Trailblazing Braille Taser

  • 0 Posts
  • 31 Comments
Joined 2 years ago
cake
Cake day: August 16th, 2023

help-circle


  • You can also “simply” raw-dog Wireguard. It’s built into the Linux kernel, so you barely have to install anything besides the userspace tools.

    Basically, I objected to being reliant on the generosity of a for-profit company. “We do these things not because they are easy, but because we thought they would be easy.”

    This is a rough sketch:

    • Create a Linux server. It can even be a VM/container if you get the networking right.
    • Create a Wireguard interface and pick a private IP address subnet that won’t conflict with your home subnet: https://www.wireguard.com/quickstart/
    • Define PostUp and PostDown rules in your Wireguard config that modify iptables to masquerade traffic from the Wireguard subnet
    • Also set net.ipv4.ip_forward=1 with sysctl. (There is probably an IPv6 equivalent but I live in the past.)
    • Generate keypairs and configs for each device you want to use
    • Set up dynamic DNS, e.g. https://freedns.afraid.org/
    • Forward UDP port 51820 to your server
    • Install the Wireguard app on your client devices. If Linux, you can just write a client config containing the necessary magic words and start it up with wg-quick.

    Boom. Tailscale’d.

    I’m sure I’ve forgotten some steps. I have some janky automation that’s broken in a new way every time I try to use it.








  • I honestly think autocorrecting your scripts would do more harm than good. ShellCheck tells you about potential issues, but It’s up to you to determine the correct behavior.

    For example, how could it know whether cat $foo should be cat "$foo", or whether the script actually relies on word splitting? It’s possible that $foo intentionally contains multiple paths.

    Maybe there are autofixable errors I’m not thinking of.

    FYI, it’s possible to gradually adopt ShellCheck by setting --severity=error and working your way down to warnings and so on. Alternatively, you can add one-off #shellcheck ignore SC1234 comments before offending lines to silence warnings.