artanis/Inanis_Vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ec242f10528261db8d6e5257ae6f61ec87e95497
Inanis_Vault/21-Server Reference/homelab/stacks/gluetun.md

61 lines
2.2 KiB
Markdown
Raw Blame History

# Gluetun (VPN Gateway)
VPN gateway container using Mullvad via WireGuard. Acts as a network proxy for other containers or clients that need to route traffic through the VPN.
## Access
- **HTTP Control Server:** `http://192.168.2.114:8001` (Gluetun management API)
- **HTTP Proxy:** `http://192.168.2.114:8888`
- **Shadowsocks:** `192.168.2.114:8388` (TCP + UDP)
## Containers
| Container | Image | Role |
|---|---|---|
| `gluetun` | `qmcgaw/gluetun:v3` | VPN gateway |
No Tailscale sidecar — this stack is accessed directly on the LAN.
## Compose File
**Path:** `/home/artanis/DockerFiles/gluetun-qbittorent/docker-compose.yaml`
```yaml
services:
gluetun:
image: qmcgaw/gluetun:v3
container_name: gluetun
restart: unless-stopped
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 8001:8000/tcp # HTTP Control Server
- 8888:8888/tcp # HTTP proxy
- 8388:8388/tcp # Shadowsocks
- 8388:8388/udp # Shadowsocks
volumes:
- /home/artanis/DockerFiles/ArrSuite/gluetun:/gluetun
environment:
- VPN_SERVICE_PROVIDER=mullvad
- VPN_TYPE=wireguard
- HTTPPROXY=on
- WIREGUARD_PRIVATE_KEY=<redacted>
- WIREGUARD_ADDRESSES=10.74.136.96/32
- TZ=UTC-06
- SERVER_COUNTRIES=Canada,USA
- DNS_ADDRESS=192.168.2.112
- HTTP_CONTROL_SERVER_ADDRESS=:8000
- FIREWALL_OUTBOUND_SUBNETS=192.168.2.0/24
- UPDATER_PERIOD=24h
```
## Notes
- **VPN Provider:** Mullvad, WireGuard protocol
- **VPN IP:** `10.74.136.96/32` (assigned Mullvad address)
- **Server regions:** Canada and USA
- **DNS:** Routes DNS through `192.168.2.112` (likely the LAN Pihole)
- `FIREWALL_OUTBOUND_SUBNETS=192.168.2.0/24` allows containers using Gluetun as their network to still reach the local LAN
- `UPDATER_PERIOD=24h` — Gluetun automatically refreshes its Mullvad server list every 24 hours
- The stack name is `gluetun-qbittorent`, suggesting qBittorrent was originally planned to run behind this VPN. The qBittorrent service is not currently deployed (only Gluetun is running)
- Config data is bind-mounted to `/home/artanis/DockerFiles/ArrSuite/gluetun` (note: `ArrSuite` directory, suggesting future *arr apps may be planned)
Reference in New Issue View Git Blame Copy Permalink