this post was submitted on 25 Jan 2024
29 points (87.2% liked)

Linux

48145 readers
1194 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Hello! I have a free account at hide.me and would like to try to use it with my docker compose containers. The free plan does not give me the keys for openVPN of Wireguard configuration, but only through the official client. I'd like then to create a docker container that runs the official hide.me client inside, and exposes it to other docker containers (like gluetun does, for instance). I'd also like to implement a killswitch or something like that to prevent ip leakage. Is this something easy-medium hard or something very complex? I already have a script that installs and runs the client to enable vpn that should be run at startup, but I miss the "expose the network interface" and the "do not expose it if not connected" (this last part I think is pretty easy with a basic firewall configuration)

any tips/something already done?
thanks in advance!

EDIT: probably crazy idea, but would it be possible to do this in gluetun?

you are viewing a single comment's thread
view the rest of the comments
[–] tubbadu@lemmy.kde.social 4 points 9 months ago* (last edited 9 months ago) (2 children)

isn't it an entire OS? I only need to bind the internet traffic of my container to the ones I want doing something like network_mode: container:myhidemecontainer in docker compose

[–] h3ndrik@feddit.de 6 points 9 months ago* (last edited 9 months ago) (1 children)

I think something like gluetun is more suited than a whole OS.

But i don't know the specifics of hide.me

[–] tubbadu@lemmy.kde.social 3 points 9 months ago (1 children)

Hide.me free tier does not allow unofficial clients (they doesn't give you the wireguard keys) otherwise I'd use gluetun for sure!

[–] h3ndrik@feddit.de 1 points 9 months ago* (last edited 9 months ago) (1 children)

Fair enough. I got confused by their FAQ. They say Wireguard is supported on their free plan. But there is no config available with the keys, so you have to use their client to connect.

I recently registered an account and wanted to do something similar. Guess it isn't that easy then. Another possibility is to use protonvpn.com they also offer a free tier and you can connect any Wireguard client with that.

Or you switch protocols and use for example IKEv2 with strongswan or OpenVPN or whatever hide.me offers in addition to wireguard. I think gluetun also does OpenVPN. But hide.me isn't listed for some reason.

[–] tubbadu@lemmy.kde.social 2 points 9 months ago (1 children)

I used to use proton vpn but I recently learned that torrenting is not allowed on the free tier, so I had to look for alternatives, and none of them offers a free tier with openvpn or wireguard keys that allows torrenting :(

[–] h3ndrik@feddit.de 2 points 9 months ago* (last edited 9 months ago)

Ah, well I just learned about the existence of free vpn services. I'm going to use it to set up a free guest wifi, so the neighbors, guests (and I) can do whatever with it. But I also struggle with the setup. It's complicated to get the wireguard interface set up, the guest wifi isolated and set up the split routing and everything so the different wifis on the router forward the traffic over different services.

[–] library_napper@monyet.cc 2 points 9 months ago

The risk if human error is too high. Docker isn't designed for security. What you want is Qubes. Its destined to do these things.