WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

1.2K

Links

  • Want to add a VPN provider? check and

Features

  • Based on Alpine 3.18 for a small Docker image of 35.6MB
  • Supports: AirVPN, Cyberghost, ExpressVPN, FastestVPN, HideMyAss, IPVanish, IVPN, Mullvad, NordVPN, Perfect Privacy, Privado, Private Internet Access, PrivateVPN, ProtonVPN, PureVPN, SlickVPN, Surfshark, TorGuard, VPNSecure.me, VPNUnlimited, Vyprvpn, WeVPN, Windscribe servers
  • Supports OpenVPN for all providers listed
  • Supports Wireguard both kernelspace and userspace
    • For AirVPN, Ivpn, Mullvad, NordVPN, Surfshark and Windscribe
    • For ProtonVPN, PureVPN, Torguard, VPN Unlimited and WeVPN using
    • For custom Wireguard configurations using
    • More in progress, see
  • DNS over TLS baked in with service provider(s) of your choice
  • DNS fine blocking of malicious/ads/surveillance hostnames and IP addresses, with live update every 24 hours
  • Choose the vpn network protocol, udp or tcp
  • Built in firewall kill switch to allow traffic only with needed the VPN servers and LAN devices
  • Built in Shadowsocks proxy (protocol based on SOCKS5 with an encryption layer, tunnels TCP+UDP)

- Built in HTTP proxy (tunnels HTTP and HTTPS through TCP)

- Compatible with amd64, i686 (32 bit), ARM 64 bit, ARM 32 bit v6 and v7, and even ppc64le 🎆

  • Possibility of split horizon DNS by selecting multiple DNS over TLS providers
  • Unbound subprogram drops root privileges once launched
  • Can work as a Kubernetes sidecar container, thanks

Setup

There are now to help you get started as quickly as possible!

Example

Remember to change the volumes to whatever paths you want to use

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun:latest
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    environment:
      - FIREWALL_OUTBOUND_SUBNETS=192.168.1.0/24
      - HTTPPROXY=on
      - HTTPPROXY_LOG=on
      - HTTPPROXY_STEALTH=on
      - BLOCK_MALICIOUS=off
      - BLOCK_SURVEILLANCE=off
      - BLOCK_ADS=off
      - DOT=on
      - VPN_SERVICE_PROVIDER=protonvpn
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      - SERVER_COUNTRIES="United States"
      - TZ=America/Detroit
    ports:
      - 8888:8888       # http proxy
      - 8900:8000       # http control
      - 8111:8080       # qbittorrent
      - 6881:6881       # qbittorrent
      - 6881:6881/udp   # qbittorrent
      - 9117:9117       # jackett
    volumes:
      - ./gluetun:/gluetun
    network_mode: bridge
    restart: unless-stopped

  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Detroit
      - WEBUI_PORT=8080
    volumes:
      - ./qbittorrent/config:/config
      - ./qbittorrent/downloads:/downloads
    network_mode: 'service:gluetun'
    restart: unless-stopped
    depends_on:
      - gluetun

  jackett:
    image: lscr.io/linuxserver/jackett:latest
    container_name: jackett
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Detroit
    volumes:
      - ./jackett/config:/config
      - ./qbittorrent/downloads:/downloads
    network_mode: 'service:gluetun'
    restart: unless-stopped
    depends_on:
      - gluetun

Image also available as ghcr.io/qdm12/gluetun

## Links - [Wiki](https://github.com/qdm12/gluetun-wiki) - [Common Errors](https://github.com/qdm12/gluetun-wiki/tree/main/errors) - [Discussions](https://github.com/qdm12/gluetun/discussions) - [Fix the Unraid template](https://github.com/qdm12/gluetun/discussions/550) - [Create an issue](https://github.com/qdm12/gluetun/issues) - **Want to add a VPN provider?** check [the development page](https://github.com/qdm12/gluetun-wiki/blob/main/contributing/development.md) and [add a provider page](https://github.com/qdm12/gluetun-wiki/blob/main/contributing/add-a-provider.md) ## Features - Based on Alpine 3.18 for a small Docker image of 35.6MB - Supports: **AirVPN**, **Cyberghost**, **ExpressVPN**, **FastestVPN**, **HideMyAss**, **IPVanish**, **IVPN**, **Mullvad**, **NordVPN**, **Perfect Privacy**, **Privado**, **Private Internet Access**, **PrivateVPN**, **ProtonVPN**, **PureVPN**, **SlickVPN**, **Surfshark**, **TorGuard**, **VPNSecure.me**, **VPNUnlimited**, **Vyprvpn**, **WeVPN**, **Windscribe** servers - Supports OpenVPN for all providers listed - Supports Wireguard both kernelspace and userspace - For **AirVPN**, **Ivpn**, **Mullvad**, **NordVPN**, **Surfshark** and **Windscribe** - For **ProtonVPN**, **PureVPN**, **Torguard**, **VPN Unlimited** and **WeVPN** using [the custom provider](https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/custom.md) - For custom Wireguard configurations using [the custom provider](https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/custom.md) - More in progress, see [#134](https://github.com/qdm12/gluetun/issues/134) - DNS over TLS baked in with service provider(s) of your choice - DNS fine blocking of malicious/ads/surveillance hostnames and IP addresses, with live update every 24 hours - Choose the vpn network protocol, `udp` or `tcp` - Built in firewall kill switch to allow traffic only with needed the VPN servers and LAN devices - Built in Shadowsocks proxy (protocol based on SOCKS5 with an encryption layer, tunnels TCP+UDP) - Built in HTTP proxy (tunnels HTTP and HTTPS through TCP) - [Connect other containers to it](https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md) - [Connect LAN devices to it](https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-lan-device-to-gluetun.md) - Compatible with amd64, i686 (32 bit), **ARM** 64 bit, ARM 32 bit v6 and v7, and even ppc64le 🎆 - [Custom VPN server side port forwarding for Private Internet Access](https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/private-internet-access.md#vpn-server-port-forwarding) - Possibility of split horizon DNS by selecting multiple DNS over TLS providers - Unbound subprogram drops root privileges once launched - Can work as a Kubernetes sidecar container, thanks @rorph ## Setup There are now [instructions specific to each VPN provider with examples](https://github.com/qdm12/gluetun-wiki/tree/main/setup/providers) to help you get started as quickly as possible! [Here's a docker-compose.yml for the laziest](https://github.com/qdm12/gluetun/blob/master/README.md#setup) ## Example Remember to change the volumes to whatever paths you want to use ``` version: "3" services: gluetun: image: qmcgaw/gluetun:latest container_name: gluetun cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun environment: - FIREWALL_OUTBOUND_SUBNETS=192.168.1.0/24 - HTTPPROXY=on - HTTPPROXY_LOG=on - HTTPPROXY_STEALTH=on - BLOCK_MALICIOUS=off - BLOCK_SURVEILLANCE=off - BLOCK_ADS=off - DOT=on - VPN_SERVICE_PROVIDER=protonvpn - OPENVPN_USER= - OPENVPN_PASSWORD= - SERVER_COUNTRIES="United States" - TZ=America/Detroit ports: - 8888:8888 # http proxy - 8900:8000 # http control - 8111:8080 # qbittorrent - 6881:6881 # qbittorrent - 6881:6881/udp # qbittorrent - 9117:9117 # jackett volumes: - ./gluetun:/gluetun network_mode: bridge restart: unless-stopped qbittorrent: image: lscr.io/linuxserver/qbittorrent:latest container_name: qbittorrent environment: - PUID=1000 - PGID=1000 - TZ=America/Detroit - WEBUI_PORT=8080 volumes: - ./qbittorrent/config:/config - ./qbittorrent/downloads:/downloads network_mode: 'service:gluetun' restart: unless-stopped depends_on: - gluetun jackett: image: lscr.io/linuxserver/jackett:latest container_name: jackett environment: - PUID=1000 - PGID=1000 - TZ=America/Detroit volumes: - ./jackett/config:/config - ./qbittorrent/downloads:/downloads network_mode: 'service:gluetun' restart: unless-stopped depends_on: - gluetun ``` Image also available as `ghcr.io/qdm12/gluetun`

(post is archived)