docker compose is appreciated
I tried formatting it on here but it doesn’t work.
gluetun + qBit
The compose file creates both and binds qBit to gluetun. I also have port forwarding set up through AirVPN.
Does this only tunnel qbittorrent through the VPN or all traffic on the device?
Have exactly the same setup:
It tunnels everything that is bound to the same network (see the line with gluetun within the qbittorrent container.
And for anyone using a reverse proxy: that can run against the gluetun container with the bound containers port. (edit: in OPs example gluetun:8090 for qbittorrent web)
Only qbit I have other stuff in that stack as well, like sonarr and radarr, that I cut out.
The network mode setting in docker acts as a bind. The port is exposed to the host in gluetun. If gluetun throws an error and shuts down, qBit WebUI is no longer accessible.
This is the way, look no further
I also use glutun, works really well. Lots of VPNs are supported. Easy to add any docker container you want to it.
Stopped reading at C:
eh get fucked ya Linux fanboy. Go cry about which distro is best instead of putting me down for trying to help someone.
I’m not familiar with docker on Windows, but I believe it runs through a (well integrated) VM. Do you run it 24/7 on your desktop pc? If yes, do you notice a performance impact while e.g. gaming?
It’s surprising to me how docker managed to be the ultimate way to run services across all major OSs while only running on Linux specifically.
I run it on a dedicated machine that does all my media management. I’m transitioning to Linux eventually.
I started out using a pi and installed sonarr and radarr with mono. Then I switched to docker on my spare windows machine. Whenever I get a break in work I’ll switch to Linux completely.
Since my stuff is already containerized, it should be a painless transition… hopefully. I’ll probably wait until I get a new HDD to transition to a new format since all my stuff is NTFS.
Linux users when freedom of choice exists
qmcgaw/gluetun + ghcr.io/onedr0p/qbittorrent
binhex/arch-qbittorrentvpn
I second this. Works great.
At this point I don’t know why you’d need docker or VPN to run a torrent and I’m too afraid to ask.
People run their stuff in docker cause it tends to make the process more straight forward.
The question is specifically about isolating your torrent client to a VPN only network, that way leaks are impossible since if the VPN goes down, there are no other networks accessible to the container.Doesn’t QBittorrent already have its own setting for that? Like you can set the network interface to wg-mullvad or whatever and then it won’t work outside of that? Or is the docker thing just for an extra layer of protection on top of that?
Yeah qbitt has that but not all clients do
oh that’s really interesting. i should look into it; thanks
I’ve pushed up my setup if you’d like to check it out! I use it with ProtonVPN, but can be adapted to be used with others.Removed link: see other comments for a working docker-compose
seems the link is broken
I removed mine since I moved away from Gitlab. There’s other comments with working docker composes, but here’s the latest working version of mine if you’re interested:
services: gluetun: image: ghcr.io/qdm12/gluetun:latest container_name: gluetun # line above must be uncommented to allow external containers to connect. See https://github.com/qdm12/gluetun/wiki/Connect-a-container-to-gluetun#external-container-to-gluetun restart: always cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun volumes: - ./data:/gluetun environment: ## ProtonVPN Wireguard - VPN_SERVICE_PROVIDER=custom - VPN_TYPE=wireguard - VPN_ENDPOINT_IP=${WIREGUARD_ENDPOINT_IP} - VPN_ENDPOINT_PORT=${WIREGUARD_ENDPOINT_PORT} - WIREGUARD_PUBLIC_KEY=${WIREGUARD_PUBLIC_KEY} - WIREGUARD_PRIVATE_KEY=${WIREGUARD_PRIVATE_KEY} - WIREGUARD_ADDRESSES=${WIREGUARD_ADDRESSES} - TZ=Etc/UTC ports: - ${QBITTORRENT_EXPOSED_WEBUI_PORT}:8080/tcp # qBittorrent Web UI qbittorrent: # https://docs.linuxserver.io/images/docker-qbittorrent build: . container_name: qbittorrent restart: always volumes: - ./config:/config # using download path as mount so other services can play nice - ${QBITTORRENT_DOWNLOAD_PATH}:${QBITTORRENT_DOWNLOAD_PATH} - ${QBITTORRENT_THEMES_PATH}:/themes environment: # https://github.com/linuxserver/docker-qbittorrent#umask-for-running-applications - PUID=${QBITTORRENT_WRITE_UID} - PGID=${QBITTORRENT_WRITE_GID} - UMASK=0002 - TZ=Etc/UTC - WEBUI_PORT=8080 network_mode: "service:gluetun" depends_on: gluetun: condition: service_healthy portcheck: image: eiqnepm/portcheck:latest container_name: portcheck restart: always environment: - QBITTORRENT_PORT=6881 - QBITTORRENT_WEBUI_PORT=8080 - QBITTORRENT_WEBUI_SCHEME=http - QBITTORRENT_USERNAME=admin - QBITTORRENT_PASSWORD=${QBITTORRENT_ADMIN_PASSOWRD} - TIMEOUT=300 - DIAL_TIMEOUT=5 network_mode: "service:gluetun" depends_on: qbittorrent: condition: service_healthy
This is the compose file I use, with Gluetun setup with ProtonVPN. I edited it to remove some personal machine stuff so adapt volumes to your liking.
version: "2.1" services: jackett: image: lscr.io/linuxserver/jackett:latest container_name: jackett network_mode: service:gluetun environment: - PUID=1000 - PGID=1000 - TZ=Europe/London volumes: - ./data:/config - ./downloads:/downloads restart: unless-stopped depends_on: - gluetun qbittorrent: image: lscr.io/linuxserver/qbittorrent:4.5.5-r0-ls291 container_name: qbittorrent network_mode: service:gluetun environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - WEBUI_PORT=8084 volumes: - a-place/qbittorrent/config:/config - a-place/qbittorrent:/downloads restart: unless-stopped depends_on: - gluetun flaresolverr: container_name: flaresolverr network_mode: service:gluetun environment: - LOG_LEVEL=info restart: unless-stopped image: ghcr.io/flaresolverr/flaresolverr:latest depends_on: - gluetun gluetun: image: qmcgaw/gluetun container_name: gluetun networks: pirate_net: cap_add: - NET_ADMIN - SYS_MODULE environment: - VPN_SERVICE_PROVIDER=custom - VPN_TYPE=wireguard ports: - 9117:9117 # Jackett - 8084:8084 - 6881:6881 - 6881:6881/udp - 8191:8191 # Flaresolverr volumes: - ./config/:/gluetun/wireguard/ networks: pirate_net: driver: bridgeI use gluetun with sabnzbd
Not torrent tech but yeah.I often read about not using two containers but instead to use a combi docker.
$ cat Projects/qbittorrent/docker-compose.yml version: "2.1" services: qbittorrent: image: lscr.io/linuxserver/qbittorrent:latest container_name: qbittorrent environment: - PUID=1000 - PGID=1000 - TZ=Europe/Berlin - WEBUI_PORT=8081 volumes: - /path/to/appdata/config:/config - /home/username/Downloads/Torrents:/downloads ports: - 8081:8081 - 6881:6881 - 6881:6881/udp restart: unless-stoppedThe whole server is running under the VPN.
