WireGuard as VPN Server on Kubernetes with AdBlocking (opens in new tab)

For people using network level ad blocking, do you ever run into annoyances where there's a site you want to access and just can't? Mostly links that route through an analytics network. First time you click on a twitter link for example, or some referrer store links. And once you're stuck, there's normally nothing you can do. At least on the browser I can temporary turn off an extension, but I've found that network level blockers get in the way sometimes.

I think AdGuard and AdGuard Home are two different products? And so different licensing models.

EULAs and T&Cs should have a layperson readable maximum characters limit.

But then it wouldn't have made the first page

How do you run the server? Create a packer image? Init scripts (or something similar)? Keep track of whether it’s up or not?

For developers who have grown up with containers, kubernetes offers the simplest, most familiar way to deploy a service.

I recently had to setup a factorio server. The official guide mentions downloading the binary and using init scripts to get it running. I tried to debug obscure issues with the binary for a few hours before getting fed up and looking for a containerized image; once I found that, it was super easy to start one locally. GCP offers a “container on VM” feature which I then used to deploy the thing in minutes. The experience felt so easy.

Notice that I did not use kubernetes, just something that can run containers. But if I had more apps to run, most likely I would set up one.

A wise soul once wrote:

"You have a problem. You use Kubernetes to solve your problem. Now you have 8 problems."

While it seems like overkill to set up a kubernetes cluster for this, and honestly, most things...

But if you already have one spooled you this is a valuable guide to throw it onto that infrastructure

Sure you can write a lengthy article to describe how to configure all the apps and servers manually. But with Kubernetes, you only need to throw some YAMLs in there and call it a day.

I don't think "using Kubernetes for running VPN and adblocking servers" is overkill. With k3s, you can deploy a Kubernetes cluster on a raspberry pi in one command. Anything that can run on raspberry pi in one command just can't be overkill in my opinion.

It's not artificially injected into my setup. I already host my blog, and a couple other services on my k3s setup, and I didn't want to bootup another server just to sever as a VPN and DNS

I have a hard time understanding why people use these small script bundles on top of wireguard. The VPN use case is the best documented one with a large amount of guides and the configuration is very simple.

Getting to the front page? Just Wireguard often will, as will just Kubernetes, but combining the two is a guarantee.

I tried this setup for the first time recently (Algo and a Digital Ocean droplet) when traveling and can confirm it was excellent. In particular, you get a surprisingly polished UX for setting everything up in addition to all the usual benefits of WireGuard.

Can confirm Algo works great. Easy to setup the VPN while still having the benefits of leveraging Wireguard.

Not OP, but maybe it makes sense if you already deploy a set of applications or services on K8s.

Yes you can avoid that open source setup for a buggy and even slower userspace wireguard commercial implementation for only 10$/month per user