After a very enlightening discussion in a previous thread, I decided to plunge into a mesh type network to connect my various servers and devices.
Nebula has been fairly straight forward to set up so far, but I’m having some trouble with the details and am curious if anybody has successfully got Nebula up and running for their network.
Installation on Linux platforms has been a breeze. Windows I can’t seem to get working. I was able to install but the service refuses to start. Can’t find any documentation besides random GitHub issue threads. MacOS was easy to install but having issues due to a VPN that’s running already.
I use a VPN because I travel a lot. I also use my MacBook to SSH into my servers or access remote file storage. My previous network configuration was connecting via wireguard to my network. I was able to do this while maintaining an always on VPN with the mullvad app. With Nebula that VPN seems to muck things up.
I’m also curious if anybody has had experience setting up a dual config for Nextcloud. Essentially accessing a Nextcloud server from nebula with a trusted device while still allowing public access for things list public shared links.
What is nebula?
I wouldn’t call it a clone, Tailscale didn’t invent mesh VPN’s. I believe Nebula is fully self hosted, while Tailscale makes initial connections through their servers. That means Nebula is more secure and private if you’re paranoid, but also harder to set up. They’re also based on different VPN protocols.
Tailscale actually published a surprisingly unbiased comparison: https://tailscale.com/compare/nebula
Should probably be pointed out (and I assume the tailscale link does), but Tailscale offers a fully self-hosted option called Headscale also
But also self-hosted (the central server, i.e. “lighthouse”) and open-source
Yes, have it running and it works well. Nextcloud setup is sth that I will still have to set up but the only problem I see there is certificates.
To debug Nebula, simply try executing it by hand, e.g. nebula --config /path/config.yml and see what the error message is. Or check your journalctl of course. Share the message here and we can have a look!
I got a small network running with Linux, android and Windows, but seldom use it. Windows install worked fine, but it remember it was not well documented (needed to use some argument for it to setup the service). Don’t use nextcloud but I do have vaultwarden working over it.
I’m planning to move to headscale due to the certificate management overhead.
@brownmustardminion@lemmy.ml do you mind sharing why nebula and not say WireGuard?
My network is currently setup with wireguard. I have a VPS operating as a hub within a hub and spoke (or is it hub and wheel?) configuration. This has worked great with the exception that all traffic passes through the VPS. The benefit of a mesh network is that I can directly connect clients and data does not have to flow through an intermediary VPS.
@brownmustardminion@lemmy.ml BTW it would be great if you can share your experience in the future!
I’ve not seen nebula, that looks a lot like tinc. Iight have to see how hard nebula is to get running.
If your looking for a mesh VPN, tinc is very easy to setup
