Docker container with OpenVPN client preconfigured for Proton VPN
This is a multi-arch image, updated automatically thanks to GitHub Actions.
Its purpose is to provide the SurfShark VPN to all your containers.
The link is established using the OpenVPN client.
The container is configurable using the following environment variables:
| Name | Mandatory | Description |
|---|---|---|
| PROTON_USER | Yes | Username provided by Proton VPN |
| PROTON_PASSWORD | Yes | Password provided by Proton VPN |
| PROTON_CONFIG | No | The specific ovpn config file name to use |
| OPENVPN_OPTS | No | Any additional options for OpenVPN |
| LAN_NETWORK | No | Lan network used to access the web ui of attached containers. Can be comma seperated for multiple subnets Comment out or leave blank: example 192.168.0.0/24 |
| CREATE_TUN_DEVICE | No | Creates the TUN device, useful for NAS users |
| ENABLE_MASQUERADE | No | Masquerade NAT allows you to translate multiple IP addresses to another single IP address. |
| ENABLE_KILL_SWITCH | No | Enable the kill-switch functionality |
PROTON_USER and PROTON_PASSWORD are provided at this page.
You can run this image using Docker compose and the sample file provided.
Remember: if you want to use the web gui of a container, you must open its ports on docker-proton as described below.
version: "1"
services:
proton:
image: jrparks/docker-proton
container_name: proton
environment:
- PROTON_USER=YOUR_PROTON_USER
- PROTON_PASSWORD=YOUR_PROTON_PASSWORD
- PROTON_CONFIG=YOUR_CONFIG_FILE_NAME_TO_USE
- LAN_NETWORK=
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
ports:
- 1080:1080 #if you want to use the socks5 server
- 9091:9091 #we open here the port for transmission, as this container will be the access point for the others
restart: unless-stopped
dns:
- 1.1.1.1
service_test:
image: byrnedo/alpine-curl
container_name: alpine
command: -L 'https://ip.me'
depends_on:
- proton
network_mode: service:proton
restart: always
transmission:
image: linuxserver/transmission
container_name: transmission
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Rome
#ports:
#- 9091:9091 needed to access transmission's GUI
network_mode: service:proton
restart: unless-stopped
Or you can use the standard docker run command.
sudo docker run -it --cap-add=NET_ADMIN --device /dev/net/tun --name CONTAINER_NAME -e PROTON_USER=YOUR_PROTON_USER -e PROTON_PASSWORD=YOUR_PROTON_PASSWORD jrparks/docker-protonIf you want to attach a container to the VPN, you can simply run:
sudo docker run -it --net=container:CONTAINER_NAME alpine /bin/shIf you want access to an attached container's web ui you will also need to expose those ports.
The attached container must not be started until this container is up and fully running.
If you face network connection problems, I suggest you to set a specific DNS server for each container.
Alternatively, if your software supports it, you can use the socks5 server embedded in this container. It will redirect your traffic through the Proton VPN.
Sometimes the startup script fails to download OpenVPN configs file from Proton website, possibly due to the DDoS protection on it.
To avoid it, you can provide your own ProtonVPN_server_configs.zip file, downloading it from here There is a download all configurations button.
Make sure you copy the file to the same directory that you have your yml file. The file name should start with the word Proton and end in a .zip. Then it will be automatically extracted and your configuration file of choise will be used. I have included default free VPN config files from Proton however they should be updated prior to use to ensure they are the latest.
