[Question] neko-vpn with neko-rooms?

[madindehead]

I was wondering, is there a way to get neko-vpn running with neko-rooms?

I know that I could use a Wireguard container with neko-rooms, but then of course every room would be routed via that VPN. neko-vpn seems like a good option, but I'm not sure how to even start combining them.

Any help would be appreciated - thanks.

[m1k1o]

You would only need to setup neko-vpn container as in the example, it needs to be in the same network as neko-rooms.

And then for firefox, you need to mount own policy (using storage mounts) so that it uses your new vpn proxy. That is actually name of the container vpn and default squid proxy port 3128.

For google chrome it is easier, you just need to add HTTP_PROXY=http://vpn:3128 and HTTPS_PROXY=http://vpn:3128 to your new room (available in expert settings) and it automatically picks up your defined proxy.

[madindehead]

Ah OK - that makes sense. Also, thank you for the quick response.

I'll take a look at this and see how I get on. I do currently run neko-roooms with storage mounts, so that's already in place.

I will close this for now, but I will come back if I have any issues setting this up. Thanks again.

[madindehead]

Update:

Seems I got this to work! Your instructions were straightforward to follow, so thank you for that!

I use Mullvad VPN, so I also had to include the directory /vpn/ before the certificate in the config file. I also had to comment out the extra VPN connections at the bottom of the file otherwise it would give me an error. I also had to uncomment the service and block-outside-dns lines.

I am leaking DNS servers and WebRTC IP when I check the Mullvad checkup page - not sure if that's down to OVPN or the way neko uses the VPN, or my own error? Not sure if you have any experience of using Mullvad. I might be able to get around this while using the Mullvad

One thing I meant to ask last time:

In the docker-compose file, under the vpn service, there is the line command: "80 ${DEFAULT_VPN}".

Does the 80 refer to port 80? Or is it something else entirely? I'm asking as I used to run my neko rooms on port 80 to make it a bit easier to access interally and I wasn't sure the cmd link would interfere with it or not.

[m1k1o]

I am leaking DNS servers and WebRTC IP

It is matter of configuration of web browser, can also be disabled altogether. For DNS you can either set up own pi-hole (or ad guard) where you can get more control of what is how being resolved, or just forcing some public servers (1.1.1.1 or 8.8.8.8).

Yes, that is port number where the GUI application is running, can be accessed by http://<container-name>/ from inside neko. Since it is in own container, it won't interfere with neko-rooms.