martin/docker-qbittorrentvpn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #28 from DyonR/master

Browse Source 
Sync with master
This commit is contained in:
DyonR 2020-12-08 22:05:50 +01:00 committed by GitHub
commit 39040442c1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 119 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
Dockerfile
View File

@ -7,61 +7,35 @@ RUN usermod -u 99 nobody
# Make directories
RUN mkdir -p /downloads /config/qBittorrent /etc/openvpn /etc/qbittorrent
# Compile libtorrent-rasterbar
RUN apt update \
&& apt -y upgrade \
&& apt -y install --no-install-recommends \
curl \
jq \
build-essential \
ca-certificates \
pkg-config \
automake \
libtool \
git \
zlib1g-dev \
libssl-dev \
libgeoip-dev \
libboost-dev \
curl \
g++ \
jq \
libboost-system-dev \
libboost-chrono-dev \
libboost-random-dev \
python3 \
qtbase5-dev \
qttools5-dev \
libqt5svg5-dev \
&& LIBTORRENT_ASSETS=$(curl -sX GET "https://api.github.com/repos/arvidn/libtorrent/releases" | jq '.[] | select(.prerelease==false) | select(.name=="libtorrent-1.2.8") | .assets_url' | head -n 1 | tr -d '"') \
libssl-dev \
make \
&& LIBTORRENT_ASSETS=$(curl -sX GET "https://api.github.com/repos/arvidn/libtorrent/releases" | jq '.[] | select(.prerelease==false) | select(.target_commitish=="RC_1_2") | .assets_url' | head -n 1 | tr -d '"') \
&& LIBTORRENT_DOWNLOAD_URL=$(curl -sX GET ${LIBTORRENT_ASSETS} | jq '.[0] .browser_download_url' | tr -d '"') \
&& LIBTORRENT_NAME=$(curl -sX GET ${LIBTORRENT_ASSETS} | jq '.[0] .name' | tr -d '"') \
&& curl -o /opt/${LIBTORRENT_NAME} -L ${LIBTORRENT_DOWNLOAD_URL} \
&& tar -xvzf /opt/${LIBTORRENT_NAME} \
&& rm /opt/*.tar.gz \
&& tar -xzf /opt/${LIBTORRENT_NAME} \
&& rm /opt/${LIBTORRENT_NAME} \
&& cd /opt/libtorrent-rasterbar* \
&& ./configure --disable-debug --enable-encryption && make clean && make -j$(nproc) && make install \
&& git clone https://github.com/qbittorrent/qBittorrent.git /opt/qBittorrent \
&& cd /opt/qBittorrent \
&& ./configure --disable-gui && make -j$(nproc) && make install \
&& ./configure CXXFLAGS="-std=c++14" --disable-debug --enable-encryption && make clean && make -j$(nproc) && make install \
&& cd /opt \
&& rm -rf /opt/* \
&& apt -y purge \
curl \
jq \
build-essential \
ca-certificates \
pkg-config \
automake \
libtool \
git \
zlib1g-dev \
libssl-dev \
libgeoip-dev \
libboost-dev \
curl \
g++ \
jq \
libboost-system-dev \
libboost-chrono-dev \
libboost-random-dev \
python3 \
qtbase5-dev \
qttools5-dev \
libqt5svg5-dev \
libssl-dev \
make \
&& apt-get clean \
&& apt -y autoremove \
&& rm -rf \
@ -69,26 +43,86 @@ RUN apt update \
/tmp/* \
/var/tmp/*
# Compile qBittorrent
RUN apt update \
&& apt -y upgrade \
&& apt -y install --no-install-recommends \
ca-certificates \
curl \
g++ \
jq \
libboost-system-dev \
libssl-dev \
make \
pkg-config \
qtbase5-dev \
qttools5-dev \
zlib1g-dev \
&& QBITTORRENT_RELEASE=$(curl -sX GET "https://api.github.com/repos/qBittorrent/qBittorrent/tags" | jq '.[0] .name' | tr -d '"') \
&& curl -o /opt/qBittorrent-${QBITTORRENT_RELEASE}.tar.gz -L "https://github.com/qbittorrent/qBittorrent/archive/${QBITTORRENT_RELEASE}.tar.gz" \
&& tar -xzf /opt/qBittorrent-${QBITTORRENT_RELEASE}.tar.gz \
&& rm /opt/qBittorrent-${QBITTORRENT_RELEASE}.tar.gz \
&& cd /opt/qBittorrent-${QBITTORRENT_RELEASE} \
&& ./configure CXXFLAGS="-std=c++14" --disable-gui && make -j$(nproc) && make install \
&& cd /opt \
&& rm -rf /opt/* \
&& apt -y purge \
ca-certificates \
curl \
g++ \
jq \
libboost-system-dev \
libssl-dev \
make \
pkg-config \
qtbase5-dev \
qttools5-dev \
zlib1g-dev \
&& apt-get clean \
&& apt -y autoremove \
&& rm -rf \
/var/lib/apt/lists/* \
/tmp/* \
/var/tmp/*
# Install WireGuard, OpenVPN and other dependencies for running qbittorrent-nox and the container scripts
RUN echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable-wireguard.list \
&& printf 'Package: *\nPin: release a=unstable\nPin-Priority: 150\n' > /etc/apt/preferences.d/limit-unstable \
&& apt update \
&& apt -y install --no-install-recommends \
libboost-system1.67.0 \
libqt5xml5 \
libqt5network5 \
libssl1.1 \
kmod \
iptables \
ca-certificates \
curl \
dos2unix \
inetutils-ping \
procps \
ipcalc \
iptables \
kmod \
libboost-system1.67.0 \
libqt5network5 \
libqt5xml5 \
libssl1.1 \
moreutils \
net-tools \
dos2unix \
openvpn \
openresolv \
openvpn \
procps \
wireguard-tools \
ipcalc \
ca-certificates \
&& apt-get clean \
&& apt -y autoremove \
&& rm -rf \
/var/lib/apt/lists/* \
/tmp/* \
/var/tmp/*
RUN echo "deb http://deb.debian.org/debian/ buster non-free" > /etc/apt/sources.list.d/non-free-unrar.list \
&& printf 'Package: *\nPin: release a=non-free\nPin-Priority: 150\n' > /etc/apt/preferences.d/limit-non-free \
&& apt update \
&& apt -y upgrade \
&& apt -y install --no-install-recommends \
unrar \
p7zip-full \
unzip \
zip \
&& apt-get clean \
&& apt -y autoremove \
&& rm -rf \
@ -106,4 +140,4 @@ RUN chmod +x /etc/qbittorrent/*.sh /etc/qbittorrent/*.init /etc/openvpn/*.sh
EXPOSE 8080
EXPOSE 8999
EXPOSE 8999/udp
CMD ["/bin/bash", "/etc/openvpn/start.sh"]
CMD ["/bin/bash", "/etc/openvpn/start.sh"]

6
README.md
View File

@ -1,8 +1,8 @@
# [qBittorrent](https://github.com/qbittorrent/qBittorrent), WireGuard and OpenVPN
[![Docker Pulls](https://img.shields.io/docker/pulls/dyonr/qbittorrentvpn)](https://hub.docker.com/r/dyonr/qbittorrentvpn)
[![Docker Image Size (tag)](https://img.shields.io/docker/image-size/dyonr/qbittorrentvpn/alpha)](https://hub.docker.com/r/dyonr/qbittorrentvpn)
[![Docker Image Size (tag)](https://img.shields.io/docker/image-size/dyonr/qbittorrentvpn/latest)](https://hub.docker.com/r/dyonr/qbittorrentvpn)
Docker container which runs the latest [qBittorrent](https://github.com/qbittorrent/qBittorrent)-nox client while connecting to WireGuard (experimental) or OpenVPN with iptables killswitch to prevent IP leakage when the tunnel goes down.
Docker container which runs the latest [qBittorrent](https://github.com/qbittorrent/qBittorrent)-nox client while connecting to WireGuard or OpenVPN with iptables killswitch to prevent IP leakage when the tunnel goes down.
[preview]: https://raw.githubusercontent.com/DyonR/docker-templates/master/Screenshots/qbittorrentvpn/qbittorrentvpn-webui.png "qBittorrent WebUI"
![alt text][preview]
@ -83,7 +83,7 @@ Access http://IPADDRESS:PORT from a browser on the same network. (for example: h
|`password`| `adminadmin` |
# How to use WireGuard
The container will fail to boot if `VPN_ENABLED` is set and there is no valid .conf file present in the /config/wireguard directory. Drop a .conf file from your VPN provider into /config/wireguard and start the container again. The file must have the name `wg0.confg`.
The container will fail to boot if `VPN_ENABLED` is set and there is no valid .conf file present in the /config/wireguard directory. Drop a .conf file from your VPN provider into /config/wireguard and start the container again. The file must have the name `wg0.conf`.
# How to use OpenVPN
The container will fail to boot if `VPN_ENABLED` is set and there is no valid .ovpn file present in the /config/openvpn directory. Drop a .ovpn file from your VPN provider into /config/openvpn and start the container again. You may need to edit the ovpn configuration file to load your VPN credentials from a file by setting `auth-user-pass`.

30
openvpn/start.sh
View File

@ -13,22 +13,6 @@ if [[ ! -z "${check_network}" ]]; then
exit 1
fi
export INSTALL_PYTHON3=$(echo "${INSTALL_PYTHON3,,}")
if [[ $INSTALL_PYTHON3 == "yes" ]]; then
echo "[INFO] INSTALL_PYTHON3 defined as '${INSTALL_PYTHON3}'" | ts '%Y-%m-%d %H:%M:%.S'
if [ ! -e /usr/bin/python3 ]; then
echo "[INFO] Python3 not yet installed, installing..." | ts '%Y-%m-%d %H:%M:%.S'
apt -qq update \
&& apt -qq install python3 \
&& apt-get clean \
&& apt -qq autoremove \
&& rm -rf \
/var/lib/apt/lists/* \
/tmp/* \
/var/tmp/*
fi
fi
export VPN_ENABLED=$(echo "${VPN_ENABLED}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
if [[ ! -z "${VPN_ENABLED}" ]]; then
echo "[INFO] VPN_ENABLED defined as '${VPN_ENABLED}'" | ts '%Y-%m-%d %H:%M:%.S'
@ -115,13 +99,13 @@ if [[ $VPN_ENABLED == "yes" ]]; then
echo "${VPN_PASSWORD}" >> /config/openvpn/credentials.conf
# Replace line with one that points to credentials.conf
auth_cred_exist=$(cat ${VPN_CONFIG} | grep -m 1 'auth-user-pass')
auth_cred_exist=$(cat "${VPN_CONFIG}" | grep -m 1 'auth-user-pass')
if [[ ! -z "${auth_cred_exist}" ]]; then
# Get line number of auth-user-pass
LINE_NUM=$(grep -Fn -m 1 'auth-user-pass' ${VPN_CONFIG} | cut -d: -f 1)
sed -i "${LINE_NUM}s/.*/auth-user-pass credentials.conf/" ${VPN_CONFIG}
LINE_NUM=$(grep -Fn -m 1 'auth-user-pass' "${VPN_CONFIG}" | cut -d: -f 1)
sed -i "${LINE_NUM}s/.*/auth-user-pass credentials.conf/" "${VPN_CONFIG}"
else
sed -i "1s/.*/auth-user-pass credentials.conf/" ${VPN_CONFIG}
sed -i "1s/.*/auth-user-pass credentials.conf/" "${VPN_CONFIG}"
fi
fi
fi
@ -133,7 +117,7 @@ if [[ $VPN_ENABLED == "yes" ]]; then
if [[ "${VPN_TYPE}" == "openvpn" ]]; then
export vpn_remote_line=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^remote\s)[^\n\r]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
else
export vpn_remote_line=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^Endpoint\s)[^\n\r]+' | sed -e 's~^[=\ ]*~~')
export vpn_remote_line=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^Endpoint)(\s{0,})[^\n\r]+' | sed -e 's~^[=\ ]*~~')
fi
if [[ ! -z "${vpn_remote_line}" ]]; then
@ -275,11 +259,13 @@ if [[ $VPN_ENABLED == "yes" ]]; then
if [[ "${VPN_TYPE}" == "openvpn" ]]; then
echo "[INFO] Starting OpenVPN..." | ts '%Y-%m-%d %H:%M:%.S'
cd /config/openvpn
exec openvpn --config ${VPN_CONFIG} &
exec openvpn --config "${VPN_CONFIG}" &
#exec /bin/bash /etc/openvpn/openvpn.init start &
else
echo "[INFO] Starting WireGuard..." | ts '%Y-%m-%d %H:%M:%.S'
cd /config/wireguard
wg-quick down $VPN_CONFIG || echo "WireGuard is down already" | ts '%Y-%m-%d %H:%M:%.S' # Run wg-quick down as an extra safeguard in case WireGuard is still up for some reason
sleep 0.5 # Just to give WireGuard a bit to go down
wg-quick up $VPN_CONFIG
#exec /bin/bash /etc/openvpn/openvpn.init start &
fi

14
qbittorrent/install-python3.sh Normal file
View File

@ -0,0 +1,14 @@
#!/bin/bash
if [ ! -e /usr/bin/python3 ]; then
echo "[INFO] Python3 not yet installed, installing..." | ts '%Y-%m-%d %H:%M:%.S'
apt -qq update \
&& apt -y install python3 \
&& apt-get clean \
&& apt -y autoremove \
&& rm -rf \
/var/lib/apt/lists/* \
/tmp/* \
/var/tmp/*
else
echo "[INFO] Python3 is already installed, nothing to do." | ts '%Y-%m-%d %H:%M:%.S'
fi

9
qbittorrent/start.sh
View File

@ -6,10 +6,10 @@ fi
# Set the correct rights accordingly to the PUID and PGID on /config/qBittorrent
chown -R ${PUID}:${PGID} /config/qBittorrent
# Set the rights on the /blackhole folder
# Set the rights on the /downloads folder
chown -R ${PUID}:${PGID} /downloads
# Check if ServerConfig.json exists, if not, copy the template over
# Check if qBittorrent.conf exists, if not, copy the template over
if [ ! -e /config/qBittorrent/config/qBittorrent.conf ]; then
echo "[WARNING] qBittorrent.conf is missing, this is normal for the first launch! Copying template." | ts '%Y-%m-%d %H:%M:%.S'
cp /etc/qbittorrent/qBittorrent.conf /config/qBittorrent/config/qBittorrent.conf
@ -17,6 +17,11 @@ if [ ! -e /config/qBittorrent/config/qBittorrent.conf ]; then
chown ${PUID}:${PGID} /config/qBittorrent/config/qBittorrent.conf
fi
export INSTALL_PYTHON3=$(echo "${INSTALL_PYTHON3,,}")
if [[ $INSTALL_PYTHON3 == "yes" ]]; then
/bin/bash /etc/qbittorrent/install-python3.sh
fi
# The mess down here checks if SSL is enabled.
export ENABLE_SSL=$(echo "${ENABLE_SSL,,}")
if [[ ${ENABLE_SSL} == 'yes' ]]; then