qBittorrent with NordVPN/Gluetun

Askejm · August 22, 2024, 8:51pm

I’m pulling my teeth out on this. How do I set up qBittorrent to use NordVPN?
I’ve tried so many things. SOCKS5 seem to be deprecated in NordVPN, so can’t do that.
I tried OpenVPN or Wireguard but they only had server options. Seems like Gluetun is the way to go. I set it up, it works great and connects to NordVPN. Now I have to set this up to qBittorrent, and I’ve read you can connect another container as a network to a target container with docker using network_mode: "service:gluetun" for compose or --network=container:gluetun for cli. However, I cannot for the life of me figure out how to do this in TrueNAS Scale. Is it even possible? If anyone knows the answer, or any alternative solutions, that would be greatly appreciated.

Craig_L · August 23, 2024, 12:37am

There have been threads with people shoehorning wireguard into Scale. The better option would be to spin up jailmaker to run docker-compose.

And I have that reddit post bookmarked for when I upgrade to Electric Eel (probably jump on it when it’s RC). If you run that in jailmaker, it would be easy. And pretty easy to migrate to EE’s docker-compose.

I keep checking both gluetun/qbit for any security patches from the truecharts app. Still no issues yet. But I’ve also disabled torrents from Arrr automation

Askejm · August 23, 2024, 2:51am

Oh interesting. Just a bit ago some of my friends suggested I install it in an arch vm. This is for the arr stack too btw. Would that be easier or is containers the way for this?

LarsR · August 23, 2024, 8:02am

The current apps provided by iX don’t have vpn support, right now jailmaker or a vm and docker-compose are your only options to use a vpn with the *arrs and qbittorrent.

Craig_L · August 23, 2024, 2:40pm

Which to use depends on how much extra you want to maintain. Both jailmaker and a VM still will need OS updates. If I absolutely needed VPN, I would go with jailmaker then migrate to native docker-compose when you upgrade to Scale 24.10.

Stux · August 23, 2024, 3:53pm

I demonstrate setting up docker compose apps in a sandbox in this

And migrating the same apps to electric eel in this video

Note, If you mount the datasets into the sandbox at the same location as on truenas, then there is very little migration required.

Askejm · August 23, 2024, 6:20pm

Oh, will native docker-compose be a feature in the 24.10?

victor · August 23, 2024, 6:22pm

Yes sir.

Craig_L · August 23, 2024, 6:29pm

Yep. And Stux’s videos are great if you wanted to go with jailmaker for now and easily migrate to 24.10 docker-compose system.

Think the largest issue with any of the iX official, community or even truecharts apps is how they don’t separate the config/data for apps to make them easier to work with. That won’t be a problem with a VM/Jail/24.10 tho!

MikCurieux · August 23, 2024, 6:30pm

If it interest anyome as a VPN solution.
I put a Bridge connection (I have 2 network adapter) on a specific VLAN (Let say 2)
That VLAN is associated to an OpenVPN configured on the router itself.
This make all the Jail connecting to the Bridge going through OpenVPN.
The other interface as another Jail connecting to it Interface on VLAN (let say 1).

So in the Router I have the Internet connection logicaly split in 2: VLAN 1 going normal internet traffic, VLAN 2 going through OpenVPN.

It is working fine.

The other advantage of this configuration is that if I have another device on my network requiring VPN, I just has to move that device to VLAN 2.

Well it works for me

Askejm · August 23, 2024, 10:43pm

I believe this is only for core

MikCurieux · August 23, 2024, 11:37pm

Jailmaker is made for Scale

GitHub - Jip-Hop/jailmaker: Persistent Linux ‘jails’ on TrueNAS SCALE to install software (k3s, docker, portainer, podman, etc.) with full access to all files via bind mounts thanks to systemd-nspawn!

Askejm · August 24, 2024, 2:05am

Oh I was talking about the VPN solution because I stumbled upon the same method

kypdurron5 · February 1, 2025, 9:34am

I’m new to Scale and had to figure this out as well but found a good tutorial (although it used Dockge instead). As mentioned above, super easy native YAML deploy under 24.10. Just Discover Apps-> 3 dots-> install via YAML, copy and paste.

services:
  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - PUID=568
      - PGID=568
      - TZ=America/New_York
      - WEBUI_PORT=8080
      - TORRENTING_PORT=6881
    volumes:
      - /mnt/[tank]/Docker_Data/qbittorrent:/config   #Directory you want to save your qbit config files
      - /mnt/[tank]/Media/:/media    #movies/series/music directory 
    restart: unless-stopped
    network_mode: container:gluetun #this is what makes the app to connect to the VPN.
    # Note that all ports were moved to the gluetun app.

I’ve tested with ipleak and there are no IP leaks. When gluetun stops, it looses connection immediately. Only trouble I’m having with this is that after a system reboot it ends up in “crashed” status. In the log, after deploying, it catches a “SIGTERM”. It’s almost like it’s receiving the system reboot command AFTER the reboot. That’s the only snag I haven’t solved yet.

Raikyu · February 1, 2025, 10:15pm

Think you can follow the following, two useful; methods found in the discord: Discord

Option 1 Example .yaml file (qbittorrentvpn):
version: 'latest'
services:
qbittorrentvpn:
image: markusmcnugen/qbittorrentvpn:latest
pull_policy: always
container_name: qbittorrentvpn
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
volumes:
- /mnt/pool1/apps/qbittorrentvpn:/config
- /mnt/pool1/apps/qbittorrentvpn/__torrents:/downloads
- /YOUR_MEDIA_DIRECTORY_HERE/Media:/Media
- /mnt/pool1/apps/qbittorrentvpn/Torrent_Pluggins:/Torrent_Pluggins
- /mnt/pool1/apps/qbittorrentvpn/Certificates:/Certificates
environment:
- PUID=3000
- PGID=3000
- TZ=America/New_York
- WEBUI_PORT_ENV=8080
- INCOMING_PORT_ENV=8999
- VPN_ENABLED=yes
- VPN_USERNAME=YOUR_OVPN_USERNAME_HERE
- VPN_PASSWORD=YOUR_OVPN_PASSWORD_HERE
- LAN_NETWORK=192.168.0.0/24
- NAME_SERVERS=9.9.9.9,1.1.1.1
ports:
- "8080:8080" # Web interface
- "6881:6881" # BitTorrent port
- "8999:8999/udp" # BitTorrent port (UDP)
restart: unless-stopped

Notes:

It appears You cannot have comments on the same line as the volumes lines
LAN_NETWORK is your local ip-address, and PUID and GUID are your User ID and Group ID respectively.
You should create the config folder first.
Make sure a config folder contains a folder with the name openvpn and that within the folder it has the following 4 files: credentials.conf which has the openvpn username on line 1 and the password on line 2 , the openvpn file that ends in .ovpn , the certificate file for that ovpn file which should end in .crt , and the openvpn key which should end in .key extension.

Option 2 - via gluetun Stack (I think this is what you are looking for) - follow steps in this youtube video and follow his link for the yaml file. https://youtu.be/9dJPOd0XbN8?si=qX6pOKRvtdAwOBO0

Craig_L · February 2, 2025, 1:30am

Very possible the qbittorrent compose app is starting before gluetun.