[FEATURE REQUEST] Custom script support

[gvkhna]

Feature request for custom scripts similar to linuxserver.io. I needed to run some additional iptables commands post-startup on binhex-privoxyvpn. I ended up copying /root/wireguardup.sh out of the container, modifying that, and volume linking my custom file into the container with that. Seems to be working well!

But I looked around for custom script support which this and downstream containers don't have, really handy feature.

I also tried modifying the PostUp and PostDown in my wg0.conf to add my additional iptables commands but it was overwritten upon restart.

https://www.linuxserver.io/blog/2019-09-14-customizing-our-containers

So wanted to make a request. Thank you for the great contributions!!

P.S.

I ended up adding the following commands to wireguardup.sh

iptables -P FORWARD ACCEPT

iptables -t nat -A POSTROUTING -o wg+ -j MASQUERADE

This was to enable a secondary wireguard server to connect to the binhex-privoxyvpn to use that as the upstream server for clients.

My topology is like so:

PIA/Mullvad/Etc -> binhex-privoxyvpn -> wireguard (server) -> clients

The wireguard (server) has some default routing tables set to direct traffic to the binhex-privoxyvpn container.

I've run some leak testing on the downstream clients and various points, any potential for leaks?

This was done based on the following post: https://www.linuxserver.io/blog/routing-docker-host-and-container-traffic-through-wireguard

[maxfield-allison]

check out
https://github.com/binhex/arch-qbittorrentvpn/issues/203 (comment)