For Those That Want to Use Their Domain for SFTP: In the video I explain that, due to we proxying our node through cloudflare, it is not possible to use our domain for SFTP. However there's a workaround: 1. Add Ingress rule In Oracle Dashboard for port 2022 2. Update the UFW rules to use port 2022 and Caddyfile to redirect 2022 back to the server 3. Add a DNS A record in Cloudflare that is something like: sftp.pelnode.domain.com (pelnode being the node) and point it to the IP of your VPS 4. In the Admin area for the panel, go to your node, edit it and go to Advanced Settings. Here set the SFTP Alias to be the domain you used in the A record, so in this case sftp.pelnode.domain.com 5. Save and Reboot everything and enjoy
Hey, thank you for your kind comment. In regards to my Proxmox setup it is actually relatively simple, Craft Computing has got a really neat Let's Install video for Proxmox 8.0 which is super easy to follow and he also does an explanation of how the interface works so you can get started, Novaspirit Tech also has neat videos that'll explain further how to setup Proxmox for home use and I highly reccomend them. There are also a bunch of community scripts: community-scripts.github.io/ProxmoxVE/ that you can use to improve your installation. I highly reccomend you give them a look.
Great video, but I saw one thing, at 6:20 why install Putty (it's an additional vector of vulnerability) when in Powershell or Terminal there is already SSH. I know it's probably for beginners but it would have allowed them to learn the ssh cli
Hey thanks for your comment, you got it, it's simply because Putty is easy to understand and is very versatile. The goal of this video is to have a guide anyone can follow regardless of ability, so that's why I chose Putty. If someone prefers to use another SSH client or wants to learn how to use SSH via Powershell or Terminal then that's fine too. I hope that explains my decision.
Thanks for asking. V2 uses Caddy-l4 instead of Nginx for the VPS due to it being more performant, a user had issues with Nginx which I confirmed leading me to adopt Caddy-l4 as the better solution. This also removes the need for the timers I've used which were cumbersome to setup and useless in this new setup It also uses a VM with Ubuntu Server instead of a Proxmox LXC with regular Ubuntu. Since the V1 video Pelican has changed how the installation is done so that's reflected in V2, I've also changed how certs are made and instead of creating self signed certificates V2 now uses Let's Encrypt with certbot as per Pelican's Documentation. V2 also stops using notlsverify in the tunnel which is better for a proper setup. Other than that this video is also more organised though slightly longer. All in all V2 is a much more comprehensive and better setup when compared to V1, I know you watched V1 and I highly recommend you follow V2 to update your setup if you're still using what I used in V1!
hello again =) everything run great but i just have one question how we setup upd and tcp whit caddy exemple : (15637 tcp AND udp) (15636 tcp AND udp) i try like that but not working thanks you { layer4 { :15637 { route { proxy { upstream 10.66.66.2:15637 } } }
Hey there. First make sure to add those ports to the Ingress Rules of your VPS in the Oracle Dashboard Second make sure to add them to the UFW of your VPS by using ufw allow and restart your VPS And third, this configuration should work for you (Make sure to restart your caddy service with systemctl restart caddy): { layer4 { udp/:15636 { route { proxy { upstream udp/10.66.66.2:15636 } } } :15636 { route { proxy { upstream 10.66.66.2:15636 } } } udp/:15637 { route { proxy { upstream udp/10.66.66.2:15637 } } } :15637 { route { proxy { upstream udp/10.66.66.2:15637 } } } } } Please let me know if it fixed your issues
But with this setup you do protect the IP of any server you host. The Panel is proxied through cloudflare, and your servers only accept connections through the VPS that has the Wireguard tunnel. The only public IP that is exposed is the IP of your VPS not of your Minecraft Server. I show that in the video very clearly
I followed your setup and everything so far is working correctly until I try creating a server I'm creating an ARK SE server, in Oracle I've added ingress rules for udp 7777 / 7778 /27015 and tcp 27020 and added what's bellow to Caddy (skipped ufw so no need to allow connections) then in the server settings I setup the primary allocation to 10.66.66.2:7777 and secondary allocations for 7778, 27015 and 27020, the server installed and shows running but I can't seem to find it in steam servers under internet or added to favourite by the vps' ip any idea where I could've went wrong please? Edit1: added the 4 port allocation with local ip and I can find the server with it so probably messed up something on the vps { layer4 { udp/:7777 { route { proxy { upstream udp/10.66.66.2:7777 } } } udp/:7778 { route { proxy { upstream udp/10.66.66.2:7778 } } } udp/:27015 { route { proxy { upstream udp/10.66.66.2:27015 } } } :27020 { route { proxy { upstream 10.66.66.2:27020 } } } } }
In case someone else find themselves with the same issue as me, Rui was very nice and helped me figure out that I shouldn't have skipped installing ufw
For Those That Want to Use Their Domain for SFTP:
In the video I explain that, due to we proxying our node through cloudflare, it is not possible to use our domain for SFTP. However there's a workaround:
1. Add Ingress rule In Oracle Dashboard for port 2022
2. Update the UFW rules to use port 2022 and Caddyfile to redirect 2022 back to the server
3. Add a DNS A record in Cloudflare that is something like: sftp.pelnode.domain.com (pelnode being the node) and point it to the IP of your VPS
4. In the Admin area for the panel, go to your node, edit it and go to Advanced Settings. Here set the SFTP Alias to be the domain you used in the A record, so in this case sftp.pelnode.domain.com
5. Save and Reboot everything and enjoy
The video was very helpful; I would appreciate it if you could also create a video about your Proxmox setup.
Hey, thank you for your kind comment. In regards to my Proxmox setup it is actually relatively simple, Craft Computing has got a really neat Let's Install video for Proxmox 8.0 which is super easy to follow and he also does an explanation of how the interface works so you can get started, Novaspirit Tech also has neat videos that'll explain further how to setup Proxmox for home use and I highly reccomend them. There are also a bunch of community scripts: community-scripts.github.io/ProxmoxVE/ that you can use to improve your installation. I highly reccomend you give them a look.
Great video, but I saw one thing, at 6:20 why install Putty (it's an additional vector of vulnerability) when in Powershell or Terminal there is already SSH. I know it's probably for beginners but it would have allowed them to learn the ssh cli
Hey thanks for your comment, you got it, it's simply because Putty is easy to understand and is very versatile. The goal of this video is to have a guide anyone can follow regardless of ability, so that's why I chose Putty. If someone prefers to use another SSH client or wants to learn how to use SSH via Powershell or Terminal then that's fine too.
I hope that explains my decision.
what the difference between v1 v2 method?
Thanks for asking.
V2 uses Caddy-l4 instead of Nginx for the VPS due to it being more performant, a user had issues with Nginx which I confirmed leading me to adopt Caddy-l4 as the better solution. This also removes the need for the timers I've used which were cumbersome to setup and useless in this new setup
It also uses a VM with Ubuntu Server instead of a Proxmox LXC with regular Ubuntu.
Since the V1 video Pelican has changed how the installation is done so that's reflected in V2, I've also changed how certs are made and instead of creating self signed certificates V2 now uses Let's Encrypt with certbot as per Pelican's Documentation. V2 also stops using notlsverify in the tunnel which is better for a proper setup.
Other than that this video is also more organised though slightly longer.
All in all V2 is a much more comprehensive and better setup when compared to V1, I know you watched V1 and I highly recommend you follow V2 to update your setup if you're still using what I used in V1!
thanks you for your work really appreciate i will swich too v2 :)
hello again =) everything run great but i just have one question how we setup upd and tcp whit caddy exemple : (15637 tcp AND udp) (15636 tcp AND udp) i try like that but not working thanks you
{
layer4 {
:15637 {
route {
proxy {
upstream 10.66.66.2:15637
}
}
}
udp/:15637 {
route {
proxy {
upstream udp/10.66.66.2:15637
}
}
}
udp/:15636 {
route {
proxy {
upstream udp/10.66.66.2:15636
}
}
}
layer4 {
:15636 {
route {
proxy {
upstream 10.66.66.2:15636
}
}
}
}
}
Hey there.
First make sure to add those ports to the Ingress Rules of your VPS in the Oracle Dashboard
Second make sure to add them to the UFW of your VPS by using ufw allow and restart your VPS
And third, this configuration should work for you (Make sure to restart your caddy service with systemctl restart caddy):
{
layer4 {
udp/:15636 {
route {
proxy {
upstream udp/10.66.66.2:15636
}
}
}
:15636 {
route {
proxy {
upstream 10.66.66.2:15636
}
}
}
udp/:15637 {
route {
proxy {
upstream udp/10.66.66.2:15637
}
}
}
:15637 {
route {
proxy {
upstream udp/10.66.66.2:15637
}
}
}
}
}
Please let me know if it fixed your issues
Yea but u only protect panel not mc server im rrying to hide my mc server ip
But with this setup you do protect the IP of any server you host. The Panel is proxied through cloudflare, and your servers only accept connections through the VPS that has the Wireguard tunnel. The only public IP that is exposed is the IP of your VPS not of your Minecraft Server. I show that in the video very clearly
that's the point of the video hide your server ip lol
I followed your setup and everything so far is working correctly until I try creating a server
I'm creating an ARK SE server, in Oracle I've added ingress rules for udp 7777 / 7778 /27015 and tcp 27020 and added what's bellow to Caddy (skipped ufw so no need to allow connections)
then in the server settings I setup the primary allocation to 10.66.66.2:7777 and secondary allocations for 7778, 27015 and 27020, the server installed and shows running but I can't seem to find it in steam servers under internet or added to favourite by the vps' ip
any idea where I could've went wrong please?
Edit1: added the 4 port allocation with local ip and I can find the server with it so probably messed up something on the vps
{
layer4 {
udp/:7777 {
route {
proxy {
upstream udp/10.66.66.2:7777
}
}
}
udp/:7778 {
route {
proxy {
upstream udp/10.66.66.2:7778
}
}
}
udp/:27015 {
route {
proxy {
upstream udp/10.66.66.2:27015
}
}
}
:27020 {
route {
proxy {
upstream 10.66.66.2:27020
}
}
}
}
}
In case someone else find themselves with the same issue as me, Rui was very nice and helped me figure out that I shouldn't have skipped installing ufw