Arr, my friends. I have an old laptop already running some servoces on docker 24/7 at home and looking to extend it’s functionalities to become torrent downloader with media server for TV. Need VPN for obvious reasons.
I was wondering if there are already all-in-one solutions to just run docler compose file and get 2 containers: one running torrent client with all traffic via VPN in another?
I plan to use Mullvad VPN.
Upd. Updated title to highlight it’s a request. Not sure why getting downvotes, please elaborate :)
Use gluetun, look up how to configure for your provider. Run a 2nd container for your torrent client, using
network_mode: “service:gluetun”to run all your traffic though the vpn. Note that if you’re forwarding ports from your client to e.g. access the web UI, you’ll need to forward them from the gluetun container instead.This is definitely the way to do it long term. I’ve used a hybrid download + VPN client but in the end I moved to a split gluetun + client since it offers the best flexibility.
No one-stop-shop that I have seen or heard of, but check out Gluetun. https://github.com/qdm12/gluetun
Just google “gluetun + qbittorrent”. There are some examples, but in short you want
network_mode: "service:gluetun"anddepends_on: -gluetununder qbittorrent so it doesnt have connection if gluetun fails.Gluetun supports a lot of providers, documentation is decent and simple.
But consider airvpn or any other with port forwarding if you want to torrent. Mullvad ditched PF recently 😔
Thanks for recommendation, didn’t know Mullvad discontinued port forwarding. That was a reason I chose them a year ago.
Now will tale a look at ProtonVPN and AirVPN as alternatives.
Your answer is amazing, you covered it all and so concise, that should be on FAQ :)
I figured you wanted a 4th person telling you to use Gluetun. The biggest advantage is that it can run anything through the VPN. Not just the torrent client, but also radarr, sonarr, slskd, etc
I use portainer for stacks so idk how you do it manually… But a stack with Gluetun and any apps that you use the VPN. I have Firefox(kasm) in my stack with the homepage set to ipleak to double check the VPN
I recently went through setting this up. I can give you a base compose.yaml based on the one I have
For the wireguard config, you would throw your .conf file to /path/to/wireguard/config, like so: /path/to/wireguard/config/wg0.conf
This setup assumes you have ipv6 working and enabled. The wg0.conf would also have the VPNs ipv6 address. I use Mullvad too btw.
You can access Qbittorrent’s web UI through http://localhost:8090.
I’d like to note that the image I use for Qbittorrent has support built in for VPN, but with the setup I have I basically have the wireguard container with its network, and multiple containers on that same network. In theory it should work with other bittorrent clients.
And the docker images for reference:
version: '3.7' services: wireguard: image: lscr.io/linuxserver/wireguard:latest container_name: wireguard cap_add: - NET_ADMIN - SYS_MODULE #optional networks: - wireguard_network environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC volumes: - /path/to/wireguard/config:/config - /lib/modules:/lib/modules #optional ports: - 51820:51820/udp # Wireguard - 8090:8090 # QBittorrent sysctls: - net.ipv4.conf.all.src_valid_mark=1 - net.ipv6.conf.all.disable_ipv6=0 restart: unless-stopped qbittorrentvpn: privileged: true container_name: qbtwg network_mode: service:wireguard depends_on: - wireguard volumes: - '/path/to/qbtconfig/:/config' - '/path/to/downloads/:/downloads' environment: - VPN_ENABLED=no - VPN_TYPE=wireguard - PUID=1000 - PGID=1000 - LAN_NETWORK=192.168.1.0/24 - 'NAME_SERVERS=1.1.1.1,1.0.0.1' restart: unless-stopped image: dyonr/qbittorrentvpn networks: wireguard_network: driver: bridgeDon‘t run privileged images! Drop all CAPS, enable no-new-privileged, use non-privileged users only.
Don‘t use two images, just use qbittorrentvpn
