2 minute reading time
Instead of configuring multiple containers to use a VPN, we can setup a VPN container and route the other containers traffic through this container. This post will outline how to do that with dperson’s OpenVPN Container.
I’m a huge fan of docker-compose, so here we go:
version: "3.3" services: openvpn-client: image: dperson/openvpn-client cap_add: - net_admin security_opt: - label:disable container_name: openvpn-client hostname: openvpn-client environment: - PUID=1000 - PGID=1000 volumes: - /dev/net:/dev/net:z - /volumes/openvpn-client/vpn/:/vpn restart: always
net_admin capability according to the documentation “perform various network-related operations”. This would make sense since an additional network interface is configured for a VPN connection. The
label:disable definition is to disable label confinement.
In this setup, you will need to put the
.ovpn profile that you wish to connect to under the
(Optional) Username/Password Setup
In the event you need a username and password to connect, create a file called
pass.txt in the same directory as your ovpn profile. The file
pass.txt will contain the username in the first line and the password in the second line. Then in your ovpn profile make sure you have a line that says
Routing Traffic through VPN
Let’s say your ISP throttles torrent connections and you want to route your
qBittorrent container so that you can download Linux distributions faster. Here’s how you can define it in the docker-compose file.
qbittorrent: image: linuxserver/qbittorrent container_name: qbittorrent environment: - PUID=1000 - PGID=1000 - UMASK_SET=022 - WEBUI_PORT=8000 volumes: - /volumes/qbittorrent/config:/config - /volumes/qbittorrent/downloads:/downloads network_mode: service:openvpn-client restart: always
Sadly as of the time of writing, routing a container’s traffic makes it lose its ability to belong to a network. I knocked into this when I tried accessing the qBittorrent API. So for the sake of example, if you want to connect to qbittorrent, you need to route the traffic to the openvpn-client container at port 8000 which we specified earlier to be the webui port of qbittorrent.