Privacy

48546 readers

188 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

[How to] tunnel a browser in distrobox through a gluetun podman quadlet (lemmy.dbzer0.com)

submitted 10 hours ago by electrochemistry@lemmy.dbzer0.com to c/privacy@lemmy.ml

2 comments fedilink hide all child comments

I spent some time trying to get this to work so I thought I might as well share it if anyone is interested.

First create a new network: $ podman network create gluetun, then create a new container file:

$ touch ~/.config/containers/systemd/gluetun.container

Populate it with the VPN configuration, below is an example using Proton.

[Unit]
Description=Gluetun VPN Client
Wants=network-online.target
After=network-online.target
After=local-fs.target

[Container]
Network=gluetun
Image=docker.io/qmcgaw/gluetun
ContainerName=gluetun
AutoUpdate=registry

AddCapability=NET_ADMIN
AddCapability=NET_RAW
PodmanArgs=--device=/dev/net/tun:/dev/net/tun --privileged

Environment=VPN_SERVICE_PROVIDER=protonvpn
Environment=VPN_TYPE=wireguard
Environment=WIREGUARD_PRIVATE_KEY=
Environment=VPN_PORT_FORWARDING=off
Environment=PORT_FORWARD_ONLY=off
Environment=SERVER_COUNTRIES=

[Service]
Restart=always

[Install]
WantedBy=multi-user.target default.target

Reload the systemd daemons and run the container.

$ systemctl --user daemon-reload
$ systemctl --user start gluetun

Then create a distrobox-assemble ini file:

[fedora]
additional_packages="brave-browser"
pre_init_hooks="dnf config-manager addrepo --from-repofile=https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo"
init=false
image="registry.fedoraproject.org/fedora:latest"
nvidia=false
pull=true
root=false
replace=true
start_now=true
unshare_netns=true
additional_flags="--network container:gluetun"

Feel free to replace Brave with something else. Then create it, enter it and run the browser:

$ distrobox-assemble create --file /path/to/file.ini
$ distrobox enter fedora
$ brave-browser

If you have any suggestions on how to improve this setup I'd love to hear them!

you are viewing a single comment's thread
view the rest of the comments

[–] voytrekk@sopuli.xyz 1 points 9 hours ago (1 children)

Could also export the app too? Then you can run things without having to drop to the command line.

[–] electrochemistry@lemmy.dbzer0.com 1 points 9 hours ago

Definitely, that's what I've done. Just run distrobox-export --app brave-browser from within the container.