This really goes to show you how valuable a good experience / API is.
PiVPN is so easy to use. You run 1 command and pass in the name of the config to generate and you're done. Now you can take that config and use it client side.
I've used it on Debian servers (not a Raspberry Pi) and it's been flawless to onboard a bunch of folks into using a VPN (work related).
IMO there's no way this project will fail, someone will fork it.
curious to hear does anyone know what the mentioned alternatives are? a super simple to use wireguard control plane is super valuable and PiVPN seemed to fit that gap perfectly
unfortunate that it's come to an end but it's nice to hear the maintainer moving on in such a positive way :)
After meaning for years to spend the 2-3 hours I’d need to set up wire guard and get all my devices on it that I’d want on it (it’s a bit fiddly and time consuming, and inevitably with projects like that, there’s some dumb problem that comes up that wastes a bunch of time) I just did the free tier of Tailscale.
Server, two Apple TVs, a couple phones, a tablet, and a laptop all on it in like 15 minutes flat. With one of the Apple TVs configured to act as a gateway, too.
Thanks to the maintainers of the project. It is a handy tool, a good wrapper around setting up simple wireguard quickly. And it pairs with pihole really well.
I migrated to OPNSense for my DNS and I haven't needed VPN for a little bit. But I kind of disagree that there is no place for a simple CLI tool for wireguard user management.
I was going to make a comment about how unreasonable it is to shut the project down instead of letting someone else take it over. But two things come to mind: First, yes, people can fork it and develop it on their own. Second, right after xz, maybe it would seem unwise to endorse a stranger taking over your security project.
PS: PiVPN isn't wireguard itself. Assuming WG's command line doesn't change radically for a while, PiVPN is still completely usable and people don't need to rush to get off it.
This is the best way to conclude a project like this, I wish more clear cut "this is the end" choices were made. An ecosystem with zombie projects isn't healthy.
> I've been giving less and less attention to PiVPN, and the desire to keep up with it is no longer what it once was.
I wonder if financial/monetary incentive would change this. I don't think it would personally (because putting a value on your free time/mental load/time you can spend with your loved ones doing something else away from the PC is precious)
On the flip side... $500/mo? $1k/mo? $5k/mo? I'm sure most projects that go "defunct" open-source-free-no-financial-incentive-thanklessly-help-build-something could probably find "motivated maintainers" for $3k/mo on average? Internationally?
Is the "capitalist" answer "this repo and all of its efforts are not worth $3k/mo to the open market"?
Why? I wish people would put their projects in something like https://www.codeshelter.co so anyone who's interested can maintain them, instead of just killing them.
Anyone got a recommendation for a router with Wireguard support baked in? I've been running PiVPN on a separate box but since I need a new router anyways and it's not going to be supported, that might be a viable replacement.
Recently we needed a customer in a different country to be able to connect to a wireguard instance and I didn't want to deal with the support headache of walking them through the flashing process. While I was looking for devices that come with OpenWRT preinstalled, I came across FriendlyElec that looked quite decent.
Eventually we ended up building a custom Raspberry Pi image.
Ubiquiti UDM-Pro has it, but I'm not sure how they're regarded in popular opinion these days. I've had good luck with everything but the PoE on mine, and they gave me a free injector to fix that.
You can easily install Wireguard on EdgeOS (VyOS fork) 1.x and 2.x and 3.x will have it natively. The OS is kind of RIP otherwise, so I cannot recommend it, but Ubiquiti just released a new UnifiOS-based router with 5 2.5 GHz ports saturating 1.6 GHz with IDS. That, or some random AliExpress x86-64 router with OPNsense.
Eh, I just wanted to migrate to this, a lot of threads recommend it as the best way to effortlessly set up Wireguard. WG-easy, Headscale have their own set of problems. I guess there will be forks.
> WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
Crazy to abandon a 6.4k star project that presumably many people are actively using… I know maintenance of OSS projects can be burdensome but there’s usually some in the community that are eager to chip in with PR reviews and handling issues. I’m surprised they aren’t interested in pivoting the product in the same general direction but giving it some novel features or something.
Why is it crazy? If it no longer aligns with the maintainer’s interests or energy, doesn’t provide compensation, he’s within his right to archive it and move on. And people in the community can fork it if they need to.
After the sshd debacle, and in the context of GenAI becoming ever better at impersonation at scale, I don't think anyone working on a security-relevant project should simply hand off to an enthusiastic community member they don't know well.
solarkraft|1 year ago
They learned a good lesson from the liblzma situation.
baq|1 year ago
nickjj|1 year ago
PiVPN is so easy to use. You run 1 command and pass in the name of the config to generate and you're done. Now you can take that config and use it client side.
I've used it on Debian servers (not a Raspberry Pi) and it's been flawless to onboard a bunch of folks into using a VPN (work related).
IMO there's no way this project will fail, someone will fork it.
FerretFred|1 year ago
postpawl|1 year ago
jimmyl02|1 year ago
unfortunate that it's come to an end but it's nice to hear the maintainer moving on in such a positive way :)
vundercind|1 year ago
Server, two Apple TVs, a couple phones, a tablet, and a laptop all on it in like 15 minutes flat. With one of the Apple TVs configured to act as a gateway, too.
Should’ve just done that to begin with.
postpawl|1 year ago
You set the number of peers and it generates that number of folders with certificates and QR codes for you.
Saris|1 year ago
renk|1 year ago
pogue|1 year ago
unknown|1 year ago
[deleted]
Havoc|1 year ago
Fnoord|1 year ago
xyst|1 year ago
Might just setup a nixOS arm image with wg instead
unethical_ban|1 year ago
I migrated to OPNSense for my DNS and I haven't needed VPN for a little bit. But I kind of disagree that there is no place for a simple CLI tool for wireguard user management.
I was going to make a comment about how unreasonable it is to shut the project down instead of letting someone else take it over. But two things come to mind: First, yes, people can fork it and develop it on their own. Second, right after xz, maybe it would seem unwise to endorse a stranger taking over your security project.
PS: PiVPN isn't wireguard itself. Assuming WG's command line doesn't change radically for a while, PiVPN is still completely usable and people don't need to rush to get off it.
oneplane|1 year ago
MuffinFlavored|1 year ago
I wonder if financial/monetary incentive would change this. I don't think it would personally (because putting a value on your free time/mental load/time you can spend with your loved ones doing something else away from the PC is precious)
On the flip side... $500/mo? $1k/mo? $5k/mo? I'm sure most projects that go "defunct" open-source-free-no-financial-incentive-thanklessly-help-build-something could probably find "motivated maintainers" for $3k/mo on average? Internationally?
Is the "capitalist" answer "this repo and all of its efforts are not worth $3k/mo to the open market"?
stavros|1 year ago
Hamuko|1 year ago
logicziller|1 year ago
Eventually we ended up building a custom Raspberry Pi image.
opello|1 year ago
spr-alex|1 year ago
Fnoord|1 year ago
gamesbrainiac|1 year ago
lazyeye|1 year ago
Perhaps overkill but have been running this for many years with zero issues. It does everything though so configuration/setup can take a bit of time.
t0bia_s|1 year ago
Takennickname|1 year ago
Scipio_Afri|1 year ago
Takennickname|1 year ago
poisonborz|1 year ago
byteknight|1 year ago
> WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
https://github.com/IAmStoxe/wirehole
yokoprime|1 year ago
lukevp|1 year ago
loloquwowndueo|1 year ago
jprete|1 year ago
codetrotter|1 year ago
Just handing responsibility over to someone else for something like a VPN project is definitely high risk.
Remember the xz debacle last week? Same kind of people who backdoored xz would love to get maintainership of a VPN project for sure.
baq|1 year ago
Chapeau bas for keeping it going for so long. The internet of old was built by irrational hobbyists like these guys.
ocdtrekkie|1 year ago