VPN

[kfooze]

As a user of an ezarr stack, id like to be able to utilize a vpn to encrypt only the torrent client traffic, so i have privacy and my ip provider will not be aware of the traffic

I'd like one of two options, a new vpn client service with the traffic from the torrent client routed through it or the torrent client service to include the openvpn client that can be configured appropriately.

[har-nick]

Could consider using qdm12/gluetun.

Has many pre-set docker configuration files for popular VPNs.

To sum it up, the port you'd map for a container you want to run through a VPN would instead be mapped in gluetun.
The original container would instead use network_mode: "service:gluetun" in its configuration block.

See here for connecting containers to gluetun, and check "Providers" list in the Table of Contents for examples of preset configurations.

Obviously this requires input from the user, but that's what the setup cli's for right?

[har-nick]

Here's my Docker config as an example. Prowlarr and FlareSolverr are ran through Gluetun.

For Prowlarr to access Radarr and Sonarr, I created a Docker Network, added the two to it, gave them their own local subnet addresses, and specified the outbound subnet in Gluetun. Prowlarr resolves their subnet IPs instead of localhost.

Note that this method is just a workaround. The contributors at Gluetun are working a nicer method.

docker network create --subnet=172.18.0.0/16 gluetun_outreach

docker-compose.yml

---
version: "3.1"
services:
  flaresolverr:
    # DockerHub mirror flaresolverr/flaresolverr:latest
    image: ghcr.io/flaresolverr/flaresolverr:latest
    container_name: flaresolverr
    environment:
      - LOG_LEVEL=${LOG_LEVEL:-info}
      - LOG_HTML=${LOG_HTML:-false}
      - CAPTCHA_SOLVER=${CAPTCHA_SOLVER:-none}
      - TZ=<TIMEZONE>
    network_mode: "service:gluetun"
    restart: unless-stopped

  gluetun:
    image: qmcgaw/gluetun
    hostname: gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    environment:
      - VPN_SERVICE_PROVIDER=
      - VPN_TYPE=wireguard
      - WIREGUARD_PRIVATE_KEY=
      - WIREGUARD_ADDRESSES=
      - WIREGUARD_PRESHARED_KEY=
      - FIREWALL_OUTBOUND_SUBNETS=172.18.0.0/16
    networks:
      gluetun_outreach:
    ports:
      - "${PORT:-8191}:8191"    # Flaresolverr
      - "9640:9640"             # Prowlarr

  jellyfin:
    image: lscr.io/linuxserver/jellyfin:latest
    container_name: jellyfin
    environment:
      - PUID=${UID}
      - PGID=13000
      - UMASK=002
      - TZ=<TIMEZONE>
    volumes:
      - /home/<USER>/MediaCenter/config/jellyfin-config:/config
      - /home/<USER>/MediaCenter/data/media:/data
    ports:
      - "37622:37622"
    restart: unless-stopped

  jellyseerr:
    image: fallenbagel/jellyseerr:latest
    container_name: jellyseerr
    environment:
      - LOG_LEVEL=debug
      - TZ=<TIMEZONE>
      - PORT=31589
    ports:
      - "31589:31589"
    volumes:
      - /home/<USER>/MediaCenter/config/jellyseer-config:/app/config
    restart: unless-stopped

  prowlarr:
    image: lscr.io/linuxserver/prowlarr:develop
    container_name: prowlarr
    environment:
      - PUID=13006
      - PGID=13000
      - UMASK=002
      - TZ=<TIMEZONE>
    volumes:
      - /home/<USER>/MediaCenter/config/prowlarr-config:/config
    network_mode: "service:gluetun"
    restart: unless-stopped

  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - PUID=13007
      - PGID=13000
      - UMASK=002
      - TZ=<TIMEZONE>
      - WEBUI_PORT=12249
    volumes:
      - /home/<USER>/MediaCenter/config/qbittorrent-config:/config
      - /home/<USER>/MediaCenter/data/torrents:/data/torrents
    networks:
      gluetun_outreach:
        ipv4_address: 172.18.0.21
    ports:
      - "12249:12249"
      - "63000:63000"
      - "63000:63000/udp"
    restart: unless-stopped

  radarr:
    image: lscr.io/linuxserver/radarr:latest
    container_name: radarr
    environment:
      - PUID=13002
      - PGID=13000
      - UMASK=002
      - TZ=<TIMEZONE>
    volumes:
      - /home/<USER>/MediaCenter/config/radarr-config:/config
      - /home/<USER>/MediaCenter/data:/data
    networks:
      gluetun_outreach:
        ipv4_address: 172.18.0.22
    ports:
      - "27622:27622"
    restart: unless-stopped

  sonarr:
    image: lscr.io/linuxserver/sonarr:latest
    container_name: sonarr
    environment:
      - PUID=13001
      - PGID=13000
      - UMASK=002
      - TZ=<TIMEZONE>
    volumes:
      - /home/<USER>/MediaCenter/config/sonarr-config:/config
      - /home/<USER>/MediaCenter/data:/data
    networks:
      gluetun_outreach:
        ipv4_address: 172.18.0.23
    ports:
      - "23745:23745"
    restart: unless-stopped

networks:
  gluetun_outreach:
    external: true

There are nicer methods out there, but it's a point of reference and it works for me. Hope it helps!

[Luctia]

Came across this, might be useful:
https://github.com/DyonR/docker-qbittorrentvpn

[injeolmibingsoo]

Hi @kfooze, were you able to do this? I would like to be able to use this stack with nordvpn and don't really know my way around docker. Any help would be appreciated. Thanks!