I honestly can’t get my head around this. I have a machine with Linux (endeavouros), and docker with a few containers. Since I want all the traffic from this system to go through the VPN, do I need to set up gluetun? I think not, but I am not 100% sure…
It’s convenient if you want to see gluetun up as the only way a container (say, your torrenting container) can get to the open net, in the interest of avoiding getting directly pinged by DMCA rats. That way, if the VPN goes down, your torrent client isn’t just downloading stuff nakedly. Also, if you want to set up different VPN connections for different containers, it’s pretty easy to set a handful of replica containers for that too.
You always just bind the torrent client to the VPN adapter so this doesn’t happen. Most modern clients have this (qBittorrent certainly does)
Oh yeah you can do it that way too, but if you want it all containerized, that’s roughly how to do it. That’s all I meant.
All of that can be achieved with simple systemd or iptables/routes tweaks. You can force all outgoing traffic to use the VPN interface via routes (meaning if it doesn’t exist or doesn’t work nothing will be able to access the internet) OR use systemd globally hide the non-VPN network interface from all software except for the VPN client.
Well sure, but the question was about gluetun, so I was trying to focus on that and the applications thereof. In terms of homelab stuff, I know a lot of people appreciate the containerized approach.
What I said applies to containerized setups as well. Same logic, just managed in a slightly different way.
Fair; I blame target fixation