Application Request: gluetun about umbrel-apps HOT 2 OPEN

You would have to make a frontend for gluetun config or a gotty container and then you would still have to restart the gluetun container after the credentials were added, meaning the frontend would need access to docker.sock. Also every app you want tunneled through you would need to make edits to their compose files.

Your best bet is to add a service to the main umbrel compose at ${UMBREL_ROOT}/docker-compose.yml, for example:

  vpn:
    container_name: vpn
    image: qdm12/gluetun
    cap_add:
      - net_admin
    devices:
      - /dev/net/tun:/dev/net/tun
    # No ipv6 for Mullvad
    #sysctls:
    #- net.ipv6.conf.all.disable_ipv6=0
    environment:
    #- OPENVPN_IPV6=on
    - VPN_SERVICE_PROVIDER=mullvad
    - VPN_TYPE=wireguard
    - WIREGUARD_PRIVATE_KEY=
    - WIREGUARD_ADDRESSES=
    - SERVER_COUNTRIES=USA
    - SERVER_CITIES=Los Angeles CA
    - FIREWALL_VPN_INPUT_PORTS=
    - UPDATER_PERIOD=24h
    ports:
      - 6380:6380
      - 4443:4443
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 51413:51413     # Transmission
      - 51413:51413/udp # Transmission
    restart: unless-stopped
    volumes:
      - ${PWD}/gluetun:/gluetun
    networks:
      default:

add the ports for the apps you want tunneled like I listed for Transmission.
Then edit the transmission compose file at app-data/transmission/docker-compose.yml so it looks like this:

version: "3.7"

services:
  app_proxy:
    environment:
      APP_HOST: transmission_server_1
      APP_PORT: 9091

  server:
    image: linuxserver/transmission:version-3.00-r5@sha256:f0b885f211dd6fde7b64f0d6b9e5931929cfc2331fb83d6f3171e412f22b3f87
    environment:
      - PUID=1000
      - PGID=1000
      - PEERPORT=51413
    volumes:
      - ${APP_DATA_DIR}/data/config:/config
      - ${UMBREL_ROOT}/data/storage/downloads:/downloads
    #ports:
    #  - 51413:51413
    #  - 51413:51413/udp
    restart: on-failure
    network_mode: "service:vpn"
    depends_on:
      - vpn

If your using Mullvad you can get a port from them and then update the ports for transmission otherwise you will be able to download but no one will be able to connect to you i.e. can't seed.
Also It's possible you'll leak your IP as Transmission doesn't let you specifically set your Network Interface to Tun

You can check this using:
https://ipleak.net/

This would all be erased with an umbrel update or Transmission update.

Tbh, if you really wanted to torrent from your Umbrel I would just use qbit and a quick and dirty way would be to replace transmissions compose file with this:

version: "3.7"
services:

services:
  app_proxy:
    environment:
      APP_HOST: transmission_server_1
      APP_PORT: 9091

  server:
    image: linuxserver/qbittorrent:latest
    stop_grace_period: 1m
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Los_Angeles
      - WEBUI_PORT=9091
    volumes:
      - ${APP_DATA_DIR}/data/config:/config
      - ${UMBREL_ROOT}/data/storage/downloads:/downloads
    #ports:
    #  - 51413:51413
    #  - 51413:51413/udp
    restart: unless-stopped
    network_mode: "service:vpn"
    depends_on:
      - vpn

Then under Advanced tab in qbit setting set Network Interface to Tun0, in order to make sure you don't leak your IP and under the Connections tab set your port to 51413 unless your acquired one from your VPN so you can seed properly and also editted the vpn container ports

Or setup glutun on it's own docker network outside of the umbrel stack, then do this for each app you want to add:
docker network connect --alias vpn_gateway gluetun_network transmission_server_1
docker exec -it transmission_server_1 bash
ip route del default
ip route add default via vpn_gateway

FYI, I haven't tried any of this but it should work.

from umbrel-apps.

What is the correct way to allow users to set secrets to be passed to the app via env variables? In this case users need to set VPN credentials that are passed to the container via env variables.

from umbrel-apps.