Private Internet Access OpenVPN client with support for port forwarding
This docker image will connect to PIA with OpenVPN using your PIA credentials and then request a port be opened via PIA's service. Only some regions support port forwarding so make sure you select a supporting region.
In order to run this container you'll need docker installed.
docker run --rm --cap-add NET_ADMIN --device /dev/net/tun -e "REGION=France" -v $(pwd)/.creds:/etc/openvpn/pia/pass --name pia oxlade39/piaportforward
version: '3'
networks:
pia:
driver: bridge
ipam:
config:
- subnet: 172.20.0.0/24
services:
pia:
image: oxlade39/piaportforward
container_name: pia
environment:
- REGION=France
networks:
pia:
ipv4_address: 172.20.0.5
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
volumes:
- /config/pia/.credentials:/etc/openvpn/pia/pass:ro
- /config/pia:/config
restart: unless-stopped
The image requires NET_ADMIN
and --device /dev/net/tun
to support creating the tun
virtual interface.
REGION
- specifies the PIA region to use as a connection
/etc/openvpn/pia/pass
- Line delimited pia username and password/config/*
- Files containing useful VPN connection information. Like the VPN IP, the interface and the dynamically allocated port.
/config/vpnportfw
- File containing the opened port available for port forwarding.
Get your externally visible IP address from a normal shell
$ wget -qO- https://ipinfo.io/ip
213.205.194.254
Get your externally visible IP address from a container attached to your pia instance.
$ docker run --rm --network=container:pia alpine:3.8 wget -qO- https://ipinfo.io/ip
If this port is different from above then the traffic is routing via the VPN.
To attach other containers you can use --network=container:${piaportforward_container_name}
in docker or in docker-compose:
my_linked_container:
image: some/image
container_name: my_linked_container
network_mode: service:${piaportforward_container_name}
- www.pantz.org. I followed this guide and used modified, dockerized versions of the scripts listed here.
- qdm12/private-internet-access-docker. I started using this but then decided to write my own supporting port forwarding.