this post was submitted on 20 Oct 2023
1 points (100.0% liked)

Self-Hosted Main

515 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

Hi there, I hope somebody can help me out with this, because I've done some research already but either I have come across dead links or I haven't understood what I was reading.

I have a bunch of docker containers running behind Nginx Proxy Manager and I have pi-hole with unbound set up as dns server for ad-blocking and also to resolve "mydomain.tld" to my local server ip (I have a hard time remembering ips/ports).

Some containers are publicly available for convenience, the rest aren't but I'd still like to have some or all of them behind a VPN so I can access them from outside my local network and it would be great if I could also set the pi-hole as the dns server for the VPN.

Long story short, I don't want to route all of the traffic behind the VPN, just specific containers.

All of them are running on ubuntu server with no VMs, it's a small homelab, nothing fancy.

How can I do this?

top 4 comments
sorted by: hot top controversial new old
[–] NikStalwart@alien.top 1 points 1 year ago (1 children)

Look into Docker Networks.

You just create a VPN Network, and then attach containers to that network that need to go through that VPN.

With VPN containers things can be more funky, where you don't so much use a Network but rather you use "network mode" to copy the network mode of the VPN container, but you get the picture.

[–] Heas_Heartfire@alien.top 1 points 1 year ago

Hey, thanks for your input. I tried doing that but couldn't get it working this way, probably because I'm not really sure of what I'm doing. Please take a look at my edit.

[–] Proximus88@alien.top 1 points 1 year ago

Install wireguard, easy to install with pivpn or docker container.

Then just change these settings in the client config.

Let's assume your pi hole ip is 192.168.1.10

DNS servers:
192.168.1.10
Allowed IPs
192.168.0.0/16

So only your local IPs will go through the VPN. The DNS will be like you are on your LAN and you can access all your domain.tld services without exposing them to the internet.

[–] tquinnelly@alien.top 1 points 1 year ago

I did just this for a while.

Use a docker image that has a VPN built into it like `binhex-privoxyvpn`

Once that container is up and running, tell your new container to use that as it's network.

docker run --network=container:privoxyvpn blah, blah.