I want to have both a NAS that runs Freebsd for ZFS and some form of debian to run the Streisand script on for my VPN needs. I don’t know whether I should go all onto either some form of linux or freebsd, or just “obtain” bare metal virtualisation? I only have one box to work with. Will post specs if requested
Reading your thing, I was thinking of some semi-complicated setup of a virtualization box running both your NAS and VPN.
Maybe a proxmox or esxi solution with mounted hardrives going tot he FreeBSD VM with software RAID and another VM running debian foryour VPN.
I’ve been running ZFS with native encryption for data in Manjaro for over a year with zero problems. A Debian / Ubuntu LXC container inside Manjaro would run Streisand.
A better idea would be a remote OpenVZ VPS to run a vpn server on. A 128mb Debian container is enough & costs 10 bucks a year.
Not necessarily better, if he has a fast internet connection at home. I have gigabit and run my own VPN at home. I do suggest Algo over Streisand, and WireGuard in particular.
You can run a Linux VM on BSD if you prefer.
This is viable, however @itoffshore’s information is what I needed regarding ZFS on Linux. I don’t need a container for my VPN, I also only have 4 gigs of RAM to work with, and I’m going to expand beyond a mere terabyte in parity(1tb per 1gb RAM), so Ubuntu server with ZFS it is.
That being said regarding the advice below, I personally want to just host at home as both a learning experience and direct control of my hardware
With the VPN automation itself -thank you for providing the link- I just want OpenVPN and Cisco given my use case. I’ll look into WireGuard. I’m just setting up this to bypass blocking at my place of work. I do have reasons to put my IP address elsewhere, but I’ll just get the Debian VM as suggested by @itoffshore (funnily enough, off shore)
I use WG for the same reason, works great. Paid VM also works well, Algo is actually designed for that.
In Linux I use btrfs for the root filesystem & zfs for data. Ubuntu supportszfs on root - you need at least zfs 0.8.0 to be able to use native encryption (Ubuntu Eoan)
With 4GB of RAM never turn on deduplication in zfs. This will also allow you to use a faster encryption scheme - aes-256-gcm.
Important data should be backed up both locally to an external Hard Drive & remotely with something like borg.
Incidentally CISCO routers have backdoors built into them.
- Buy a router that can be flashed with OpenWRT.