I’m going to set up a WireGuard server on my router. I want my mom to be able to use it but she lives very far away so setup will need to be done remotely. What’s the best way to go about this? I need to share the WG config somehow.
She’s not great at computers either, so any tips on how to easily install and set things up on her computer would be appreciated.
I’ve been trying to avoid Tailscale or Netbird, but maybe that would be the best solution in the end. I’m not interested in self-hosting a relay or management service though, I feel like I’m way too inexperienced to secure such an important system. Should anyone compromise the VPS, both me and my mom’s devices would also be compromised (I assume).
Thanks!
I would walk her through a setup for Anydesk or other RDP software then just take control and do it yourself. No point in causing them stress if they get click happy.
I’m warming up to the idea of using some sort of RDP software. I saw that Anydesk is proprietary, do you have any experience with Rustdesk? I’ll do some research.
Thank you (and everyone else who has responded)!
I’ve used rustdesk off and on. It is pretty good. I use it to help my aunt with “computer stuff”.
I tried out Rustdeak at work.
For what I used it I was surprised how well it worked. I would do a local trial with your own device. If it works for your case, call your mom :)
For a remote nontechnical user, coaching them through installing a Tailscale client that registers to your account seems pretty accessible.
If you can get on a screen share with her through something like Signal desktop, then walking her through the steps and pasting a WG key in chat might not be so bad.
I suggest using a client that is easy for her to update without requiring a call. Another point for Tailscale I think.
Tailscale and Rustdesk are my go to for family PCs.
Nobody mentioned this but route only the necessary traffic to your router (all your self-hosted services) with wireguard’s split tunneling (just set the apropriate allowed_ip networks in your wg config).
You could set it to 0.0.0.0/0 and send all her traffic through your router but this could potientially choke your own network and make her own speed slow down.
I just realised that I could totally do that by reading your comment. I’ve always used 0.0.0.0/0 because my router sets that as its default when creating Wireguard configs, but it makes so much sense to just route the connections for my homelab.
Thanks!!!
As others have mentioned, Tailscale would be about the easiest to do, imo. However, I would still walk her through installing RDP. That way you can administer whatever may happen in the future, which is very likely to happen.
Why trying to avoid Netbird?
I’m just not a fan of mesh VPN solutions that I have no direct control over (i.e. cloud based), and self-hosting them on my own means I have the responsibility of properly securing and hardening the server on which it runs, which I’m not a fan of either haha.
But it might be the best solution, we’ll see. If that’s the case though I’ll probably go for Tailscale despite the fact that I prefer the open source nature of Netbird, and that’s because Tailscale is just more reliable and mature in my experience. It feels like Netbird might be pushing too many new features (like the reverse proxy) before their core features are finished.
The reverse proxy is in beta and it’s disabled by default. I did not spot any rough edges around the core features. With my only three nodes and one exit node, everything works well.
If you want to continue with tailscale route, why won’t setup your own headscale server ? (OSS implementation of tailscale).
