Gluetun VPN Randomizer is a Python application developed for the purpose of rotating VPN gateways from one or more VPN providers. This will change your outbound IP address, and optionally your VPN provider, on a random basis within a given time period (eg, every 2-4 hours).
Some familiarity with Docker, VPN (Wireguard), and Python may be helpful.
-
VPN Service (see Notes for options)
-
Additional Requirements and Dependencies noted in randomizer
- Get a functional docker-compose.yml working with Gluetun (see the provided example).
- eg,
/usr/local/docker/gluetun/docker-compose.yml
- eg,
- Modify the provided env.example and copy to the Gluetun path. This provides values to the
environment:
parameters in docker-compose.yml.- eg,
/usr/local/docker/gluetun/.env
- eg,
- Create a
gluetun_config
directory. This should be the same path defined involumes:
- eg,
/usr/local/docker/gluetun/gluetun_config
- eg,
- If multiple providers are being used, extensions of
.env
files must be named after supported Gluetun providers- eg,
.env.ivpn
,.env.mullvad
, etc.
- eg,
- Copy randomizer to a desired location and make it executable
/usr/local/bin/randomizer
chmod 750 /usr/local/bin/randomizer
- Modify
randomizer
options (see Options below) - To run as a systemd service, use the provided systemd unit file randomizer.service
/etc/systemd/system/randomizer.service
systemctl daemon-reload
systemctl status|stop|start randomizer
- Test/Verify Connection:
docker logs gluetun
curl -x localhost:8008 ipinfo.io
Options are defined in a separate YML configuration file (see randomizer.yml. The location of this file is defined in randomizer by the main parameter config
.
debug
: Increases verbosity of logging and frequency of rotation (see also Logging section and ttime_min
, ttime_max
)
shuffle_vpn_provider
: True to support multiple VPN providers. False if single. Multiple VPN providers require multiple .env.*
files
mqtt_enable
: True to support MQTT.
influxdb_enable
: True to support InfluxDB.
container_name
: This name should match container_name
given in docker-compose.yml
This is one of many examples of using multiple VPN instances in a given environment.
- LAN: 192.168.1.0/24
- Consists of a mix of mobile devices, desktops/laptops, and virtual machines
- All devices in this network use an HTTP/HTTPS proxy of the assigned fronted in HAProxy (eg, 192.168.1.100:8118)
- HAProxy: 192.168.1.100
- Acts as load balancer and distribution to multiple Gluetun VPN instances
- In this example port 8118 is the listening HTTP/HTTPS proxy
- See the configuration example haproxy.cfg
- Virtual Machines: 192.168.20.10, 192.168.30.10
- Separate subnets of 192.168.20/24 and 192.168.30/24 are optional
- Each virtual machine contains a running randomizer and Docker container(s)
- Outbound IP addresses 23.11.82.103, 201.32.11.201 are randomly assigned based on VPN provider(s) configured in gluetun and frequency of rotation
An example of using Gluetun with Unbound is shown in /unbound
An example of using Gluetun with Blocky is shown in /blocky
- VPN Service: Temporary VPN service can be obtained via https://freevpn.us. See docker-compose.freevpn.us.yml for details.
- Currently, randomizer is biased towards Wireguard. OpenVPN may be supported in the future, particularly if there is a demand for it.
- If multiple VPN instances are being used, it's highly recommended to use MQTT. This prevents conflicting gateways from being used.
- Docker Secrets will be adopted once available qdm12/gluetun#1758
- VPN Comparison Table