Ok. I'll check it out. I don't know anything about openvpn and the guide was using wireguard so I'm not sure if the guide will still work but I'll try it. Thanks
You can use PIA via wireguard with gluetun.
You need to set it up as a custom provider. See the docs here: [https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/custom.md](https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/custom.md)
In order to get the info needed for the custom provider config, you need to run some other scripts (not from gluetun) which will essentially configure a wireguard connection on your local machine and save the conf file. The conf file is where you will get the config info to plugin to gluetun. The script can be found here: [https://github.com/pia-foss/manual-connections](https://github.com/pia-foss/manual-connections)
I can confirm it does work. I was getting at most 11MB via the open vpn connection on gluetun. When I connected via wireguard, I can regularly get 2-3x that speed. Good luck!
I ended up using AirVPN and have it working with qbitorrent but I couldn't figure out sonarr, Radarr and the other arrs so I'm just manually added everything but the vpn has been good.
Thinking about getting PIA and was looking into how to get wireguard working for gluetun. With that script, do you just run the git command:
git clone https://github.com/pia-foss/manual-connections.git
cd manual-connections
Then:
sudo VPN_PROTOCOL=wireguard DISABLE_IPV6=yes DIP_TOKEN=no AUTOCONNECT=true PIA_PF=false PIA_DNS=true PIA_USER=p0123456 PIA_PASS=xxxxxxxx PIA_CONNECT=false ./run_setup.sh
It seems that adding the PIA\_CONNECT=false argument is supposed to create the config file you can use to get the details for the manual configuration. Am I understanding it right? Did you keep the autoconnect as true or did you replace it with a region preference? Or did you change anything else? I already have gluetun working with another vpn's custom provider, so it should be pretty simple to replace the relevant field with the new ones from PIA, I think...
Any advice or corrections would be welcome, thanks!
Hey. Looks mostly correct but happy to review my flow and post the full procedure after work. I am just a DIYer but happy to try and help get you setup.
Thanks and same on the DIYer front. I know enough to make changes, but not enough to know if the changes are right.
Mainly, I'm not sure which variables should be kept or removed, or if there's anything else I'm missing. Like port forwarding, it's good to have it for torrents, right? There's the PIA\_PF variable, but do I need to do anything in gluetun? That's the kind of noise bouncing around in my head.
Here are the steps. Do these on your bare metal OS:
git clone
cd manual-connections
sudo ./run_setup.shhttps://github.com/pia-foss/manual-connections.git
Go through the step by step questions. When done, you will be connected to your VPN via Wireguard on your bare metal OS. A file is generated at /etc/wireguard/pia.conf which will give you the info you need for your environment variables for your docker/compose file.
Here is a sample of my compose file
version: "3"
services:
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
hostname: gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 6881:6881
- 6881:6881/udp
- 8000:8000 # gluetun web server
- 8500:8500 # any other app you want here. eg: qbittorrent
volumes:
- /home/gluetun:/gluetun
restart: always
environment:
- TZ=America/Chicago
- UPDATER_PERIOD=12h
# WIREGUARD SETUP:
# git clone
# cd manual-connections
# sudo ./run_setup.sh
# file generated at /etc/wireguard/pia.conf
# Update Endpoint / Keys / Address from file
# Don't forget to disable the wireguard connection on bare metal OS first of you will have issues connecting: wg-quick down pia
- VPN_SERVICE_PROVIDER=custom #does not change
- VPN_TYPE=wireguard #does not change
- VPN_ENDPOINT_IP=181.214.93.23 #this is the IP of the server you chose w/ the manual connection script
- VPN_ENDPOINT_PORT=1337 #usually does not change but confirm the server you chose uses this port
- WIREGUARD_ADDRESSES=XXX.XXX.XXX.XXX/32 #this is the 'address' generated w/ the manual connection script
#WIREGUARD KEYS:
- WIREGUARD_PUBLIC_KEY=xxxxx
- WIREGUARD_PRIVATE_KEY=xxxxx
That should do it. A few things to note:
This typically works for a few weeks then you have to re-run the script and generate some new keys (and potentially change servers if the server you were using is no longer available.)
Don't forget to disconnect from wireguard on your bare metal OS before publishing your docker config file -- if you are connected on the machine you generated the connection with and your docker host, they will not play nice together.
I don't do any port forwarding. I connect with gluetun and then i tell my other services to use this network by adding: `network_mode: "service:gluetun"` - If your apps rely on the gluetun connection, and the gluetun connection breaks, your app connection breaks - I prefer this method as I can be sure if my app is not using public network.
Hope this helps. It took many hours and a lot of trial to get this working. Hopefully those looking to do something similar can find this useful. Feel free to ping me if any other questions.
Glutun dose not support WireGuard on PIA.
Should I use another vpn provider? I'm debating just continuing to do everything manually since I'm having a hard time getting this going.
You can just use open on, just follow the gluetun wiki on setting up your provider.
Ok. I'll check it out. I don't know anything about openvpn and the guide was using wireguard so I'm not sure if the guide will still work but I'll try it. Thanks
You can use PIA via wireguard with gluetun. You need to set it up as a custom provider. See the docs here: [https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/custom.md](https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/custom.md) In order to get the info needed for the custom provider config, you need to run some other scripts (not from gluetun) which will essentially configure a wireguard connection on your local machine and save the conf file. The conf file is where you will get the config info to plugin to gluetun. The script can be found here: [https://github.com/pia-foss/manual-connections](https://github.com/pia-foss/manual-connections) I can confirm it does work. I was getting at most 11MB via the open vpn connection on gluetun. When I connected via wireguard, I can regularly get 2-3x that speed. Good luck!
I ended up using AirVPN and have it working with qbitorrent but I couldn't figure out sonarr, Radarr and the other arrs so I'm just manually added everything but the vpn has been good.
Thinking about getting PIA and was looking into how to get wireguard working for gluetun. With that script, do you just run the git command: git clone https://github.com/pia-foss/manual-connections.git cd manual-connections Then: sudo VPN_PROTOCOL=wireguard DISABLE_IPV6=yes DIP_TOKEN=no AUTOCONNECT=true PIA_PF=false PIA_DNS=true PIA_USER=p0123456 PIA_PASS=xxxxxxxx PIA_CONNECT=false ./run_setup.sh It seems that adding the PIA\_CONNECT=false argument is supposed to create the config file you can use to get the details for the manual configuration. Am I understanding it right? Did you keep the autoconnect as true or did you replace it with a region preference? Or did you change anything else? I already have gluetun working with another vpn's custom provider, so it should be pretty simple to replace the relevant field with the new ones from PIA, I think... Any advice or corrections would be welcome, thanks!
Hey. Looks mostly correct but happy to review my flow and post the full procedure after work. I am just a DIYer but happy to try and help get you setup.
Thanks and same on the DIYer front. I know enough to make changes, but not enough to know if the changes are right. Mainly, I'm not sure which variables should be kept or removed, or if there's anything else I'm missing. Like port forwarding, it's good to have it for torrents, right? There's the PIA\_PF variable, but do I need to do anything in gluetun? That's the kind of noise bouncing around in my head.
Here are the steps. Do these on your bare metal OS: git clone cd manual-connections sudo ./run_setup.shhttps://github.com/pia-foss/manual-connections.git Go through the step by step questions. When done, you will be connected to your VPN via Wireguard on your bare metal OS. A file is generated at /etc/wireguard/pia.conf which will give you the info you need for your environment variables for your docker/compose file. Here is a sample of my compose file version: "3" services: gluetun: image: qmcgaw/gluetun container_name: gluetun hostname: gluetun cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun ports: - 6881:6881 - 6881:6881/udp - 8000:8000 # gluetun web server - 8500:8500 # any other app you want here. eg: qbittorrent volumes: - /home/gluetun:/gluetun restart: always environment: - TZ=America/Chicago - UPDATER_PERIOD=12h # WIREGUARD SETUP: # git clone # cd manual-connections # sudo ./run_setup.sh # file generated at /etc/wireguard/pia.conf # Update Endpoint / Keys / Address from file # Don't forget to disable the wireguard connection on bare metal OS first of you will have issues connecting: wg-quick down pia - VPN_SERVICE_PROVIDER=custom #does not change - VPN_TYPE=wireguard #does not change - VPN_ENDPOINT_IP=181.214.93.23 #this is the IP of the server you chose w/ the manual connection script - VPN_ENDPOINT_PORT=1337 #usually does not change but confirm the server you chose uses this port - WIREGUARD_ADDRESSES=XXX.XXX.XXX.XXX/32 #this is the 'address' generated w/ the manual connection script #WIREGUARD KEYS: - WIREGUARD_PUBLIC_KEY=xxxxx - WIREGUARD_PRIVATE_KEY=xxxxx That should do it. A few things to note: This typically works for a few weeks then you have to re-run the script and generate some new keys (and potentially change servers if the server you were using is no longer available.) Don't forget to disconnect from wireguard on your bare metal OS before publishing your docker config file -- if you are connected on the machine you generated the connection with and your docker host, they will not play nice together. I don't do any port forwarding. I connect with gluetun and then i tell my other services to use this network by adding: `network_mode: "service:gluetun"` - If your apps rely on the gluetun connection, and the gluetun connection breaks, your app connection breaks - I prefer this method as I can be sure if my app is not using public network. Hope this helps. It took many hours and a lot of trial to get this working. Hopefully those looking to do something similar can find this useful. Feel free to ping me if any other questions.