I am following the guide by Dr. Frankenstein below. When I select PIA on the gluetun site, there isn’t anything about wireguard which is in the config code of the guide. I see OpenVPN on the gluetun page but this guide appears to use wireguard. Am I not able to use PIA with this guide? I am new to this and am really confused.
Glutun dose not support WireGuard on PIA.
You can use PIA via wireguard with gluetun.
You need to set it up as a custom provider. See the docs here: https://github.com/qdm12/gluetun-wiki/blob/main/setup/providers/custom.md
In order to get the info needed for the custom provider config, you need to run some other scripts (not from gluetun) which will essentially configure a wireguard connection on your local machine and save the conf file. The conf file is where you will get the config info to plugin to gluetun. The script can be found here: https://github.com/pia-foss/manual-connections
I can confirm it does work. I was getting at most 11MB via the open vpn connection on gluetun. When I connected via wireguard, I can regularly get 2-3x that speed. Good luck!
You can just use open on, just follow the gluetun wiki on setting up your provider.
This might be not directly related to gluetun.
But easiest way to configure wireguard with PIA and qbitorrent was found in
Should I use another vpn provider? I’m debating just continuing to do everything manually since I’m having a hard time getting this going.
I ended up using AirVPN and have it working with qbitorrent but I couldn’t figure out sonarr, Radarr and the other arrs so I’m just manually added everything but the vpn has been good.
Thinking about getting PIA and was looking into how to get wireguard working for gluetun. With that script, do you just run the git command:
git clone https://github.com/pia-foss/manual-connections.git
cd manual-connections
Then:
sudo VPN_PROTOCOL=wireguard DISABLE_IPV6=yes DIP_TOKEN=no AUTOCONNECT=true PIA_PF=false PIA_DNS=true PIA_USER=p0123456 PIA_PASS=xxxxxxxx PIA_CONNECT=false ./run_setup.sh
It seems that adding the PIA_CONNECT=false argument is supposed to create the config file you can use to get the details for the manual configuration. Am I understanding it right? Did you keep the autoconnect as true or did you replace it with a region preference? Or did you change anything else? I already have gluetun working with another vpn’s custom provider, so it should be pretty simple to replace the relevant field with the new ones from PIA, I think…
Any advice or corrections would be welcome, thanks!
Ok. I’ll check it out. I don’t know anything about openvpn and the guide was using wireguard so I’m not sure if the guide will still work but I’ll try it. Thanks
Is this method safe from ipleaks ?
Hey. Looks mostly correct but happy to review my flow and post the full procedure after work. I am just a DIYer but happy to try and help get you setup.
Thanks and same on the DIYer front. I know enough to make changes, but not enough to know if the changes are right.
Mainly, I’m not sure which variables should be kept or removed, or if there’s anything else I’m missing. Like port forwarding, it’s good to have it for torrents, right? There’s the PIA_PF variable, but do I need to do anything in gluetun? That’s the kind of noise bouncing around in my head.
Here are the steps. Do these on your bare metal OS:
git clone
cd manual-connections
sudo ./run_setup.shhttps://github.com/pia-foss/manual-connections.git
Go through the step by step questions. When done, you will be connected to your VPN via Wireguard on your bare metal OS. A file is generated at /etc/wireguard/pia.conf which will give you the info you need for your environment variables for your docker/compose file.
Here is a sample of my compose file
version: "3"
services:
gluetun:
image: qmcgaw/gluetun
container_name: gluetun
hostname: gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 6881:6881
- 6881:6881/udp
- 8000:8000 # gluetun web server
- 8500:8500 # any other app you want here. eg: qbittorrent
volumes:
- /home/gluetun:/gluetun
restart: always
environment:
- TZ=America/Chicago
- UPDATER_PERIOD=12h
# WIREGUARD SETUP:
# git clone
# cd manual-connections
# sudo ./run_setup.sh
# file generated at /etc/wireguard/pia.conf
# Update Endpoint / Keys / Address from file
# Don't forget to disable the wireguard connection on bare metal OS first of you will have issues connecting: wg-quick down pia
- VPN_SERVICE_PROVIDER=custom #does not change
- VPN_TYPE=wireguard #does not change
- VPN_ENDPOINT_IP=181.214.93.23 #this is the IP of the server you chose w/ the manual connection script
- VPN_ENDPOINT_PORT=1337 #usually does not change but confirm the server you chose uses this port
- WIREGUARD_ADDRESSES=XXX.XXX.XXX.XXX/32 #this is the 'address' generated w/ the manual connection script
#WIREGUARD KEYS:
- WIREGUARD_PUBLIC_KEY=xxxxx
- WIREGUARD_PRIVATE_KEY=xxxxx
That should do it. A few things to note:
This typically works for a few weeks then you have to re-run the script and generate some new keys (and potentially change servers if the server you were using is no longer available.)
Don’t forget to disconnect from wireguard on your bare metal OS before publishing your docker config file – if you are connected on the machine you generated the connection with and your docker host, they will not play nice together.
I don’t do any port forwarding. I connect with gluetun and then i tell my other services to use this network by adding: network_mode: "service:gluetun" - If your apps rely on the gluetun connection, and the gluetun connection breaks, your app connection breaks - I prefer this method as I can be sure if my app is not using public network.
Hope this helps. It took many hours and a lot of trial to get this working. Hopefully those looking to do something similar can find this useful. Feel free to ping me if any other questions.
Hey I just found this and your comment was very very useful. However what I read in gluetun’s wiki is that I need to provide a “WIREGUARD_PRESHARED_KEY” which I cant figure out how to generate since I cant see them in the file the “manual-connections” created
thanks for your instructions i was able to get this to work. However when test the download with qbitorrent for ubuntu iso i am getting very slow speed. around 40/50 KB. my download speed is from ISP is 300 MB. what could be the cause of this?
I’m not sure. I never used a pre shared key. The wiki says it’s optional. I don’t think it’s needed here.
Were you getting faster speed with open vpn? If so, I would try a different server and see if that helps.
Hey Thanks for the quick response. I’ll give it another try today
Didn’t try open vpn yet. But once another download got added both picked up speeds.