Retour aux applicationsSoumettre
vpn-gateway

vpn-gateway

Application Docker from ProphetSe7en's Repository

Vue d'ensemble

VPN gateway with nftables bandwidth limiting, scheduling, hot-reload, and web UI. Built on hotio/base:alpinevpn — all hotio VPN features (WireGuard, PIA, Proton) work out of the box. Route containers through WireGuard with per-service rate limits, time-based rules, and real-time traffic monitoring. First boot redirects to /setup to create an admin account — Radarr/Sonarr-style auth with API key for Homepage/scripts.

Exigences

Click Show more settings for all VPN variables. Generic provider requires a WireGuard config in /config/wireguard/wg0.conf. PIA/Proton auto-configure with credentials. First container start redirects to /setup — set a strong admin password (≥10 chars, 2+ of upper/lower/digit/symbol). Homepage widget uses /api/stats/widget (public, no auth needed); other /api/ endpoints need X-Api-Key header from Settings → Security.

Arguments d'exécution

Interface utilisateur Web
http://[IP]:[PORT:6050]
Réseau
bridge
Coquille
bash
Privilégié
false
Paramètres supplémentaires
--hostname=vpn-gateway.internal --cap-add=NET_ADMIN

Configuration du modèle

Traffic Monitor Web UIPorttcp

Traffic monitor and bandwidth management web UI

Cible
6050
Défaut
6050
Container Web UIPorttcp

Web UI port for a container routed through the gateway (e.g. qBittorrent, Deluge, IPTV). Must match the listening port on that container and be included in VPN_EXPOSE_PORTS_ON_LAN. Add additional port mappings for more containers.

Cible
7075
Défaut
7075
Config PathPathrw

Config directory (WireGuard conf, traffic.conf, stats)

Cible
/config
Défaut
/mnt/user/appdata/vpn-gateway
VPN_ENABLEDVariable

Container Variable: VPN_ENABLED

Défaut
true|false
VPN_CONFVariable

Container Variable: VPN_CONF

Défaut
wg0
VPN_PROVIDERVariable

Container Variable: VPN_PROVIDER

Défaut
generic|proton|pia
VPN_LAN_NETWORKVariable

Container Variable: VPN_LAN_NETWORK

Défaut
192.168.1.0/24
VPN_LAN_LEAK_ENABLEDVariable

Container Variable: VPN_LAN_LEAK_ENABLED

Défaut
false|true
VPN_EXPOSE_PORTS_ON_LANVariable

Container Variable: VPN_EXPOSE_PORTS_ON_LAN

VPN_AUTO_PORT_FORWARDVariable

Container Variable: VPN_AUTO_PORT_FORWARD

Défaut
false|true
VPN_PORT_REDIRECTSVariable

Container Variable: VPN_PORT_REDIRECTS

VPN_HEALTHCHECK_ENABLEDVariable

Container Variable: VPN_HEALTHCHECK_ENABLED

Défaut
true|false
VPN_NAMESERVERSVariable

Container Variable: VPN_NAMESERVERS

Défaut
1.1.1.1,8.8.8.8
VPN_PIA_USERVariable

Container Variable: VPN_PIA_USER

VPN_PIA_PASSVariable

Container Variable: VPN_PIA_PASS

VPN_PIA_PREFERRED_REGIONVariable

Container Variable: VPN_PIA_PREFERRED_REGION

VPN_PIA_DIP_TOKENVariable

Container Variable: VPN_PIA_DIP_TOKEN

VPN_PIA_PORT_FORWARD_PERSISTVariable

Container Variable: VPN_PIA_PORT_FORWARD_PERSIST

Défaut
false|true
TZVariable

Container Variable: TZ

Défaut
America/New_York
PUIDVariable

Container Variable: PUID

Défaut
99
PGIDVariable

Container Variable: PGID

Défaut
100
UMASKVariable

Container Variable: UMASK

Défaut
002
TRUSTED_NETWORKSVariable

Optional: pin the Trusted Networks CIDR list at host level. Comma-separated list (e.g. 192.168.0.0/24, 192.168.0.5/32). When set, overrides the UI value and the UI field is locked. Leave empty to manage from the Security panel.

TRUSTED_PROXIESVariable

Optional: pin the Trusted Proxies list at host level for reverse-proxy deployments (SWAG, Authelia). Comma-separated list of proxy IPs that are allowed to set X-Forwarded-For. When set, overrides the UI value and the UI field is locked.

Catégories

Network

Liens

ModèleSoutienRegistreProprojet

Détails

Référentiel
ghcr.io/prophetse7en/vpn-gateway:v1.4.2
Registre
https://github.com/prophetse7en/vpn-gateway/pkgs/container/vpn-gateway
Dernière mise à jour2026-05-31
Première vue2026-04-24

Exécutez vpn-gateway sur Unraid.

vpn-gateway est listé dans Community Apps pour Unraid OS. Explorez Unraid pour créer un serveur domestique flexible, un NAS ou un laboratoire domestique.

Explorez Unraid OS