Unraid with NordLynx docker container

By Cèbe, . Permalink

Unraid is a fantastic playground, and its docker ecosystem is very nice, making it much more attractive than say, Synology.

I subscribed to NordVPN recently -- I've seen too many ads on YouTube maybe. Anyway, I now want to have a VPN available for my other docker apps.

It is relatively easy: there is a NordLynx Docker template for unRAID. NordLynx uses Wireguard. There is also a NordVPN template that uses OpenVPN, but I'd rather not use it as Wireguard is much faster and efficient than OpenVPN.

Once the template is installed, you will of course need to enter a few parameters, the most important being your NordVPN private key.

Getting the private key

This is actually the most difficult part. There is no other way to get the private key than to use nordvpn official linux client. Your options are:

  • a full linux distribution

  • a docker container (easier to get rid of afterwards)

  • WSL2 under Windows: I didn't try that but it should work

Say you have a debian based distro:

sudo apt install wireguard
sudo apt install curl
sudo apt install jq
sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)

Log in to your nordvpn app via this command:

sudo nordvpn login

Change connection protocol to nordlynx:

sudo nordvpn set technology nordlynx

Connect to any server, for example in Japan

sudo nordvpn c jp

Now that you're connected, we can get the private key but also the IP address of the wireguard interface

sudo wg show nordlynx private-key

Keep the private key, private! Do not share it.

ifconfig nordlynx

Keep the IP address. In my experience it's always 10.5.0.2

Configuration

Once this is done, it's really easy: Go to the Docker tab in Unraid, select the nordlynx container, and set the private key, local network (likely to be 192.168.0.0/16) and DNS (can be NordVPN DNS or other like Cloudflare DNS)

Connect other containers to nordlynx container

Of course the exercise is a bit useless if the VPN can't be used by other apps. In this example I'll setup a qbittorrent container that will use the VPN. After installing qbittorrent from Unraid Apps tab, let's adapt the docker params of this container:

  • Select the Advanced View on the upper right of the screen

  • Set Network Type of qbittorrent container to None

  • In Extra Parameters, enter --net=container:nordlynx

  • Take note of the WEBUI_PORT (likely to be 8080) and also WebUI (6881) -- we need to map them in the nordlynx container

Go back to the nordlynx container parameters, and at the very bottom of the page choose + Add another Path, Port, Variable, Label or Device

  • Config Type: Port

  • Name: qBitTorrent Web UI Port

  • Value: 8080 (or whatever the WEBUI_PORT value was)

  • Connection Type TCP

This will allow you to access the Web UI of qbittorrent.

Source: How to route any docker container through a VPN container

Page top