this post was submitted on 24 Apr 2024

103 points (100.0% liked)

Selfhosted

45304 readers

1165 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

[email protected]

103

Gluetun: The Little VPN Client That Could (lemmy.dbzer0.com)

submitted 11 months ago by [email protected] to c/[email protected]

21 comments fedilink hide all child comments

cross-posted from: https://lemmy.dbzer0.com/post/19035305

[Promoting] Gluetun: The Little VPN Client That Could

My journey with docker started with a bunch of ill fated attempts to get an OpenVPN/qBittorrent container running. The thing ended up being broken and never worked right, and it put me off of VPN integration for another year or so.

Then recently I found Gluetun…and holy fucking cow. This thing is the answer to every VPN need I could possibly think of. I have set it up with 3 different providers now, and it has been more simple and reliable than the clients made by the VPN providers themselves every time.

If you combine the power of Gluetun with the power of Portainer, then you can even easily edit settings for your existing containers and hook them up to a VPN connection in seconds (or disconnect them). Just delete the forwarded ports in the original container, select the Gluetun container as the network connection, and then forward the same ports in Gluetun. Presto, you now have a perfectly functioning container connected to a VPN with a killswitch.

So if any of y’all on the high seas have considered getting more serious about your privacy, don’t do what I did and waste a bunch of time on a broken container. Use Gluetun. Love Gluetun. Gluetun is the answer.

all 22 comments

sorted by: hot top controversial new old

[–] [email protected] 16 points 11 months ago

100% agree. gluetun solved my vpn bleeding/failure problems.

[–] [email protected] 9 points 11 months ago* (last edited 11 months ago)

I've been running Gluetun for a few months now, and just the other day discovered that you can use it to seamlessly proxy Twitch streams (using it as http proxy for ttv lol pro), so they load via countries that Twitch doesn't show ads for. Setting it up was ridiculously easy, and now I have neither ads nor endless loading anymore. The whole thing was a really nice surprise!

[+] [email protected] 8 points 11 months ago* (last edited 6 months ago) (4 children)

[removed by mod]

[–] [email protected] 11 points 11 months ago

A lot of reasonably competent geeks just never get deep into networking, and VPNs can be overwhelming. It doesn't really help that for a long time it was all IPSec which basically you need to learn voodoo to manage. Thankfully we have much better tools now, but it's still just a tech layer that many people don't touch frequently.

[–] [email protected] 7 points 11 months ago (1 children)

I think the questions are more prominent because a wider audience of people are becoming more privacy conscious.

In my case, I haven’t had the advantage of going to school for any of this, so I have to pick up knowledge where I can. If there is a reliable tool available to accomplish my task, I’m more likely to use it than to pursue a more manual solution because even simple computing questions can be rabbit holes that result in hours of reading and learning.

The reason that I made this post is because your options are always limited by your awareness of available solutions, and I presumed there might be someone else out there who has struggled getting a VPN reliably bound to a service.

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago)

I fully agree on the rabbit hole effect of learning linux and selfhosting on your own... I have been moving baby steps for 3 years because it's rare to find even 2 hours in a week where I can do just that. Networking is just daunting to newbies imo

[–] [email protected] 4 points 11 months ago

Yes, please. And thank you to everyone who does the heavy lifting for me.

[–] [email protected] 1 points 11 months ago

it's not just one thing though. For a non technical user, it's nerve-wracking to worry that if you screw up the install, or download the wrong package, or configure the YAML wrong, or open the wrong port, or there's a port conflict, or you forgot to update the software... now you're potentially unprotected (even if that's not the case - many will still worry).

Not to mention even if you - as I did - had to skill up to understand it, three months passes and you're terrified to touch it because you've forgotten all the stuff you learned to set it up.

Same as how the majority of people don't even change their own oil on their cars - even though it's fairly easy.

[–] [email protected] 7 points 11 months ago (2 children)

Based. I use gluetun with qbt and ProtonVPN (with port forwarding). Despite this being a tricky config, it was still pretty easy to setup. Can share bash scripts if anyone is interested.

[–] [email protected] 2 points 11 months ago (2 children)

How do you handle the forwarded port change on every reconnect and updating it in qbt?

[–] [email protected] 4 points 11 months ago

There’s another nifty little container called qbittorrent-natmap that will take care of that for you.

[–] [email protected] 2 points 11 months ago

gluetun bundles a control server on port 8000 which you can query for the port number (don't worry about openvpn being in the url path, it still works with Wireguard). In my bash script (running on the host system), I use curl to retrieve the forwarded port number and then do a POST with that data to the API of my qbt client which is running in another container on port 8080.

[–] [email protected] 1 points 11 months ago (1 children)

There's a reason why most providers don't allow that feature anymore. It's said that port forwarding is a security risk. Also, qBitTorrent works just fine without it.

[–] [email protected] 5 points 11 months ago

There’s a reason why most providers don’t allow that feature anymore

Yes, cheese pizza

It’s said that port forwarding is a security risk

Says who? Assuming a fully patched system/client and a properly configured firewall/network, I'd love to hear more about these "risks".

Also, qBitTorrent works just fine without it.

Only if you don't care about seeding

[–] [email protected] 4 points 11 months ago

Use Gluetun. Love Gluetun. Gluetun is the answer.

Alright, alright Hypno-toad, you got me! 😅

Jokes aside, this is probably the most convincing writeup I've seen in favour of Gluetun. Thanks, will give it a go!

[–] [email protected] 4 points 11 months ago (1 children)

You don’t need portainer for it to be easy! The wiki is quite great at providing setup examples for docker compose, regular docker, and others!

[–] [email protected] 2 points 11 months ago

Indeed! There are many simple and quality ways to set it up, and users can pick anything they prefer. FOSS is dope like that.

[–] [email protected] 3 points 11 months ago

God tier VPN solution (if your provider is covered), have two running, one outs in Singapore for *arrs and a localish one for my SearxNG. So much versatility for something so solid...

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago) (1 children)

I just did it! Thank you so much! I failed so many times in the past but this took a few hours and now I have that perfect setup that I always wanted.

[–] [email protected] 2 points 11 months ago

I’m so glad this post helped somebody!

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters	More Letters
LXC	Linux Containers
Plex	Brand of media server package
VPN	Virtual Private Network

3 acronyms in this thread; the most compressed thread commented on today has 10 acronyms.

[Thread #712 for this sub, first seen 25th Apr 2024, 14:55] [FAQ] [Full list] [Contact] [Source code]

[–] [email protected] 0 points 11 months ago

New Lemmy Post: Gluetun: The Little VPN Client That Could (https://lemmyverse.link/lemmy.world/post/14644408)
Tagging: #SelfHosted

(Replying in the OP of this thread (NOT THIS BOT!) will appear as a comment in the lemmy discussion.)

I am a FOSS bot. Check my README: https://github.com/db0/lemmy-tagginator/blob/main/README.md