I plan on self hosting netbird on a VPS (digital ocean) to connect 4 sites I have plus mobile clients. All 4 sites have pfsense as their firewall. Since there’s no package yet for pfsense I figured I would just attach a WG interface to grab all the traffic behind each firewall and send it through to the VPS which would also be my exit node.
I do plan on pointing a domain at the VPS IP address to run services/reverse proxy. Should I put a pfsense firewall at the VPS to run the reverse proxy or is there a way to point the traffic coming in to the HQ site I have that runs all the services. With this, can I use the HQ site to run all the DNS? Or do I deploy a UFW?
What type of CPU/RAM combination would you recommend for the VPS?
If I need all the clients behind each site to talk to each other/HQ site are there any specific rules within each pfsense firewall or the coordination server I need to do?
Thanks for the insights and conversation. Happy Holidays!
The Linux firewall is super capable. I wouldn’t bother with a pfSense instance in front of it, but do set up a firewall on the host (ufw will work great and docker will open ports as needed). And you should set up fail2ban.
Check the documentation, but I don’t think you need anything extravagant.
You should allow known IPs in fail2ban, but otherwise, only the server needs ports exposed.
You can use the HQ site to handle services and DNS, while a reverse proxy on the VPS can direct traffic. A UFW on the VPS should secure traffic. For inter-site communication, configure specific firewall rules on each pfSense to route traffic properly. For the VPS, 2-4GB RAM and 2 cores should suffice. My professor assigned a detailed literature review for my research paper, and I was unsure where to begin. I opted for Academized’s Literature Review Writing Service: Buy a Perfect Paper buy literature review service, and it was a game-changer. The review was well-organized, detailed, and supported by reliable sources. It made the process so much easier and helped me meet my deadline with ease. I highly recommend Academized for literature review assistance!