Geek Answers Handbook

Transfer daemon in a Docker container with port forwarding OpenVPN / privateinternetaccess.com

I experimented with moving my seed box to a Docker container, and I think I'm against the chicken / egg problem:

In the current configuration of the seed box, OpenVPN works (all the Internet goes through a VPN) through privateinternetaccess.com. I have a script ( https://github.com/firecat53/pia_transmission_monitor ) that checks with the PIA for the assigned forwarded port, and then updates the transfer daemon accordingly with the port and bind the address.

The problem is that the assigned forwarded port is checked hourly, and it can change at any time ... and I need to know the port before starting the Docker container, so that I know which ports should go through / from the container. I was about to run OpenVPN inside the container, but, not knowing in advance which port to assign to the container, I'm not sure if this will work.

A very hacky solution could be to launch OpenVPN and another Docker daemon inside one container, and then start the transfer container inside the OpenVPN container. It seems complicated, although I have not tried it yet.

Did I miss something really obvious here? Any other ideas?

Thanks!

Scott

+6
source share
5 answers

I finally managed to get the Transfer and Transfer Daemon in the Docker container through an OpenVPN connection with Privateinternetaccess.com.

Here is the Docker file and various configuration files and scripts needed to complete this work. I am open to any simplifications and / or alternative ways to achieve this! Some notes:

  • OpenVPN requires running a container with the -privileged flag to create a tun0 connection.

  • I could do it right using Pipework along with the bridge on the host to give the container its own IP address on the network.

+2
source

Would it help to set the port assigned by Docker using -p <publicport>:<containerport> ?

For example, assuming the transmission is listening on port 10000 inside the container, you could tell Docker "hey, expose that on port 1234, right?" by running docker run -p 1234:10000 …

0
source

I would look at a common socket proxy that could copy all traffic to / from a dynamically assigned port to the one you are statically using. For instance.

 $ docker run -p 1000 your_container /bin/bash # PORT=$(pia_setup_script) # proxy_command 1000 $PORT

Of course, you can make it more elegant, but what is the general concept

0
source

I am interested in setting up something like this.

If openvpn was running in your container, why do you need to know which port was forwarded in advance? Its not on your main machine, but on your VPN host. On your host computer, you just need to allow outgoing traffic for the VPN connection, the forwarded port will be in the tunnel.

0
source

Something is worth checking on some of the same lines, although the vpn part is missing, which is good by the way. When loops occur, I think someone will add it.

https://github.com/Ohge/Docker-TransHeadCouchRage

0
source

More articles:


All Articles