“Colloquially, the term VPN may be used to refer, albeit improperly, to a proxy service that uses VPN technology (such as OpenVPN) as opposed to higher-level proxy server protocols (such as SOCKS) as it does not require configuration of individual applications to tunnel their traffic through the proxy server, instead employing routing to redirect traffic.”
“tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet”
tinc probably won’t do what you want right out the box but you could possibly configure it to work like the vpn services if you have a network of addresses.
From my experience wireguard is pretty easy to setup. For what purpose do you want to setup your own vpn though? If it is for privacy reasons this is probably a bad idea because most likely the server that will run the vpn software will be linked to you. And if you are the only person using your selfhosted vpn, it is trivial to identify you.
Can confirm that it’s easy to set up. Also very fast.
deleted by creator
You can adjust what traffic you wish to send over wireguard by adjusting allowed-ips peer attribute (assuming you’re using wg-quick), e.g. if you only wish to send your lemmy.ml traffic over wireguard tunnel, then get the IP address(es) associated with lemmy.ml DNS name, and add them to allowed-ips attribute of your wireguard peer (in your local configuration), while removing the default route from there. With this reconfiguration tunnel, you will now have route(s) to lemmy.ml going over wireguard while rest of the traffic going via the default route. You can keep appending more routes to allowed-ips over time, and reloading tunnel configuration.
For more flexibility, you can try with OS’s support for that, e.g. Linux network namespaces, or setfib(1) in FreeBSD. AFAIK, there is nothing in Wireguard to do that other than what’s possible with routing.
Yes, that does help a little. But how much depends on your threat scenario: If you just don’t want your ISP to know what you are doing or hide your true IP from some web site you are probably good but if you want to avoid online tracking the situation with a selfhosted vpn may even be worse as your server probably has a static IP address and makes you easy to identify. Also note that once you login into some website with and without vpn it is easy to connect you to your server.
Overlaps somewhat with /c/floss_replacement and /c/privacy; crossposts welcome