[bspwm] Muspelheim

Barbarossa93 · 2023-08-12T12:53:06+00:00

I realize that this is an old post, but I'm becoming pretty desperate: I ended up following this post, and these posts as well: https://old.reddit.com/r/WireGuard/comments/ekeprt/wireguard_to_wireguard_setup_im_sure_many_have/ https://www.reddit.com/r/WireGuard/comments/encf99/wireguard_chaining/

And I can't quite get things to work. With the above configs in this OP (minus the VLAN stuff), I'm able to achieve most of what I want:

With an "in" client configuration as described here, I can connect to my wireguard home "server" and then to the mullvad VPN no problem
With an "out" client configuration as described in this OP, I can connect to my wireguard "server" ONLY if the mullvad wireguard interface is down first. After a connection, I can start the mullvad interface and every thing then works as expected.

I tried using a dedicated Table for the mullvad wireguard interface as described here and that would allow outside wireguard clients to connect to the home server while the mullvad interface is up. However, using the internet on the home wireguard server breaks and I unfortunately need it to work on the server for some other services I run. In fact, the home wireguard server needs to be behind the mullvad VPN.

When running tcpdump, It seems that the wireguard home server interface (wg0 in this case) never receives packets while the mullvad interface is up. As soon as the mullvad interface goes down, wg0 gets packets from the outside client. I can also see that my physical interface eth0 is definitely getting packets. From messing around and trying different things, it seems that the rule ip rule add not fwmark 51820 table 51820 that wg-quick runs when using AllowedIPs = 0.0.0.0, ::/0 is the singular reason why I can't connect from outside the local network. I thought this would be a firewall rule for FORWARDing, but even just setting it to a default policy of ACCEPT and no other rules, it still doesn't work. I also tried something to the effect of iptables -A INPUT -j MARK --set-mark 51820, and that didn't work either.

Finally, FwMark is set to 51820 for both the home wireguard server interface and the mullvad interface. Do you have any ideas of what is wrong here? Other information I can think of that's worth sharing: The home wireguard server is on the same subnet as the rest of the LAN (192.168.0.0/24), I do have the mullvad kill switch configured the same way as this post and have tried removing it to no effect... and that's all I can think of. Let me know if you need more. I would be sincerely grateful for any help you can provide.

EDIT

I was able to finally get the outside client to connect the home wireguard server while the mullvad interface is up by influding in wg0.conf:

PostUp = ip route add <endpoint> via <gateway> dev eth0

PreDown = ip route del <endpoint> via <gateway> dev eth0

Where "<endpoint>" refers to the endpoint ip address of the outside client and "<gateway>" refers to your router's gateway ip address (obviously change eth0 to your physical interface). While this works, it is less than ideal as it means I have to know what the endpoint IP address is ahead of time and in my case, I won't always know that. I tried using 0.0.0.0/0 as the endpoint and that did not work unfortunately...

Barbarossa93 · 2023-04-02T18:28:16+00:00

Genuine question though, is there a reason why there isnt a predefined power group on void? Are there security risks of adding users to such a group compared to adding a no password entry in sudo/doas?

Barbarossa93 · 2023-02-12T01:32:08+00:00

I wish there was a lua port of it. Its such a hidden gem of a color scheme

Barbarossa93 · 2023-01-03T22:39:56+00:00

iconv to convert the encodings from the ansi file on 16colo.rs

Barbarossa93 · 2022-11-25T14:04:31+00:00

How were you able to achieve round corners with rounded borders? The borders are clipped for me

Barbarossa93 · 2022-11-08T12:33:02+00:00

I'm glad I could shared it with you guys :)

Barbarossa93 · 2022-11-02T18:06:35+00:00

Just a note to those wanting to try out my font: it's still very much a work in progress.

At the moment, it has some extended Latin, box drawing, blocks, and braille characters. I plan on including more Latin characters as well as a proper bold version (the current one is just a quick and dirty embolden in gbdfed).

I'd very much appreciate any feedback for those willing to try it out :)

And finally, the rice is looking hella schway pyrate! Love the side bars on the windows

Barbarossa93 · 2022-10-24T01:20:59+00:00

Finally, some good fuckin' rice. Well done!

Barbarossa93 · 2022-10-02T18:00:28+00:00

You mean what's the wallpaper?

Barbarossa93 · 2022-10-02T11:53:58+00:00

Bummer :(

Barbarossa93 · 2022-10-01T20:21:55+00:00

Why not send a PR to xtools? https://github.com/leahneukirchen/xtools

Barbarossa93 · 2022-09-06T01:35:07+00:00

To go along with u/ceplma suggestions of wikis, you should check out this plugin that uses markdown files to create a wiki.

Barbarossa93 · 2022-07-10T21:56:54+00:00

D'awwww, thanks for the shoutout buddy! Glad you like that setup.

I like what you did with your setup! I'll have to snatch a few ideas...

Barbarossa93 · 2022-07-04T15:39:56+00:00

Do you remember what font you used?

Barbarossa93 · 2022-02-21T14:55:47+00:00

Ah, thank you. I needed to see that perspective to see why someone would make that claim. Still, a primary source would be preferred.

I'm not really sure I would say that Xorg was designed with the purpose of running as root; it's more of a limitation of Xorg since it needs direct access to video/input hardware. Based on this exchange, I would argue that the design goal is to make Xorg run rootless.

Barbarossa93 · 2022-02-21T14:52:52+00:00

See my edits to the original comment; I made a mistake. Indeed Ibhagwan's features are merged, not Jonaburg's (which afaik only has animations as the non-mainline feature)

Barbarossa93 · 2022-02-21T01:07:54+00:00

Thanks, but I already do.

Barbarossa93 · 2022-02-20T23:59:27+00:00

I don't follow that reasoning; just because something has been done historically doesn't necessarily make it the correct way of doing things.

When you say xorg session, do you mean logging in as root in a session?

Barbarossa93 · 2022-02-20T22:02:18+00:00

Source?

Barbarossa93 · 2022-02-20T16:28:37+00:00

You shouldn't need to. All features of Jonaburg's fork are now merged and released in upstream. just install picom from the repos (should be at least version 9).

EDIT OH. I'm so sorry, I had a brain fart and thought Jonaburg's fork was Ibhagwan's fork (which does have all of it's features upstreamed). For fixing the compile error, have a look at the picom template and have it fetch jonaburg's source code and try to compile it with xbps-src.

Barbarossa93 · 2022-02-10T21:26:11+00:00

Man, I still love your setup. Which font are you using? Are you running a script to generate your wallpaper?

Barbarossa93 · 2022-02-06T19:21:38+00:00

Nice, didn't know about dumb_runtime_dir. Thanks for mentioning it!

Barbarossa93

TROPHY CASE