gregw, 1 year ago I know of a similar setup. Arr stack with qBittorrent and VPN on kubernetes. A bit different than yours in that the arr+qBit+VPN run in the same namespace. Here’s how: <span style="color:#323232;">--- </span><span style="color:#323232;">apiVersion: networking.k8s.io/v1 </span><span style="color:#323232;">kind: Ingress </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> name: qbittorrent-ingress </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> ingressClassName: nginx </span><span style="color:#323232;"> rules: </span><span style="color:#323232;"> - host: your.ho.st </span><span style="color:#323232;"> http: </span><span style="color:#323232;"> paths: </span><span style="color:#323232;"> - path: / </span><span style="color:#323232;"> pathType: Prefix </span><span style="color:#323232;"> backend: </span><span style="color:#323232;"> service: </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;"> port: </span><span style="color:#323232;"> number: 8080 </span><span style="color:#323232;">--- </span><span style="color:#323232;">kind: Service </span><span style="color:#323232;">apiVersion: v1 </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> selector: </span><span style="color:#323232;"> app: qbittorrent </span><span style="color:#323232;"> ports: </span><span style="color:#323232;"> - protocol: TCP </span><span style="color:#323232;"> port: 8080 </span><span style="color:#323232;"> targetPort: 8080 </span><span style="color:#323232;">--- </span><span style="color:#323232;">apiVersion: v1 </span><span style="color:#323232;">kind: PersistentVolumeClaim </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> storageClassName: zfs </span><span style="color:#323232;"> accessModes: </span><span style="color:#323232;"> - ReadWriteMany </span><span style="color:#323232;"> resources: </span><span style="color:#323232;"> requests: </span><span style="color:#323232;"> storage: 1Ti </span><span style="color:#323232;">--- </span><span style="color:#323232;">apiVersion: apps/v1 </span><span style="color:#323232;">kind: Deployment </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> replicas: 1 </span><span style="color:#323232;"> selector: </span><span style="color:#323232;"> matchLabels: </span><span style="color:#323232;"> app: qbittorrent </span><span style="color:#323232;"> strategy: </span><span style="color:#323232;"> type: Recreate </span><span style="color:#323232;"> template: </span><span style="color:#323232;"> metadata: </span><span style="color:#323232;"> labels: </span><span style="color:#323232;"> app: qbittorrent </span><span style="color:#323232;"> spec: </span><span style="color:#323232;"> containers: </span><span style="color:#323232;"> - name: qbittorrent </span><span style="color:#323232;"> image: linuxserver/qbittorrent </span><span style="color:#323232;"> imagePullPolicy: Always </span><span style="color:#323232;"> volumeMounts: </span><span style="color:#323232;"> - mountPath: "/config" </span><span style="color:#323232;"> name: "volume" </span><span style="color:#323232;"> - mountPath: "/media" </span><span style="color:#323232;"> name: "media" </span><span style="color:#323232;"> env: </span><span style="color:#323232;"> - name: PUID </span><span style="color:#323232;"> value: "1000" </span><span style="color:#323232;"> - name: PGID </span><span style="color:#323232;"> value: "1000" </span><span style="color:#323232;"> - name: TZ </span><span style="color:#323232;"> value: "Etc/UTC" </span><span style="color:#323232;"> ports: </span><span style="color:#323232;"> - containerPort: 8080 </span><span style="color:#323232;"> - name: gluetun </span><span style="color:#323232;"> image: qmcgaw/gluetun </span><span style="color:#323232;"> imagePullPolicy: Always </span><span style="color:#323232;"> securityContext: </span><span style="color:#323232;"> capabilities: </span><span style="color:#323232;"> add: ["NET_ADMIN"] </span><span style="color:#323232;"> volumeMounts: </span><span style="color:#323232;"> - mountPath: /dev/net/tun </span><span style="color:#323232;"> name: tun </span><span style="color:#323232;"> env: </span><span style="color:#323232;"> - name: VPN_SERVICE_PROVIDER </span><span style="color:#323232;"> value: "mullvad" </span><span style="color:#323232;"> - name: VPN_TYPE </span><span style="color:#323232;"> value: "wireguard" </span><span style="color:#323232;"> - name: WIREGUARD_PRIVATE_KEY </span><span style="color:#323232;"> value: "removed" </span><span style="color:#323232;"> - name: WIREGUARD_ADDRESSES </span><span style="color:#323232;"> value: "removed" </span><span style="color:#323232;"> - name: SERVER_CITIES </span><span style="color:#323232;"> value: "removed" </span><span style="color:#323232;"> - name: FIREWALL_INPUT_PORTS </span><span style="color:#323232;"> value: "8080" </span><span style="color:#323232;"> - name: TZ </span><span style="color:#323232;"> value: "Etc/UTC" </span><span style="color:#323232;"> restartPolicy: Always </span><span style="color:#323232;"> volumes: </span><span style="color:#323232;"> - name: volume </span><span style="color:#323232;"> persistentVolumeClaim: </span><span style="color:#323232;"> claimName: qbittorrent </span><span style="color:#323232;"> - name: media </span><span style="color:#323232;"> nfs: </span><span style="color:#323232;"> server: nfs.server.local </span><span style="color:#323232;"> path: /media </span><span style="color:#323232;"> - name: tun </span><span style="color:#323232;"> hostPath: </span><span style="color:#323232;"> path: /dev/net/tun </span> The relevant bit of the qBittorrent.conf: <span style="color:#323232;">[BitTorrent] </span><span style="color:#323232;">SessionInterface=tun0 </span><span style="color:#323232;">SessionInterfaceName=tun0 </span> Best of luck!
I know of a similar setup. Arr stack with qBittorrent and VPN on kubernetes. A bit different than yours in that the arr+qBit+VPN run in the same namespace. Here’s how:
<span style="color:#323232;">--- </span><span style="color:#323232;">apiVersion: networking.k8s.io/v1 </span><span style="color:#323232;">kind: Ingress </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> name: qbittorrent-ingress </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> ingressClassName: nginx </span><span style="color:#323232;"> rules: </span><span style="color:#323232;"> - host: your.ho.st </span><span style="color:#323232;"> http: </span><span style="color:#323232;"> paths: </span><span style="color:#323232;"> - path: / </span><span style="color:#323232;"> pathType: Prefix </span><span style="color:#323232;"> backend: </span><span style="color:#323232;"> service: </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;"> port: </span><span style="color:#323232;"> number: 8080 </span><span style="color:#323232;">--- </span><span style="color:#323232;">kind: Service </span><span style="color:#323232;">apiVersion: v1 </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> selector: </span><span style="color:#323232;"> app: qbittorrent </span><span style="color:#323232;"> ports: </span><span style="color:#323232;"> - protocol: TCP </span><span style="color:#323232;"> port: 8080 </span><span style="color:#323232;"> targetPort: 8080 </span><span style="color:#323232;">--- </span><span style="color:#323232;">apiVersion: v1 </span><span style="color:#323232;">kind: PersistentVolumeClaim </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> storageClassName: zfs </span><span style="color:#323232;"> accessModes: </span><span style="color:#323232;"> - ReadWriteMany </span><span style="color:#323232;"> resources: </span><span style="color:#323232;"> requests: </span><span style="color:#323232;"> storage: 1Ti </span><span style="color:#323232;">--- </span><span style="color:#323232;">apiVersion: apps/v1 </span><span style="color:#323232;">kind: Deployment </span><span style="color:#323232;">metadata: </span><span style="color:#323232;"> namespace: arr </span><span style="color:#323232;"> name: qbittorrent </span><span style="color:#323232;">spec: </span><span style="color:#323232;"> replicas: 1 </span><span style="color:#323232;"> selector: </span><span style="color:#323232;"> matchLabels: </span><span style="color:#323232;"> app: qbittorrent </span><span style="color:#323232;"> strategy: </span><span style="color:#323232;"> type: Recreate </span><span style="color:#323232;"> template: </span><span style="color:#323232;"> metadata: </span><span style="color:#323232;"> labels: </span><span style="color:#323232;"> app: qbittorrent </span><span style="color:#323232;"> spec: </span><span style="color:#323232;"> containers: </span><span style="color:#323232;"> - name: qbittorrent </span><span style="color:#323232;"> image: linuxserver/qbittorrent </span><span style="color:#323232;"> imagePullPolicy: Always </span><span style="color:#323232;"> volumeMounts: </span><span style="color:#323232;"> - mountPath: "/config" </span><span style="color:#323232;"> name: "volume" </span><span style="color:#323232;"> - mountPath: "/media" </span><span style="color:#323232;"> name: "media" </span><span style="color:#323232;"> env: </span><span style="color:#323232;"> - name: PUID </span><span style="color:#323232;"> value: "1000" </span><span style="color:#323232;"> - name: PGID </span><span style="color:#323232;"> value: "1000" </span><span style="color:#323232;"> - name: TZ </span><span style="color:#323232;"> value: "Etc/UTC" </span><span style="color:#323232;"> ports: </span><span style="color:#323232;"> - containerPort: 8080 </span><span style="color:#323232;"> - name: gluetun </span><span style="color:#323232;"> image: qmcgaw/gluetun </span><span style="color:#323232;"> imagePullPolicy: Always </span><span style="color:#323232;"> securityContext: </span><span style="color:#323232;"> capabilities: </span><span style="color:#323232;"> add: ["NET_ADMIN"] </span><span style="color:#323232;"> volumeMounts: </span><span style="color:#323232;"> - mountPath: /dev/net/tun </span><span style="color:#323232;"> name: tun </span><span style="color:#323232;"> env: </span><span style="color:#323232;"> - name: VPN_SERVICE_PROVIDER </span><span style="color:#323232;"> value: "mullvad" </span><span style="color:#323232;"> - name: VPN_TYPE </span><span style="color:#323232;"> value: "wireguard" </span><span style="color:#323232;"> - name: WIREGUARD_PRIVATE_KEY </span><span style="color:#323232;"> value: "removed" </span><span style="color:#323232;"> - name: WIREGUARD_ADDRESSES </span><span style="color:#323232;"> value: "removed" </span><span style="color:#323232;"> - name: SERVER_CITIES </span><span style="color:#323232;"> value: "removed" </span><span style="color:#323232;"> - name: FIREWALL_INPUT_PORTS </span><span style="color:#323232;"> value: "8080" </span><span style="color:#323232;"> - name: TZ </span><span style="color:#323232;"> value: "Etc/UTC" </span><span style="color:#323232;"> restartPolicy: Always </span><span style="color:#323232;"> volumes: </span><span style="color:#323232;"> - name: volume </span><span style="color:#323232;"> persistentVolumeClaim: </span><span style="color:#323232;"> claimName: qbittorrent </span><span style="color:#323232;"> - name: media </span><span style="color:#323232;"> nfs: </span><span style="color:#323232;"> server: nfs.server.local </span><span style="color:#323232;"> path: /media </span><span style="color:#323232;"> - name: tun </span><span style="color:#323232;"> hostPath: </span><span style="color:#323232;"> path: /dev/net/tun </span>
The relevant bit of the qBittorrent.conf:
<span style="color:#323232;">[BitTorrent] </span><span style="color:#323232;">SessionInterface=tun0 </span><span style="color:#323232;">SessionInterfaceName=tun0 </span>
Best of luck!