Docker-openvpn-client, lets containers use VPN (opens in new tab)

(github.com)

19 pointsjupiterelastica3y ago4 comments

4 comments

I use this method for nested VPN connections. At work I have one VPN for main stuff and then once on that I connect to another one for more secure access. The workflow is Windows centered so typical users will RDP to the secure edge and then go from there, but on a Mac and attempting to SSH to machines was kludgy running from a separate desktop. I run openvpn to connect and use tinyproxy to catch web traffic (I have a separate browser with the proxy address set in it). Love the solution, it even passes MFA.

MakiXx3y ago

I've been doing this with Wireguard and Mullvad VPN for containers hosting users that can't always be trusted. E.g. low latency shared desktop with browser. I've had people watch pirated content on my servers without my knowledge.

xrd3y ago

Not with this container though, right? I would love to know how you are doing it. This was my first thought when reading about this project: "Sure, that's cool, but what about wireguard?"

audron3y ago

I have a similar setup with rtorrent and wireguard for torrenting: https://gitlab.com/cocainefarm/containers/rtorrent

You need to have an wireguard kernel support on the host ofc, but else you only need wireguard-tools in the container and can use a wg-quick config like usual.

Also with podman or k8s you don't even need it integrated into one container, as all containers in a pod share the same network namespace, so you can have one container running your workload and another one running the VPN.

j / k navigate · click thread line to collapse