Hello! I have a free account at hide.me and would like to try to use it with my docker compose containers. The free plan does not give me the keys for openVPN of Wireguard configuration, but only through the official client. I’d like then to create a docker container that runs the official hide.me client inside, and exposes it to other docker containers (like gluetun does, for instance). I’d also like to implement a killswitch or something like that to prevent ip leakage. Is this something easy-medium hard or something very complex? I already have a script that installs and runs the client to enable vpn that should be run at startup, but I miss the “expose the network interface” and the “do not expose it if not connected” (this last part I think is pretty easy with a basic firewall configuration)

any tips/something already done?
thanks in advance!

EDIT: probably crazy idea, but would it be possible to do this in gluetun?

  • knfrmity@lemmygrad.ml
    link
    fedilink
    arrow-up
    4
    ·
    11 months ago

    Building images is easy enough. It’s pretty similar to how you’d install or compile software directly on the host. Just write a Dockerfile that runs the hide.me install script. I found this repo and image which may work for you as is or as a starting point.

    When you run the image as a container you can set it up as the network gateway, just find a tutorial on how to set up a Wireguard container and replace Wireguard with your hide.me container.

    In terms of kill switches you’d have to see how other people have done it, but it’s not impossible.

    • tubbadu@lemmy.kde.socialOP
      link
      fedilink
      arrow-up
      4
      ·
      11 months ago

      I found this repo and image which may work for you as is or as a starting point.

      Wow I completely missed this one! This is exactly what I was planning to do! I actually installed the original repo because I’m not on arm, and it seem to work very well! I have to do a few tests to check if the killswitch actually works

      thank you very very much!

      • knfrmity@lemmygrad.ml
        link
        fedilink
        arrow-up
        2
        ·
        11 months ago

        I didn’t even look to see if the one I linked was a fork. I’m glad it works!

        A cool thing about Dockerfiles is that they’re usually architecture agnostic. I think the one I linked is as well, meaning that the architecture is only locked in when the image is built for a specific one. In this case the repo owner probably only built it for arm machines, but a build for x86_64 should work as well.