• 1 Post
  • 61 Comments
Joined 11 months ago
cake
Cake day: December 26th, 2023

help-circle

  • You can do this with a site-to-site wireguard VPN. You will need to set up the proper routing rules on each termination. On the Internet facing side you will want to do DNAT (modifies destination, keeps source) to redirect the incoming traffic to your non- internet facing side through the tunnel. Then on the non- internet facing you need to set up Routing rules to ensure all traffic headed for public IPs is traversing the tunnel. Then back on the Internet facing side you need to SNAT (modify source, keep destination) the traffic coming through the tunnel headed for the Internet. Hopefully this helps. People saying this goes against standards are not really correct as this is a great application for NAT.




  • I wonder if this is the cause for the UI failing and showing a white page with “server error”. It has something to do with a failure to retrieve the site icon and if postgres is crashing that could explain why lemmy-ui is failing to retrieve the site icon.

    My current “fix” for this is a script that runs every 10 minutes and sets the site image to NULL, curls the site URL, then sets the site image back to what it was. This does seem to work around the problem and if the UI does crash it’s only down for a maximum of 10 minutes.