<gchristensen>
to do that, we changed externalInterface to wg0, but this (I guess predictably) broke the VM's ability to talk to the internet. is there a way to have my cake and eat it too?
<gchristensen>
(I guess I could run wg inside the guest directly, but that would be not a small project, and I'd rather move to wg sooner than later)
<eyJhb>
Wait, what part of this is the VM?
<gchristensen>
heh
<gchristensen>
back in 5min and I'll lay it out a bit more clearly
<eyJhb>
Couldn't you just add a secoundary card to the VM?
<eyJhb>
Ohh btw.. the topic needs to be changed to include samueldr logging link, so people know the channel is logged :)
<cransom>
you could swap the externalInterface back to the right one and set up a socat/haproxy/whatever to tcp forward 2200->22. or add more proxy to the mix and run a socks setup and configure the vm to use said proxy if you'd like to see all sorts of logging for the connections its making that are less visible on a nat setup.
<gchristensen>
hm
<gchristensen>
so actually I really like that the vm's ssh isn't public
<gchristensen>
the socks proxy is definitely interesting
<gchristensen>
do we have a service already setup for running a socks proxy?
<cransom>
unless you count tor, or an autossh with -D, we don't seem to have a plain old socks proxy.
<gchristensen>
I'm sure an auditor would be thrilled to hear our mac based infra fetches deps over tor
<cransom>
though it probably doesn't need to be socks specifically, http should also work.
<gchristensen>
(not that we have an auditor, but it might be good)