mullvadVPN Docker container
Mullvad VPN container for docker. Example on how to setup Transmission with container at the bottom of the page.
Docker container that this relys on
Prerequisites
- Docker installed (I'm using 19.03.8 Desktop on macOS)
- Mullvad account (can be done with other providers, I completed with Mullvad)
Assuming environment is setup and you know drive mount locations.
Step 1: Getting Mullvad configuration .zip file
- Login to account on Mullvad.net
- Visit: OpenVPN configuration file generator on their website
- Select your favorite country and city within that country!
- Under advanced settings: toggle
UDP 53 - Download zip archive, unarchive it into a regular folder, and place within a directory accessable by your Docker containers
- Return to
My accountand click Port forwarding - Choose a city from the country you want to route through from the
Select a citydropdown - Set the
Select a devicedropdown toNo device (only OpenVPN)and click theAdd portgreen button - Make a note of the full new value shown under
ACTIVE PORTS- e.g.nl-ams-59103(country-city-port)
Step 2: Setup docker-compose file
---
version: "3"
services:
openvpn-client:
image: ghcr.io/wfg/openvpn-client # Image on Docker. Shoutout to ghcr.io
container_name: openvpn-client
cap_add:
- NET_ADMIN # Needs to be here
environment:
- KILL_SWITCH=on # Turns off internet access if the VPN connection drops
- FORWARDED_PORTS=nl-ams-59103 # Enter the full value you noted at step 9 above
- SUBNETS=192.168.0.0/24,192.168.1.0/24 # Allows for the service to be accessed through LAN
devices:
- /dev/net/tun
volumes:
- /Volumes/Luigi/docker/mullvadVPN/config/mullvad_config_linux_ch_zrh:/data/vpn
# File unzipped before from Mullvad, it's location. Make sure to keep the ":/data/vpn" part at the end
ports:
- 5665:5665 # Opening port for to access hypothetical Transmission container that would be routing through this VPN
- 1500:1500 # Opening port for other application routing through VPN
restart: unless-stoppedStep 3: Confirming VPN connection is active within container
cdinto folder where thedocker-compose.ymlfor this container is stored- Awaken the beast with
docker-compose up - Let's get jiggy wit that sparkly new container:
- In a new terminal window, find docker container ID
docker ps - Type
docker exec -it <container ID from above> /bin/sh - Now that you're into the shell of your VPN container we're going to check it's public IP
wget -qO- http://ipecho.net/plain | xargs echowill return your container's public IP- Lookup this IP's information to see if it's the same country/city you setup in your docker compose file. I'll let you find a site
- In a new terminal window, find docker container ID
Now go browse the internet from 🇨🇭Switzerland or something
Bonus section: Route other container's connection through this VPN
So you want to allow other containers to use this connection? Ok fine...
Add network_mode: container:openvpn-client to the container's compose file
Add ports: to the VPN's compose file
Hypothetical Transmission example
- Add
network_mode: container:openvpn-clientto docker compose file - Make sure to add ports to VPN docker compose file, like in my example above
- These ports will be the ports required by the application running in the container you're routing through the VPN. Ex: 5665 would be to access the Transmission Web UI in this situation
version: "2.1"
services:
transmission:
image: linuxserver/transmission
container_name: transmission
environment:
- PUID=1000
- PGID=1000
- TZ=America/Denver
volumes:
- <Config location>:/config
- <Download location>:/downloads
- <Watch location>:/watch
network_mode: container:openvpn-client # The addition to add to all containers that you want to route through VPN container
restart: unless-stopped