Private Internet Access Docker (OpenVPN, Alpine)
Docker VPN client to private internet access servers based on Alpine Linux and OpenVPN
It requires:
The PIA configuration files are downloaded from the PIA website when the Docker image gets built.
Installation & Testing
-
Run the tun.sh script on your host machine to ensure you have the tun device setup
wget https://raw.githubusercontent.com/qdm12/private-internet-access-docker/master/tun.sh sudo chmod +x tun.sh ./tun.sh -
Create a file auth.conf in
/yourhostpath(for example), with:- On the first line: your PIA username (i.e.
js89ds7) - On the second line: your PIA password (i.e.
8fd9s239G)
- On the first line: your PIA username (i.e.
Using Docker only
-
Test the container by connecting another container to it
-
Run the container interactively with (and change
/yourhostpath/auth.conf):docker run --rm --name=piaTEST --cap-add=NET_ADMIN \ --device=/dev/net/tun --dns 209.222.18.222 --dns 209.222.18.218 \ -e 'REGION=Germany' -v '/yourhostpath/auth.conf:/pia/auth.conf:ro' \ qmcgaw/private-internet-accessWait about 5 seconds for it to connect to the PIA server.
-
Check your host IP address with:
curl -s ifconfig.co -
Run the curl Docker container using your piaTEST container with:
docker run --rm --net=container:piaTEST tutum/curl curl -s ifconfig.coIf the displayed IP address appears and is different that your host IP address, your PIA OpenVPN client works !
-
-
Run the container as a daemon in the background with (and change the
/yourhostpath/auth.conf):docker run -d --restart=always --name=pia --cap-add=NET_ADMIN \ --device=/dev/net/tun --dns 209.222.18.222 --dns 209.222.18.218 \ -e 'REGION=Germany' -v '/yourhostpath/auth.conf:/pia/auth.conf' \ qmcgaw/private-internet-access
Using Docker Compose
-
Download docker-compose.yml
-
Edit it and change
yourpath -
Run the container as a daemon in the background with:
docker-compose up -dWait about 5 seconds for it to connect to the PIA server.
-
Check your host IP address with:
curl -s ifconfig.co -
Run the curl Docker container using your pia container with:
docker run --rm --net=container:pia tutum/curl curl -s ifconfig.coIf the displayed IP address appears and is different that your host IP address, your PIA OpenVPN client works !
Connect other containers to it
Connect other Docker containers to the VPN connection by adding --net=container:pia when launching them.
Container launch parameters
- You can change the
--name=parameter to anything you like - You can change the
REGION=parameter to one of the regions supported by private internet access - You must adapt the
/yourhostpath/auth.confpath to your host path where you createdauth.conf
Access ports of containers connected to the VPN container
You have to use another container acting as a Reverse Proxy such as Nginx.
Example:
-
I have a Deluge container connected to the PIA container with
--net=container:piaand its WebUI runs on port 8112. -
I create the following Nginx configuration file nginx.conf:
user nginx; worker_processes 1; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; server { listen 80; location / { proxy_pass http://deluge:8112/; proxy_set_header X-Deluge-Base "/"; } } include /etc/nginx/conf.d/*.conf; } -
I run the Alpine Nginx container with:
sudo docker -d --restart=always --name=proxypia -p 8000:80 --link pia:deluge \ -v /mypathto/nginx.conf:/etc/nginx/nginx.conf:ro nginx:alpine -
Now I can access the WebUI of Deluge at
localhost:8000 -
You can add more
--link pia:xxxfor more containers and you have to modify nginx.conf