Guide: How to install qbittorrent (or any app) with vpn on Truenas Electric Eel

I wanted to posted my guide on how to use any app including qbittorrent with a VPN in the new Electric Eel version.

1. Install the dockge app from Truenas.
2. Compose an image for the VPN, use this docker compose.yaml code and change as needed:
   This code comes from: https://hub.docker.com/r/qmcgaw/gluetun

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    # line above must be uncommented to allow external containers to connect.
    # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 8080:8080 #qbittorrent
      - 6881:6881 #qbittorrent
      - 6881:6881/udp #qbittorrent
    volumes:
      - /mnt/YOUR_TRUENAS_DATASET/DATASET_DIR:/gluetun
    environment:
      # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup
      - VPN_TYPE=openvpn
      - VPN_SERVICE_PROVIDER=REPLACE_WITH_YOUR_VPN_NAME
      - OPENVPN_USER=YOUR_VPN_OpenVPN_IKEv2_USERNAME
      - OPENVPN_PASSWORD=YOUR_VPN_OpenVPN_IKEv2_PASSWORD
      - SERVER_COUNTRIES=THIS_IS_PROTON_VPN_SPECIFIC_SETTING
      - TZ=YOUR_TIMEZONE
      - UPDATER_PERIOD=

4. Compose an image for any app you would like to run thru the VPN, In this example qbittorrent.
   Use this docker compose.yaml code and change as needed:

services:
  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - PUID=YOUR_TRUENAS_USER_ID
      - PGID=YOUR_TRUENAS_GROUP_ID
      - TZ=YOUR_TIMEZONE/UTC
      - WEBUI_PORT=8080
      - TORRENTING_PORT=6881
    volumes:
      - /mnt/YOUR_TRUENAS_DATASET/QBITTORRENT_DIR:/config   #Directory you want to save your qbit config files
      - /mnt/YOUR_TRUENAS_DATASET/MEDIA_DIR:/media    #movies/series/music directory 
    restart: unless-stopped
    network_mode: container:gluetun #this is what makes the app to connect to the VPN.
    # Note that all ports were moved to the gluetun app.

5. Troubleshooting

   • Make sure the app you want to connect have the network_mode: container:gluetun and that all the ports are moved to the gluetun app.
   • If app is not opening after applying the settings. Click the Stop & Inactive button (hidden under the stop button). Then try again.
   • Make sure apps are running.
   • Test qbittorrent is behind VPN by using the ipleak.net torrent tool

6. To use Wireguard instead, substitute this code with the OpenVPN code on step 2:
   (Please note the devices setting is not included for wireguard)

version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 8080:8080 #qbittorrent
      - 6881:6881 #qbittorrent
      - 6881:6881/udp #qbittorrent
    volumes:
      - /mnt/YOUR_TRUENAS_DATASET/DATASET_DIR:/gluetun
    environment:
      - VPN_TYPE=wireguard
      - VPN_SERVICE_PROVIDER=REPLACE_WITH_YOUR_VPN_NAME
      - WIREGUARD_PRIVATE_KEY=REPLACE_WITH_YOUR_VPN_PRIVATE_KEY
      - WIREGUARD_ADDRESSES=REPLACE_WITH_YOUR_VPN_ADDRESS
      - WIREGUARD_PUBLIC_KEY=REPLACE_WITH_YOUR_VPN_PUBLIC_KEY
      - WIREGUARD_ENDPOINT_IP=REPLACE_WITH_YOUR_VPN_SERVER_ENDPOINT_IP
      - WIREGUARD_ENDPOINT_PORT=OPTIONAL_REPLACE_WITH_YOUR_VPN_SERVER_ENDPOINT_PORT_IF_NOT_51820 # do not include this line if port is 51820.
      - WIREGUARD_PRESHARED_KEY=OPTIONAL_REPLACE_WITH_YOUR_VPN_PRESHARED_KEY

Still struggling with this approach vs putting gluetun in every stack that needs VPN. From what I had seen - once central gluetun container fails - all other apps that rely on it become inaccessible and unresponsive, also you do not have “at a glance” view of what ports go to what apps, since they are all moved to gluetun stack. Would be interesting to see how much overhead individual VPNs (from separate stacks) will bring.

Thanks so much for the guide, I just upgraded to Electric Eel and I’m experimenting with setting up all my apps through Dockge.

I got both of my images running successfully but for some reason when I try to access port 8080 to get to the qbittorrent webgui it just takes me back to the TrueNAS Scale login page/dashboard. Any ideas how to fix?

Have your tried?: Click the Stop & Inactive button (hidden under the stop button).
If that does not work try changing the port to something else and click the stop & inactive button.

Got it working after restarting the service and the NAS, thanks!

binhex docker images are also another option

Note to self don’t post when overly tired lol

Just wanted to share my success using the compose files provided with Dockge. I followed this YT tutorial (https://www.youtube.com/watch?v=S0nTRvAHAP8) to setup jailmaker and Dockge. Dropped in these compose files, edited to my VPN and path settings, into Dockge and voila

Version:
Dragonfish-24.04.2.2

Thanks!

If by any chance you need to have your port open/active to be able to connect to both active and inactive peers while torrenting or need to do some port forwarding. Add these changes to the gluetun (VPN) and app of choice (qbittorrent) compose.yaml configurations:

Before you start making the changes, make sure to use the Stop & Inactive button for both, qbittorrent and gluetun compose.yaml configurations.

Gluetun compose.yaml changes:

    environment:
      - VPN_PORT_FORWARDING=on
      - VPN_PORT_FORWARDING_PROVIDER=CHANGE_WITH_VPN_PROVIDER
      - VPN_PORT_FORWARDING_STATUS_FILE=/gluetun/qbittorrent/port.txt

Please note that not all VPN providers allow port forwarding, At this time, only private internet access or protonvpn have port forwarding. Check the list here: gluetun-wiki/setup/advanced/vpn-port-forwarding.md at main · qdm12/gluetun-wiki · GitHub

At this time, I have not find a way to automatically update the forwarded port in qbittorrent. If someone knows how to, please let us know.

You will have to copy the port either from the /gluetun/qbittorrent/port.txt file or from the gluetun log in Dockge.

gluetun  | 2024-10-20T21:51:10Z INFO [port forwarding] port forwarded is 496404

and paste it, either in the qbitorrent compose.yaml file or directly replacing the Listening Port (Port used for incoming connections) in qbittorrent > Settings/Options > Connection.

qbittorrent compose.yaml changes:

   environment:
      - TORRENTING_PORT=496404

Restart gluetun and qbittorrent.

To test the port is open, type the VPN IP and Port in here:

If having issues restarting qbittorrent make sure to use the Stop & Inactive button for both, qbittorrent and gluetun compose.yaml files.

I have tested this configuration found at the link below, but it did not worked for me:

    environment:
        - VPN_PORT_FORWARDING_LISTENING_PORT

I prefer the approach of having everything in 1 container. There’s binhex/arch-qbittorrentvpn that offers this solution with qbittorrent. You can use Wireguard or OpenVPN with it and it autobinds your network interface.