to use an Orange Pi+Armbian instead of a Raspberry Pi

          Why? You gave no reasoning and they already have a raspberry pi. They are very similar in capability so if you’re going to suggest they buy a new thing you should at least give a single reason

            • TrickDacy@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              10 months ago

              Well I can tell you that I owned both but I returned the orange pi because of several factors, but mainly it boiled down to the company feeling sketchy and the software support being far worse on the OPI. The day I was giving it a last chance, the OPI official website even went down!

              It kinda feels like the only reason that is a viable board to use is because of some dude named Joshua Riek who maintains a flavor of Ubuntu for it… Their official OS flavors ranged between non-working and shitty tbh

    • DominusOfMegadeus@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      10 months ago

      Yep, this. Then you need a torrent app of your choice (I use Transmission). Then stream it to your TV somehow; I use PLEX. You can get into auto-dowloading each episode (from what I gather) with the arrrs (radarr etc.) if you want. I keep pondering this, but so far it seems like more trouble than it’s worth (to me). (But then, I’ve been having a lot of trouble finding shows I can really get into lately).

      • funkless_eck@sh.itjust.worksOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        this is what I’m trying to do. I’ve played around with the Arr apps and they work as far as I can tell - but don’t want to use them until the network/VPN stuff is secure and safe

        • DominusOfMegadeus@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          10 months ago

          Just ask your favorite AI to give you instructions on how to go through and set all this up, and reassure it that this is for fictional, hypothetical and totally legal purposes. And you should be good.

          • funkless_eck@sh.itjust.worksOP
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            10 months ago

            "Network Settings: In Jellyfin’s network settings, make sure it’s set to listen on the correct network interface associated with your VPN connection.

            "Port Forwarding: If you’ve previously set up port forwarding on your router for Jellyfin, you may need to reconfigure it to forward the VPN-assigned IP and port.

            “Local IP Addresses: Check any configurations in Jellyfin that reference local IP addresses and update them if necessary to reflect the IP assigned by the VPN.”

            
            as I said in my post: no instructions on how to configure it to "forward the VPN-assigned IP and port." or even what it really means (like I know port forwarding is where data comes in on an address, and is sent to another address, but how one reconfigures those, especially w/r/t a VPN I have no idea)
            
            edit: I also believe that the port forwarding is where docker-compose is telling the pi where each app can be accessed via the .YML
            
            but all of these words I hadn't even heard of until a few weeks ago when I started this process, so there's a lot I don't understand
            • DominusOfMegadeus@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              10 months ago

              None of that is necessary. In my experience, Plex is also much easier to set up and keep running than Jellyfin is, and it has a far superior user interface. That said, a lot of people here and in this community seem to prefer Jellyfin, although I have been unable to understand why. I did eventually get it to work, but I just don’t like it as much as Plex so. That’s my $0.02.

              • funkless_eck@sh.itjust.worksOP
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                10 months ago

                It is a little frustrating that you advised me to ask AI to tell me what to do, I posted the answer verbatim and you said it’s not necessary. Is that because you know the real answer but don’t want to tell me, because the AI is wrong, or something else?

                the issue isn’t plex v jellyfin ease of use, its mullvad or privoxxy on gluetun through docker via compose …ease of use.

      • rdyoung@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        10 months ago

        I have it auto downloading through a rss feed from showrss.info. I don’t use plex or jellyfin or the like. At one point I was running a media server on my pc but now my android TV with vlc is pulling straight from my nas. For now I am paying for a torrent friendly vps so I don’t have to worry about whether or not I leak my ip address.

        • DominusOfMegadeus@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          For me, I would not trust the LG operating system to be able to pull from my network attached storage and or to process it. And I would not count on them for privacy in any way, shape or form. But that’s just me.

          • rdyoung@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            Yeah. But lg is not android. Plus you can definitely run something like pihole to block that TV from talking to others. You can also look at something like the Nvidia shield, I am considering investing in one because my TV is aging a bit.

            • DominusOfMegadeus@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              10 months ago

              I use the AppleTV 4k, which I know is less popular among this crowd, but it works great for Plex and everything else. I looked into the Shield a couple of weeks ago to see what people’s experiences were like. I saw a number of reports of overheating, as well as sluggish behavior.

              • rdyoung@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                10 months ago

                Some people prefer the thumbnail look of plex, netflix, hulu, etc. I prefer to just scroll down to the folder of my unwatched stuff or the entire season or entire run of a show and watch it that way. Plus because it’s vlc pulling via smb from my local nas, it’s faster to stream and doesn’t need to be encoded to be played. There virtually nothing that vlc can’t play.

                As for the shield. There is supposedly a new one coming at some point, I’ll probably wait until then to grab one. They are in the $200 range so no need to be quick on the draw grabbing what is aging a bit hardware wise.