I am running Pangolin on a VPS and newt on my home server for tunneling via Docker compose. I am also running other containers that I’d want controlled access to via my tunnel. In terms of networking, only my tunnel container needs access to the other containers and the containers don’t need to be able to talk to each other.
I was wondering how I can set this up in docker compose. My current networks look like:
NETWORK ID NAME DRIVER SCOPE
fe99c8646a81 adguardhome_default bridge local
4bbbc4b48e75 br0 macvlan local
08fd8065fe36 bridge bridge local
d3fa2742242a fireshare_default bridge local
732a5a39c1be host host local
fd86f920f07c newt_default bridge local
57038c9de620 none null local
c1992f23d067 strapi_default bridge local
0c8f49d829d3 vaultwarden_default bridge local
192.168.1.3 newt
192.168.1.2 adguardhome
172.23.0.2 strapi
172.22.0.2 vaultwarden
172.19.0.2 fireshare
Ideally newt could reach all containers and adguardhome cannot reach strapi for example. I tried to define networks in my adguardhome‘s compose yaml like:
services:
adguardhome:
...
networks:
- adguardhome_default
- strapi_deafult
networks:
adguardhome_default:
external: true
strapi_default:
external: true
But this way the adguardhome and strapi containers can talk to each other. How could I achieve the desired behaviour?
