cross-posted from: https://lemmy.world/post/426190

I am running Ubuntu Server with Plex, qBittorrent-Nox, and CyberGhost. I want to route qBittorrent through the CyberGhost VPN, but not Plex.

I have never used Docker, but from what I gather online, it seems like the containers operate like little VM’s for compartmentalization and resource allocation. If that is correct, would I be able to put qBittorrent-Nox and CyberGhost into the same docker container to route qBittorrent-Nox through the VPN while Plex runs outside the VPN in its own snap?

Thanks for the help!

  • abeltramo@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    You can use a container that includes a vpn client like others mentioned OR you can have a container that uses the network of another container!

    The basic idea is that you have a single openvpn/wireguard container and then you route all the other containers to use that network, see this stackoverflow post for more info.

    The only downside of this solution is that you have to open the ports that you need in the vpn container.

  • ipkpjersi@lemmy.one
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    What I do on mine is rent a cheap VPS with unlimited bandwidth, I run OpenVPN server on that VPS using Nyr’s openvpn-install script and then on my local seedbox server I connect to my OpenVPN server. I have qbittorrent-nox listening on the tun0 interface, and then on my OpenVPN server VPS I have an iptables prerouting rule to route traffic from the inbound torrent port to my local seedbox server, essentially port-forwarding over the VPN using the iptables prerouting DNAT rule. I also only seed on private trackers, since I don’t use public trackers.

    It’s a very nice setup, I’d recommend it. I might do a full write-up some time about it.

  • animist@lemmy.one
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I have the opposite on my torrentbox. I only use it for torrenting with transmission-daemon. I have everything behind a vpn except my ssh port. Had to use iptables to separate it. I wonder if you can use iptables to make a separate network profile just for the torrent port and put everything else on the default network?

  • LaggyKar@programming.dev
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Never heard of CyberGhost before. Does its Linux client not support split tunneling? Many VPN clients do, which lets you route only certain programs though them.

    A Docker container seems like overkill, it can be accomplished with a network namespace. There is a bit written about it here: https://volatilesystems.org/wireguard-in-a-separate-linux-network-namespace.html, though that doesn’t include how to set up the Wireguard config (which depends on the VPN).