We’ll have grafana traffic routed through the VPN.Ĭontainer_name: 'wireguard' build. The best way to see this in action is through a docker compose file. When the script exits, it brings down the VPN.I have a cool trick later on with port forwarding. But don’t use the example provided in wg-quick as that will block traffic from the host (192.168.1.x) to the containers. A more efficient kill switch would integrate with ip tables to ensure that all traffic is routed via the VPN.This is the same endpoint that the dynamic dns client, ddclient, uses. Every minute we check to see what our IP address is from.# Every minute we check to our IP address while ] do sleep 60 ĭone echo " $(date ) : VPN IP address not detected" VPN_IP = $(grep -Po 'Endpoint\s=\s\K*' /etc/wireguard/nf ) function finish # If our container is terminated or interrupted, we'll be tidy and bring down # the vpn trap finish TERM INT We’re going to create a Wireguard container and link all desired containers to this Wireguard container.įirst we’re going to create a Wireguard Dockerfile: If you’re familiar with the openvpn client trick then this will look familiar. This post assumes that one has already set up working wireguard servers, and will focus only on client side. Below I’ll describe my solution that doesn’t resort to VMs and doesn’t require modification to any docker images. Several sets of these containers need to route traffic through different VPNs. Scenario: You have a host running many Docker containers. Leaning on Algo to route Docker traffic through Wireguard (most recent and consolidates the previous articels).Routing Select Docker Containers through Wireguard VPN.This image is officially supported on Docker version 1.12, with support for older versions provided on a best-effort basis.Routing Select Docker Containers through Wireguard VPN Published on: March 29, 2018 Also, the datetime format needs to be escaped as shown above (suing two %). Note that for the logo.jpg to be readable, you need to bind-mount it or pass an URL instead. Now OpenVPN Monitor should be accessible via. e OPENVPNMONITOR_SITES_1_HOST=openvpn-udp \ e OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True \ e OPENVPNMONITOR_SITES_0_HOST=openvpn-udp \ e OPENVPNMONITOR_DEFAULT_MAPSHEIGHT=500 \ e OPENVPNMONITOR_DEFAULT_LONGITUDE=144 \ e OPENVPNMONITOR_DEFAULT_LOGO=logo.jpg \ e OPENVPNMONITOR_DEFAULT_DATETIMEFORMAT="%%d/%%m/%%Y" \ So a minimal and accessible, yet non-functional, version of OpenVPN Monitor can be reduced to: This ensures compatibility of this image with future versions of OpenVPN monitor without too much maintenance. Everything else must be set and there is no whitelist of property names. The datetime_format defaults to %d/%m/%Y %H:%M:%S if none is provided. For this reason, the location of the geoip_data file is hardcoded in the configuration file. See example below.īy default, GeoIP is automatically available (no additional download step is required). Note: if property contains underscores, like datetime_format and show_disconnect, you must pass those properties without the underscore. OPENVPNMONITOR_SITES_: populates each site section.OPENVPNMONITOR_DEFAULT_: populates the global section.The environment variable are organized into two groups: ![]() All settings of OpenVPN Monitor can be dynamically configured via environment variables (thanks to confd) without having to create a new image or bind-mounting the configuration file.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |