My home network has some pretty sweet features! It’s got my files, my services, whole home ad-blocking, and DNS over HTTPS. I love these features when I’m at home, so why not get them while I’m out too? I accomplished all this with Cloudflare DNS and PiVPN.

PiVPN is a script for setting up a lightweight, hardened and automatically updating VPN environment on either OpenVPN or Wireguard. It’s designed to be run on a Raspberry Pi and PiOS, but since it’s basically just Debian I ended up using it and throwing it onto an unprivileged Debian container. I used Wireguard since it’s lightweight and easy to setup, and went through the install really quickly with the below command:

curl -L https://install.pivpn.io | bash 

I followed the prompts on screen to setup and configure for Wireguard, included my URL for VPN access, and kept most of the rest as defaults. Once I finished that I grabbed a Cloudflare DDNS updater script:

git clone https://github.com/K0p1-Git/cloudflare-ddns-updater.git

Configured it quickly with my URL and API key, then setup a cron job to run every 5 minutes.

I added a config file to PiVPN for my iPhone, installed the app, scanned the QR code, and configured the VPN to connect automatically whenever not connected to my home WiFi SSID. The result? Seamless VPN connectivity when I’m away from home and an experience that’s just like I’m on my home network - DNS based ad-blocking, DNS over HTTPS, and access to all my local services! Speeds are basically line speed - Easily up to 1gbps. I setup configs for my iPad and Macbook as well, so they’re ready to go when I am. Overall this was an incredibly easy setup and the benefits are astounding. The fact that it “just works” as well is great and really drives home the user experience focus of what I strive to achieve with my home network.