Gluetun VPN Service#

What Was Established#

• Gluetun is a lightweight Docker container acting as a dedicated VPN gateway for other containers.
• Implements the sidecar pattern: dependent containers (e.g., qBittorrent, nzbget, prowlarr) share Gluetun’s network namespace via network_mode: "service:gluetun".
• AirVPN selected as the provider over ProtonVPN/Mullvad due to superior port forwarding support required for P2P services.
• Container-level VPN on the servarr VM is architecturally separate from the network-level UniFi VPN on Helms Deep (VLAN 2).

Deployment Context#

Gluetun runs on the servarr VM (192.168.1.112) as part of the Servarr Docker Compose stack at /docker/servarr/. It is configured via .env file in that directory.

Servarr Stack - Gluetun VPN Troubleshooting#

Historical note: This session was conducted on a machine at 192.168.1.30 (hostname possibly “Varda” at the time, directory ~/home/nbkelley/docker/servarr). The current production Servarr stack lives on the servarr VM at 192.168.1.112, directory /docker/servarr/. See Servarr - Media Automation Stack for current configuration. The troubleshooting patterns documented here remain applicable.

What Was Established#

This session documents the deployment and troubleshooting of the Servarr media automation stack (Sonarr, Prowlarr, qBittorrent) behind a Gluetun VPN container. The stack relies on network_mode: service:gluetun to route all container traffic through AirVPN.