I currenly reside in a country with strict piracy rules but also have access to the internet in a country where piracy is not enforced. I want to setup a VPN and route qBittorrent’s traffic through it. The idea is to do something like this:
I am fresh to selfhosting and most of the time have no clue how to achieve what I want. So far I have tried Tailscale but I think it won’t work how I want it to. If it helps, I have domain name registered. Can anybody point me to the right direction?
Update (if anyone is seeking answers):
I went with tailscale which I have already set up before on the rpi3. Somehow, no matter what I try, wireguard or pivpn would not work. Maybe I have hands growing out of my ass or something, no idea.
What did work is Dante. I setup socks5 on pi through tailscale0 and it worked wonders. Qbittorent did connect and detected IP of rpi3. The best part is that opposed to wireguard, dedicated port does not have to be open in order for Dante to work. I see it as a win win! Now I’m hyped to go back to my homeland and install pi there.
I am thinking to do this but only one thing bothers me. I want only qBittorrent to be using VPN, not the rest of the machine. Is there a way to set only qBittorrent with Tailscale?
Ah, sorry I hadn’t appreciated you were after split tunnelling… You can do this with Tailscale for services where you’re connecting to a fixed IP/FQDN, which I think rules out torrenting/P2P unfortunately.
The only way I’ve seen to pass a specific app’s traffic through Tailscale appears to be an Android exclusive feature.
If I’m wrong someone please correct me!
Anyone who knows enough about Wireguard, iproute2 tools, iptables/nftables, etc (firewall-marking certain packets based on criteria, then directing them through alternate route-tables based on that) can hand-roll split-tunneling, internal point-to-point tunnels/meshes, etc. For (most) people who want to achieve this in a less painful/fragile way, from what I’ve understood it seems Tailscale just does exactly this under the hood in a less arduous and more intuitive way for users, while also providing a static internet-facing ingress point when needed. Headscale exists for those wanting that but with their own static ingress (self-hosted at their own IP) instead of Tailscale’s.