OpenVPN network interface for qBittorrent

I want to run only qBittorrent through my VPN but with my current setup, I have a namespace for OpenVPN and qBittorrent runs entirely through it. The issue with that is that Sonarr and Radarr can’t access it. Because of that, I would like to switch my setup to use a network interface instead. What would be the best way to do that?

Edit: I used this guide, with some changes to make it work on my setup, to set it up. I can also post my docker-compose file here if anyone’s interested.

gregw,

I know of a similar setup. Arr stack with qBittorrent and VPN on kubernetes. A bit different than yours in that the arr+qBit+VPN run in the same namespace. Here’s how:


<span style="color:#323232;">---
</span><span style="color:#323232;">apiVersion: networking.k8s.io/v1
</span><span style="color:#323232;">kind: Ingress
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  name: qbittorrent-ingress
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  ingressClassName: nginx
</span><span style="color:#323232;">  rules:
</span><span style="color:#323232;">  - host: your.ho.st
</span><span style="color:#323232;">    http:
</span><span style="color:#323232;">     paths:
</span><span style="color:#323232;">      - path: /
</span><span style="color:#323232;">        pathType: Prefix
</span><span style="color:#323232;">        backend:
</span><span style="color:#323232;">          service:
</span><span style="color:#323232;">            name: qbittorrent
</span><span style="color:#323232;">            port:
</span><span style="color:#323232;">              number: 8080
</span><span style="color:#323232;">---
</span><span style="color:#323232;">kind: Service
</span><span style="color:#323232;">apiVersion: v1
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  name: qbittorrent
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  selector:
</span><span style="color:#323232;">    app: qbittorrent
</span><span style="color:#323232;">  ports:
</span><span style="color:#323232;">  - protocol: TCP
</span><span style="color:#323232;">    port: 8080
</span><span style="color:#323232;">    targetPort: 8080
</span><span style="color:#323232;">---
</span><span style="color:#323232;">apiVersion: v1
</span><span style="color:#323232;">kind: PersistentVolumeClaim
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  name: qbittorrent
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  storageClassName: zfs
</span><span style="color:#323232;">  accessModes:
</span><span style="color:#323232;">    - ReadWriteMany
</span><span style="color:#323232;">  resources:
</span><span style="color:#323232;">    requests:
</span><span style="color:#323232;">      storage: 1Ti
</span><span style="color:#323232;">---
</span><span style="color:#323232;">apiVersion: apps/v1
</span><span style="color:#323232;">kind: Deployment
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">  name: qbittorrent
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  replicas: 1
</span><span style="color:#323232;">  selector:
</span><span style="color:#323232;">    matchLabels:
</span><span style="color:#323232;">      app: qbittorrent
</span><span style="color:#323232;">  strategy:
</span><span style="color:#323232;">    type: Recreate
</span><span style="color:#323232;">  template:
</span><span style="color:#323232;">    metadata:
</span><span style="color:#323232;">      labels:
</span><span style="color:#323232;">        app: qbittorrent
</span><span style="color:#323232;">    spec:
</span><span style="color:#323232;">      containers:
</span><span style="color:#323232;">        - name: qbittorrent
</span><span style="color:#323232;">          image: linuxserver/qbittorrent
</span><span style="color:#323232;">          imagePullPolicy: Always
</span><span style="color:#323232;">          volumeMounts:
</span><span style="color:#323232;">            - mountPath: "/config"
</span><span style="color:#323232;">              name: "volume"
</span><span style="color:#323232;">            - mountPath: "/media"
</span><span style="color:#323232;">              name: "media"
</span><span style="color:#323232;">          env:
</span><span style="color:#323232;">            - name: PUID
</span><span style="color:#323232;">              value: "1000"
</span><span style="color:#323232;">            - name: PGID
</span><span style="color:#323232;">              value: "1000"
</span><span style="color:#323232;">            - name: TZ
</span><span style="color:#323232;">              value: "Etc/UTC"
</span><span style="color:#323232;">          ports:
</span><span style="color:#323232;">            - containerPort: 8080
</span><span style="color:#323232;">        - name: gluetun
</span><span style="color:#323232;">          image: qmcgaw/gluetun
</span><span style="color:#323232;">          imagePullPolicy: Always
</span><span style="color:#323232;">          securityContext:
</span><span style="color:#323232;">            capabilities:
</span><span style="color:#323232;">              add: ["NET_ADMIN"]
</span><span style="color:#323232;">          volumeMounts:
</span><span style="color:#323232;">            - mountPath: /dev/net/tun
</span><span style="color:#323232;">              name: tun
</span><span style="color:#323232;">          env:
</span><span style="color:#323232;">            - name: VPN_SERVICE_PROVIDER
</span><span style="color:#323232;">              value: "mullvad"
</span><span style="color:#323232;">            - name: VPN_TYPE
</span><span style="color:#323232;">              value: "wireguard"
</span><span style="color:#323232;">            - name: WIREGUARD_PRIVATE_KEY
</span><span style="color:#323232;">              value: "removed"
</span><span style="color:#323232;">            - name: WIREGUARD_ADDRESSES
</span><span style="color:#323232;">              value: "removed"
</span><span style="color:#323232;">            - name: SERVER_CITIES
</span><span style="color:#323232;">              value: "removed"
</span><span style="color:#323232;">            - name: FIREWALL_INPUT_PORTS
</span><span style="color:#323232;">              value: "8080"
</span><span style="color:#323232;">            - name: TZ
</span><span style="color:#323232;">              value: "Etc/UTC"
</span><span style="color:#323232;">      restartPolicy: Always
</span><span style="color:#323232;">      volumes:
</span><span style="color:#323232;">        - name: volume
</span><span style="color:#323232;">          persistentVolumeClaim:
</span><span style="color:#323232;">            claimName: qbittorrent
</span><span style="color:#323232;">        - name: media
</span><span style="color:#323232;">          nfs:
</span><span style="color:#323232;">            server: nfs.server.local
</span><span style="color:#323232;">            path: /media
</span><span style="color:#323232;">        - name: tun
</span><span style="color:#323232;">          hostPath:
</span><span style="color:#323232;">            path: /dev/net/tun
</span>

The relevant bit of the qBittorrent.conf:


<span style="color:#323232;">[BitTorrent]
</span><span style="color:#323232;">SessionInterface=tun0
</span><span style="color:#323232;">SessionInterfaceName=tun0
</span>

Best of luck!

Fisch,
@Fisch@lemmy.ml avatar

Managed to set it up before you posted this already but thanks anyway. I also used Gluetun btw.

NonDollarCurrency,

If you know how to use docker look up gluetun, it basically allows you to tunnel everything through the VPN and still access everything locally.

Fisch, (edited )
@Fisch@lemmy.ml avatar

Will that install qBittorrent by itself and allow Sonarr and Radarr that run outside the container to speak to it? Then it would be perfect

Edit: For some reason I thought it was a torrent client but it’s just a VPN client. So it creates a network interface but doesn’t route all traffic through it?

narc0tic_bird,

You run a gluetun container and a qBittorrent container on which you set the “network mode” to the gluetun container. Then you put your *arr software and the gluetun container in the same (virtual) network so they can communicate internally. All containers using gluetun as their “network mode” have their ports available on the gluetun container. You can also put the qBittorrent container in your virtual internal network but then you have to make sure that the network is marked as internal to avoid traffic leaking.

Fisch,
@Fisch@lemmy.ml avatar

Managed to set it all up yesterday. Thanks for suggesting Gluetun.

NonDollarCurrency,

Great work! Enjoy!

state_electrician, (edited )

Here’s an example docker-compose.yaml for gluetun with Nordvpn and qBittorrent"


<span style="color:#323232;">version: "3"
</span><span style="color:#323232;">services:
</span><span style="color:#323232;">  gluetun:
</span><span style="color:#323232;">    image: qmcgaw/gluetun
</span><span style="color:#323232;">    container_name: gluetun
</span><span style="color:#323232;">    cap_add:
</span><span style="color:#323232;">      - NET_ADMIN
</span><span style="color:#323232;">    devices:
</span><span style="color:#323232;">      - /dev/net/tun:/dev/net/tun
</span><span style="color:#323232;">    ports:
</span><span style="color:#323232;">      # this makes qBittorrent's web UI accessible on localhost:8080
</span><span style="color:#323232;">      - "127.0.0.1:8080:8080"
</span><span style="color:#323232;">    environment:
</span><span style="color:#323232;">      # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
</span><span style="color:#323232;">      - VPN_SERVICE_PROVIDER=nordvpn
</span><span style="color:#323232;">      - VPN_TYPE=wireguard
</span><span style="color:#323232;">      - WIREGUARD_PRIVATE_KEY=aGFoYWltbm90dGhhdGR1bWJnb2RkYW1taXQ=
</span><span style="color:#323232;">      - TZ=Europe/Berlin
</span><span style="color:#323232;">      # Server list updater
</span><span style="color:#323232;">      # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list
</span><span style="color:#323232;">      - UPDATER_PERIOD=
</span><span style="color:#323232;">      - SERVER_COUNTRIES=Germany
</span><span style="color:#323232;">      - SERVER_REGIONS=p2p
</span><span style="color:#323232;">  qbittorrent:
</span><span style="color:#323232;">    image: lscr.io/linuxserver/qbittorrent:latest
</span><span style="color:#323232;">    container_name: qbittorrent
</span><span style="color:#323232;">    network_mode: "service:gluetun"
</span><span style="color:#323232;">    environment:
</span><span style="color:#323232;">      - PUID=1000
</span><span style="color:#323232;">      - PGID=1000
</span><span style="color:#323232;">      - TZ=Europe/Berlin
</span><span style="color:#323232;">      - WEBUI_PORT=8080
</span><span style="color:#323232;">    volumes:
</span><span style="color:#323232;">      - ./config:/config
</span><span style="color:#323232;">      - ./downloads:/downloads
</span><span style="color:#323232;">      - ./torrents:/torrents
</span><span style="color:#323232;">    restart: unless-stopped
</span>

You can use qBittorrent’s API (enable it in the settings) to add magnet links. I have a small wrapper tool for that, so I can just click on a magnet link in the browser and it gets added to the queue.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • piracy@lemmy.dbzer0.com
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #