want to get started but finding the technical side really overwhelming

funkless_eck@sh.itjust.works to Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.com – 126 points –

I'd really like to get started with this stuff but finding the technical requirement exhausting.

Trying to install privoxyvpn- "simply add the proxy to your browser and ensure the configuration is correct" (no help as to what this means, or how to do it and following the basic instructions just renders my browser unable to connect - googling the error message gives me replies like "simply make sure you read the logs" (no description of how to get to the logs or how to read them)

hearing I need a proxy and a reverse proxy, install SWAG — "first, point the A name at your server and the CNAME at the A and then install the SSL certificate - but be sure to pick between directories and subdomains if you have fewer than 20 domains in your account."

Like what the fuck does any of this mean?

Then I hear if I have a proxy it might interfere with the reverse proxy and both might interfere with the VPN and vice versa.

How does one even get started?

45

OK, so, I attempted to bring some clarity to this discussion that seems like it's all over the place in terms of methodology and difficulty. Here is a breakdown as well as some instructions that should hopefully help OP out.

  1. Running VPN on Router (suggested by ruplicant):

    • Veracity: Valid. Running a VPN on the router secures all devices on the network.
    • Complexity: High for a beginner. Requires a compatible router and understanding of router firmware.
    • Suitability for Beginners: Not ideal due to the technical complexity.
  2. Setting Up Media Server on Raspberry Pi (suggested by ruplicant):

    • Veracity: Valid. Raspberry Pi can effectively run media servers like Plex or Jellyfin.
    • Complexity: Moderate. It requires some technical know-how for setup and maintenance.
    • Suitability for Beginners: Moderate. Good for those with some technical background.
  3. Standard Computer Setup with Torrent Client and VLC (suggested by send_me_your_ink):

    • Veracity: Valid. This is a common method for downloading and viewing content.
    • Complexity: Low. Easy to set up and use.
    • Suitability for Beginners: High. Straightforward and less technically demanding.
  4. Using Plex Over Jellyfin (suggested by Reverendender):

    • Veracity: Subjective. Both are valid, but Plex is often seen as more user-friendly.
    • Complexity: Low for Plex, moderate for Jellyfin.
    • Suitability for Beginners: Plex is more suitable due to its ease of use.

Based on this analysis, for a beginner user, the most straightforward and effective approach would be to use a standard computer setup with a VPN, a torrent client, and VLC media player for streaming. This setup minimizes technical complexity while providing a good balance of privacy and ease of use.

Step-by-Step Instructions for Beginners:

1. Set Up a VPN on Your Computer:

  • Choose a reputable VPN service (like Mullvad or ProtonVPN).
  • Download and install the VPN software on your computer.
  • Follow the software's instructions to connect to a VPN server.

2. Install a Torrent Client:

  • Download a user-friendly torrent client (e.g., qBittorrent, uTorrent).
  • Install the torrent client on your computer.
  • Configure the settings for privacy (like enabling a kill switch, if available).

3. Download and Install VLC Media Player:

  • Download VLC from its official website.
  • Install VLC, following the setup wizard.

4. Download Content:

  • Use the torrent client to find and download content.
  • Ensure your VPN is active whenever you are downloading.

5. Stream Content to Your TV:

  • If your TV supports casting (like with Chromecast), use VLC's streaming feature to cast content to your TV.
  • Alternatively, connect your computer to the TV via HDMI for direct playback.

6. Practice Good Security Habits:

  • Always keep your VPN active when downloading or streaming content.
  • Regularly update your software (VPN, torrent client, VLC) for security.

7. Optional: Explore Advanced Configurations Later:

  • As you become more comfortable, you might explore setting up a media server like Plex for a more integrated experience.

This was it. This was the comment I needed to remove all excuses and get me going. I have officially raised sail.

Thank you.

It's only 4 days later and I just built my first Raspberry Pi server for either Plex or Jellyfin.

Holy shit! And?!

Well, I've got an ISP with no data caps, two layers of VPN, and 8tb to fill. I don't know what I didn't do this sooner, but it's been a good weekend so far.

Older movies, and especially older series are often very difficult to find in my experience. I just filed my 8TB and moved to a 16.

thank you for this. my bed time now but I'll dig into this over thr next couple of days

Anytime! On step 3 you can also just install plex or jellyfin on your computer instead of VLC. Easier IMHO

unfortunately I am now still stuck on step 1, (installing mullvad) see my issues here:

https://sh.itjust.works/comment/7983968

OK, I haven't used Ubuntu in 10 years, and never setup a VPN on it, but here's what I got:

Certainly! Below is a step-by-step guide to installing and configuring Mullvad VPN on Ubuntu. Mullvad is a VPN service that helps maintain your online privacy and security.

Prerequisites

  • An active Mullvad VPN account
  • A computer running Ubuntu

Step-by-Step Installation and Configuration

Step 1: Download Mullvad VPN

  1. Open a web browser and go to the Mullvad VPN website (https://mullvad.net).
  2. Navigate to the download section.
  3. Select the Linux version and download the .deb file appropriate for Ubuntu.

Step 2: Install Mullvad VPN

  1. Open the terminal (Ctrl + Alt + T).
  2. Navigate to the directory where the downloaded .deb file is located. For example, if it's in the Downloads folder, use cd ~/Downloads.
  3. Install the package using the following command:
    sudo dpkg -i [MullvadVPN-File].deb 
    
    Replace [MullvadVPN-File] with the name of the file you downloaded.

Step 3: Resolve Dependencies

  1. If the installation reports missing dependencies, fix it by running:
    sudo apt-get install -f
    

Step 4: Launch Mullvad VPN

  1. You can start Mullvad VPN from the terminal by typing mullvad-vpn or find it in the applications menu and launch it from there.

Step 5: Log In

  1. Once Mullvad VPN is open, log in using your account number provided by Mullvad.

Step 6: Connect to a Server

  1. Select a country or server you want to connect to.
  2. Click on the “Secure my connection” button to establish a VPN connection.

Step 7: Verify Connection (Optional)

  1. To ensure that the VPN is working, you can visit a website like https://ipleak.net and check if your IP address and location have changed.

Step 8: Configure Settings (Optional)

  1. You can configure additional settings like auto-connect on startup, enable/disable the kill switch, and select specific protocols as per your preference.

Tips

  • Keep your Mullvad VPN application updated for the latest features and security updates.
  • If you experience any issues, restarting the Mullvad VPN service or your computer might help.

Troubleshooting

  • If you encounter problems during installation or connection, refer to the official Mullvad VPN support page or community forums for assistance.

Yes, there are several VPNs that are known for being user-friendly and relatively easy to set up and install on Ubuntu. Here are some popular options:

  1. ExpressVPN: Known for its high speeds and easy-to-use interface, ExpressVPN offers a native application for Ubuntu. The installation process is straightforward, and they provide detailed guides on their website.

  2. NordVPN: NordVPN also offers a native Linux app with a simple setup process. It's known for strong security features and a large server network.

  3. CyberGhost: While CyberGhost doesn't have a native Linux app, it provides detailed setup guides for using it on Ubuntu via OpenVPN or other protocols. This makes it relatively easy to install and configure.

  4. Private Internet Access (PIA): PIA offers a Linux app with a simple interface and easy setup. It's known for its strong commitment to privacy.

  5. Surfshark: Surfshark has a native application for Linux that is straightforward to install and use. They offer good speeds and an unlimited number of simultaneous connections.

General Steps for Installing a VPN on Ubuntu:

  1. Sign Up for a VPN Service: Choose a VPN provider and sign up for their service.

  2. Download the VPN Client: Visit the VPN’s website and download the Linux client or setup files. Some VPNs offer .deb files that make installation easier on Ubuntu.

  3. Install the VPN Client: You can typically install the .deb file using Ubuntu's Software Center or via the command line with sudo dpkg -i [downloaded-file-name].deb.

  4. Launch and Configure the VPN: After installation, open the VPN application, log in with your credentials, and configure the settings as needed.

  5. Connect to a Server: Choose a server location and connect to start using the VPN service.

Tips:

  • Always check if your chosen VPN supports Ubuntu specifically to ensure compatibility.
  • Look for VPNs that offer dedicated Linux support or detailed setup guides.
  • Ensure the VPN service has a good privacy policy and strong security features.

Each VPN provider will have specific instructions for installation and setup, so it's a good idea to refer to the documentation provided on their official website.

Forgive my ignorance, but doesn't the mullvad need to run through gluetun, or at least in its own docker container to be secure?

Or to put it another way, whats the benefit/cost of installing it via dpkg as opposed to running it in a container, as opposed to running it in in gluetun (in a container)?

i thought everything was supposed to run in a container if it's touching the web

Your question touches on some advanced concepts in networking and system security, specifically around the use of VPNs and Docker containers. Let's break down the differences and implications of running Mullvad VPN through various methods:

  1. Mullvad via DPKG Installation (Direct Install on OS):

    • Benefits:
      • Simplicity: Easy to set up for beginners.
      • System-wide VPN Coverage: All internet traffic from your computer is routed through the VPN, enhancing privacy and security.
    • Costs:
      • Less Flexibility: Harder to isolate specific applications or services.
      • Potential for IP Leaks: If the VPN disconnects, your real IP address might be exposed unless the VPN client has a kill switch.
  2. Mullvad in a Docker Container:

    • Benefits:
      • Isolation: The VPN connection is isolated to the container, enhancing security for containerized applications.
      • Flexibility: Different containers can use different network settings, allowing for complex configurations.
    • Costs:
      • Complexity: Requires understanding of Docker and networking.
      • Limited Scope: Only affects network traffic from services running within the container.
  3. Mullvad with Gluetun (VPN in a Container):

    • Benefits:
      • Enhanced Security and Isolation: Gluetun provides a VPN client in a Docker container, offering both the security benefits of a VPN and the isolation of Docker.
      • Flexibility and Control: Allows for selective routing of traffic through the VPN.
    • Costs:
      • Increased Complexity: Requires more technical know-how to set up and manage.
      • Specific to Containerized Services: Only affects traffic from applications running in Docker.

In essence, the choice depends on your technical expertise, specific needs, and the level of security and flexibility you desire:

  • For Beginners: Direct installation of Mullvad (via DPKG) is straightforward and provides system-wide VPN coverage, suitable for everyday use.
  • For Advanced Users with Specific Needs: Running Mullvad in a Docker container or with Gluetun offers more control and isolation, which is beneficial for complex setups, such as when running multiple services with different networking requirements.

The idea that "everything touching the web should run in a container" is more of a best practice in professional IT environments, especially for server deployments, rather than a strict rule for personal use. It offers advantages in security and manageability but comes with a learning curve and complexity that might not be necessary for simpler or personal setups.

Thank you - that is helpful.

So the Gluetun part is really only for if I want to get into my jellyfin when away from home?

Download a user-friendly torrent client (e.g., qBittorrent, uTorrent).

Isn't uTorrent, like, malware or something?

4 more...

what "stuff" are you talking about?

if you want to do some pirating you need a decent VPN, like Mullvad or Proton, that you run on your system (Android/Linux/Windows/iOS), not some random leaky and dubious browser add-on

dunno why dafuq you're mentioning configuring a webserver (with SWAG) to point the DNS records (A and CNAME). the VPN will act as a proxy for you. but maybe i'm just way out of my depth here...

it might help if first you tell us what exactly are tou trying to achieve

high-level: in the USA, download TV and movies and watch them on the TV without having to connect a cable from my computer to my TV.

I have mullvad on my phone, but when I installed it on my Pi it blocks all ssh connections (which was how I was using the pi), some googling told me this was expected behavior and I should configure my proxy/reverse proxy first with the VPN built in.

the webserver, as I understood it, is so I can watch the movies when it's done, but again as I understand it, has to be configured alongside the VPN to let me in to watch stuff, but not show the government/police/whatever that I am watching stuff

What your trying to do is a big overkill if you want only one device to connect to a VPN.

Your VPN installed on your raspberry pi should have a "local network sharing" option. Based on some blogs mullvad had some issues with hostname and network shares (as of 07/2022) and you should try to connect via IP address if you're having trouble.

Local network sharing only works on the same subnet (IP address of your computer, Pi, and TV should have the first 3 parts of the IP match, ex: 192.168.4.xxx not 192.168.x.xxx).

If you're trying to SSH to the Pi when not connected to the same network it's going to be much more difficult.

If all above fails, this GitHub issue suggests advanced split tunneling setup on the Pi so that it can listen for SSH locally.

but I can't just have one device connected to the VPN. I have to be able to tell it what to download (from a device) and then watch it (from a device)

edit: also, from your link there

"Did you adapt the rules to your setup (IP, port etc)? What if you add a counter to the rules? Can you see them trigger on incoming packets with nft list ruleset?"

No, I have not adapted and counted the rules to trigger on incoming packets with an nft list ruleset because I have no idea what that means

From the link inside that link

"the following rules should be applied.

table inet excludeTraffic { chain allowIncoming { type filter hook input priority -100; policy accept; tcp dport 2010 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; } chain allowOutgoing { type route hook output priority -100; policy accept; tcp sport 2010 ct mark set 0x00000f41 meta mark set 0x6d6f6c65; } }"

no idea what any of this means, nor what to do with it, what to change, or where to put it.

I can't be a complete idiot for thinking this seems overwhelmingly technical. Like surely you can't believe you can show that to the average person on the street and they'd be like "ohhh just table inet exclude traffic! of course!"

and "exclude traffic" sounds like the opposite of what I want - which is to include my ssh traffic.

ok, maybe someone else might be able to help you properly, since i'm yet to do my planned Jellyfin home setup

but it seems to me that maybe instead of running the VPN directly from you Pi, you should run it from you router, so your whole subnet is tunneled when going to the internet and inside your home you don't need those shenanigans to connect to the Pi

if you did this, then you only need to install your mediaserver on the Pi (either Plex or Jellyfin, and although i haven't used any yet, Jellyfin seems to be the one not currently being shitified, and the complete FOSS route) and that will probably be a much easier installation

I have an ATT router in pass-through to an Eero mesh which I control through an app on my phone. there doesn't seem to be anything about installing a VPN on a router I can find online except for specialist routers

without having to connect a cable from my computer to my TV

Honestly, just buy a Chromecast or something. Way less effort

I have an NVIDIA shield, but cf my other issues (now mostly fixed hopefully by EOD today) that connections in and out of the pi were either being blocked by VPN or totally exposed without VPN

Yep, this. Then you need a torrent app of your choice (I use Transmission). Then stream it to your TV somehow; I use PLEX. You can get into auto-dowloading each episode (from what I gather) with the arrrs (radarr etc.) if you want. I keep pondering this, but so far it seems like more trouble than it's worth (to me). (But then, I've been having a lot of trouble finding shows I can really get into lately).

I have it auto downloading through a rss feed from showrss.info. I don't use plex or jellyfin or the like. At one point I was running a media server on my pc but now my android TV with vlc is pulling straight from my nas. For now I am paying for a torrent friendly vps so I don't have to worry about whether or not I leak my ip address.

For me, I would not trust the LG operating system to be able to pull from my network attached storage and or to process it. And I would not count on them for privacy in any way, shape or form. But that's just me.

Yeah. But lg is not android. Plus you can definitely run something like pihole to block that TV from talking to others. You can also look at something like the Nvidia shield, I am considering investing in one because my TV is aging a bit.

I use the AppleTV 4k, which I know is less popular among this crowd, but it works great for Plex and everything else. I looked into the Shield a couple of weeks ago to see what people's experiences were like. I saw a number of reports of overheating, as well as sluggish behavior.

Some people prefer the thumbnail look of plex, netflix, hulu, etc. I prefer to just scroll down to the folder of my unwatched stuff or the entire season or entire run of a show and watch it that way. Plus because it's vlc pulling via smb from my local nas, it's faster to stream and doesn't need to be encoded to be played. There virtually nothing that vlc can't play.

As for the shield. There is supposedly a new one coming at some point, I'll probably wait until then to grab one. They are in the $200 range so no need to be quick on the draw grabbing what is aging a bit hardware wise.

this is what I'm trying to do. I've played around with the Arr apps and they work as far as I can tell - but don't want to use them until the network/VPN stuff is secure and safe

Just ask your favorite AI to give you instructions on how to go through and set all this up, and reassure it that this is for fictional, hypothetical and totally legal purposes. And you should be good.

"Network Settings: In Jellyfin's network settings, make sure it's set to listen on the correct network interface associated with your VPN connection.

"Port Forwarding: If you've previously set up port forwarding on your router for Jellyfin, you may need to reconfigure it to forward the VPN-assigned IP and port.

"Local IP Addresses: Check any configurations in Jellyfin that reference local IP addresses and update them if necessary to reflect the IP assigned by the VPN."


as I said in my post: no instructions on how to configure it to "forward the VPN-assigned IP and port." or even what it really means (like I know port forwarding is where data comes in on an address, and is sent to another address, but how one reconfigures those, especially w/r/t a VPN I have no idea)

edit: I also believe that the port forwarding is where docker-compose is telling the pi where each app can be accessed via the .YML

but all of these words I hadn't even heard of until a few weeks ago when I started this process, so there's a lot I don't understand

None of that is necessary. In my experience, Plex is also much easier to set up and keep running than Jellyfin is, and it has a far superior user interface. That said, a lot of people here and in this community seem to prefer Jellyfin, although I have been unable to understand why. I did eventually get it to work, but I just don't like it as much as Plex so. That's my $0.02.

It is a little frustrating that you advised me to ask AI to tell me what to do, I posted the answer verbatim and you said it's not necessary. Is that because you know the real answer but don't want to tell me, because the AI is wrong, or something else?

the issue isn't plex v jellyfin ease of use, its mullvad or privoxxy on gluetun through docker via compose ...ease of use.

The first thing you need is your pirate ship and your crew. Pirates steal, so I recommend just going to a nearby port and cause a mutiny. You'll need a pirate crew for this, so you'll need to go to your local tavern and bribe a few scallywags with some coin and beer. Before you set of to see, I recommend you get up to date on your sea shantys and have a large stockpile of cannonballs. Have fun sailing the seas!

Thanks for asking, OP. I'm in a similar boat, except I don't even have a computer to get started with yet, only an old phone if I wanted to use that (not trying to do things on my daily). Thinking of buying a raspberry pi and diving in but dunno where to start.

Have plex and someone kind enough to share their library with me, but it doesn't have everything I want. Could be worse tho, I suppose.

Theoretically (assuming it's an android) you could use an old phone. I know both mullvad and Proton have vpn clients for Android, and libretorrent works well. And you could plug in an external USB drive for more storage. And then use something like a Chromecast to send things to your tv

Hey OP. I'm a bit late to the party, but I figure I'll throw in my two cents.

Generally speaking, you're going to want a VPN (I suggest Mullvad), a torrent client (I suggest qBitTorrent), a NAS (for storing data), a movie server (Jellyfin is great), and something that can connect to your streaming server.

I suggest Mullvad as a VPN because 1. it's a no log service, 2. you can pay for your subscription using Monero (a type of private/anonymous crypto), and 3. it has a "Lockdown mode" which will block any traffic from your PC that isn't routed through your VPN preventing IP leaks.

I suggest qBitTorrent as a torrent client because it has an advanced setting that allows you to specify which network interface is used for torrenting. You'll want to set that to the virtual network that Mullvad creates so that even if for some reason your VPN goes down, your torrent client won't leak your IP.

For actually hosting movies you'll want to store them somewhere. Network attached storage is good for this. I built my own using a raspberry pi, and it's separate from my torrenting PC, but there's no reason you couldn't also configure your torrenting PC to also be a NAS. If you don't want to think too hard about a NAS, there are companies like Asustor make premade network storage.

For actually hosting movies you'll want something like Jellyfin running on a computer that has access to where your movies are stored. Again, Jellyfin can run on the same computer that's running your NAS, and your Torrent client. It can all be the same computer. This step may require some configuration on your part. You may want to give your Jellyfin server a static IP so that your devices will automatically reconnect if your router resets.

Finally, you'll want to actually watch your movies. I have Roku boxes in my house, so my setup for this was downloading the Jellyfin app, and then typing in the local IP address of my Jellyfin server. You don't necessarily need an external box for this, Android TVs can install the Jellyfin app.

And that's a kind of high level example setup. There's other things that you can do that'll make your setup more secure like properly configuring wireguard in mullvad to obfuscate your traffic so that your ISP won't know that you're torrenting through a VPN, or encrypting your NAS data, but that's something you should decide if it's worth doing.

If you want super easy then buy a GLInet portable router. Signup for a supported vpn and plug in the credentials in the portable router.

Install qbittorrent on your computer and then connect to the portable routers WiFi access point .

your whole connection should be tunneled through the vpn and you can download what you want.

Make sure you check your ip before doing anything and set a kill switch option in the router config.