this post was submitted on 04 May 2024
56 points (96.7% liked)

Selfhosted

40296 readers
311 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I saw an appreciation post for Gluetun on here in the last couple of weeks. I'd set it up before my server died and I had to reinstall everything, but then gone for the easy method when I was reinstalling.

So my easy method install had a VM as a server running Plex and Docker and a second VM with Mullvad installed running anything that needed a VPN in Docker.

Yesterday I opened up a program behind the VPN and it wasn't working again. I had to restart the VM to get it going and it annoyed me. So before work I set up Gluetun.

I had previously used this walkthrough https://youtu.be/9dJPOd0XbN8 so I went back to it, looked in the notes and found his GitHub, then his docker compose under Torrent-VPN.

I stole his initial Gluetun config and the qBittorrent part, but then went into Portainer and took all my running containers and added them to the file. I took the ports out of each compose file and added the "network mode" and "depends on Gluetun" bits from the qBittorrent part of his config and added them to each compose file I added to the file.

Then the ports I had removed I added to the Gluetun part of his compose file.

Downloaded a config file for Mullvad and added the IP and private Key to the Gluetun compose.

Then launch the stack and it worked.

Now for the Gotchas. I had to go into Portainer to get the IP address that the whole stack used. This IP address was required to get containers talking to each other. If you need Sonarr to connect to Prowlarr it needs this IP address.

Also the downloader (he uses qBittorrent and I used RDT client) needed to be mapped using "localhost" for each container and the port

But other than those Gotchas it was quite easy and I managed to get everything set up an hour after finishing work. This was because I just used backups of my already running containers and restored them in the new ones, then edited the bits that had changed (IP addresses in my Gotchas)

The upside is that I'm now only using the one VM, meaning I've saved 4gb of RAM.

I can use that ram for something else now. Nextcloud? Immich?

Hope this helps someone else.

top 19 comments
sorted by: hot top controversial new old
[–] whyNotSquirrel@sh.itjust.works 23 points 6 months ago (1 children)

I might not be the only one not knowing what gluetun was so here's the repo:

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.

https://github.com/qdm12/gluetun

[–] Lifebandit666@feddit.uk 4 points 6 months ago (1 children)

Thanks for that, yeah it's kinda integral to an appreciation post, what is it exactly.

So what Gluetun has done has replaced all the messing around with VPNs for me. Rather than having a specific VM for VPN tasks running using Mullvads app, I can now run the VPN stuff in my VM that was previously just for clearnet things at the same time as those things, without the additional app.

I've just deleted the app and containers in the VPN VM and am repurposing it for trying out new things in Docker. Current project is Nextcloud AIO, which I'm failing at for now.

[–] ikidd@lemmy.world 2 points 6 months ago (1 children)

What's your issue with NC AIO? Maybe I can help, I've been running it since nearly inception.

[–] Lifebandit666@feddit.uk 1 points 6 months ago (1 children)

Honestly I just think it's my general ability. I couldn't get the Docker Compose file to work in Portainer. But in all seriousness I don't think I need NC, I was just interested in what it offers.

[–] ikidd@lemmy.world 1 points 6 months ago

I'm not sure how well docker-in-docker would work via portainer. Maybe it does, I've not tried it.

I would just do it from a folder you set up yourself and drop the docker-compose.yml in it, and go. If you want to share your dockercompose I can see if I notice a problem. I remember having to get over a couple issues at the time, but it's been a while and can't remember them offhand.

I think NC is worth setting up, but YMMV.

[–] HauntingScience@programming.dev 4 points 6 months ago* (last edited 6 months ago) (2 children)

I’ve had some level of success using “gluetun” as the host of the container you want to hit, for any container outside of gluetun’s network mode.

Then, for those that are sharing the gluetun network, they can communicate using their regular hostname but using the internal port instead of the published one.

Out of all my containers behind gluetun I have only one that hasn’t been able to connect with anything but IPs

[–] Lifebandit666@feddit.uk 1 points 5 months ago

I've just come back to this comment to get sabnzbd running, thanks again

[–] Lifebandit666@feddit.uk 1 points 6 months ago

Nice thanks for this, maybe useful when I finally get out of this carpark lol

[–] WeirdGoesPro@lemmy.dbzer0.com 2 points 6 months ago (1 children)

I was the original appreciator! Gluetun is life! Gluetun is truth! Gluetun is the way!

[–] Lifebandit666@feddit.uk 1 points 6 months ago

It's all your fault!

[–] djvinniev77@lemmy.ca 2 points 6 months ago (1 children)

That's awesome. I'm going to have to read this all carefully and set up my own stack. I also use rdt, but in some cases you need qbittorrent (I don't think rdt handles music?) Anyway, good job and thanks

[–] Lifebandit666@feddit.uk 1 points 6 months ago (1 children)

I use RDT for Lidarr too. I've had qbt set up in the past and may even do it again but for now it's fine for everything I need.

[–] djvinniev77@lemmy.ca 1 points 6 months ago

Hmm. I thought debrid didn't handle audio but I guess they do... I'm going to have a look.. thank you!

[–] sailingbythelee@lemmy.world 2 points 6 months ago (1 children)

Gluetun is the bomb. You don't realize how much automated tracking of the torrent-verse is out there until your VPN connection drops unexpectedly and your torrent client continues merrily downloading in the clear. Gluetun is a fantastic killswitch and has never failed me. All hail the developer.

[–] Lifebandit666@feddit.uk 2 points 6 months ago

Good to hear. I guess the advantage is this way my containers rely upon Gluetun to work, so if it stops working, the whole stack stops working.

[–] Decronym@lemmy.decronym.xyz 1 points 6 months ago* (last edited 5 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
DNS Domain Name Service/System
IP Internet Protocol
SSL Secure Sockets Layer, for transparent encryption
TLS Transport Layer Security, supersedes SSL
VPN Virtual Private Network

[Thread #736 for this sub, first seen 4th May 2024, 12:35] [FAQ] [Full list] [Contact] [Source code]

[–] PipedLinkBot@feddit.rocks 1 points 6 months ago

Here is an alternative Piped link(s):

https://piped.video/9dJPOd0XbN8

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] bpeak@mastodon.social 0 points 6 months ago (1 children)

@Lifebandit666 How reliable is the killswitch of Gluetun? I read that killswitches sometimes fail so it is better to bind to a network interface who is only routed to work through the VPN.

Does that risk exist with Gluetun?

[–] Lifebandit666@feddit.uk 1 points 6 months ago

I honestly do not know as I've never had it fail, it is a valid concern. I did have you asking about the kill switch while someone else commented to say the kill switch is great so it seems I should get you together https://lemmy.world/comment/9851407