Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Second docker network? Or just WG?

Featured Replies

So I am having an issue I need help with.

 

I currently run all my dockers on the default bridge. Everything works great.

 

What I want to do is one specific docker I want to open to the world (it's a MC server) and I want to use this as a "testing the waters" point for a new idea I had.

 

I want my new docker to be connected to the internet. I want to be able to manage said docker. But I do not want that docker to access my LAN or my server.

 

Some assumptions:

 

Gateway/Router = 192.168.1.1

unRAID = 192.168.1.10

 

What I was thinking was the docker could live in maybe its own wg network, call it wg3 (wg0-2 already in use for other things). then somehow wg3 needs access to the gateway, but only the gateway.

then when I Need to manage the docker I could also join wg3 by connecting to the VPN as a client.

 

 

1: does this sound like a good idea?

2: I tried putting it on wg3 and while I can get on wg3 with my computer, the docker cannot see the outside world...

  • Community Expert

Does the docker need to be able to make outgoing connections to the internet, or are you just trying to secure it for purposes of inbound connections?

  • Author

sorry, forgot to mention: The docker does need access to the internet. and since it'll need to be accessed from the internet (for gameplay)

  • Community Expert
40 minutes ago, elmetal said:

sorry, forgot to mention: The docker does need access to the internet. and since it'll need to be accessed from the internet (for gameplay)

In which case the container does not need to access the gateway itself (it is just accepting inbound requests FROM the gateway) as long as you can access the container via the wg3 network remotely then that should be enough.

  • Author
Just now, itimpi said:

In which case the container does not need to access the gateway itself (it is just accepting inbound requests FROM the gateway) as long as you can access the container via the wg3 network remotely then that should be enough.

that's a great point I didn't think about the fact that it just needs to accept inbounds and not outbounds...

Guess I have some testing to do

  • Author
8 hours ago, itimpi said:

In which case the container does not need to access the gateway itself (it is just accepting inbound requests FROM the gateway) as long as you can access the container via the wg3 network remotely then that should be enough.

I can access the container remotely but the container has access to the server via the wg3 address 10.253.3.1.... how can I make sure the container cannot see the server. is it possible when the server itself is its route back to the internet?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.