Self host a VPN.
Use a raspberry pi to self host a VPN from your home network.
There are many reasons you may want to use a VPN. There are some common use cases below:
- Connect to non internet-facing devices(such as a personal server) on your home network over the internet (therefore anywhere in the world).
- Stop spooky public wifi’s tracking you or trying to MITM you when out and about.
- Access content from a different area of the world which may be blocked or banned in the country you are in.
- Monitor your own network traffic from devices connected to your VPN.
A common mistake is to think that using a VPN makes you anonymous. This could not be further from the truth.
A VPN may hide your IP address, yes, but the VPN operator knows your IP address and also the site’s which you are visiting.
Websites do not rely only on your IP address in order to track you. Browser fingerprinting is used which will most likely be unique to your browser and a VPN will not help here.
It could possibly be even worse for your privacy if you also have a DNS leak.
So in effect, using a VPN for anonymity is like switching your ISP for anonymity, its simply not going to work. If you want anonymity, then use Tor on safest mode.
Installing the VPN
We will be creating a wireguard VPN as wireguard has a tiny SLOC compared to OpenVPN, allowing for better code auditing and security. As well it is much faster and uses less resources than OpenVPN.
Boot up your raspberry pi and SSH into it.
Install piVPN with the below commands.
curl -L https://install.piVPN.io | bash.
- Select ok x 2.
noto DHCP reservation.
yesto using the current IP address.
- Select your current user then
- Then select wireguard and ensure it is the only one selected, don’t select OpenVPN (use the space bar to do this).
noto needing to modify the default settings.
- When asked for the port select
- Then select the DNS provider which you wish to use and select
Use this public IPthen
- Then select
yesto enabling unattended security patches then
- Then select
yesto rebooting then
Adding a VPN user
A user can be added with the below command.
sudo piVPN add`
Once you have created your user you will need to send the users device the .conf file which is the details they need in order to connect to the VPN.
Wireguard will automatically read these from the .conf when importing.
The .conf will be at
Import the .conf into your wireguard client and now you have a working wireguard VPN connected to your home network!