Hi there, I hope somebody can help me out with this, because I've done some research already but either I have come across dead links or I haven't understood what I was reading.
I have a bunch of docker containers running behind Nginx Proxy Manager and I have pi-hole with unbound set up as dns server for ad-blocking and also to resolve "mydomain.tld" to my local server ip (I have a hard time remembering ips/ports).
Some containers are publicly available for convenience, the rest aren't but I'd still like to have some or all of them behind a VPN so I can access them from outside my local network and it would be great if I could also set the pi-hole as the dns server for the VPN.
Long story short, I don't want to route all of the traffic behind the VPN, just specific containers.
All of them are running on ubuntu server with no VMs, it's a small homelab, nothing fancy.
Install wireguard, easy to install with pivpn or docker container.
Then just change these settings in the client config.
Let's assume your pi hole ip is 192.168.1.10
DNS servers:
192.168.1.10
Allowed IPs
192.168.0.0/16
So only your local IPs will go through the VPN. The DNS will be like you are on your LAN and you can access all your domain.tld services without exposing them to the internet.
You just create a VPN Network, and then attach containers to that network that need to go through that VPN.
With VPN containers things can be more funky, where you don't so much use a Network but rather you use "network mode" to copy the network mode of the VPN container, but you get the picture.
Hey, thanks for your input. I tried doing that but couldn't get it working this way, probably because I'm not really sure of what I'm doing. Please take a look at my edit.