TrueNAS/docker-apps
TrueNAS/docker-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d067d5f1f7
docker-apps/gluetun-bw/gluetun-bw_jm.txt
Chris d067d5f1f7 first commit
2025-04-03 22:57:52 +02:00

101 lines
4.2 KiB
Plaintext
Raw Blame History

https://github.com/qdm12/gluetun-wiki
https://www.youtube.com/watch?v=0F6I03LQcI4
# all services in this project will make use of the gluetun VPN
# project name: gluetun-bw
Create user and group
---------------------
Credentials -> Local Users -> Add
Full Name: gluetun
Username: gluetun
Disable Password: <selected>
Email:
UID: 3029
Create New Primary Group: <selected>
Create Home Directory: <unchecked>
Samba Authentication: <unchecked>
Save
Check Credentials -> Local Groups for GID
Name: gluetun
GID: 3028
gluetun UID: 3029
gluetun GID: 3028
Create datasets
---------------
# In Truenas shell:
# list datasets
zfs list | grep -i "docker.*gluetun-bw"
# create following datasets if not present
zfs create SSD1/docker/data/gluetun-bw
zfs create SSD1/docker/data/gluetun-bw/appdata
chown -R gluetun:gluetun /mnt/SSD1/docker/data/gluetun-bw
Create folder
-------------
# In Truenas shell:
mkdir -p /mnt/SSD1/docker/stacks/gluetun-bw/secrets
Copy folder to docker stacks
----------------------------
# In Windows cmd shell in gluetun-bw folder, enter:
./cp2nas
# or
pscp -P 22 -r stacks/*.* root@192.168.2.2:/mnt/SSD1/docker/stacks/gluetun-bw/
# This should copy gluetun-bw stacks folder to /mnt/SSD1/docker/stacks/gluetun-bw
Creating secrets
----------------
In Truenas shell:
cd /mnt/SSD1/docker/stacks/gluetun-bw/secrets
echo -n 'nordvpn private key' > wireguard_private_key
cd /mnt/SSD1/docker/stacks/gluetun-bw
chown -R gluetun:gluetun secrets/
chmod -R 400 secrets/
Creating user password hash strings for user authorisation using traefik basic-auth
-----------------------------------------------------------------------------------
# If not installed, install htpasswd:
jlmkr shell docker
apt update & apt install apache2-utils
# The user credentials can be applied as a label entry in the compose.yml file or as a line entry in a text file
# When used as a label entry, all '$' needs to be escaped with a second '$'; sed can be used for this purpose:
# To create user list textfile line item
echo $(htpasswd -nB admin) > /opt/stacks/traefik/users/<appname>.txt
# To create string to be used in compose file label
echo $(htpasswd -nB admin) | sed -e s/\\$/\\$\\$/g
# See traefik_jm.txt for more detailed instructions
Check gluetun ip
----------------
# Exec into any of the apps' container using gluetun
docker exec -it <app-container-name> sh
# Check remote ip
curl ifconfig.me # or curl http://whatismyip.akamai.com
Update .env and compose.yml for app
-----------------------------------
# The gluetun .env file requires the following entries for each app using the gluetun VPN, e.g. for firefox:
FIREFOX_APP=firefox
FIREFOX_PORT=3000
# The gluetun compose.yml file requires the following label entries for each app using the gluetun VPN, e.g. for firefox:
#- "traefik.http.middlewares.${FIREFOX_APP}-auth.basicauth.users=${ADMIN_CREDENTIALS}, ${USER_CREDENTIALS}" # uncomment to use common credentials
#- "traefik.http.middlewares.${FIREFOX_APP}-auth.basicauth.usersfile=/mnt/users/${FIREFOX_APP}.txt" # uncomment to use credentials stored in /opt/stacks/traefik/users/<appname>.txt
- "traefik.http.services.${FIREFOX_APP}-gt-svc.loadbalancer.server.port=${FIREFOX_PORT}"
- "traefik.http.routers.${FIREFOX_APP}.entrypoints=web"
- "traefik.http.routers.${FIREFOX_APP}.rule=Host(`${FIREFOX_APP}.${DOMAINNAME}`)&& PathPrefix(`/`)"
- "traefik.http.routers.${FIREFOX_APP}-secure.entrypoints=websecure"
- "traefik.http.routers.${FIREFOX_APP}-secure.rule=Host(`${FIREFOX_APP}.${DOMAINNAME}`)&& PathPrefix(`/`)"
- "traefik.http.routers.${FIREFOX_APP}-secure.tls=true"
- "traefik.http.routers.${FIREFOX_APP}-secure.tls.certresolver=sthomeresolver"
#- "traefik.http.routers.${FIREFOX_APP}-secure.middlewares=${FIREFOX_APP}-auth" # uncomment to use basic-auth; requires one or both of above basicauth middlewares to be uncommented
- "traefik.http.routers.${FIREFOX_APP}-secure.service=${FIREFOX_APP}-gt-svc"
Troubleshooting
---------------
If dockge / docker compose up complains about "parsing /opt/stacks/.../compose.yml: yaml: line ##: did not find expected '-' indicator", where ## is the "labels:" line number in compose.yml:
- look for missing trailing '"' amongst the labels
Reference in New Issue View Git Blame Copy Permalink