this post was submitted on 07 Jan 2024
82 points (92.7% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54636 readers
764 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

docker compose is appreciated

top 27 comments
sorted by: hot top controversial new old
[–] [email protected] 30 points 10 months ago* (last edited 10 months ago) (4 children)

https://pastebin.com/7S6QBsSY

I tried formatting it on here but it doesn't work.

gluetun + qBit

The compose file creates both and binds qBit to gluetun. I also have port forwarding set up through AirVPN.

[–] [email protected] 7 points 10 months ago* (last edited 10 months ago) (2 children)

Does this only tunnel qbittorrent through the VPN or all traffic on the device?

[–] [email protected] 5 points 10 months ago* (last edited 10 months ago)

Have exactly the same setup:

It tunnels everything that is bound to the same network (see the line with gluetun within the qbittorrent container.

And for anyone using a reverse proxy: that can run against the gluetun container with the bound containers port. (edit: in OPs example gluetun:8090 for qbittorrent web)

[–] [email protected] 4 points 10 months ago

Only qbit I have other stuff in that stack as well, like sonarr and radarr, that I cut out.

The network mode setting in docker acts as a bind. The port is exposed to the host in gluetun. If gluetun throws an error and shuts down, qBit WebUI is no longer accessible.

[–] [email protected] 2 points 10 months ago

This is the way, look no further

[–] [email protected] 1 points 10 months ago

I also use glutun, works really well. Lots of VPNs are supported. Easy to add any docker container you want to it.

[–] [email protected] 10 points 10 months ago

gluetun for vpn, deluge for torrent

[–] [email protected] 9 points 10 months ago* (last edited 10 months ago)

qmcgaw/gluetun + ghcr.io/onedr0p/qbittorrent

[–] [email protected] 6 points 10 months ago (1 children)

binhex/arch-qbittorrentvpn

[–] [email protected] 1 points 10 months ago

I second this. Works great.

[–] [email protected] 5 points 10 months ago (1 children)

At this point I don't know why you'd need docker or VPN to run a torrent and I'm too afraid to ask.

[–] [email protected] 6 points 10 months ago (2 children)

People run their stuff in docker cause it tends to make the process more straight forward.
The question is specifically about isolating your torrent client to a VPN only network, that way leaks are impossible since if the VPN goes down, there are no other networks accessible to the container.

[–] [email protected] 1 points 10 months ago (1 children)

Doesn't QBittorrent already have its own setting for that? Like you can set the network interface to wg-mullvad or whatever and then it won't work outside of that? Or is the docker thing just for an extra layer of protection on top of that?

[–] [email protected] 2 points 10 months ago

Yeah qbitt has that but not all clients do

[–] [email protected] 0 points 10 months ago

oh that's really interesting. i should look into it; thanks

[–] [email protected] 4 points 10 months ago* (last edited 6 months ago) (1 children)

~~I’ve pushed up my setup if you’d like to check it out! I use it with ProtonVPN, but can be adapted to be used with others.~~

Removed link: see other comments for a working docker-compose

[–] [email protected] 2 points 6 months ago (1 children)
[–] [email protected] 1 points 6 months ago* (last edited 6 months ago)

I removed mine since I moved away from Gitlab. There's other comments with working docker composes, but here's the latest working version of mine if you're interested:

services:
  gluetun:
    image: ghcr.io/qdm12/gluetun:latest
    container_name: gluetun
    # line above must be uncommented to allow external containers to connect. See https://github.com/qdm12/gluetun/wiki/Connect-a-container-to-gluetun#external-container-to-gluetun
    restart: always
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    volumes:
      - ./data:/gluetun
    environment:
      ## ProtonVPN Wireguard
      - VPN_SERVICE_PROVIDER=custom
      - VPN_TYPE=wireguard
      - VPN_ENDPOINT_IP=${WIREGUARD_ENDPOINT_IP}
      - VPN_ENDPOINT_PORT=${WIREGUARD_ENDPOINT_PORT}
      - WIREGUARD_PUBLIC_KEY=${WIREGUARD_PUBLIC_KEY}
      - WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY}
      - WIREGUARD_ADDRESSES=${WIREGUARD_ADDRESSES}
      - TZ=Etc/UTC
    ports:
      - ${QBITTORRENT_EXPOSED_WEBUI_PORT}:8080/tcp # qBittorrent Web UI

  qbittorrent:
    # https://docs.linuxserver.io/images/docker-qbittorrent
    build: .
    container_name: qbittorrent
    restart: always
    volumes:
      - ./config:/config
      # using download path as mount so other services can play nice
      - ${QBITTORRENT_DOWNLOAD_PATH}:${QBITTORRENT_DOWNLOAD_PATH}
      - ${QBITTORRENT_THEMES_PATH}:/themes
    environment:
      # https://github.com/linuxserver/docker-qbittorrent#umask-for-running-applications
      - PUID=${QBITTORRENT_WRITE_UID}
      - PGID=${QBITTORRENT_WRITE_GID}
      - UMASK=0002
      - TZ=Etc/UTC
      - WEBUI_PORT=8080
    network_mode: "service:gluetun"
    depends_on:
      gluetun:
        condition: service_healthy

  portcheck:
    image: eiqnepm/portcheck:latest
    container_name: portcheck
    restart: always
    environment:
      - QBITTORRENT_PORT=6881
      - QBITTORRENT_WEBUI_PORT=8080
      - QBITTORRENT_WEBUI_SCHEME=http
      - QBITTORRENT_USERNAME=admin
      - QBITTORRENT_PASSWORD=${QBITTORRENT_ADMIN_PASSOWRD}
      - TIMEOUT=300
      - DIAL_TIMEOUT=5
    network_mode: "service:gluetun"
    depends_on:
      qbittorrent:
        condition: service_healthy
[–] [email protected] 4 points 10 months ago

This is the compose file I use, with Gluetun setup with ProtonVPN. I edited it to remove some personal machine stuff so adapt volumes to your liking.

version: "2.1"
services:
  jackett:
    image: lscr.io/linuxserver/jackett:latest
    container_name: jackett
    network_mode: service:gluetun
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
    volumes:
      - ./data:/config
      - ./downloads:/downloads
    restart: unless-stopped
    depends_on:
      - gluetun

  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:4.5.5-r0-ls291
    container_name: qbittorrent
    network_mode: service:gluetun
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - WEBUI_PORT=8084
    volumes:
      - a-place/qbittorrent/config:/config
      - a-place/qbittorrent:/downloads
    restart: unless-stopped
    depends_on:
      - gluetun

  flaresolverr:
    container_name: flaresolverr
    network_mode: service:gluetun
    environment:
      - LOG_LEVEL=info
    restart: unless-stopped
    image: ghcr.io/flaresolverr/flaresolverr:latest
    depends_on:
      - gluetun

  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    networks:
      pirate_net:
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - VPN_SERVICE_PROVIDER=custom
      - VPN_TYPE=wireguard
    ports:
      - 9117:9117 # Jackett
      - 8084:8084
      - 6881:6881
      - 6881:6881/udp
      - 8191:8191 # Flaresolverr
    volumes:
      - ./config/:/gluetun/wireguard/

networks:
  pirate_net:
    driver: bridge
[–] [email protected] 2 points 10 months ago
[–] [email protected] 2 points 10 months ago

I use gluetun with sabnzbd
Not torrent tech but yeah.

I often read about not using two containers but instead to use a combi docker.

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago)
$ cat Projects/qbittorrent/docker-compose.yml 
version: "2.1"
services:
  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Berlin
      - WEBUI_PORT=8081
    volumes:
      - /path/to/appdata/config:/config
      - /home/username/Downloads/Torrents:/downloads
    ports:
      - 8081:8081
      - 6881:6881
      - 6881:6881/udp
    restart: unless-stopped

The whole server is running under the VPN.