mbc0 Posted March 2, 2020 Share Posted March 2, 2020 Hi, I would like to put some containers behind a vpn that do not have a proxy option (like radarr,sonarr etc) I have binhex-privoxy running which is great for those dockers but not for all. I have a private internet access account available to me and use it for binhex-privoxy and some vm's but do not want to put everything behind a vpn just some dockers I have pfsense running on another unraid server available to me but could not work out how to setup a VLAN, is this still my best option or is there another way? Thanks in advance! Quote Link to comment
testdasi Posted March 2, 2020 Share Posted March 2, 2020 Radarr and Sonarr have proxy option (Settings -> General). So what are the "etc"? Quote Link to comment
mbc0 Posted March 2, 2020 Author Share Posted March 2, 2020 I did not explain that very well, I mean radarr and sonarr etc do have a proxy option and I can pass them through privoxy, other dockers do not have this option and I would like to pass them through a VPN and looking for the best way to do this. Thanks Quote Link to comment
testdasi Posted March 3, 2020 Share Posted March 3, 2020 You can install the OpenVPN plugin that would put your entire server behind VPN. Otherwise, you have to do it on your router (e.g. have each docker with its own IP and control the VPN access from the router) and/or router VM. I used to have a VM that is connected to VPN and serves as a gateway for some dockers to route traffic through. I don't do that any more since I found it rather cumbersome. Generally the dockers that I need to be behind VPN already have a "+VPN" version available on the app store. Quote Link to comment
mbc0 Posted March 3, 2020 Author Share Posted March 3, 2020 Hi @testdasi, Thanks so much for your time! I think I "hopefully" am close! I have installed a VM running ubuntu server running as a virtual vpn server and it works great to devices that I can specify an IP/Gateway on, how did you route your dockers through a different gateway then you used to do that? Thanks again Quote Link to comment
testdasi Posted March 3, 2020 Share Posted March 3, 2020 (edited) 16 minutes ago, mbc0 said: I have installed a VM running ubuntu server running as a virtual vpn server and it works great to devices that I can specify an IP/Gateway on, how did you route your dockers through a different gateway then you used to do that? I used pipework docker (details below). There is the proper Limetech-recommended method using docker native functionalities which I found too troublesome to even try since pipework just worked and took me less than 5 minutes to set up. Nevertheless, I have now completely transitioned away from custom IP and into using +VPN dockers and VPN proxy dockers. There isn't any docker that I want to be behind VPN which doesn't have either of those 2 options available. Pipework docker. Edited March 3, 2020 by testdasi Quote Link to comment
mbc0 Posted March 3, 2020 Author Share Posted March 3, 2020 perfect! thank you so much 🙂 All working now! Quote Link to comment
bling Posted March 8, 2020 Share Posted March 8, 2020 FYI you can put "--net=container:foo" in the extra params to make any docker container reuse the network of an existing container (example here is that "foo" is the docker container connected to the VPN). the recently released 6.8.3 makes this work again without the need for workarounds. Quote Link to comment
mbc0 Posted March 11, 2020 Author Share Posted March 11, 2020 On 3/8/2020 at 3:08 PM, bling said: FYI you can put "--net=container:foo" in the extra params to make any docker container reuse the network of an existing container (example here is that "foo" is the docker container connected to the VPN). the recently released 6.8.3 makes this work again without the need for workarounds. Hi, Do you mean instead of or as well as? --net=container:foo -e 'pipework_cmd=br0 @CONTAINER_NAME@ 192.168.0.138/[email protected]' Quote Link to comment
bling Posted March 13, 2020 Share Posted March 13, 2020 On 3/11/2020 at 7:11 PM, mbc0 said: Hi, Do you mean instead of or as well as? --net=container:foo -e 'pipework_cmd=br0 @CONTAINER_NAME@ 192.168.0.138/[email protected]' instead of. using --net replaces any existing method for achieving this. you don't need to set up proxies or anything because any "child containers" will reuse the network of the parent. so all you need to do is find a docker container (there are tons) that do openvpn + a kill switch as the parent and you're good. Quote Link to comment
mbc0 Posted March 15, 2020 Author Share Posted March 15, 2020 (edited) Hi, @blingsorry for the delay in thanking/getting back to you! I have just tried this and it unfortunately fails? This is the docker I wanted to use that uses a vpn and killswitch These are the extra parameters I put in --net=container:binhex-delugevpn and this is the error I get? /usr/bin/docker: Error response from daemon: Container cannot be connected to network endpoints: container:binhex-delugevpn, host. See '/usr/bin/docker run --help'. The command failed. Am I missing something obvious? Thank you Edited March 15, 2020 by mbc0 Quote Link to comment
bling Posted March 15, 2020 Share Posted March 15, 2020 1 hour ago, mbc0 said: Hi, @blingsorry for the delay in thanking/getting back to you! I have just tried this and it unfortunately fails? This is the docker I wanted to use that uses a vpn and killswitch These are the extra parameters I put in --net=container:binhex-delugevpn and this is the error I get? /usr/bin/docker: Error response from daemon: Container cannot be connected to network endpoints: container:binhex-delugevpn, host. See '/usr/bin/docker run --help'. The command failed. Am I missing something obvious? Thank you you need to set the network type to 'none', so that the --net in the extra params will work. also, if your child container has a port exposed you need this defined on the parent container instead otherwise you can't access it. Quote Link to comment
mbc0 Posted March 15, 2020 Author Share Posted March 15, 2020 Thanks for the reply, I set network type to none at first but had no joy so tried all possible options, the error is probably because as you say "if your child container has a port exposed you need this defined on the parent container instead otherwise you can't access it." but unfortunately I have no idea what that means! 😞 Quote Link to comment
xxDeadbolt Posted March 15, 2020 Share Posted March 15, 2020 I am in no way an expert, I've only been using unraid a few days, but if you edit the settings of the binhex-deluge container, there's an option at the bottom to add extra parameters/ports etc. Think you need to do this, name it the name of the container which will be using it and the port it uses. I'd maybe wait for someone else to confirm before you change anything based on what I've said though lolSent from my ONEPLUS A6003 using Tapatalk Quote Link to comment
mbc0 Posted March 18, 2020 Author Share Posted March 18, 2020 Hi, Thanks for your reply, I have been searching but cannot find a way to add a docker using the method you are talking about (adding extra parameter) ? Quote Link to comment
mbc0 Posted March 18, 2020 Author Share Posted March 18, 2020 ah! just found this, so I know it won't work unfortunately as binhex himself said so On 1/10/2020 at 6:04 AM, alturismo said: i saw some readme´s about the --net=container:<vpn_dockername> im not sure where you saw that but its not in any readme's for these vpn docker images as this will not work due to the highly tied down configuration using iptables. Quote Link to comment
testdasi Posted March 18, 2020 Share Posted March 18, 2020 Just now, mbc0 said: ah! just found this, so I know it won't work unfortunately as binhex himself said so That's one of the reasons why I used pipework instead of the various official methods with dockers. Pipework works in a transparent easy-to-understand way i.e. just like how you would set something up in your OS network settings. Quote Link to comment
SpaceInvaderOne Posted April 11, 2020 Share Posted April 11, 2020 Checkout my video here 2 Quote Link to comment
mbc0 Posted April 11, 2020 Author Share Posted April 11, 2020 you are a legend @SpaceInvaderOne I had already looked for a video from you but it never existed until now! thank you so much! 🙂 1 Quote Link to comment
drpete Posted April 14, 2020 Share Posted April 14, 2020 Space Invader, thank you for the great videos. Gotta a question. Your video shows how to use the "curl ifconfig.io" command. I tried this command when bashing into delugevpn container and got an ip that represents my vpn working (ie looks like I am in France). I followed one of your older videos showing how to proxy sonarr and radarr (i am using linuxserver io) and have those proxy to port 8118 with my server IP. They work fine, but when I bashed into the container and tried the curl command, I am getting my real ip address. What am I doing wrong, or does this feature no longer work. This is true for sonarr, radarr and jacket. Thanks for the help. Quote Link to comment
drpete Posted April 14, 2020 Share Posted April 14, 2020 Sorry. I am an idiot..It works for http(s) so when I checked the proxy with a web browser., it is perfect...That explains why the curl command wouldnt reply with the vpn'd ip address. Sorry to bother you with stupid questions..Just goes to show, drag a fool to water and give him enough time, he may learn to drink on his own...lol Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.