100

cross-posted from: https://lemmy.dbzer0.com/post/19035305

[Promoting] Gluetun: The Little VPN Client That Could

My journey with docker started with a bunch of ill fated attempts to get an OpenVPN/qBittorrent container running. The thing ended up being broken and never worked right, and it put me off of VPN integration for another year or so.

Then recently I found Gluetun…and holy fucking cow. This thing is the answer to every VPN need I could possibly think of. I have set it up with 3 different providers now, and it has been more simple and reliable than the clients made by the VPN providers themselves every time.

If you combine the power of Gluetun with the power of Portainer, then you can even easily edit settings for your existing containers and hook them up to a VPN connection in seconds (or disconnect them). Just delete the forwarded ports in the original container, select the Gluetun container as the network connection, and then forward the same ports in Gluetun. Presto, you now have a perfectly functioning container connected to a VPN with a killswitch.

So if any of y’all on the high seas have considered getting more serious about your privacy, don’t do what I did and waste a bunch of time on a broken container. Use Gluetun. Love Gluetun. Gluetun is the answer.

top 24 comments
sorted by: hot top controversial new old
[-] originalucifer@moist.catsweat.com 16 points 7 months ago

100% agree. gluetun solved my vpn bleeding/failure problems.

[-] shrugal@lemm.ee 9 points 7 months ago* (last edited 7 months ago)

I've been running Gluetun for a few months now, and just the other day discovered that you can use it to seamlessly proxy Twitch streams (using it as http proxy for ttv lol pro), so they load via countries that Twitch doesn't show ads for. Setting it up was ridiculously easy, and now I have neither ads nor endless loading anymore. The whole thing was a really nice surprise!

[-] just_another_person@lemmy.world 8 points 7 months ago

Just wondering, but I'm seeing a lot of simple networking questions around here lately, and the majority about people not understanding how VPNs or networks work in general. Have we just reached the point where everything needs to be abstracted away because people don't understand interfaces, networks, and routing between them now?

Not talking smack, just trying to understand why these questions are so prominent now, so my guess is the above.

[-] Shadow@lemmy.ca 11 points 7 months ago

A lot of reasonably competent geeks just never get deep into networking, and VPNs can be overwhelming. It doesn't really help that for a long time it was all IPSec which basically you need to learn voodoo to manage. Thankfully we have much better tools now, but it's still just a tech layer that many people don't touch frequently.

[-] WeirdGoesPro@lemmy.dbzer0.com 6 points 7 months ago

I think the questions are more prominent because a wider audience of people are becoming more privacy conscious.

In my case, I haven’t had the advantage of going to school for any of this, so I have to pick up knowledge where I can. If there is a reliable tool available to accomplish my task, I’m more likely to use it than to pursue a more manual solution because even simple computing questions can be rabbit holes that result in hours of reading and learning.

The reason that I made this post is because your options are always limited by your awareness of available solutions, and I presumed there might be someone else out there who has struggled getting a VPN reliably bound to a service.

[-] BeatTakeshi@lemmy.world 4 points 7 months ago* (last edited 7 months ago)

I fully agree on the rabbit hole effect of learning linux and selfhosting on your own... I have been moving baby steps for 3 years because it's rare to find even 2 hours in a week where I can do just that. Networking is just daunting to newbies imo

[-] perishthethought@lemm.ee 4 points 7 months ago

Yes, please. And thank you to everyone who does the heavy lifting for me.

[-] funkless_eck@sh.itjust.works 1 points 7 months ago

it's not just one thing though. For a non technical user, it's nerve-wracking to worry that if you screw up the install, or download the wrong package, or configure the YAML wrong, or open the wrong port, or there's a port conflict, or you forgot to update the software... now you're potentially unprotected (even if that's not the case - many will still worry).

Not to mention even if you - as I did - had to skill up to understand it, three months passes and you're terrified to touch it because you've forgotten all the stuff you learned to set it up.

Same as how the majority of people don't even change their own oil on their cars - even though it's fairly easy.

[-] Lifebandit666@feddit.uk 1 points 7 months ago

It cost me £15 to change the carbon brushes on my washing machine and a 10 minute video on YouTube. The Washer Shop charge £75 to do it, and I considered paying it too.

It's a bit like that.

[-] cantankerous_cashew@lemmy.world 7 points 7 months ago

Based. I use gluetun with qbt and ProtonVPN (with port forwarding). Despite this being a tricky config, it was still pretty easy to setup. Can share bash scripts if anyone is interested.

[-] asbestos@lemmy.world 2 points 7 months ago

How do you handle the forwarded port change on every reconnect and updating it in qbt?

[-] Confused_Emus@lemmy.world 4 points 7 months ago

There’s another nifty little container called qbittorrent-natmap that will take care of that for you.

[-] cantankerous_cashew@lemmy.world 2 points 6 months ago

gluetun bundles a control server on port 8000 which you can query for the port number (don't worry about openvpn being in the url path, it still works with Wireguard). In my bash script (running on the host system), I use curl to retrieve the forwarded port number and then do a POST with that data to the API of my qbt client which is running in another container on port 8080.

[-] anzo@programming.dev -5 points 7 months ago

There's a reason why most providers don't allow that feature anymore. It's said that port forwarding is a security risk. Also, qBitTorrent works just fine without it.

[-] cantankerous_cashew@lemmy.world 5 points 7 months ago

There’s a reason why most providers don’t allow that feature anymore

Yes, cheese pizza

It’s said that port forwarding is a security risk

Says who? Assuming a fully patched system/client and a properly configured firewall/network, I'd love to hear more about these "risks".

Also, qBitTorrent works just fine without it.

Only if you don't care about seeding

[-] halm@leminal.space 4 points 7 months ago

Use Gluetun. Love Gluetun. Gluetun is the answer.

Alright, alright Hypno-toad, you got me! 😅

Jokes aside, this is probably the most convincing writeup I've seen in favour of Gluetun. Thanks, will give it a go!

[-] subtext@lemmy.world 4 points 7 months ago

You don’t need portainer for it to be easy! The wiki is quite great at providing setup examples for docker compose, regular docker, and others!

[-] WeirdGoesPro@lemmy.dbzer0.com 1 points 7 months ago

Indeed! There are many simple and quality ways to set it up, and users can pick anything they prefer. FOSS is dope like that.

[-] asbestos@lemmy.world 3 points 7 months ago* (last edited 7 months ago)

I just did it! Thank you so much! I failed so many times in the past but this took a few hours and now I have that perfect setup that I always wanted.

[-] WeirdGoesPro@lemmy.dbzer0.com 1 points 7 months ago

I’m so glad this post helped somebody!

[-] MalReynolds@slrpnk.net 3 points 7 months ago

God tier VPN solution (if your provider is covered), have two running, one outs in Singapore for *arrs and a localish one for my SearxNG. So much versatility for something so solid...

[-] Lifebandit666@feddit.uk 3 points 7 months ago

I've tried a bunch of different approaches to VPN in my short self hosted journey.

I chose Mullvad as my VPN and tried to make a container containing an OpenWRT router, a Windows machine, a bunch of containers within containers (Docker in LXC) before learning that's a shit way of doing things, and then I found Gluetun.

It was so simple to set up, and there was a dude on YouTube with all the Docker compose files and explanations, so I learned what I was doing as I was doing it.

Ultimately the only reason I didn't end up using it was because I didn't have my Plex instance in the stack and it couldn't communicate with the containers I was deploying, a trifle really.

I took what I learned from my Gluetun stack and used it to run Docker in a Debian VM with a the Mullvad app running, which is arguably easier but uses more resources since I run a second VM with Plex and other server stuff in Docker, and I could theoretically run it all in the same VM with a little more knowledge.

[-] Decronym@lemmy.decronym.xyz 1 points 7 months ago* (last edited 6 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
LXC Linux Containers
Plex Brand of media server package
VPN Virtual Private Network

3 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.

[Thread #712 for this sub, first seen 25th Apr 2024, 14:55] [FAQ] [Full list] [Contact] [Source code]

[-] tagginator@utter.online -3 points 7 months ago

New Lemmy Post: Gluetun: The Little VPN Client That Could (https://lemmyverse.link/lemmy.world/post/14644408)
Tagging: #SelfHosted

(Replying in the OP of this thread (NOT THIS BOT!) will appear as a comment in the lemmy discussion.)

I am a FOSS bot. Check my README: https://github.com/db0/lemmy-tagginator/blob/main/README.md

this post was submitted on 24 Apr 2024
100 points (96.3% liked)

Selfhosted

40347 readers
203 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS