e4d91aadf9
- Full Obsidian vault content - Host configs (ice, grizzley, ubuntu, proxmox, truenas, panda, hyte) - Media stack documentation - Traefik HA setup - Automation scripts - Bachelor party planning
1.1 KiB
1.1 KiB
title, created, updated, type, tags, sources, confidence
| title | created | updated | type | tags | sources | confidence | |||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| NordVPN | 2026-05-24 | 2026-05-24 | entity |
|
|
high |
NordVPN
Overview
Commercial VPN (WireGuard protocol) used to tunnel all media automation traffic through Gluetun. Provides exit IPs for accessing geo-restricted content and obscures download source IPs from ISPs.
Key Facts
- Protocol: WireGuard (via Gluetun container)
- Provider: NordVPN
- Purpose: All media stack downloads (Sonarr, Radarr, Lidarr, Prowlarr, qBittorrent) route through VPN
- Container:
gluetunon ubuntu — acts as VPN gateway for media-net - Exit IPs: Shared NordVPN exit pool; not dedicated IP
- Cost: ~$12/mo
Architecture
Media containers (media-net)
↓
Gluetun (WireGuard → NordVPN)
↓
Internet (geo-restricted content)
All media automation sits behind Gluetun via Docker network media-net. Jellyfin (direct play) does NOT use VPN.
Related
- media-stack — all containers using Gluetun
- docker-traefik-stack — Gluetun network configuration
- truenas — stores media on NFS mounts