I’m getting frustrated with tailscale and trying to move off of it. I have a truenas box at a different location which is using ubiquiti hardware. I’m using their dream machine pro as my wireguard VPN server.
I have a backup server at a different location, not using ubiquiti. Just whatever isp hardware is given(so garbage, really).
I feel like the right answer is to get another ubiquiti router of some kind and do site to site VPN. But I don’t want to buy another $500 router, for only one device.
Is there a way to have my backup server connect to my wireguard server as a client?
I was in the exact same boat as you, trying to find an alternative to OpenVPN Client since they’ve removed it from the system.
Sadly, there’s currently no (official) way to set up a Wireguard client on TrueNAS, and the Truecharts Wireguard app gave me more trouble than it should have.
The best solution in my opinion is using the builtin Wireguard service, using a script on startup for it to fire up automatically on boot.
-----
1| Place you conf file in one of your pools. You might wanna make sure not calling it wg0.conf, since that interface might be reserved under some circumstances, so I went for wg1.conf personally.
2| Create a script (wg1.sh) and place it on a pool as well, replacing the exact location and naming of your .conf-file:
#!/bin/bash sleep 120 /usr/bin/wg-quick up /mnt/tank/Wireguard/wg1.conf
3| Make the script executable:
sudo chmod +x /mnt/tank/Wireguard/wg1.sh
4| Add it as a Post Init startup script via the Advanced Settings.
If you how to make wireguard conf files, no need for any app. Wireguard built in. Just start wireguard network at startup using your conf file in a script.
TrueNAS has apps that could handle that, or virtualization, or there are ways to run apps in the shell.
A small virtualized Linux machine would probably do the job running on the TrueNAS as the client
I see I misunderstood. Still learning this stuff. Though I think I saw that functionality using Tailscale? or maybe even Headscale? Just thinking off the top of my head from a video I watched, OP will want to look into that more if that fits their needs.
No worries I’m also here to learn stuff! I’ve been self hosting for a while already, but never had a need for a vpn tunnel to my home until now that I’m going to build an off-site backup, so this area is very much new to me
Sorry for the long post, I just thought I’d write some points about what I found during my quick research into this, in-case someone else finds this thread though Google, like I did.
Actually, you might not be that far off with your recommendation soon! I looked around wg-easys GitHub and it looks like it’s going to be able to connect as a client in maybe the next release, along with what looks like a bunch of other features. Hopefully that’s true as it would hopefully make using wireguard between two truenas instances much easier!
Currently you can connect Truenas to wireguard through the terminal, with the wireguard client included in Truenas. The problem with that is that it just doesn’t seem officially supported, as all important Truenas features are meant to be available through the web ui, and that isn’t, so I’d feel a bit wary of using that, in-case they decide to remove it or something.
Tailscale might be a good option if you don’t mind that it’s basically hosted by someone else. Personally I’m really into self hosting, so I think I’m going to stick with wireguard because of it (and I really like the simplicity of wg-wasy).
Tailscale looks like an interesting option, though I’m not sure if it would have any advantages over wireguard, at least in my situation.
It looks like with their wireguard container I can set it up as a client. I also found this post that seems to suggest that as well. I’ll give it a go when I can
i was able to install Wireguard client for qbittorrent only. i don’t know enough to get it to work for tailscale as an exit node. i am looking for people that know how to do that part. but I can link you to a how to. its very easy to do for wireguard.
Do you mind elaborating this a bit? I’m planning the same thing VERY soon. Need a TrueNAS at a buddies house for him to use and to sync to my servers. Did you do ubiquiti to ubiquiti routers? I have an OPNsense router at home with WG setup. P.S. Not an expert here, just your above average PC user.
Just for ease, and because I was tired of having management wanting it done faster, I just ordered a ubiquiti router at the backup location and added it to my account, which automagically made a tunnel.
By theory, making a vpn key on your OPNsense, and adding it to the ubuquiti device should work. Maybe with the need of setting changes
