Hej everyone.
Until now I’ve used a linux install and vpn software (airvpn and eddie) when sailing the high seas. While this works well enough, there is always room for improvement.
I am in the process of setting up a docker stack which so far contains gluetun/airvpn and qbittorrent. Here is my compose file:
version: "3"
services:
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
cap_add:
- NET_ADMIN
volumes:
- /appdata/gluetun:/gluetun
environment:
- VPN_SERVICE_PROVIDER=airvpn
- VPN_TYPE=wireguard
- WIREGUARD_PRIVATE_KEY=
- WIREGUARD_PRESHARED_KEY=
- WIREGUARD_ADDRESSES=10.188.90.221/32,fd7d:76ee:e68f:a993:63b2:6cc0:fe82:614b/128
- SERVER_COUNTRIES=
- FIREWALL_VPN_INPUT_PORTS=
ports:
- 8070:8070/tcp
- 60858:60858/tcp
- 60858:60858/udp
restart: unless-stopped
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent
network_mode: "service:gluetun"
environment:
- PUID=1000
- PGID=100
- TZ=Europe/Berlin
- WEBUI_PORT=8070
volumes:
- /appdata/qbittorrent/config/:/config
- /data/videos/downloads:/downloads
depends_on:
- gluetun
restart: always
My first problem was related to the ip adress. For some reason, when I use an IPV6 adress, I got this error in gluetun:
2023-10-06T17:30:42Z ERROR VPN settings: Wireguard settings: interface address is IPv6 but IPv6 is not supported: address fd7d:76ee:e68f:a993:63b2:6cc0:fe82:614b/128
Well, I removed that IPV6 and now everything works. Does anyone have a fix? :)
Now for the important part. I tested the setup with a linux iso and to my surprise - everything works. When I used ipleak.net or other websites, these websites only detect the ip from my vpn. Great.
Do I need to take any other precautions? I also bound the network interface tun0 in the qbit webui, just to be sure. When I stop the gluetun container, the webui stops working (as it should, but it is hard to check, if the download also stops). I’m just a bit paranoid because I don’t want to pay coin when downloading all the isos my heart desires.
Thank you so much for any input!
AFAIK
service:
andcontainer:
do the same thing.service:
andcontiner:
do the same thing when run inside the same docker-compose.yml. Whengluetun
is run separately, you’ll need to referenceservice:
in order to reference it because it’s outside the same compose file. The difference is slight, but noticeable if you’re running multiple compose files. HTH :)