What does HackerNews think of gluetun?

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.

Language: Go

#61 in Docker
#76 in Go
Dwgd: Docker WireGuard Driver | May 2023
Question: what does this do better than the (relatively) well-established Gluetun [0]?

[0] https://github.com/qdm12/gluetun

Surpassing 10Gb/S over Tailscale | Apr 2023
Expand Context ↕
I'd never heard of Technitium, but was intrigued looking at. Was thinking "hmmm what could I do with this" and then had to refrain from creating another project just because.

TBH I find Docker networking a struggle and usually disable the `iptables` stuff and end up configuring my own rules. Painful, but at least less intrusive.

On the note of Tailscale+Docker networking, gluetun[0] is pretty awesome. It runs a Wireguard (not tailscale compatible, yet) instance within a Docker container and then you share that networking namespace with the other containers effectively confining them to the VPN. Comes with basic container namespace firewall configuration and DNS over TLS configuration.

[0] https://github.com/qdm12/gluetun
Popcorn Time Is Back | Jul 2022
Expand Context ↕
Gluetun has an integrated killswitch: https://github.com/qdm12/gluetun

I used to use https://github.com/dperson/openvpn-client which has a killswitch option as well.

By kill-switch I mean iptables rules that don't let anything out if there's no VPN interface up. So you don't run the risk of leaking torrent stuff through your plain-text connection if the VPN goes down.