Skip to content

vpn.md

Latest commit

 

History

History
64 lines (57 loc) · 2.74 KB

vpn.md

File metadata and controls

64 lines (57 loc) · 2.74 KB

stashapp VPN proxy setup

tl;dr

find your provider and set up your docker-compose.yml accordingly

do NOT use network_mode: "service: gluetun"

services:
  stash:
    environment:
      - HTTP_PROXY="http://gluetun:8888"
  gluetun:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=STASHAPP_GLUETUN_WIREGUARD_PRIVATE_KEY_0000=
      - SERVER_COUNTRIES=Netherlands
      - HTTPPROXY=on
      - HTTPPROXY_STALTH=on
  cdp:
    container_name: cdp
    image: docker.io/chromedp/headless-shell:latest
    network_mode: "service:gluetun"

Shut down stash and add proxy: http://gluetun:8888 to your stash's config.yml

Add your cdp address as http://gluetun:9222/json/version

Detailed Guide

Tip

ProtonVPN free is not actually recommended since it only has servers in the Netherlands, Japan, Romania, Poland and the US. Canada is recommended for people in the US since it's geographically close and lacks most geo-blocks

  1. Follow the steps in the gluetun wiki for your provider of choice
  2. Set up gluetue accordingly but add support for the HTTP proxy (docs)
services:
...
  gluetun:
    image: qmcgaw/gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      - VPN_SERVICE_PROVIDER=protonvpn
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=STASHAPP_GLUETUN_WIREGUARD_PRIVATE_KEY_0000=
      - SERVER_COUNTRIES=Netherlands
      - HTTPPROXY=on
      - HTTPPROXY_STALTH=on
...

a. We do not add network_mode: "service: gluetun" since it uses port 9999 for healthchecks. This complicates the networking in general.

  1. Shut down your stash instance and add proxy: http://gluetun:8888 to your config.yml file. This is unfortunately not supported in environment variables
  2. As an extra precaution, add HTTP_PROXY="http://gluetun:8888" to your environment variables so that any script that respects it also uses gluetun
  3. CDP does not take in proxy variables easily so it's easier just to pass it through to gluetun. Add network_mode: "service:gluetun". This will forward all traffic in and out through gluetun, so you'll have to update your CDP address to reflect this. Instead of connecting to cdp, connect to gluetun at the same port 9222