I am trying to do what I thought would be mostly trivial but am having a hell of a time with. I’ve signed up for AirVPN and i want to route my qBittorrent (and *arr once I set them up) traffic through it, but I can’t seem to get any scheme I come up with to work. I’ve tried:
Wireguard easy, trying to load the AirVPN generated config during initial setup just gives “server error” and so does literally every single other setting I try to change once logged in, so much for “easy”.
gluetun using the inbuilt http proxy, nothing will connect to it, not applications on the same box nor external devices, the container shows (tcp and udp)://0.0.0.0:8888 so the proxy ip it should just be the box ip, but it does not work, just comes up with no internet access. gluetun itself does successfully connect to airvpn however.
gluetun plus gosocksproxy, cannot get gosocksproxy to up when trying to make it use the gluetun network, both as separate containers and as one container with both despite trying many composes posted online.
Any help is appreciated because this just seems far more trouble and headache than it should actually be.
It’s really easy actually: you just need to add “network_mode: container: gluetun” to your docker-compose yaml files for any containers you want to use gluetun, once you have your gluetun container working properly.
from what i read doing this would make the apps ONLY accessible over vpn, ie no lan access. besides that, i would like to avoid using docker apps for ones available from the catalogue and also converting them to custom for yaml editing in the interest of minimizing gremlins and troubleshooting n̶i̶g̶h̶t̶m̶a̶r̶e̶s̶ fun in the future. plus setting up a proxy just makes it more flexible for other apps and devices.
You do know that the truenas apps are also docker container wrapped inside a truenas GUI dress right? The problem is that the official apps do not have vpn support. You do have to add a network to them for a VPN to work but that is not possible right now. You either have to convert them to the yaml version and add the von network or use your own yaml files with the added vpn network
None of the catalogue apps have that functionality and I doubt they ever will. If you had a router that had VPN built in, you could do something IP related. You could have apps use Gluetun as a socks5 proxy, but that’s probably not going to work well with torrents.
Barring that, custom yaml/compose for any apps you want to tunnel through Gluetun.
There are a bunch of people that have posted their yaml to get it done. Either on this forum or on reddit.
Then again right now, looks like dockerhub is having an issue with it.
what is this, stack exchange? i asked for help with x, i get told to do y z w a q and f instead in addition to why x is dumb and bad.
either way i ended up figuring it out, there was some random issue out of the blue with my dockerhub credentials where it kept returning unauthorized but ONLY when trying to download the socks5proxy image, so nothing wrong at all with any of the composes i used. i reentered them and now it ups with no problem and the socks5 proxy works perfect both on my laptop firefox and on the straight from the catalogue qbittorrent.
because i hate when people dont post answers to the problems they solved themselves, here is my confirmed working compose for gluetun+socks5proxy using airvpn:
services:
gluetun:
cap_add:
- NET_ADMIN
container_name: gluetun
devices:
- /dev/net/tun:/dev/net/tun
environment:
- VPN_TYPE=wireguard
- VPN_SERVICE_PROVIDER=airvpn
- WIREGUARD_PRIVATE_KEY={key}
- WIREGUARD_PRESHARED_KEY={key}
- WIREGUARD_ADDRESSES={ip addresses}
- SERVER_COUNTRIES=United States #change to your preference
- TZ=America/Los_Angeles #change to your location or remove line if desired
- PUID=568
- PGID=568
- BLOCK_MALICIOUS=off #remove line if malicious domain dns filter is desired
image: qmcgaw/gluetun:latest
ports:
- 1080:1080/tcp
- 1080:1080/udp
restart: unless-stopped
volumes:
-{path}:/gluetun
socks5:
depends_on:
- gluetun
environment:
- REQUIRE_AUTH=false
image: serjs/go-socks5-proxy
network_mode: service:gluetun
socks5proxy was just updated about 12 hours ago with a new require_auth var that is default true and was causing my container to permacrash because i didnt have a user and pass defined, so that was a real fun 2 hours fighting with the apps gui and docker cli thinking it was crashed because it self exited and as such refusing to allow me to edit the yaml because of the stupid could not down error, and finally figuring out to edit /mnt/.ix-apps/user_config.yaml in the shell to turn off require_auth AND THEN having to just open and save the yaml in the apps gui anyway because it STILL would report it could not down the container (even though both programs were off the literal entire time) until i did that because god knows why. i also updated the compose accordingly.
