GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → bubuntux → nordvpn

bubuntux / nordvpn

Licence: AGPL-3.0 License
NordVpn Docker Client

Programming Languages

shell
77523 projects
Dockerfile
14818 projects

Labels

linuxdockeropenvpnarmdocker-imagex86-64containervpnvpn-clientarmv7arm64wireguardnordvpn386nordlynx

Projects that are alternatives of or similar to nordvpn

desktop-app-ui
Official IVPN Desktop app (legacy version)
Stars: ✭ 23 (-95.16%)
Mutual labels:  openvpn, vpn, vpn-client, wireguard
alpine-qbittorrent-openvpn
qBittorrent docker container with OpenVPN client running as unprivileged user on alpine linux
Stars: ✭ 230 (-51.58%)
Mutual labels:  openvpn, arm, armv7, arm64
split-vpn
A split tunnel VPN script for Unifi OS routers (UDM, UXG, UDR) with policy based routing.
Stars: ✭ 589 (+24%)
Mutual labels:  openvpn, vpn, vpn-client, wireguard
desktop-app-daemon
Official IVPN Desktop app (service)
Stars: ✭ 34 (-92.84%)
Mutual labels:  openvpn, vpn, vpn-client, wireguard
alpine-php-fpm
Lightweight and optimised PHP-FPM (PHP 7.4, 8.0, 8.1) Docker images with essential extensions on top of latest Alpine Linux.
Stars: ✭ 53 (-88.84%)
Mutual labels:  arm, x86-64, armv7, arm64
desktop-app-ui2
IVPN Desktop app
Stars: ✭ 19 (-96%)
Mutual labels:  openvpn, vpn, vpn-client, wireguard
desktop-app-cli
Official IVPN command-line interface (CLI)
Stars: ✭ 18 (-96.21%)
Mutual labels:  openvpn, vpn, vpn-client, wireguard
desktop-app
Official IVPN Desktop app
Stars: ✭ 141 (-70.32%)
Mutual labels:  openvpn, vpn, vpn-client, wireguard
netmaker
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Stars: ✭ 4,147 (+773.05%)
Mutual labels:  openvpn, vpn, wireguard
Capstone.NET
.NET Core and .NET Framework binding for the Capstone Disassembly Framework
Stars: ✭ 108 (-77.26%)
Mutual labels:  arm, x86-64, arm64
killswitch-windows
VPN kill switch for windows.
Stars: ✭ 22 (-95.37%)
Mutual labels:  openvpn, vpn, vpn-client
tensorflow-serving-arm
TensorFlow Serving ARM - A project for cross-compiling TensorFlow Serving targeting popular ARM cores
Stars: ✭ 75 (-84.21%)
Mutual labels:  arm, armv7, arm64
discolix
distroless arm docker images
Stars: ✭ 22 (-95.37%)
Mutual labels:  arm, armv7, arm64
Openvpn3 Linux
OpenVPN 3 Linux client
Stars: ✭ 186 (-60.84%)
Mutual labels:  openvpn, vpn, vpn-client
Vpngate With Proxy
vpn gate client for linux, be able to connect to open vpn server through proxy
Stars: ✭ 150 (-68.42%)
Mutual labels:  openvpn, vpn, vpn-client
topvpn.github.io
Top VPN in China (mainland) 在全球(含中國大陆)好用的国外优质付费vpn推荐
Stars: ✭ 27 (-94.32%)
Mutual labels:  vpn, vpn-client, nordvpn
iosvpn.github.io
iPhone和iOS 翻墙梯子VPN推荐,2022中国苹果手机iPhone翻墙软件和科学上网避坑指南,稳定梯子推荐。
Stars: ✭ 72 (-84.84%)
Mutual labels:  vpn, vpn-client, nordvpn
Mullvadvpn App
The Mullvad VPN client app for desktop and mobile
Stars: ✭ 1,953 (+311.16%)
Mutual labels:  openvpn, vpn, wireguard
Nordvpn Networkmanager
A CLI tool for automating the importing, securing and usage of NordVPN (and in the future, more) OpenVPN servers through NetworkManager.
Stars: ✭ 111 (-76.63%)
Mutual labels:  openvpn, vpn, vpn-client
iit-kgp-network
Information repository and Solutions on IIT KGP Internet Problems.
Stars: ✭ 28 (-94.11%)
Mutual labels:  openvpn, vpn, wireguard
View All Similar Projects ➔


Official NordVPN client in a docker container; it makes routing traffic through the NordVPN network easy.

How to use this image

This container was designed to be started first to provide a connection to other containers (using --net=container:vpn, see below Starting an NordVPN client instance).

NOTE: More than the basic privileges are needed for NordVPN. With Docker 1.2 or newer, Podman, Kubernetes, etc. you can use the --cap-add=NET_ADMIN,NET_RAW option. Earlier versions, or with fig, and you'll have to run it in privileged mode.

Starting an NordVPN instance

docker run -ti --cap-add=NET_ADMIN,NET_RAW --name vpn \
           -e [email protected] -e PASS='pas$word' \
           -e TECHNOLOGY=NordLynx -d ghcr.io/bubuntux/nordvpn

Once it's up other containers can be started using its network connection:

docker run -it --net=container:vpn -d other/docker-container

docker-compose example

version: "3"
services:
  vpn:
    image: ghcr.io/bubuntux/nordvpn
    cap_add:
      - NET_ADMIN               # Required
      - NET_RAW                 # Required
    environment:                # Review https://github.com/bubuntux/nordvpn#environment-variables
      - [email protected]     # Required
      - "PASS=pas$word"         # Required
      - CONNECT=United_States
      - TECHNOLOGY=NordLynx
      - NETWORK=192.168.1.0/24  # So it can be accessed within the local network
    ports:
      - 8080:8080
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=1  # Recomended if using ipv4 only
  torrent:
    image: ghcr.io/linuxserver/qbittorrent
    network_mode: service:vpn
    depends_on:
      - vpn
      
# The torrent service would be available at http://localhost:8080/ 
# or anywhere inside of the local network http://192.168.1.xxx:8080

docker-compose example using reverse proxy

version: "3"
services:
  proxy:
    image: traefik:v2.4         # Review traefik documentation https://doc.traefik.io/traefik/ 
    container_name: traefik
    command:
      - --api.insecure=true
      - --providers.docker=true
      - --providers.docker.exposedbydefault=false
      - --entrypoints.web.address=:80
    ports:
      - 80:80
      - 8080:8080
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: unless-stopped
  vpn:
    image: ghcr.io/bubuntux/nordvpn
    cap_add:
      - NET_ADMIN               # Required
      - NET_RAW                 # Required
    environment:                # Review https://github.com/bubuntux/nordvpn#environment-variables
      - [email protected]     # Required
      - "PASS=pas$word"         # Required
      - CONNECT=United_States
      - TECHNOLOGY=NordLynx
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=1  # Recomended if using ipv4 only
  torrent:
    image: ghcr.io/linuxserver/qbittorrent
    network_mode: service:vpn
    labels:
      - traefik.enable=true
      - traefik.http.services.torrent.loadbalancer.server.port=8080
      - traefik.http.routers.torrent.rule=Host(`custom-host`)
    depends_on:
      - vpn
      
# Make sure that custom-host resolves to the ip address of the server 
# for example /etc/hosts contains 127.0.0.1  custom-host
# the torrent service would be available at http://custom-host

docker-compose example using reverse proxy with TLS

version: "3"
services:
  proxy:
    image: traefik:v2.4             # Review traefik documentation https://doc.traefik.io/traefik/ 
    container_name: traefik
    command:
      - --api.insecure=true
      - --providers.docker=true
      - --providers.docker.exposedbydefault=false
      - --entrypoints.web.address=:80
      - --entrypoints.web.http.redirections.entrypoint.to=websecure
      - --entrypoints.websecure.address=:443
      - --entrypoints.websecure.http.tls.certresolver=letsencrypt
      - --certificatesresolvers.letsencrypt.acme.tlschallenge=true
      - [email protected] # Replace with your email
      - --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
    ports:
      - 80:80
      - 443:443
      - 8080:8080
    volumes:
      - ./letsencrypt:/letsencrypt
      - /var/run/docker.sock:/var/run/docker.sock:ro
    restart: unless-stopped
  domain:
    image: ghcr.io/linuxserver/duckdns   # Review doc https://github.com/linuxserver/docker-duckdns
    container_name: duckdns
    environment:
      - TOKEN=ABCDFEG                    # Required
      - SUBDOMAINS=domain1,domain2       # Required
    restart: unless-stopped
  media:
    image: ghcr.io/linuxserver/plex
    container_name: plex
    labels:
      - traefik.enable=true
      - traefik.http.services.media.loadbalancer.server.port=32400
      - traefik.http.routers.media.rule=Host(`myplex.duckdns.org`)   # Replace with your domain
    devices:
      - /dev/dri:/dev/dri
    restart: unless-stopped
  vpn:
    image: ghcr.io/bubuntux/nordvpn
    container_name: nordvpn
    cap_add:
      - NET_ADMIN               # Required
      - NET_RAW                 # Required
    environment:                # Review https://github.com/bubuntux/nordvpn#environment-variables
      - [email protected]     # Required
      - "PASS=pas$word"         # Required
      - CONNECT=United_States
      - TECHNOLOGY=NordLynx
      - WHITELIST=showrss.info,rarbg.to,yts.mx
     sysctls:
      - net.ipv6.conf.all.disable_ipv6=1  # Recomended if using ipv4 only
  torrent:
    image: ghcr.io/linuxserver/qbittorrent
    container_name: qbittorrent
    network_mode: service:vpn
    depends_on:
      - vpn
    labels:
      - traefik.enable=true
      - traefik.http.services.torrent.loadbalancer.server.port=8080
      - traefik.http.routers.torrent.rule=Host(`mytorrent.duckdns.org`) # Replace with your domain
    restart: unless-stopped
    
# Make sure that you can access your server from the internet
# for example configure dmz on your router
# the torrent service would be available at https://mytorrent.duckdns.org

ENVIRONMENT VARIABLES

  • USER - User for NordVPN account.
  • PASS - Password for NordVPN account, surrounding the password in single quotes will prevent issues with special characters such as $.
  • PASSFILE - File from which to get PASS, if using docker secrets this should be set to /run/secrets/<secret_name>. This file should contain just the account password on the first line.
  • CONNECT - [country]/[server]/[country_code]/[city]/[group] or [country] [city], if none provide you will connect to the recommended server.
    • Provide a [country] argument to connect to a specific country. For example: Australia , Use docker run --rm ghcr.io/bubuntux/nordvpn nordvpn countries to get the list of countries.
    • Provide a [server] argument to connect to a specific server. For example: jp35 , Full List
    • Provide a [country_code] argument to connect to a specific country. For example: us
    • Provide a [city] argument to connect to a specific city. For example: 'Hungary Budapest' , Use docker run --rm ghcr.io/bubuntux/nordvpn nordvpn cities [country] to get the list of cities.
    • Provide a [group] argument to connect to a specific servers group. For example: P2P , Use docker run --rm ghcr.io/bubuntux/nordvpn nordvpn groups to get the full list.
    • --group value Specify a server group to connect to. For example: '--group p2p us'
  • PRE_CONNECT - Command to execute before attempt to connect.
  • POST_CONNECT - Command to execute after successful connection.
  • CYBER_SEC - Enable or Disable. When enabled, the CyberSec feature will automatically block suspicious websites so that no malware or other cyber threats can infect your device. Additionally, no flashy ads will come into your sight. More information on how it works: https://nordvpn.com/features/cybersec/.
  • DNS - Can set up to 3 DNS servers. For example 1.1.1.1,8.8.8.8 or Disable, Setting DNS disables CyberSec.
  • FIREWALL - Enable or Disable.
  • OBFUSCATE - Enable or Disable. When enabled, this feature allows to bypass network traffic sensors which aim to detect usage of the protocol and log, throttle or block it (only valid when using OpenVpn).
  • PROTOCOL - TCP or UDP (only valid when using OpenVPN).
  • TECHNOLOGY - Specify Technology to use (NordLynx by default):
    • OpenVPN - Traditional connection.
    • NordLynx - NordVpn wireguard implementation (3x-5x times faster than OpenVPN).
  • ALLOW_LIST - List of domains that are going to be accessible outside vpn (IE rarbg.to,yts.mx).
  • NET_LOCAL - CIDR networks (IE 192.168.1.0/24), add a route to allows replies once the VPN is up.
  • NET6_LOCAL - CIDR IPv6 networks (IE fe00:d34d:b33f::/64), add a route to allows replies once the VPN is up.
  • PORTS - Semicolon delimited list of ports to whitelist for both UDP and TCP. For example '- PORTS=9091;9095'
  • PORT_RANGE - Port range to whitelist for both UDP and TCP. For example '- PORT_RANGE=9091 9095'
  • CHECK_CONNECTION_INTERVAL - Time in seconds to check connection and reconnect if need it. (300 by default) For example '- CHECK_CONNECTION_INTERVAL=600'
  • CHECK_CONNECTION_URL - URL for checking Internet connection. (www.google.com by default) For example '- CHECK_CONNECTION_URL=www.custom.domain'

Issues

If you have any problems with or questions about this image, please contact me through a GitHub issue.

Disclaimer

This project is independently developed for personal use, there is no affiliation with NordVpn or Nord Security companies, Nord Security companies are not responsible for and have no control over the nature, content and availability of this project.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].