TelepathicWalrus

joined 1 year ago

Help with selfhosted wireguard routed through gluetun (lemmy.world)

submitted 1 year ago by [email protected] to c/[email protected]

3 comments fedilink

Hi there,

I wish to run a wireguard docker through a glueton docker so that i can access my paid vpn from my own server. This is what i want:

client -> wireguard docker(selfhosted) -> gluetun docker(connected to paid VPN) -> internet

I have posted before with this issue but still cannot get it to work as expected. I am not sure if there is issues with the wireguard docker not being able to route back through from gluetun as it is trying to force traffic through the tunnel.

Any help would be much appreciated.

docker-compose.yml:

services:
  gluetun_test:
    image: qmcgaw/gluetun
    container_name: gluetun_test
    cap_add:
      - NET_ADMIN
    ports:
      - "5010:5000"
      - "5011:8000"
     # Port of the WireGuard VPN server
      - "36843:36843/udp"
    environment:
      - VPN_SERVICE_PROVIDER=custom
      - VPN_TYPE=wireguard
      - WIREGUARD_PUBLIC_KEY=
      - WIREGUARD_PRIVATE_KEY=
      - VPN_ENDPOINT_IP=ip
      - VPN_ENDPOINT_PORT=port
      - WIREGUARD_ADDRESSES="10.2.0.2/32"

  wireguard:
    image: linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ./wireguard/config:/config
#    ports:
      # Port for WireGuard-UI
#      - "5010:5000"
      # Port of the WireGuard VPN server
#      - "36843:36843/udp"
    network_mode: service:gluetun_test
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1

wg0.conf

# Address updated at:     2023-07-08 18:51:31.120262753 +0000 UTC
# Private Key updated at: 2023-05-09 18:59:02.233090133 +0000 UTC
[Interface]
Address = 10.252.1.0/24
ListenPort = 36843
PrivateKey = 
MTU = 1450
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Table =

[Peer]
PublicKey = 
PresharedKey = 
AllowedIPs = 10.252.1.1/24

Looking to chain multiple VPNs with docker (lemmy.world)

submitted 1 year ago by [email protected] to c/[email protected]

1 comments fedilink

I have a paid external vpn(Nordvpn using gluetun) and am currently hosting my own wireguard vpn on my server through docker. is there a way to get the traffic from my selfhosted vpn to tunnel through my paid vpn? This is my docker-compose file atm.

services:
  gluetun_test:
    image: qmcgaw/gluetun
    container_name: gluetun_test
    cap_add:
      - NET_ADMIN
    ports:
      - "5010:5000"
      # Port of the WireGuard VPN server
      - "36843:36843/udp"
    environment:
      - VPN_SERVICE_PROVIDER=nordvpn
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=redacted
      - SERVER_COUNTRIES=United Kingdom

  wireguard:
    image: linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ./wireguard/config:/config
#    ports:
      # Port for WireGuard-UI
#      - "5010:5000"
      # Port of the WireGuard VPN server
#      - "36843:36843/udp"
    network_mode: service:gluetun_test

wg0.conf

[Interface]
Address = 10.252.1.0/24
ListenPort = 36843
PrivateKey = redacted
MTU = 1450
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Table =

Any help would be great! Thanks!