Issues with Gluetun and Portainer

savathuntechquestion · 10. Dezember 2022

So I'm trying to get Privado VPN to run on my OMV6 server, not for every application, just the few docker containers I want to run through a VPN. I was recommended Gluetun (https://hub.docker.com/r/qmcgaw/gluetun) as a VPN client that could connect well with Privado. I am trying to install it with Portainer since I am not familiar installing things by the Docker command line.

The first time I installed it I immediately lost all access to my server, due to my server being local IP access only. I had to connect the keyboard and do "Docker Kill VPN" to be able to get back to the web gui. My mistake was changing restart policy to always. Somehow during that Portainer was no longer accessible and I had to remove it, do "Docker rm VPN" and restart my server before Portainer could be installed again.

I tried reinstalling the Gluetun VPN container by leaving all the env variables blank. Portainer immediately became non responsive though "docker ps" did not list the VPN. I had to remove Portianer and restart before I could reinstall portainer again.

so 1: is there a better alternative than Gluetun, 2) how can retain local ip access when the vpn is running, 3) how do i prevent it from crashing portainer?

pavelkms · 13. Dezember 2022

1. Gluetun is the best and works great.

2. and 3. You should read carefully here: https://hub.docker.com/r/qmcgaw/gluetun everything here is very detailed and clear.

savathuntechquestion · 16. Dezember 2022

So I went back and reread those guides twice, and I still ran into the same problem that as soon as I deployed the container I was no longer able to access my server, not the OMV local dashboard, nor WETTY, nor Portainer, probably because they stopped being on the local network. I wasn't able to access what I hoped was the Glueton dashboard at port 8888 of my local IP or port 8388

Even after typing in via USB keyboard "docker kill Glueton" I was not able to access OMV until I rebooted the server.

I don't want my whole server on a VPN right now just want to set this up to run a few different containers through it.

Attached is my docker compose with redacted info for my username and PW.

KM0201 · 16. Dezember 2022

Zitat von savathuntechquestion

So I went back and reread those guides twice, and I still ran into the same problem that as soon as I deployed the container I was no longer able to access my server, not the OMV local dashboard, nor WETTY, nor Portainer, probably because they stopped being on the local network. I wasn't able to access what I hoped was the Glueton dashboard at port 8888 of my local IP or port 8388
Even after typing in via USB keyboard "docker kill Glueton" I was not able to access OMV until I rebooted the server.

I don't want my whole server on a VPN right now just want to set this up to run a few different containers through it.

Attached is my docker compose with redacted info for my username and PW.

Alles anzeigen

I can't speak for gluetun (I tried it a while ago and deployed it in a similar way as I describe below without issue)... but I believe you need to learn to use network modes on your other containers.... Here, I routed prowlarr, etc. through my transmission container (which is routed behind my VPN provider, PIA)

So first I set up haugene-transmission with my PIA account...

Code

version: '2.1'
services:
 transmission-openvpn:
    container_name: transvpn
    volumes:
        - /path/to/downloads:/data
        - /etc/localtime:/etc/localtime:ro
    environment:
        - PUID=YOUR_PUID
        - PGID=100
        - CREATE_TUN_DEVICE=true
        - OPENVPN_PROVIDER=PIA
        - PIA_OPENVPN_CONFIG_BUNDLE=openvpn
        - OPENVPN_CONFIG=us_florida
        - OPENVPN_USERNAME=YOUR_PIA_USERNAME
        - OPENVPN_PASSWORD=YOUR_PIA_PASSWORD
        - DISABLE_PORT_UPDATER=true
        - TRANSMISSION_WEB_UI=transmission-web-control
        - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
        - WEBPROXY_ENABLED=false
        - LOCAL_NETWORK=192.168.1.0/24
    cap_add:
        - NET_ADMIN
    logging:
        driver: json-file
        options:
            max-size: 10m
    ports:
        - 9091:9091
    restart: always
    image: haugene/transmission-openvpn

Alles anzeigen

Deployed, and made sure it was working and I was behind my VPN

Now, using prowlarr as an example, since I want it to route behind my VPN...

Docker

(You can see from the above, prowlarr runs on port 9696)

So next I made a stack for prowlarr (see notes below)

Code

version: "2.1"
services:
  prowlarr:
    image: lscr.io/linuxserver/prowlarr:develop
    container_name: prowlarr
    network_mode: container:transvpn
    environment:
      - PUID=1000
      - PGID=100
      - TZ=US/EST
    volumes:
      - /path/to/config:/config
    restart: unless-stopped

Alles anzeigen

Note:

1. My network mode, this is what tells it what container to route through (transvpn, as that is the name of my transmissionvpn container)

2. There is no port section on the prowlarr compose file.

Now, I deployed the prowlarr stack, obviously with no port settings, it's not going to work.

So I went back to my transmission stack, and added 9696:9696 to the port settings for transmission.. so it looks like this

Code

   ports:
        - 9091:9091
        - 9696:9696

I then redeployed transmission.

Once I was done, I had to restart prowlarr, then I bashed to prowlarr and checked the containers public IP, and found that it was properly routing through my transmission container since they had the same public IP. At this point I'd also be able to access the prowlarr webUI

Say I wanted to deploy sonarr through my VPN...

Docker

Same thing... I would adjust the stack with the proper network mode, and then remove the port settings and deploy. Once that was done, I would add Sonarr's port (8989) to my tranmission stack and redeploy transmission. Once transmission redeployed, restart Sonarr. After that, I bashed into sonarr and made sure it's public IP was the same as my transmission container. At this point, I'd be able to access the sonarr webUI

It's really pretty easy when you get the hang of it.

Hope that helps

savathuntechquestion · 17. Dezember 2022

KM0201, thanks for the walkthrough because you outlined what I want to work on in the future, access to Sonarr and Prowlarr outside my house through a safe and secure way; as well as I'm setting up this VPN because I do plan to add a torrent client next.

However things like my openmediavault.local web interface, sabnzbd, plex, and files I don't want running through a VPN and want to keep them on my local network for now. So I guess when I start the VPN I can't navigate to a webui to exclude those processes on the 8888 port

Issues with Gluetun and Portainer

geaves 10. Dezember 2022

Jetzt mitmachen!

Ähnliche Themen

Permissions Error

Tags