Install the app
How to install the app on iOS

Follow along with the video below to see how to install our site as a web app on your home screen.

Note: This feature may not be available in some browsers.

Question VPN but just for 1 docker?

As an Amazon Associate, we may earn commissions from qualifying purchases. Learn more...

295
32
NAS
DS1019+ DSM6
Operating system
  1. Windows
Mobile operating system
  1. iOS
bit of a strange one this, but here goes.
i run xteve in a docker on my NAS for serving IPTV, however as is the norm with some ISPs and IPTV they are getting blocked during certain times, so connecting via a VPN is required to get round it.

the IPTV hosts provides access to a surfshark VPN, but as my IPTV is being served by the NAS i would need to isntall the VPN connection on the NAS, which would then affect all services running on the NAS (dropping my downstream from 220Mbps to around 70Mbps).

is it possible to add the surfshark VPN connection on the NAS but it only apply to the xteve docker and nothing else?
 
Run your xteve docker container with --net=container:nameOfYourVPNContainer. Beforehand have a separate VPN container running that you will use as a gateway with the --net command in your xteve container.
 
i didn't mean running the VPN as a container, i meant adding it using the network settings in the DSM control panel.

it connects as an OpenVPN client connection.
 
I understand that but considering that you need to target a single docker container, why not run a VPN docker container towards Shark and use it as a gateway?

Haven't tried pushing one single docker container under a vpn running on DSM lvl before.
 
makes sense, how would i do that?
this is a little over my pay grade :)
 
Have a look here ilteoood/docker-surfshark and download it from hub

So run this container with your credential and then as the instructions say, run your xteve container by adding --net=container:YourSharVPNContianerName
 
ok i have the vpn container installed, configured, and running.
however, before setting any container to try and use it, how do i confirm that it is connected and running? ie how can see what WAN IP address it has compared to the other containers?
 
ok i have the vpn container installed, configured, and running.
however, before setting any container to try and use it, how do i confirm that it is connected and running? ie how can see what WAN IP address it has compared to the other containers?
Connect to it using the Terminal tab. Run the bash command to get a new window. Then inside it run, curl ifconfig.me command. It should return your current public WAN address that the container has.
 
it seems that vpn container doesn't have bash
 
looks like it might be a DNS issue, as when i do curl <ip address> i get a response with some html code.

looking at the command to link it to a container, it is

sudo docker run -it --net=container:VPN_CONTAINER_NAME TARGET_CONTAINER_NAME /bin/sh

however, is it possible to do this within the docker UI? so that i don't need to start it via a command?
 
after some playing with this, and discussion with the developer, apparently this won't work on a synology NAS.

The container is initially connected to the VPN (as you can see with the message Wed Jul 15 12:25:49 2020 Initialization Sequence Completed), but after the connection can't reach internet because the dedicated device (tun) isn't properly configured.
 
You can configure this ofc, but it will not survive update of DSM. So in a long term it might not be a solution.
 
what would be involved in configuring it?

however, i'm not too sure the devs explanation is correct. if do a curl ifconfig.me then it fails, however if i do a curl <ip address> then i get an html response. wouldn't that suggest that it does have internet access, but it's a DNS issue instead?
 
wouldn't that suggest that it does have internet access, but it's a DNS issue instead?
Correct.

Try and set this docker container from a command line using docker run but add the --dns=8.8.8.8 as a parameter. You can change to whatever public DNS you want. Google dns here was just as example
 
hmmm that didn't seem to work, still getting "could not resolve host"

this is the command i ran to create the container

Code:
sudo docker run -it --cap-add=NET_ADMIN --device /dev/net/tun --name surfshark -e SURFSHARK_USER=************** -e SURFSHARK_COUNTRY=nl -e SURFSHARK_PASSWORD=************** ilteoood/docker-surfshark --dns=8.8.8.8
 
Move dns switch before the variable (user, pass etc). Not sure it will make any difference but give it a go.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Glad you got it sorted. With the ipad info you provided my next through was routing issues and was just...
Replies
8
Views
161
Thanks for your response. So, will this work with my ddns addresses? The reason I ask is because while I...
Replies
2
Views
223
  • Solved
Hi guys, I Just saw your messages. So for me I was able to make matter hub work on host and now I also use...
Replies
9
Views
786

Thread Tags

Tags Tags
docker vpn

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending content in this forum

Back
Top