Nextcloud Talk
Video calls hosted on your own Nextcloud instance. The TURN server "coturn" will be installed and configured as well to allow reliable video calls through outside the local network, NAT and firewall setups.
Also installs:
Nextcloud
coturn
Install Notes:
During installation you will be asked to enter the external server domain and a port, that you want to use for the coturn TURN server. Note that you need to forward the chosen port and/or open it in your firewall.
If HTTPS was or is enabled via dietpi-letsencrypt, coturn will be configured to use the LetsEncrypt certificates for TLS connections on the chosen TURN server port automatically.
coturn by default will listen to non-TLS requests as well on the port configured in /etc/turnserver.conf. You can force TLS/control this by switching port forwarding in your router and/or opening/dropping ports in your firewall.
coturn logging by default is disabled via /etc/default/coturn command arguments, since it is very verbose and produces much disk I/O. You can enable and configure logging via /etc/turnserver.conf, if required.
DietPi-NordVPN
DietPi-NordVPN is a combination of OpenVPN installation and DietPi front end GUI. Allowing all NordVPN users to quickly and easily connect to any NordVPN server in TCP or UDP, using only open source software.
Requires NordVPN Subscription:
Although we enable forced encryption on all our BitTorrent clients, if you wish to ensure complete privacy and peice of mind for all your downloaded content, using a VPN is critical. NordVPN. Offers unlimited bandwidth, zero logging and upto 6 devices on 1 account.
Usage:
Once installed using dietpi-software:
Simply run dietpi-nordvpn to use the GUI, allowing you to setup your connection.
DietPi will also automatically start and connect the VPN during system boot.
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
WireGuard
WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache.
Usage:
When installing using dietpi-software, you can choose whether to install WireGuard as VPN server or client .
When installing as VPN server:
You are asked to enter your public IP/domain and the port, on which the VPN server should be available. Remember to open/forward the port (UDP) through NAT.
During install, a client config will be automatically created as well at: /etc/wireguard/wg0-client.conf
Configure the client config to your needs, it contains some informational comments. By default it will pass all clients network traffic through the VPN tunnel, including DNS requests which will be resolved by the servers DNS resolver.
If you e.g. want to use the servers Pi-hole instance on the client only, but keep all other traffic outside the VPN tunnel, you would edit the following values: DNS = 192.168.0.100
AllowedIPs = 192.168.0.100/32 (where the IP needs to match your DietPi servers local IP)
If your client is another Linux machine with iptables installed, you can uncomment the two kill switch lines to have all network traffic automatically disabled, when VPN connection is lost.
If your client is a mobile phone with WireGuard app installed, you can simply apply the config by printing a QR code onto the servers terminal via: grep -v '^#' /etc/wireguard/wg0-client.conf | qrencode -t ansiutf8
To allow VPN clients accessing your local Pi-hole instance, you need to allow DNS requests from all network interfaces: pihole -a -i local
Adding multiple clients:
Navigate to the servers WireGuard config dir: cd /etc/wireguard
Restart the VPN server (systemctl restart wg-quick@wg0) and apply wg0-client2.conf to your second VPN client as you did for the first before.
Repeat similar for third, fourth, ... VPN client.
When installing as VPN client:
Usually the VPN provider will have install instructions and ship a config file.
If the you want to connect to another DietPi machine, use the generated /etc/wireguard/wg0-client.conf as mentioned above.
If no WireGuard (auto)start instructions are included, but you require it, please do the following:
Check for the created config file/interface name: ls -Al /etc/wireguard/
It has a .conf file ending, lets assume: wg0-client.conf
To start the VPN interface, run: systemctl start wg-quick@wg0-client
To autostart the VPN interface on boot, run: systemctl enable wg-quick@wg0-client
To disable autostart again, run: systemctl disable wg-quick@wg0-client
NB: If the client config sets the DNS server via DNS = directive, assure that resolvconf is installed: apt install resolvconf
NB:
The WireGuard kernel module needs to rebuild whenever the kernel is updated. On most devices this will be done automatically, when the kernel (+headers) is updated via APT package, which then usually triggers the module rebuild.
If you update the kernel outside of APT, via source build or commands like rpi-update, assure that matching kernel headers are installed as well and rebuild the WireGuard module via: dpkg-reconfigure wireguard-dkms
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
If you find our project or support useful, then we’d really appreciate it if you’d consider contributing to the project however you can.
Donating is the easiest – you can use PayPal or become a DietPi patron.
Build Mimic for offline TTS (British Voice) support (optional):
NB: this requires about 3 GiB RAM and takes a while, so assure that you have enough memory (4 GiB recommended), in case increase your swap file size and grab yourself a coffee.
Domoticz
Domoticz is a Home Automation System that lets you monitor and configure various devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more. Notifications/Alerts can be sent to any mobile device.
Access web interface:
- HTTP: http://<your_IP/domain>:8124
- HTTPS: https://<your_IP/domain>:8424
Firefox Sync Server
This is Mozilla's Firefox Sync Server which manages syncing FF instance bookmarks, history, tabs and passwords across devices. Out of the box it runs on a Python server for small loads and can be configured to run behind nginx or Apache.
Configure Firefox:
Open about:config to access advanced settings.
Search for: identity.sync.tokenserver.uri
Set value to: http://<your_local_IP>:5000/token/1.0/sync/1.5
We recommend to access your Firefox Sync Server only from local network or via VPN.
If you need to access it remotely without VPN, adjust the public_url setting inside the config file /mnt/dietpi_userdata/firefox-sync/syncserver.ini to contain your public IP or domain and desired port.
View logs: journalctl -u firefox-sync
Update method: dietpi-software reinstall 177
Install directory: /opt/firefox-sync
Database and config directory: /mnt/dietpi_userdata/firefox-sync
This might be required if you connect through a webserver/proxy or for the Android client in general. But enable this only as last resort, first of all assure that public_url is correct.