Hej everyone.
Until now I've used a linux install and vpn software (airvpn and eddie) when sailing the high seas. While this works well enough, there is always room for improvement.
I am in the process of setting up a docker stack which so far contains gluetun/airvpn and qbittorrent. Here is my compose file:
version: "3"
services:
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
cap_add:
- NET_ADMIN
volumes:
- /appdata/gluetun:/gluetun
environment:
- VPN_SERVICE_PROVIDER=airvpn
- VPN_TYPE=wireguard
- WIREGUARD_PRIVATE_KEY=
- WIREGUARD_PRESHARED_KEY=
- WIREGUARD_ADDRESSES=10.188.90.221/32,fd7d:76ee:e68f:a993:63b2:6cc0:fe82:614b/128
- SERVER_COUNTRIES=
- FIREWALL_VPN_INPUT_PORTS=
ports:
- 8070:8070/tcp
- 60858:60858/tcp
- 60858:60858/udp
restart: unless-stopped
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent
network_mode: "service:gluetun"
environment:
- PUID=1000
- PGID=100
- TZ=Europe/Berlin
- WEBUI_PORT=8070
volumes:
- /appdata/qbittorrent/config/:/config
- /data/videos/downloads:/downloads
depends_on:
- gluetun
restart: always
My first problem was related to the ip adress. For some reason, when I use an IPV6 adress, I got this error in gluetun:
2023-10-06T17:30:42Z ERROR VPN settings: Wireguard settings: interface address is IPv6 but IPv6 is not supported: address fd7d:76ee:e68f:a993:63b2:6cc0:fe82:614b/128
Well, I removed that IPV6 and now everything works. Does anyone have a fix? :)
Now for the important part. I tested the setup with a linux iso and to my surprise - everything works. When I used ipleak.net or other websites, these websites only detect the ip from my vpn. Great.
Do I need to take any other precautions? I also bound the network interface tun0 in the qbit webui, just to be sure. When I stop the gluetun container, the webui stops working (as it should, but it is hard to check, if the download also stops). I'm just a bit paranoid because I don't want to pay coin when downloading all the isos my heart desires.
Thank you so much for any input!
What websites do you guys curl from cli to recieve only your own public ip and dns leaks?
myip.wtf/json (gives nice info too)