Mistborn Project

== as there is not really an off-topic, or /r/ place on this forum, I post this here. I hope it is ok, otherwise, my apologies and please move the topic to a better place… ==

Are people here already aware of the work of Steven Foerster and his Mistborn project?

Mistborn is your own virtual private cloud platform and WebUI that manages self hosted services, and secures them with firewall, Wireguard VPN w/ PiHole-DNSCrypt, and IP filtering. Optional SIEM+IDS. Supports 2FA, Nextcloud, Jitsi, Home Assistant, +

I just installed it on Digital Ocean droplet in 10min. and have all my devices (and families devices) now connected to it. And that is “just” using Wireguard + PiHole. There is a ton of other functionality in there that I haven’t looked at so far…

There are nowhere near as many apps on there as there are on Yunohost, but for some specific user cases I can imagine that this works better then YNH.

Looking forward to hear what other people think of this!

2 Likes

I’ll bump this cos methinks this is tres tres important nowadays…
if u don’t see convid for what it is ie a govment and corporate shyster power grab, well, bon courage mon amis cos u a gonna need it :upside_down_face: lol
anyone wanna chip in with thoughts on dot and doh? ie dns over tls and https

Cool project.

Yunohost is ideal for bare metal installations where you have your own hardware and have lots of data.

Mistborn looks great just to access services. I wouldn’t mind running something like this on a VPS because you are just passing encrypted data through its ‘pipes’, not storing sensitive data.

Thank you! I’ll probably have to spin up a VPS droplet to give it a shot too :smiley:

This does in no way diminish my love for Yunohost though.

I gave it a shot for one day. Here are my thoughts:

  • like you said, works great for very specific use cases - everything is behind wireguard so you have to convince family to use Wireguard, or as long as users are technical enough, they will get it
  • the integration of wireguard with pihole is flawless! it works right out of the box perfectly
  • i like coppercloud. nice to see stats about how my server is being attacked. I guess they will alert you if something happens?
  • user creation didn’t seem all that organized - there was no way to make a user across all the services. I love the LDAP sort of system that Yunohost uses. Mistborn it seems you need to create separate users for each app - bitwarden etc
  • I like how mistborn creates local DNS names for each app. I think yunohost does the same with yunohost.local (haven’t tried it but saw someone mention this on the forum)
  • mistborn doesn’t seem very unified in the UI, this goes back to the user creation too. I created a MFA user in the wireguard screen but then it wasn’t clear what that means or what to do with it. I looked for documention on the web but it’s pretty thin.
  • when ‘installing’ the extra apps in mistborn there is not UI to tell people the progress of the app installation, or is it just docker images?. I tried to enable nextcloud and the Digital Ocean VPS almost ground to a halt. I wasn’t sure what was happening. I gave up on waiting for that to finish.

Mistborn is an interesting project. It feels like something that the dev made for their own use-case and released it into the world. There isn’t much documentation, so you sort of need to figure it out it seems.

Mistborn

  • great for using wireguard & pihole with all devices
  • has the killer app nextcloud too!
  • doesn’t seem well suited to running public things like a blog, mastodon etc.

If you do like Mistborn, you could just close all your ports on your router, and install wireguard and pihole . Then you are getting most of the functionality of Mistborn.

Something to note, the pihole version they use in Mistborn seems to be more fully featured than the one we have on Yunohost though. The interface has way more options than on my Yunohost pihole install.