gregw

@gregw@lemmy.gregw.us

This profile is from a federated server and may be incomplete. Browse more on the original instance.

OpenVPN network interface for qBittorrent

I want to run only qBittorrent through my VPN but with my current setup, I have a namespace for OpenVPN and qBittorrent runs entirely through it. The issue with that is that Sonarr and Radarr can’t access it. Because of that, I would like to switch my setup to use a network interface instead. What would be the best way to do...

gregw, 7 months ago

I know of a similar setup. Arr stack with qBittorrent and VPN on kubernetes. A bit different than yours in that the arr+qBit+VPN run in the same namespace. Here’s how:


<span style="color:#323232;">---
</span><span style="color:#323232;">apiVersion: networking.k8s.io/v1
</span><span style="color:#323232;">kind: Ingress
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  name: qbittorrent-ingress
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  ingressClassName: nginx
</span><span style="color:#323232;">  rules:
</span><span style="color:#323232;">  - host: your.ho.st
</span><span style="color:#323232;">    http:
</span><span style="color:#323232;">     paths:
</span><span style="color:#323232;">      - path: /
</span><span style="color:#323232;">        pathType: Prefix
</span><span style="color:#323232;">        backend:
</span><span style="color:#323232;">          service:
</span><span style="color:#323232;">            name: qbittorrent
</span><span style="color:#323232;">            port:
</span><span style="color:#323232;">              number: 8080
</span><span style="color:#323232;">---
</span><span style="color:#323232;">kind: Service
</span><span style="color:#323232;">apiVersion: v1
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  name: qbittorrent
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  selector:
</span><span style="color:#323232;">    app: qbittorrent
</span><span style="color:#323232;">  ports:
</span><span style="color:#323232;">  - protocol: TCP
</span><span style="color:#323232;">    port: 8080
</span><span style="color:#323232;">    targetPort: 8080
</span><span style="color:#323232;">---
</span><span style="color:#323232;">apiVersion: v1
</span><span style="color:#323232;">kind: PersistentVolumeClaim
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  name: qbittorrent
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  storageClassName: zfs
</span><span style="color:#323232;">  accessModes:
</span><span style="color:#323232;">    - ReadWriteMany
</span><span style="color:#323232;">  resources:
</span><span style="color:#323232;">    requests:
</span><span style="color:#323232;">      storage: 1Ti
</span><span style="color:#323232;">---
</span><span style="color:#323232;">apiVersion: apps/v1
</span><span style="color:#323232;">kind: Deployment
</span><span style="color:#323232;">metadata:
</span><span style="color:#323232;">  namespace: arr
</span><span style="color:#323232;">  name: qbittorrent
</span><span style="color:#323232;">spec:
</span><span style="color:#323232;">  replicas: 1
</span><span style="color:#323232;">  selector:
</span><span style="color:#323232;">    matchLabels:
</span><span style="color:#323232;">      app: qbittorrent
</span><span style="color:#323232;">  strategy:
</span><span style="color:#323232;">    type: Recreate
</span><span style="color:#323232;">  template:
</span><span style="color:#323232;">    metadata:
</span><span style="color:#323232;">      labels:
</span><span style="color:#323232;">        app: qbittorrent
</span><span style="color:#323232;">    spec:
</span><span style="color:#323232;">      containers:
</span><span style="color:#323232;">        - name: qbittorrent
</span><span style="color:#323232;">          image: linuxserver/qbittorrent
</span><span style="color:#323232;">          imagePullPolicy: Always
</span><span style="color:#323232;">          volumeMounts:
</span><span style="color:#323232;">            - mountPath: "/config"
</span><span style="color:#323232;">              name: "volume"
</span><span style="color:#323232;">            - mountPath: "/media"
</span><span style="color:#323232;">              name: "media"
</span><span style="color:#323232;">          env:
</span><span style="color:#323232;">            - name: PUID
</span><span style="color:#323232;">              value: "1000"
</span><span style="color:#323232;">            - name: PGID
</span><span style="color:#323232;">              value: "1000"
</span><span style="color:#323232;">            - name: TZ
</span><span style="color:#323232;">              value: "Etc/UTC"
</span><span style="color:#323232;">          ports:
</span><span style="color:#323232;">            - containerPort: 8080
</span><span style="color:#323232;">        - name: gluetun
</span><span style="color:#323232;">          image: qmcgaw/gluetun
</span><span style="color:#323232;">          imagePullPolicy: Always
</span><span style="color:#323232;">          securityContext:
</span><span style="color:#323232;">            capabilities:
</span><span style="color:#323232;">              add: ["NET_ADMIN"]
</span><span style="color:#323232;">          volumeMounts:
</span><span style="color:#323232;">            - mountPath: /dev/net/tun
</span><span style="color:#323232;">              name: tun
</span><span style="color:#323232;">          env:
</span><span style="color:#323232;">            - name: VPN_SERVICE_PROVIDER
</span><span style="color:#323232;">              value: "mullvad"
</span><span style="color:#323232;">            - name: VPN_TYPE
</span><span style="color:#323232;">              value: "wireguard"
</span><span style="color:#323232;">            - name: WIREGUARD_PRIVATE_KEY
</span><span style="color:#323232;">              value: "removed"
</span><span style="color:#323232;">            - name: WIREGUARD_ADDRESSES
</span><span style="color:#323232;">              value: "removed"
</span><span style="color:#323232;">            - name: SERVER_CITIES
</span><span style="color:#323232;">              value: "removed"
</span><span style="color:#323232;">            - name: FIREWALL_INPUT_PORTS
</span><span style="color:#323232;">              value: "8080"
</span><span style="color:#323232;">            - name: TZ
</span><span style="color:#323232;">              value: "Etc/UTC"
</span><span style="color:#323232;">      restartPolicy: Always
</span><span style="color:#323232;">      volumes:
</span><span style="color:#323232;">        - name: volume
</span><span style="color:#323232;">          persistentVolumeClaim:
</span><span style="color:#323232;">            claimName: qbittorrent
</span><span style="color:#323232;">        - name: media
</span><span style="color:#323232;">          nfs:
</span><span style="color:#323232;">            server: nfs.server.local
</span><span style="color:#323232;">            path: /media
</span><span style="color:#323232;">        - name: tun
</span><span style="color:#323232;">          hostPath:
</span><span style="color:#323232;">            path: /dev/net/tun
</span>

The relevant bit of the qBittorrent.conf:


<span style="color:#323232;">[BitTorrent]
</span><span style="color:#323232;">SessionInterface=tun0
</span><span style="color:#323232;">SessionInterfaceName=tun0
</span>

Best of luck!