Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

possible easy way to run specific docker container network traffic via OpenVPN/WireGuard? #222

Closed
danadams199 opened this issue Oct 7, 2022 · 10 comments
Closed

possible easy way to run specific docker container network traffic via OpenVPN/WireGuard? #222

danadams199 opened this issue Oct 7, 2022 · 10 comments

Comments

@danadams199
Copy link

I have installed transmission app from store and want to make all traffic for that container only via a vpn config I have. Is there easy way to do this via app? or do i need edit docker files? i saw wireguard app but think that is for self host vpn and not what i want.

many thanks
@meienberger
Copy link
Collaborator

Hello, there is no easy way to do it currently but I would suggest you have a look at gluetun then you can edit your compose file with network_mode: container:gluetun and everything will go through it

@danadams199
Copy link
Author

thank u for quick reply, and thank for suggestion of gluetun it look like exactly what I need.

so i would make docker container for gluetun and configure vpn, then open transmission/docker-compose.yml and add network_mode code u referenced since i only want for transmission and not whole of tipi?

@danadams199
Copy link
Author

hello again
i just try the solution and setup gluetun container successfully but i was not able to get to connect to transmission.

i originally tried adding network_mode but u cant use that with networks so i tried adding same code u said to networks list but it cannot find it.

i tried the code u suggested of network_mode instead and commented out networks, but then it cannot connect to tipi main network either and fails to start the container.

do u have any idea what might be wrong?

@meienberger
Copy link
Collaborator

Do you have some kind of error to share? Is it when you start the app from the dashboard? If you use the network_mode it's normal to be out of the tipi_main_network Can you also share your docker-compose file?

@meienberger
Copy link
Collaborator

I just tried to set it up and it worked well for me:

Gluetun config:

version: "3"
services:
  gluetun:
    container_name: gluetun
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=mullvad
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=redacted
      - WIREGUARD_ADDRESSES=redacted
      - SERVER_CITIES=Amsterdam

and in transmission I remove the network part and added network_mode: "container:gluetun"

@danadams199
Copy link
Author

@meienberger i tried again just now and gluetun works fine but when i edit transmission docker compose to have network_mode: container:gluetun first it says networks is conflict so i remove that. then it says dns is conflict so i remove that. then it says port is conflict and after commenting that it finally start. but then i cannot access it because ports are not open anymore. So im not sure how it work for you. Do i need to move ports and dns to gluetun container instead?

gluetun docker-compose:

version: "3.7"
services:
  gluetun:
    container_name: gluetun
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=mullvad
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=priv_key
      - WIREGUARD_ADDRESSES=priv_address
      - SERVER_CITIES=Amsterdam

transmission docker-compose

version: "3.7"
services:
  transmission:
    image: lscr.io/linuxserver/transmission:latest
    container_name: transmission
    # dns:
    #  - ${DNS_IP}
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=${TZ}
      - USER=${TRANSMISSION_USERNAME}
      - PASS=${TRANSMISSION_PASSWORD}
      - TRANSMISSION_WEB_HOME=/transmission-web-control/
      # - WHITELIST=iplist #optional
      # - PEERPORT=peerport #optional
      # - HOST_WHITELIST=dnsnane list #optional
    volumes:
      - ${APP_DATA_DIR}/data/config:/config
      - ${ROOT_FOLDER_HOST}/media/torrents:/downloads
    #ports:
    #  - ${APP_PORT}:9091
    #  - 51413:51413
    #  - 51413:51413/udp
    restart: unless-stopped
    network_mode: container:gluetun
    # networks:
    #  - tipi_main_network

@danadams199
Copy link
Author

hello again
since following what u said, my entire tipi now fails too start. it loads the dashboard but no apps can run, and it gives error "docker bridge.enable_icc changed and needs to be recreated" anytime i try start them but i full teardown all container and network and recreate it all and now it still doesnt work. i restart system, i make no changes and revert and now nothing work anymore i dont understand? i cant find anything on google about this enable icc option either? i fully delete all containers i had, all network, everything and it still doesnt work i dont get

@meienberger
Copy link
Collaborator

You may have messed up some stuff. be sure to run the stop script correctly sudo ./scripts/stop.sh before trying to restart. Can you show me the result of git status to know if you changed any important file?

@meienberger
Copy link
Collaborator

The network issue was related to something else in the apps repo. Please update with git pull origin master and restart again

@meienberger
Copy link
Collaborator

I'm closing this issue for now as it is not directly related to Tipi. I would suggest to open an issue at gluetun if you have further questions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@meienberger @danadams199