Mistborn - A Wireguard Server with Pihole, NextCloud, Bitwarden and MORE

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey guys how's it going hope everybody's doing well out there uh recently a new service was brought to my attention it's a service called mistborn and uh to quote their uh gitlab page mistborn is your own personal private cloud platform and web ui that manages self-hosted service and secures them with a firewall it also uses a wireguard vpn you'll actually need that in order to connect to the dashboard at all but we're going to go through that process of getting all of that set up it also sets up piehole with a dns script and ip filtering and then there's some additional stuff that you can install to expand your server uh things like next cloud jitsi home assistant and more so let's just go ahead and jump into this but i guess before we do that we should talk about the hardware that i'm going to be using for this setup now if you've been following this channel for a while uh you'll have probably seen the server that i use that i call tanex and the reason i call it 10x is because well it's it's this right here this is a mini pc this is the tx85 and right there uh on the top of it it actually says 10x so that's what i named the server so i wouldn't have to try to think about it too awful much the problem is that this is no longer available on amazon you can see this is the tx85 it's got four gigs of ram and 64 gigs of onboard emmc storage again like i said this isn't available so they've actually got a newer version uh this is the tx 88 this has got eight gigs of ram and 64 gigs of storage uh ideally this is the one i would be using if i was going to set this up long term but i don't have it i'm going to use the tx 85 version of this with 4 gigs of ram and 64 gigs of storage but if you want to pick up just a small little unit to to run this i will have a link to this in the description down below uh like i said there's uh they've got a get lab page here that you can go in and i highly recommend you take a look at this again this will be available in the description down below as well um and you can see that they've been updating it within the last couple of weeks if we scroll down where there's some information here there are some screenshots of what your dashboard would look like a little further down there they were in a linux magazine then there's a table of contents below that uh and there's a ton of information in here that i highly recommend you look at it does apparently support uh both uh x86 64 as well as arm platforms to a certain degree um there are some recommended system configurations if you want to take a look at that as far as what you should be able to get away with based on your current configuration or if you're setting up a vm what kind of configurations you might need in order to get a successful run but what i can say though is i have actually gone so far as to install next cloud and a bit warden uh on on this tx 85 with only four gigs i haven't done a ton of testing with it um but it worked it was functional i was able to use it um so kind of play with that as as you see fit uh below that there there are some there's some information here as far as the actual installation um but we're gonna go through it a little bit differently uh if we keep scrolling down you can kind of see everything going on here uh as far as how they've got things set up they've got some additional stuff in here that you can configure for security information and event management or siem and below that there's more information about one of one of the uh security features in there so if you keep scrolling uh there are some gateways in here uh remote desktop uh just so basically just some good information uh one thing i would recommend uh you come to visit this page for uh if you keep scrolling and scrolling and scrolling and get to the bottom or near the bottom anyway um here's a list of all of the different sub domains or domains that you would be using whatever dot mistborn would be what's available here and you can see the default status whether on or off uh default credentials uh when we go through the process of setting this up we're going to uh we're going to set up a password uh and that password will be uh the password for all of these different apps and this would be uh the username that you would use uh with that password that we're gonna set up so it's gonna be one password across the board uh the nice thing about this is you again have to set up a user in order to even connect to this so the chance of somebody else getting on your network and finding your one password next to xero so uh some more information down here um so there's there's links to all kinds of different stuff in here if you want to go get the apps for those um there's some information like where's my data stored right there in opt uh additional volumes can be mounted it looks like um so just some good information in here as far as that's concerned so let's go ahead and actually jump into the installation process now i'm going to be using ubuntu 20.04 for this install but you should be able to use either newer or older versions of this now i will say that i've got a clean fresh install of ubuntu 20.04 but something to keep in mind is that you need to make sure that you run a pseudo apt update and pseudo app upgrade before you try to do anything run both of those commands once that's all done then do a reboot and then we can actually jump into doing the installation of uh the service here so all of that said let's go ahead and minimize this uh we'll go ahead and bring up uh windows terminal yeah yeah i'm using windows terminal congratulations uh so let's make this a little bit bigger so you can kind of see what's going on here again the first thing that you need to do is run apt update upgrade and reboot again you have to do that if you don't uh you can't run the install script it'll tell you to do that first so just something to keep in mind there again because i'm using a fresh install of all of this the first thing i need to do is install git so i'm going to go ahead and do that oops so go ahead and do this so that's good to go uh the next thing that we're going to do is we're going to do a get clone of the gitlab repository here for cyber 5k so we'll go ahead and just paste this in again all of this will be available in the description so we've gone ahead and got that now let's make sure that we've actually got it all right there is mistborn so let's do a cd uh into mistborn uh and just take a look so we know everything is in here and working so we're good to go at that point so let's do uh let's just go back a directory there and clear our screen so the next thing we're going to do is run an install script like so so it's going to be sudo bash and then we're just going to say go into the mistborn directory go into the scripts directory and run install.sh uh so we're gonna go ahead and click enter there uh and here we can see that it's gonna go through a process of downloading and extracting all of the stuff that he needs to do uh this may take a while depending on both your hardware as well as your internet connections so what i'm going to do uh well right here it says set the default admin password now here's the thing it can only contain alphanumeric characters so if you use exclamation points or hashtags or whatever you can't so keep that in mind i believe also it needs to have uh two uppercase at least two uppercase and at least two lowercase characters so um so play with that as you need to so like so um and then so the password is set so now i'm saying do you want to install cockpit uh a somewhat resource-heavy intensive management graphical uniface uh not recommended on raspberry pi yes or no uh let's let's go ahead and do that that's fine uh so i'll go ahead and say yes and hit enter so now it's going to go ahead and generate an ssh key pair for mistborn and then it's going to go through this process of downloading and extracting and processing and all of that kind of stuff so let's go ahead and just give this a little while and then i will come back when this is done okay so here we are several minutes later uh not too bad really for everything that it's doing in the background there but uh here we are uh and here it's got a couple of different things uh to take a look at here says what first thing says watch mistborn start so if we go ahead and run that like so and uh oops that's not right that's not right let's just uh let's just type that that out journal ctl xfu mistborn dash base uh so here we can see it kind of go through its process of setting everything up and we'll want to give this a few minutes to go ahead and do uh what it needs to do in order to get everything all set up this could take a little while so just kind of hang out wait for it to finish up do its thing and then we can actually move on to the next step which will be generating a key uh or a configuration rather for your wire guard so i guess while this is uh doing its thing we can actually be doing something in the background to be a little bit more uh time sensitive i guess we're aware of our time so what we want to do make sure that we get uh wireguard installed on your system of course if you've got windows or mac or ubuntu android ios the list really really does go on here with everything that they made wireguard compatible with of course again as everything else this link will be available in the description down below so what you want to do is find the installation method for your system go ahead and get it installed and then we can go ahead and close that out and then right here i've got wire guard and here we can see that i don't have any tunnels or anything set up so we're just going to kind of set this off to the side for a moment and again when this is done uh we'll go ahead and take another look uh and we'll just give this a few minutes and then we'll come back and move on to the next parts here okay so this has been running for a while so we're just gonna go ahead and kill that for now um so let's close this out over here and then what i want to do is actually run the next command and the next command is actually going to be um in order to generate the configuration file for uh for wire guard here so i'm just going to go ahead and paste this like so and we'll say enter so it's going to go through this process of generating our configuration here now what i'm going to do is actually drag this up a little bit so we can get more screen uh what we want to make sure of is that we start right here um where it says starting mistborn production starting my sport production uh is a post-secret or post-race sequel however that's pronounced i've never i've never known that maybe somebody in the comments can explain that to me anyway this sequel is available so what we want to do here is actually just copy this like so and i want to make sure that i've got i actually got that copied i did perfect um and i don't care if you see any of this i'm not going to use this server setup anyway so none of this matters really so what i'm going to do is i'm just going to minimize this and i'm going to save this as i'm going to do file save as and here let's say [Music] wire guard tutorial [Music] and then just like this is all files like so in fact right there there's the original one that i did when i was doing some testing so i'm just going to click on save and then what we're going to do is we're going to open this up we're going to import a tunnel from a file and then i'm going to do this wireguardtutorial.com and click open and activate and there we go so now we're actually connected to the server so what i'm going to do is i'm going to open up chrome and then i'll pop this open and i'm going to say uh home dot mistborn hopefully that should be uh that should work here in just a moment there we go so now we're able to connect to our mistborn dashboard now what i want to show you here i'm going to come over to here i'm going to deactivate this so that it's not connected and then what i'll do is i'll just refresh site can't be reached so let's do um home got mistborn site can't be reached so then let's come back over here and activate this give that a second to do its thing um and then this page should refresh here in a moment let's go ahead and refresh both of those uh and there we go now mistborn is up and running so uh if you wanted to uh you've got a couple of different things that you can do at this point uh you could just use this uh this tunnel for your local access and make sure that um only you can access this server on your local network when you're at home if however you wanted to make this available um to to the outside world let's say you're on your phone or your laptop or whatever and you leave and you still want access to this server at home what you're going to do is you're going to you're going to give it a name somebody's going to call this remote and then wireguard for the profile type is fine you could do multi-factor authentication but wireguard for right now is fine your gateway is fine and right here it says select endpoint ip address this is the ip address of this server internally so if you were to use this again locally selecting this endpoint ip address would be fine however we want to make this available to the internet so i'm going to select this and that's my public ip address that's the ip address that my isp assigned to my modem so when i go ahead and create this what it's going to do i'm going to click create it's going to think for a second and then it will generate another one of these these default basically create another qr code that i can then scan with my phone so we'll go ahead and give this a second there we go so now it's it's created this remote access and you'll see that uh my my ip address my my public ip address there is grayed out but what you'll notice is there is a port number after my ip address and that 42703 was randomly generated and what you'll need to do in order to access this remotely is you'll have to do some port forwarding so if you have um a modem router combo unit that you use uh you should just be able to do it there and be done however if you've got a modem that your isp has given you that then forwards to a router that you've installed uh you'll have to forward from the modem to the router to the server it's kind of a convoluted process but that's what you have to do when you're when you've got multiple devices in the way um so just know that you will have to do that now for the sake of the rest of this video and editing purposes later i'm going to go ahead and remove this remote access thing here but all you have to do with this is open up your phone uh open up wire guard on your phone rather and scan this with the app and it would automatically connect and do what it needs to do now the one thing to keep in mind here is that uh you won't be able to connect uh you won't be able to use the remote connection if you're on your home network it just doesn't work well that way so just make sure that you're using the right profile depending on where you are so again i'm gonna go ahead and remove that and that's gonna go away okay so that was just getting getting logged in now we can go ahead take a look over here at gateways uh you could create new gateways if you wanted to do that let's just call this um mynet just for the sake of it let's see what this does i actually haven't done this before so let's take a look okay so apparently you can just set up gateways for different reasons here again that shows my my server ip address i'll have to block that out later but that's fine uh you can also create additional users if you want to do that uh and maybe give other people access to your home server here and here's the thing right like we've only just set up the vpn portion of things to access our network so let's go over here and take a look at system uh here we've got cockpit uh which is just a server uh setup uh or server management so we just do db tag like that um oops wrong username or password so um that should be right let's try that there we go so uh this was i used the username and password uh for ubuntu here um but basically you get an idea of what's going on with your server uh all kinds of different stuff in here if you want to take a look at cockpit so let's come back out of here okay so next thing if we come over here to firewall and click there uh we can click on uh pi hole for instance so because we're connected uh to this server using the the wireguard vpn we automatically get pi hole uh protection here so we can go ahead click on login if you want to do that so the password we're going to use is the password that we set up when we were starting the setup process from mistborn so whatever password you used there should be able to uh go ahead and type that in there uh click log in and then uh basically at this point you can do whatever you want to do with pie hole i've made videos about pie hole in the past that you can take a look at if you're not sure how pie hole works so that's what's going on with that so let's come back over here we've got copper cloud so we can manage uh outgoing ip addresses for uh for security purposes uh using uh copper cloud we've got metrics over here that we can take a look at basically there's nothing going on yet no nobody has tried to connect um so there's not gonna be any information here right now because this is a brand new server so let's go ahead and take a look at well i guess security server or security center rather so there are some different things in here and you'll want to uh you'll want to kind of base whether or not you install this stuff um on on your server configuration like we talked at talked about at the beginning as far as how much do you have for system resources to handle some of this stuff uh wizard is like it says here's an open source and enterprise ready security monitoring solution for threat detection integrity monitoring you can read that for yourself but basically it's just a way to get more reporting from your system so right now i've got a four gig system not advised to do that on here so next thing i'm going to do is manage extra services wire guard if i click that um is just going to take me over here hopefully there we go yeah right back to there so i'm going to go ahead and click on manage extra services and here is where we can actually start installing additional applications to be available on our server now uh the big one there's a couple of them that i i like to install basically on any server that i'm deploying for the first time um and that's going to be a next cloud right up here and then uh over here we've also got bit warden that you can install as well there's jellyfin i don't know if i would want to install jellyfin you could i guess if you wanted to if you had a system that would support it go right ahead uh only office is an option uh guacamole or guacamole yeah guacamole sync thing uh raspberry p if you wanted to set up a a wi-fi portal uh you could do that as well but for the sake of what we're going to do right now let's just go ahead and click on start for uh mistborn next cloud uh and of course we'll give this a minute to do its thing and then this really will take a few minutes to set up but after that it's not too bad so here we can see mistborn uh next cloud service is starting this may take a few minutes uh in fact you can't even click that yet um i think though uh let's just go ahead and hit refresh just for the sake of it let's see what happens there we go so it says that it's running so right now it's just gonna be going through the setup process we've got the option either stop or open so we'll just click open and it says 404 page not found that's fine i don't worry about that um basically what it's it's it's still in the setup process um so that's not going to work very well uh so what we want to do is just give this some time uh one other thing to keep in mind here is that i believe uh we can run this on https so that's something to keep in mind as well um it's a self-signed certificate so just keep that in mind as well the reason i bring this up is actually for later uh let's make sure that that s that s is in there so that's good the reason i wanted to bring this up is because uh b yeah sorry a bit warden which is actually uh something else now they're they're going through a rebranding but for right now we're going to call it bit warden basically bit warden won't run um on just http it needs https in order for this to work so just something to keep in mind that you will need to have uh you will need to type in https at the beginning of your url uh when you try to go to bitwarden so let's go ahead and come back over here and hit refresh still nothing so we'll go ahead and again uh we'll give this a few minutes uh to to do its thing uh and then we'll try it again here in a couple minutes and see what happens a few moments later okay so here we are a few minutes later and we'll notice that it went from 404 not found to bad gateway and believe it or not that's actually progress uh that means that we're actually getting past the initial setup we're doing a bit more in the background and we're getting very very close to having an operational system here so uh let's go ahead and uh again we'll just give this a couple more minutes uh to do its thing and then we'll try it again eventually okay so again here we are a couple of minutes later um and we're brought to a login screen so this is a good step this is what we want to see so what we need to do is log in obviously and the username by default is mistborn and then the password again is the password that you set up during the mistborn configuration so like so go ahead and give this a minute to to log in of course it's still running some stuff in the background i'm jumping into this a bit prematurely here uh but basically here we go here is our startup screen uh here is the the tutorial the introduction uh on how we can of course get the most out of next cloud and of course we can connect now when you go through this process of connecting uh you will want to make sure that you use uh the the next cloud.mistborn url in your app whether it's on your desktop or your phone or whatever and you'll only again be able to access this when you're connected uh to the vpn uh via a wire guard so this is only accessible via that in fact if i were to go in here and shut off wireguard i would lose access to this until i reconnected to the server with it so now that we've got that up and running here let's just go ahead and jump in uh we can you know we can just jump in here and take a look at this pdf for instance um and uh we'll give it a second to load and there it is there's the user manual for uh for wireguard or sorry for next cloud rather uh so let's exit out of there uh we can come over to here and we can go to apps for instance uh we can install whatever apps we want to install of course again keep in mind your system resources uh if you're just setting this up on a tiny just a little tiny computer like i'm doing uh i be aware of that again so all kinds of stuff that you can go in here and turn on and off and install and whatever you want to do this is a full-blown version of nexcloud but you just have to use wire guard to connect to it so now that we have that let's go ahead and take a look at bit warden as well again we're going to click start and then the page should reload with the green banner at the top that says uh the mistborn bit warden is starting this may take a few minutes or however that is worded so let's give this a minute yep service is starting this may take a few minutes later okay so we skipped over the bad gateway so that's good um what we want to do here though because there is no master admin account for this we'll go ahead and click on create account let's make sure though that we've got https uh in front of that otherwise it just it won't work and that's fine this doesn't matter again this is all encrypted through the vpn so email address go ahead and type that in and we'll go ahead and click submit so now i can log in and there we go just like that now we're able to access bit warden as well uh here again we've got next cloud and of course there are other applications in here that you can use i don't know if there's any process of adding additional applications uh if you wanted to i don't know if they've got that ability in here but it's definitely a cool starting point i think for most people to get a server set up with home assistant next cloud chat services all kinds of stuff really really cool but again i did want to show you this one last little thing here so let's go ahead and click here we're going to deactivate so we're no longer connected and what i want to do is just go ahead and refresh hey look doesn't work uh again refresh doesn't work so let's go ahead uh just click activate here i will give that just a second to do its thing uh and then there we go and now we are reconnected uh to our private network and able to access all of our data from there so i know this was quite a bit different from what we've been doing for say the last year or so on the channel where everything's been pretty much focused on docker and docker-related containers things like that but i really wanted to share this this was brought up in discord uh the other day and i checked it out and immediately thought i need to share this with my audience so big shout out to james for pointing me in this direction uh very very happy with this if you're not part of the discord already uh go ahead and join i'll try to have a link in the description for that as well um so yeah again all of the information you're going to need will be in the video description as per usual so i think with all that being said i'm going to go ahead and wrap this up here as always thanks for your time i always appreciate your support and i'll talk to you in the next video [Music] you

Info

Channel: DB Tech

Views: 19,091

Rating: undefined out of 5

Keywords: DB Tech, DBTech, mistborn server, mistborn wireguard, wireguard server, nextcloud wireguard, bitwarden wireguard, rocketchat wireguard, jitsi wireguard, homeassistant wireguard, wireguard server with nextcloud, wireguard server with bitwarden, wireguard server with jitsi, wireguard server with rocketchat

Id: UE_OuAOgoZI

Channel Id: undefined

Length: 27min 16sec (1636 seconds)

Published: Tue May 18 2021