Pontus Öwre

Dedicated and diverse software engineer with 15+ years professional experience. Passionate about software security, test driven development and DevOps with interest in getting things done.

Proxy http traffic through a vpn container using wireguard

Posted

Recently, I experimented with orchestrating network traffic across different locations in an automated fashion using several Docker containers configured to proxy through different endpoints.

In this guide, I’ll show you how to proxy HTTP requests through a container configured to use Wireguard. This method allows you to proxy http traffic from your local machine as well as from other Docker containers.

I use the qmcgaw/gluetun container, which supports several VPN providers out of the box but is also easy to configure for unsupported ones.

To use a custom Wireguard provider to proxy HTTP traffic, spin up a container using the following command (replace the placeholder values with your actual VPN credentials):

docker run -d --rm --cap-add=NET_ADMIN --name=vpn \
-e VPN_SERVICE_PROVIDER=custom \
-e VPN_TYPE=wireguard \
-e VPN_ENDPOINT_IP=REPLACE \
-e VPN_ENDPOINT_PORT=REPLACE \
-e WIREGUARD_PUBLIC_KEY=REPLACE \
-e WIREGUARD_PRIVATE_KEY=REPLACE \
-e WIREGUARD_ADDRESSES=REPLACE \
-e HTTPPROXY=true \
-e HTTPPROXY_STEALTH=true \
-p 9977:8888 \
qmcgaw/gluetun

To try it out, use curl to confirm that your traffic is routed through the VPN by running the following command:

curl -x localhost:9977 http://ifconfig.me

-x specifies the proxy server to use, and localhost:9977 is the proxy server address and port which you did start up previously.

This setup allowed me to configure containers to proxy traffic on the fly in an automated fashion. With slight modifications, you can use it to proxy any network traffic from your local machine as well as any container.