Hi and thanks for your help.
I have a pretty besic router, so I can not install a VPN on the router itself.
I have a docker instance, that is running PiHole. The PiHole is configure as the networks DNS, while the router does DHCP.
Now instead of installing a VPN client on every of my devices I thought of deploying a VPN client on that docker instance and route all external traffic through the VPN like this: Client -> DNS -> VPN -> Router -> Internet
Is that even possible from a technical point? What do I need?
Not offering the perfect solution you were looking for, but if you’re still using the ISP router it might be worth it to upgrade that to something you can install custom firmware on that’s also relatively cheap like an asuswrt-merlin compatible device (I personally use an ASUS RT-AX86S).
That would allow you to have a guest wifi using YazFi that routes everything through a VPN of your choice and it would leave your regular wifi untouched. You can even use the DNS director to intercept all traffic on port 53 and reroute it to your pihole, including queries going out to 1.1.1.1 or other public DNS servers from apps trying to circumvent DNS blocks.
If I was to buy a new router, I’d buy something compatible with openwrt and install a openvpn client on that one. But I was wondering, if there was a way around that with my current hardware.