DelugeVpn with Flexget - Also Q24 applied to Portainer

[ostracizado]

I'm having some problems trying to connect flexget to delugevpn. (Error 111)

Searching through the documentation I found this:

A24. In order to route an application(s) through an existing VPN container you would do the following steps:-

Container to route through VPN

Left click icon and 'Edit' container and toggle advanced view (top right).
In 'Extra Parameters' enter --net=container:<vpn container name>.
Go to 'Network Type' and select 'none'.
Write down the ports defined and then remove all ports (no ports required as we will be accessing it via the vpn container).
Click on 'Apply'.
Container running VPN

Left click icon and 'Edit' container and toggle advanced view (top right).
Click on 'Add another Path, Port, Variable, Label or Device' and add in a 'config type' of 'port'.
Enter in the applications Web UI port for 'container port' from your list taken earlier in step 4. above and any non conflicting port number for 'Host Port' (host port must not be used by another container).
Edit 'VPN_INPUT_PORTS' env var and put applications Web UI port number in the 'value', if multiple ports required then use a comma to separate.
Click on 'Apply'.
Notes

Please keep in mind that when defining connections from an application to another application in the same VPN container network that you will need to set the host to 'localhost' and NOT the LAN IP address, this is because the applications are now bound to the same network and thus should communicate over 'localhost' and NOT the unRAID host IP address.

The order of containers starting is now important, the VPN container must start first in order for the other container(s) to route through it, ordering can be changed in the unRAID Web UI by dragging the containers up and down, the unRAID Web UI shows the start order in descending order.

The "Extra Parameters" where I could add "--net=container:", I believe, are applied to unRAID. In Portainer what would be the best approach?

Could I add a new ENV as "ExtraParams=--net=container:binhex-delugevpn"?

[OneWeekNotice]

Hello,

I just figured this out myself after quite a bit of research. Will provide a explanation with extra additional information afterwards for anyone else reading this 😄

This will cover binhex faq for vpn Q24, Q25 and Q26 which as you know deals with connecting other containers through binhex/arch-delugevpn

Edit: I'm unsure how to do this through Portainer GUI manually. The below is using Portainer Stacks. You can copy and paste docker compose files and docker compose env files under the Stacks section in Portainer

Explanation with examples

You are correct Extra Parameters is just for unRAID. For docker CLI / docker compose and Portainer (which as you know is a GUI for docker CLI/ docker compose); you will need to add a --network (docker cli) / netowrk_mode (docker compose)

Sample Docker compose - note this is only a sample with the parts you need to make this work. it is not the full docker compose

binhex/arch-delugevpn example - docker compose

#Note: This is a separate docker compose file for binhex/arch-delugevpn. More information in additional information section

services:
   delugevpn:
    image: binhex/arch-delugevpn:latest
    container_name: delugevpn
     environment:
        - VPN_INPUT_PORTS=${FlexgetPort}
       ports:
          # ports of other applications that need VPN
          #Note: I use file env vars to ensure the ports are all the same and there is no typo
           - ${FlexgetPort}:${FlexgetPort}

#env var file for docker compose for binhex/arch-delugevpn. Note this is an example port
FlexgetPort=8989

Other application example - docker compose

#Note: This is a separate docker compose file. I will only be using Flexget name to display the connection between the two docker compose files

services:
  flexget:
       container_name: flexget
      #this is equivalent to unRAID "Extra Parameters" "--net=container:<vpn container name>"
       network_mode: container:delugevpn
      #this comment is to show that no ports are needed. will pass through delugevpn VPN_INPUT_PORTS.
        #ports:
        #    - '8989:8989'

Additional Information

• The reason we are using two different docker composes wherebinhex/arch-delugevpn is separate from the other applications that need VPN is because binhex/arch-delugevpn needs to have fully started up before any other container that relies on it
  • If you want the same docker compose, then you can use docker depends on and health check
  • I decided to not do this because I didn't want a consistent health check pinging my container, thus I put it in a separate docker compose so I can control/ confirm that the binhex/arch-delugevpn started before I start any other service that relies on it
• Different with unRAID, docker CLI and docker compose which includes Portainer
  • unRAID has a very specific and easy to use GUI when it comes to docker containers. Extra Parameters is needed in unRAID because that is the specific way to add any additional fields like network and ports to the docker container
  • With docker CLI this is done with an extra parameter to the docker command
  • --net is an older parameter to add a network to the docker container
  • the newer way is --network
  • Example: --network=container:<container_name>
  • With docker compose, network is added through the network_mode as shown in the example
  • Example: network_mode: container:<container_name>

Hope that helps!