Multiple networks and/or VPN support

Apps and Virtualization
,
1

Long time listener, first time caller -

I’d like to use a VPN service for content downloads with qbittorrent, deluge, etc. I’ve played around with using the VPN service as an endpoint on my firewall, and using some creative firewall rules/NAT to take all the traffic from my TrueNAS Scale 24.10 BETA box and send it through a tunnel. Due to “reasons” (poorly constructed rules? VPN provider issues/blocking? Dunno?), the torrent traffic worked mostly okay, but HTTPS traffic only *kinda worked, meaning truenas couldn’t reach github anymore, so no app upgrades/installs, or truenas updates, etc. This is sub-optimal. so I cleaned off the firewall, and started looking for ways to implement the VPN “closer to home”, to the TrueNAS box. Two possible solutions sprang to mind, and so I figured I’d air them out here, and see how close to reality I might be, and get any advice/guidance this community can provide. Here’s my thoughts:

  1. have a second physical or VLAN interface on my TrueNAS box, and then apply the VPN to that second network, via the firewall, and try to figure out a way to have that second network be availble from within docker (that’s the part I haven’t wrapped my head around) so that only certain apps use that network, and/or only for certain (torrent) traffic.
  2. bring the VPN endpoint in close to the docker instance, via a docker app (here’s where my lack of docker experience and knowledge is exposed). it LOOKS like this might be doable, but either with some serious docker hacking, or, waiting for a docker app to come out that can do the VPN endpoint, and provide it to other apps (gluetun seems to kinda fit this bill, but I can’t figure out how to deploy it currently, as well as make the appropriate modifications to the other apps that would talk through it).
  3. if the answer is "just sit tight and wait for a few more 24.10 releases, I think I can be okay with that, if the solution is “coming”. I’m only just building this environment out in my home network, so it’s not yet “in production”, just trying to get a good *arr setup working, before the plex “service” I am getting from a friend goes away, because of Real World Reasons…

Thoughts?