Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision |
docker_notes:docker-deluge [2023-12-30 Sat wk52 22:13] – [s6 supervision rc system] baumkp | docker_notes:docker-deluge [2024-01-10 Wed wk02 19:51] – [OpenVPN setup] baumkp |
---|
{{tag>linux docker image container init s6 s6-rc openvpn "docker compose" wireguard macvlan nftables}} | {{tag>linux docker image container init s6 s6-rc openvpn "docker compose" wireguard macvlan nftables}} |
======Docker Deluge Image / Service====== | ======Docker Deluge Image / Service====== |
I want a torrent service that uses a VPN and is set-up to have blocked WAN (internet) access. On my virtual machine implementation of this I used the following 3 packages: deluge (deluged with deluge-web), openvpn and nftables. I used both iptables and nftables and nftables is definitely more elegant to use. As far as I can tell there is not Docker image that will meet my needs. So time to delve in deeper myself. | I want a torrent service that uses a VPN and is set-up to block non VPN WAN (internet) access. On my virtual machine implementation of this I used the following 3 packages: deluge (deluged with deluge-web), openvpn and nftables. I have used both iptables and nftables and find nftables is definitely more elegant to use. As far as I can tell there is not a Docker image that will meet my needs. |
| |
| I have been successfully been running this in a container on my home server since early 2023. This replaced the a similar setup that have I been operating since about 2017 on a virtual machine using Linux KVM/Libvirt/QEMU. |
| |
=====s6 supervision rc system===== | =====s6 supervision rc system===== |
chmod 660 /dev/net/tun | chmod 660 /dev/net/tun |
| |
echo "nameserver 192.168.1.1" > /etc/resolv.conf | echo "nameserver 192.168.1.14" >> /etc/resolv.config #This adds my primary LAN name server |
| echo "nameserver 192.168.1.2" >> /etc/resolv.config #This adds my secondary LAN name server |
| echo "103.231.89.219 au-mel.pvdata.host" >> /etc/hosts #This adds a PrivatVPN host to the host DNS |
| echo "103.231.88.203 au-mel.pvdata.host" >> /etc/hosts #This adds a PrivatVPN host to the host DNS |
| echo "143.244.63.96 au-syd.pvdata.host" >> /etc/hosts #This adds a PrivatVPN host to the host DNS |
| echo "143.244.33.81 sg-sin.pvdata.host" >> /etc/hosts #This adds a PrivatVPN host to the host DNS |
| |
| /usr/sbin/openvpn /etc/openvpn/privatvpn.conf & #This runs the openvpn program in background using nominated configuration file |
</code>++ see [[https://serverfault.com/questions/1003011/openvpn-error-cannot-open-tun-tap-dev-dev-net-tun-no-such-file-or-directory|OpenVPN - ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)]] | </code>++ see [[https://serverfault.com/questions/1003011/openvpn-error-cannot-open-tun-tap-dev-dev-net-tun-no-such-file-or-directory|OpenVPN - ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)]] |
*Inside container command to run ''/usr/sbin/openvpn /etc/openvpn/privatvpn.conf'', add & to free up terminal | *Inside container command to run ''/usr/sbin/openvpn /etc/openvpn/privatvpn.conf'', add & to free up terminal |
| |
=====Docker network===== | =====Docker network===== |
As described in the vpn section [[https://wiki.kptree.net/doku.php?id=tech_notes:docker-deluge#openvpn_setup|openvpn setup]], I decided to go with the docker macvlan network setup. This needs to be separately created and can then be called up when the container is run. A static ip address can be assigned when run. | As described in the vpn section [[https://wiki.kptree.net/doku.php?id=docker_notes:docker-deluge#openvpn_setup|openvpn setup]], I decided to go with the docker macvlan network setup. This needs to be separately created and can then be called up when the container is run. A static ip address can be assigned when run. |
<code bash> | <code bash> |
docker network create -d macvlan \ | docker network create -d macvlan \ |