All-in-one docker solution for a seed box?

body_by_make@lemmy.dbzer0.com to Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.com – 47 points –

Are there any good docker containers that have an openvpn + qbittorrent configuration setup in such a way that the torrents won't run if the vpn isn't running?

26

The binhex container has worked well for me on Unraid.

I second this. I prefer their deluge container but really like how binhex has things set up.

This actually looks basically exactly like what I want, but only runs on arch. I do have an arch server but it's not my normal tor server. Is there a debian version of this? If not it's cool, I might put it on my arch server, it'd just be easier to keep it on my existing tor server.

Arch is just the base that is used for the containers. It doesn't matter what your host OS is.

haugene/docker-transmission-openvpn might be what you’re looking for. I’ve had success with that container in the past.

Can confirm have been running this for years now without much issue

I can give you my Gluetun+QBittorrent compose file, but I use it with Wireguard.

Once you are in the qbittorrent webUI make sure to bind it to the VPN port, which should be tun0.

services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: qbittorrent_vpn
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY==
      - WIREGUARD_ADDRESSES=
      - SERVER_COUNTRIES=
      - TZ=Europe/Prague
    ports:
      - 8080:8080
      - 6881:6881
      - 6881:6881/udp
    restart: unless-stopped
    networks:
      - traefik

  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - TZ=Europe/Prague
      - WEBUI_PORT=8080
    volumes:
      - /docker/containers/qbittorrent/config:/config
      - /docker/containers/qbittorrent/downloads:/downloads
    restart: unless-stopped
    network_mode: "service:gluetun"

networks:
  traefik:
    external: true

So question does a vpn in a docker container directly tunnel that docker to the vpn basically not touching anything outside of it(i.e home ip/net)?

Yes, it can only affect the network of the container

Ah interesting. Might be worth looking into the saltbox someone posted above. I currently use a seedbox service

I run wireguard in one container (as a client connected to Mullvad), and then qBittorent in another container but using the network of the wireguard container.

Then I just set up routing rules in wireguard to allow my local network to be exempted from the tunnel so I can reach the web interface of qBittorent.

All my torrent traffic goes over the VPN, I can still reach the webui and none of my other containers are affected. Super simple and very reliable.

I have my qbittorrent behind Gluetun and port forward the web interface port through Gluetun

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: qbittorrent_vpn
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY==
      - WIREGUARD_ADDRESSES=
      - SERVER_COUNTRIES=
      - TZ=Europe/Prague
    ports:
      - 8080:8080
      - 6881:6881
      - 6881:6881/udp
    restart: unless-stopped
    networks:
      - traefik

  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - TZ=Europe/Prague
      - WEBUI_PORT=8080
    volumes:
      - /docker/containers/qbittorrent/config:/config
      - /docker/containers/qbittorrent/downloads:/downloads
    restart: unless-stopped
    network_mode: "service:gluetun"

networks:
  traefik:
    external: true

Very nice! This is basically exactly what I'm doing except I'm doing it in ansible and using the linuxserver/wireguard container.

I went with Gluetun because they work with either OVPN or Wireguard (depends on what you configure in compose) and I have already used it through Truecharts

Now you got me thinking Might actually make a post asking for an equivalent usenet (box) to have a usenet and seedbox on prem:D