From b2a28b7703959a478899715a22298ce8ee3c9cbd Mon Sep 17 00:00:00 2001 From: Joe Polny Date: Tue, 24 Aug 2021 19:20:56 -0400 Subject: [PATCH 1/4] remove src_valid_mark from wg-quick --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index e1b5a9a..30f494c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -208,6 +208,9 @@ RUN echo "deb http://deb.debian.org/debian/ buster non-free" > /etc/apt/sources. /tmp/* \ /var/tmp/* +# Remove src_valid_mark from wg-quick +RUN sed -i /net\.ipv4\.conf\.all\.src_valid_mark/d `which wg-quick` + VOLUME /config /downloads ADD openvpn/ /etc/openvpn/ From 6c702f397acc2ff33f98457494ff3c92c560c6e0 Mon Sep 17 00:00:00 2001 From: Joe Polny Date: Tue, 24 Aug 2021 19:21:37 -0400 Subject: [PATCH 2/4] remove --privileged from README example --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 0677ede..7d5c9c9 100644 --- a/README.md +++ b/README.md @@ -24,13 +24,15 @@ The container is available from the Docker registry and this is the simplest way To run the container use this command, with additional parameters, please refer to the Variables, Volumes, and Ports section: ``` -$ docker run --privileged -d \ +$ docker run -d \ -v /your/config/path/:/config \ -v /your/downloads/path/:/downloads \ -e "VPN_ENABLED=yes" \ -e "VPN_TYPE=wireguard" \ -e "LAN_NETWORK=192.168.0.0/24" \ -p 8080:8080 \ + --cap-add NET_ADMIN \ + --sysctl "net.ipv4.conf.all.src_valid_mark=1" \ --restart unless-stopped \ dyonr/qbittorrentvpn ``` From 3c30f4e4b99b9083fcc48030544d6b5df4fc3acf Mon Sep 17 00:00:00 2001 From: DyonR Date: Tue, 2 Nov 2021 16:14:51 +0100 Subject: [PATCH 3/4] Removed a few unnecessary spaces --- openvpn/start.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/openvpn/start.sh b/openvpn/start.sh index 126abf8..42a9032 100644 --- a/openvpn/start.sh +++ b/openvpn/start.sh @@ -21,18 +21,18 @@ else export VPN_ENABLED="yes" fi - export LEGACY_IPTABLES=$(echo "${LEGACY_IPTABLES,,}") - iptables_version=$(iptables -V) - echo "[INFO] The container is currently running ${iptables_version}." | ts '%Y-%m-%d %H:%M:%.S' - echo "[INFO] LEGACY_IPTABLES is set to '${LEGACY_IPTABLES}'" | ts '%Y-%m-%d %H:%M:%.S' - if [[ $LEGACY_IPTABLES == "1" || $LEGACY_IPTABLES == "true" || $LEGACY_IPTABLES == "yes" ]]; then +export LEGACY_IPTABLES=$(echo "${LEGACY_IPTABLES,,}") +iptables_version=$(iptables -V) +echo "[INFO] The container is currently running ${iptables_version}." | ts '%Y-%m-%d %H:%M:%.S' +echo "[INFO] LEGACY_IPTABLES is set to '${LEGACY_IPTABLES}'" | ts '%Y-%m-%d %H:%M:%.S' +if [[ $LEGACY_IPTABLES == "1" || $LEGACY_IPTABLES == "true" || $LEGACY_IPTABLES == "yes" ]]; then echo "[INFO] Setting iptables to iptables (legacy)" | ts '%Y-%m-%d %H:%M:%.S' update-alternatives --set iptables /usr/sbin/iptables-legacy iptables_version=$(iptables -V) echo "[INFO] The container is now running ${iptables_version}." | ts '%Y-%m-%d %H:%M:%.S' - else +else echo "[INFO] Not making any changes to iptables version" | ts '%Y-%m-%d %H:%M:%.S' - fi +fi if [[ $VPN_ENABLED == "1" || $VPN_ENABLED == "true" || $VPN_ENABLED == "yes" ]]; then # Check if VPN_TYPE is set. From 0f31ba7482be2010d0f51b9b26f61d4950d9eab8 Mon Sep 17 00:00:00 2001 From: DyonR Date: Tue, 2 Nov 2021 16:42:40 +0100 Subject: [PATCH 4/4] Fixed #70 (missing dependency), added LEGACY_IPTABLES to README, exclude 'rc' releases --- Dockerfile | 3 ++- README.md | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 30f494c..6251301 100644 --- a/Dockerfile +++ b/Dockerfile @@ -136,7 +136,7 @@ RUN apt update \ qtbase5-dev \ qttools5-dev \ zlib1g-dev \ - && QBITTORRENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/qBittorrent/qBittorrent/tags" | jq '.[] | select(.name | index ("beta") | not) | .name' | head -n 1 | tr -d '"') \ + && QBITTORRENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/qBittorrent/qBittorrent/tags" | jq '.[] | select(.name | index ("beta") | not) | select(.name | index ("rc") | not) | .name' | head -n 1 | tr -d '"') \ && curl -o /opt/qBittorrent-${QBITTORRENT_RELEASE}.tar.gz -L "https://github.com/qbittorrent/qBittorrent/archive/${QBITTORRENT_RELEASE}.tar.gz" \ && tar -xzf /opt/qBittorrent-${QBITTORRENT_RELEASE}.tar.gz \ && rm /opt/qBittorrent-${QBITTORRENT_RELEASE}.tar.gz \ @@ -177,6 +177,7 @@ RUN echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.li kmod \ libqt5network5 \ libqt5xml5 \ + libqt5sql5 \ libssl1.1 \ moreutils \ net-tools \ diff --git a/README.md b/README.md index 7d5c9c9..972f951 100644 --- a/README.md +++ b/README.md @@ -56,6 +56,7 @@ $ docker run -d \ |`VPN_USERNAME`| No | If username and password provided, configures ovpn file automatically |`VPN_USERNAME=ad8f64c02a2de`|| |`VPN_PASSWORD`| No | If username and password provided, configures ovpn file automatically |`VPN_PASSWORD=ac98df79ed7fb`|| |`LAN_NETWORK`| Yes (atleast one) | Comma delimited local Network's with CIDR notation |`LAN_NETWORK=192.168.0.0/24,10.10.0.0/24`|| +|`LEGACY_IPTABLES`| No | Use `iptables (legacy)` instead of `iptables (nf_tables)` |`LEGACY_IPTABLES=yes`|| |`ENABLE_SSL`| No | Let the container handle SSL (yes/no)? |`ENABLE_SSL=yes`|`yes`| |`NAME_SERVERS`| No | Comma delimited name servers |`NAME_SERVERS=1.1.1.1,1.0.0.1`|`1.1.1.1,1.0.0.1`| |`PUID`| No | UID applied to /config files and /downloads |`PUID=99`|`99`|