Hi all,
I’ve been going through a guide by techhut for setting up gluetun, and there’s a small bit of code that he adds in from his github, and I want to understand the implications of using it.
He writes:
When containers are in the same docker compose all you need to add is a network_mode: service:container_name and open the ports through the gluetun container. See example from the compose.yaml below.
And here’s the code: services: gluetun: # This config is for wireguard only tested with AirVPN image: qmcgaw/gluetun container_name: gluetun … ports: - 8888:8112 # deluge web interface - 58846:58846 # deluge RPC deluge: image: linuxserver/deluge:latest container_name: deluge … network_mode: service:gluetun
If you could please explain to me what this means, and if there are any risks associated with this, I would really appreciate it.
I’m using Gluetun via Docker Compose as well right now and can happily say all the ports exposed via the
ports:setting are local network only. I could port forward them via the router probably (haven’t tried) but I only use them for access via LAN. To expose ports over the VPN connection you use theFIREWALL_VPN_INPUT_PORTSenvironment variable. A stripped version of my current compose (example port numbers, not real) with LAN access to6000and WAN access to1234and5678:services: gluetun: image: qmcgaw/gluetun:latest restart: unless-stopped container_name: gluetun cap_add: - NET_ADMIN # in the default compose file i dunno what this does tbh environment: - VPN_SERVICE_PROVIDER=custom - VPN_TYPE=openvpn - OPENVPN_VERSION=<redacted> - OPENVPN_USER=<redacted> - OPENVPN_PASSWORD=<redacted> - OPENVPN_CUSTOM_CONFIG=/gluetun/custom.ovpn - FIREWALL_VPN_INPUT_PORTS=1234,5678 # allows ports through VPN connection - FIREWALL_OUTBOUND_SUBNETS=192.168.0.0/24 # I found that I needed this for certain LAN access ports: - 6000:6000 # port i access via LAN volumes: - /mnt/example/config.ovpn:/gluetun/custom.ovpn