Docker VPN Network

Hey folks. I suck at docker networking but I am very familiar with a lot of docker. I currently use portainer to manage it as its just easier.

So here is what I want to setup. I would like to setup a Docker Container (VIA COMPOSE) that hosts a VPN connection to my vpn of choice.

I then want to have that network be named and routable for other containers that I wish to run their connection through the vpn to be forced to strictly use.

How would I do this? Where do I start? What materials and resources do you have on this?

Please note:
I will not entertain “VPN wars”
I will not entertain “Container system wars”
I will not entertain “Container Management Interface Wars”

I feel like I have to say that these days. Please dont let that discourage you from making a trully legitmate case but I am very committed to docker and do not seek to change where I am at. I just would like to know how to fit in what I need into this system.

Thanks Guys!

2 Likes

Probably a dozen ways to skin this cat but this might be worth a read.

I use unRaid and one of my preferred developers has vpn containers that can act as proxy’s for the other containers.
He has some useful documents on his github.

3 Likes

Thank you im gonna read up this morning

Quick question. What if those containers needing to use the vpn need to expose their own port?

Do you expose it with the vpn container or on the originating container

You will have to do the research but from my limited understanding of each (different) implementation given, #1 might allow that but I am almost certain #2 does not as it is a proxy server. Do not take my word, i am a novice with containers but that is my understanding.
Whatever solution you come up with please share as someone else will have a similar use case and appreciate not reinventing the wheel.

2 Likes

Yes I will 100% thanks

They provide a very easy way. Map on the gluetun container

I did it in the router using a macvlan bridge. I have a docker network which gets DHCP addresses from a subnet on my router and that subnet is routed through a VPN on the router.

Not sure if you can do it with your setup, but the VPN part was quite easy in pfSense.

3 Likes

Thats super interesting. So you basically made a managed vlan on pfsense. Passed it to that system and had the container access the vlan

Cool

1 Like

Totally bookmarking this so I can refer back to it. I have almost this exact use case in mind just don’t have the time at the moment to set it up.

1 Like

Bro I can run the TOR privoxy inside the vpn too. And share it to brows anaonymously. I love it

2 Likes

Im going to setup the ultimate pirate node

1 Like

That’s exactly what I had in mind. :yay:

Docker + Wireguard + OpenVPN + Tor

It’s literally like the only tech project left on my list.

2 Likes

Man its gonna be a golden age

It’s the last bit on mine as well lol.

2 Likes

:joy:

So

https://hub.docker.com/r/dockage/tor-privoxy

Easy way to pipe stuff into tor through your vpn so even if an end node gets compromised it just sees a vpn addy

1 Like

Ive straight up thought about running an end node myself for the network but through a vpn.

1 Like

If I had gigabit fiber I would be doing that.