Gluetun VPN client

⚠️ This and gluetun-wiki are the only websites for Gluetun, other websites claiming to be official are scams ⚠️

💁 You can optionally set BORINGPOLL_GLUETUNCOM=on to... poll that scammy AI slop website every few minutes so it costs them too much to keep it up. My gentle email reminders to take it down are being grossly ignored 🤷 This would make me very happy and serve this community.

Lightweight swiss-army-knife-like VPN client to multiple VPN service providers

Quick links

• Setup

• Features

• Problem?

  • Check the Wiki common errors and faq
  • Start a discussion
  • Fix the Unraid template

• Suggestion?

  • Create an issue

• Happy?

  • Sponsor me on github.com/sponsors/qdm12
  • Donate to paypal.me/qmcgaw
  • Drop me an email

• Want to add a VPN provider? check the development page and add a provider page

• Video:

  

• Substack Console interview

Features

• Based on Alpine 3.23 for a small Docker image of 43.1MB
• Supports: AirVPN, Cyberghost, ExpressVPN, FastestVPN, Giganews, HideMyAss, IPVanish, IVPN, Mullvad (Wireguard only), NordVPN, Perfect Privacy, Privado, Private Internet Access, PrivateVPN, ProtonVPN, PureVPN, SlickVPN, Surfshark, TorGuard, VPNSecure.me, VPNUnlimited, Vyprvpn, Windscribe servers
• Supports OpenVPN for all providers listed
• Supports Wireguard both kernelspace and userspace
  • For AirVPN, FastestVPN, Ivpn, Mullvad, NordVPN, Perfect privacy, ProtonVPN, Surfshark and Windscribe
  • For Cyberghost, Private Internet Access, PrivateVPN, PureVPN, Torguard, VPN Unlimited and VyprVPN using the custom provider
  • For custom Wireguard configurations using the custom provider
  • More in progress, see #134
• Supports AmneziaWG only with the custom provider for now
• DNS over TLS baked in with service provider(s) of your choice
• DNS fine blocking of malicious/ads/surveillance hostnames and IP addresses, with live update every 24 hours
• Choose the vpn network protocol, udp or tcp
• Built in firewall kill switch to allow traffic only with needed the VPN servers and LAN devices
• Built in Shadowsocks proxy server (protocol based on SOCKS5 with an encryption layer, tunnels TCP+UDP)
• Built in HTTP proxy (tunnels HTTP and HTTPS through TCP)
• Connect other containers to it
• Connect LAN devices to it
• Compatible with amd64, i686 (32 bit), ARM 64 bit, ARM 32 bit v6 and v7, and even ppc64le 🎆
• Custom VPN server side port forwarding for Perfect Privacy, Private Internet Access, PrivateVPN and ProtonVPN
• Possibility of split horizon DNS by selecting multiple DNS over TLS providers
• Can work as a Kubernetes sidecar container, thanks @rorph

Setup

🎉 There are now instructions specific to each VPN provider with examples to help you get started as quickly as possible!

Go to the Wiki!

🐛 Found a bug in the Wiki?!

Here's a docker-compose.yml for the laziest:

---
services:
  gluetun:
    image: qmcgaw/gluetun
    # container_name: gluetun
    # line above must be uncommented to allow external containers to connect.
    # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
    volumes:
      - /yourpath:/gluetun
    environment:
      # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
      - VPN_SERVICE_PROVIDER=ivpn
      - VPN_TYPE=openvpn
      # OpenVPN:
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      # Wireguard:
      # - WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU=
      # - WIREGUARD_ADDRESSES=10.64.222.21/32
      # Timezone for accurate log times
      - TZ=
      # Server list updater
      # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list
      - UPDATER_PERIOD=

🆕 Image also available as ghcr.io/qdm12/gluetun

Fun graphs

License