vpn selfhosted + vpnqemu changes + vpsvpn routing new tutorials

contribute/index.md

@@ -378,3 +378,8 @@ If the changes you've made are small (let's say less than 20% of the blog post),
 Sometimes the tutorial needs to be rewritten entirely (more than 75% changes). In this case, you can treat the tutorial as if it was written by you from the beginning.
 
 ![](101.png)
+
+
+**Sidenote:** the length of the deadline we give to contributors depends on how much the contributor has contributed in the past, they start at 1 week contributions, to then arrive at 4 weeks per deadlines after 3 successful contributions. You can see the status of contributors on the [Contributors tracking project board](http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/contributors-tracking/projects/10).
+
+![alt text](../maintainers/image.png)

index.md

@@ -19,6 +19,9 @@ With this new mkdocs blog version, we have completely changed how you can find b
 (Check out [this blogpost](whytheblog/index.md) for more details on our mission)
 
 ## Our latest contributed tutorials:
+- 2025-06-08: [How to hide your self-hosted service's home IP from the end users](vpsvpnrouting/index.md)
+- 2025-06-08: [Prevent IP leaks using a VPN on the Home Server Host OS](vpn_selfhosted/index.md)
+- 2025-06-08: [Everyone is a Criminal](everyoneisacriminal/index.md)
 - 2025-06-07: [Anonymous Alerting System (via SimpleX)](simplexalerts/index.md)
 - 2025-06-07: [Stylometry Protection (Using Local LLMs) [old tutorial rewrite]](stylometry/index.md)
 - 2025-06-06: [Laws do not stop crimes](lawsdonotstopcrime/index.md)

maintainers/index.md

@@ -79,6 +79,10 @@ You get to have authority on deciding what todolists get to contain (with only t
 
 ![](5.png)
 
+**Sidenote:** the length of the deadline we give to contributors depends on how much the contributor has contributed in the past, they start at 1 week contributions, to then arrive at 4 weeks per deadlines after 3 successful contributions. You can see the status of contributors on the [Contributors tracking project board](http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/contributors-tracking/projects/10).
+
+![alt text](image.png)
+
 (don't forget to move the issue into the "assigned" column on the [project board](http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/projects/1) aswell:
 
 ![](6.png)
@@ -131,7 +135,9 @@ Then the contributor pushes some more commits to fix their mistakes and ask for
 
 And from there, if there are still mistakes that they can improve on, tell them that the contribution is (depending on your assessment) for example 80% completed, stating what's missing still. **Otherwise confirm that the contribution is OK and ready to be merged (using the good to merge git label)**
 
-![](19.png) ![](22.png)
+![](19.png) 
+
+![](22.png)
 
 Then the administrator issues payment for both the contributor and to you the maintainer, for correctly reviewing a contribution. For maintainers specifically, the payment for the reviews will depend on how tedious the reviewing was.
     

vpn_selfhosted/index.md

@@ -0,0 +1,71 @@
+---
+author: Nihilist
+date: 2025-06-08
+gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/350"
+xmr: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
+---
+
+# Prevent IP leaks using a VPN on the Home Server Host OS
+
+When you are self-hosting services at home, you need to take into account that the services that you are running at home may try to connect to external services
+
+![alt text](image.png)
+
+## **Targeted Setup**
+
+What we need here is a VPN on the Host OS level, that way every connection that any of the VMs try to make will be routed through the VPN, to prevent direct IP connection leaks from being percieved by the ISP and the external websites.
+
+![alt text](image-3.png)
+
+First, install the VPN like we saw previously [here](../vpn/index.md), but the only difference being that we now install it on the Host OS, rather than inside the VM.
+    
+    
+    # Download the Mullvad signing key
+    sudo curl -fsSLo /usr/share/keyrings/mullvad-keyring.asc https://repository.mullvad.net/deb/mullvad-keyring.asc
+    
+    # Add the Mullvad repository server to apt
+    echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/stable $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list
+    # Or add the Mullvad BETA repository server to apt
+    echo "deb [signed-by=/usr/share/keyrings/mullvad-keyring.asc arch=$( dpkg --print-architecture )] https://repository.mullvad.net/deb/beta $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/mullvad.list
+    
+    # Install the package
+    sudo apt update
+    sudo apt install mullvad-vpn
+
+    # Connect to Mullvad VPN
+    mullvad account login
+    Enter an account number: 91320912809328832
+    Mullvad account "91320912809328832" set
+
+Then, configure mullvad as follows to prevent IP leaks from happening:
+
+    # Connect to the VPN:
+    mullvad lockdown-mode set on
+    mullvad connect
+    
+    curl icanhazip.com -4
+    91.90.40.158
+        
+    
+
+
+
+
+From there you can check from the host OS that you have access to the internet via the VPN:
+
+![](../vpn/11.png)
+
+Here as you can see there are no ip leaks from the Host OS anymore, but as you're going to see, it is also the case from the VM aswell:
+
+![](../vpn/12.png)
+
+
+From there, you need to make sure that your private VM has it's network interface set as "NAT" as it is by default (be aware that if the VM network interface is configured as macvtap or bridge, the traffic won't go through the host OS VPN!):
+
+![alt text](image-1.png)
+
+And then once applied, you can check if it works as intended from inside the VM (all that's required is for the VM to have a NAT connection), by going to <https://mullvad.net/en/check> from inside the VM:
+
+![](../vpn/12.png)
+
+And here as you can see, there are no IP leaks either from the guest OS ! That concludes our tutorial.

vpnqemu/index.md

@@ -1,14 +1,21 @@
 ---
-author: nihilist
-date: 2024-08-08
-gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/94"
+author: Anonymous
+date: 2025-01-31
+gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/260"
 xmr: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
 ---
-# Route QEMU VMs through a Host OS VPN 
 
-![](../context/private.png)
+# Prevent IP leaks using a VPN on the Clientside Host OS
 
-## **Initial Setup**
+When you are using your laptop and segmenting your internet uses with VMs, you need to take into account that the services that you are running inside your VMs may try to connect to external services:
+
+![alt text](20.png)
+
+## **Targeted Setup**
+
+What we need here is a VPN on the Host OS level, that way every connection that any of the VMs try to make will be routed through the VPN, to prevent direct IP connection leaks from being percieved by the ISP and the external websites.
+
+![alt text](21.png)
 
 First, install the VPN like we saw previously [here](../vpn/index.md), but the only difference being that we now install it on the Host OS, rather than inside the VM.
     
@@ -30,28 +37,31 @@ First, install the VPN like we saw previously [here](../vpn/index.md), but the o
     Enter an account number: 91320912809328832
     Mullvad account "91320912809328832" set
 
+Then, configure mullvad as follows to prevent IP leaks from happening:
+
     # Connect to the VPN:
     mullvad lockdown-mode set on
     mullvad connect
     
-    curl ifconfig.me
-    194.127.199.92
+    curl icanhazip.com -4
+    91.90.40.158
         
 
+From there you can check from the host OS that you have access to the internet via the VPN:
 
-Then, configure mullvad as follows:
+![](../vpn/11.png)
 
-![](0.png) ![](1.png) ![](2.png)
+Here as you can see there are no ip leaks from the Host OS anymore, but as you're going to see, it is also the case from the VM aswell:
 
-From there you can check from the host OS that you have a access to the internet via the VPN:
+![](../vpn/12.png)
 
-![](11.png)
 
-From there, you need to make sure that your VM has it's network interface set as "NAT" as it is by default (be aware that if the VM network interface is configured as macvtap or bridge, the traffic won't go through the VPN!):
+From there, you need to make sure that your private VM has it's network interface set as "NAT" as it is by default (be aware that if the VM network interface is configured as macvtap or bridge, the traffic won't go through the host OS VPN!):
 
-![](12.png)
+![alt text](image-1.png)
 
 And then once applied, you can check if it works as intended from inside the VM (all that's required is for the VM to have a NAT connection), by going to <https://mullvad.net/en/check> from inside the VM:
 
-![](6.png)
+![](../vpn/12.png)
 
+And here as you can see, there are no IP leaks either from the guest OS ! That concludes our tutorial.

vpsvpnrouting/index.md

@@ -1,11 +1,11 @@
 ---
-author: Anticonformist
-date: 2025-01-31
+author: Nihilist
+date: 2025-06--8
 gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/320"
 xmr: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
 ---
 
-# Using a VPS to route the traffic to a Self-hosted service (hiding your home public IP from the users) 
+# How to hide your self-hosted service's home IP from the end users 
 
 ## Why is this setup important ?