Gluetun - Your VPN Client for Docker Containers

Imagine having a built-in kill switch VPN for your Docker services, ensuring that your data remains safe and secure at all times.

In this post, we’ll explore Gluetun, a powerful tool that provides enhanced privacy, access to restricted content, and protection for your docker services.

But before we dive in, make sure you’re prepared with the prerequisites listed below.

Are you ready to take control of your online privacy and security?

Why a VPN?

• Online Privacy and Security:

  • A VPN keeps your online activities private and secure by encrypting your internet connection, protecting you from hackers and intrusive surveillance. 🔒
  • With Gluetun VPN, you can browse the internet anonymously and securely, ensuring that your sensitive information remains safe from prying eyes.

• Access to Restricted Content:

  • With a VPN, you can access websites and services that may be blocked in your location, making it easier to explore educational resources and enjoy online content. 🌐
  • Gluetun VPN allows you to bypass geo-restrictions and censorship, giving you the freedom to access the content you want, when you want it.

• Protection on Public Wi-Fi:

  • When using public Wi-Fi, a VPN safeguards your data from potential threats, making it safer to browse the internet on shared networks. 📡
  • Gluetun VPN encrypts your internet traffic, protecting your personal information and ensuring that your online activities remain private, even on unsecured Wi-Fi networks.

The Gluetun Project

Gluetun is a powerful (and free) tool designed to enhance your online privacy and security while providing access to restricted content and protecting you on public Wi-Fi networks.

You will be able to select among a list of VPN providers to plug them into Gluetun:

• The Gluetun Source Code at Github
  • License: MIT ❤️
  • Docker Gluetun Container Image

And Gluetun is written in Go - which makes it ⚡️ fast

SelfHosting VPNs - Gluetun Docker

SelfHosting Gluetun

Get ready to route Traffic Through VPN thanks to Gluetun.

Trust me, Docker will make your life easier to try and SelfHost new services like this one.

If you have installed both Docker and Portainer, you should see this interface in your browser:

Now we just need one more step - the Gluetun configuration.

Gluetun Docker Compose Stack

You just need to use the following Docker-Compose to run Gluetun with Docker:

• https://mullvad.net/en/account/wireguard-config
  • Select Linux and generate a key, for example: Sweden/Stockholm
  • Download the .zip file with the config

cd Downloads
unzip mullvad_wireguard_linux_se_sto.zip

ls
nano se-sto-wg-001.conf #explore the content

You will see that the Mullvad (Wireguard) configs contain the following info:

[Interface]
# Device: Famous Panda
PrivateKey = +a/very/secret/=
Address = ipv4/32,ipv6/128
DNS = dnsip

[Peer]
PublicKey = other/secret/string/=
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = other_ipv4:51820

Which we will use on our gluetun container:

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: vpn_gluetun_mullvad
    cap_add:
      - NET_ADMIN
    # ports:
    #   - 3000:3000/tcp #containers port
    environment:
      - VPN_SERVICE_PROVIDER=mullvad #protonvpn #nordvpn
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=you_will_need_this_input
      - WIREGUARD_ADDRESSES=and_also_the_ipv4_version #ipv6 wont work (at least for now)
      - SERVER_CITIES= Stockholm #New York NY #choose any available city
    volumes:
      - /Home/Docker/Gluetun:/gluetun
    restart: unless-stopped  

See that it works, by checking:

docker exec -it vpn_gluetun_mullvad /bin/sh
#docker exec -it vpn-gluetun-1 /bin/sh
#docker exec -it <container_id> /bin/sh

Or simply:

docker exec -it qbittorrent curl -sS https://ipinfo.io/json 

FAQ

Other F/OSS VPN’s

• Wireguard
• Headscale + Tailscale

Gluetun with ProtonVPN

• With their own ProtonVPN app - https://protonvpn.com/support/linux-vpn-setup/
• With OpenVPN
• With Wireguard ✅

Gluetun with NordVPN

• https://my.nordaccount.com