[Support] binhex - qBittorrentVPN


binhex

Recommended Posts

Been using this for months without issue, and then the last few days I cannot access the UI after starting the docker.

 

I've tried renaming the appdata folder for it (copying the openvpn config into the new one it creates), and renaming the torrent and complete/incomplete folders in case that's a factor. Something weird is going on.

 

I've also tried with debug on but that doesn't yield any clues.

 

The last entry in the log is:

2021-10-15 11:45:33,020 DEBG 'watchdog-script' stdout output:
[info] qBittorrent process started
[info] Waiting for qBittorrent process to start listening on port 8117...

2021-10-15 11:45:33,131 DEBG 'watchdog-script' stdout output:
[info] qBittorrent process listening on port 8117

2021-10-15 11:45:33,155 DEBG 'watchdog-script' stdout output:
[debug] VPN incoming port is 54846
[debug] qBittorrent incoming port is 54846
[debug] VPN IP is 10.3.112.113
[debug] qBittorrent IP is 10.3.112.113

2021-10-15 11:45:33,628 DEBG 'start-script' stdout output:
[info] Successfully assigned and bound incoming port '54846'

2021-10-15 11:46:03,163 DEBG 'watchdog-script' stdout output:
[debug] Checking we can resolve name 'www.google.com' to address...

2021-10-15 11:46:03,190 DEBG 'watchdog-script' stdout output:
[debug] DNS operational, we can resolve name 'www.google.com' to address '142.250.187.228'

2021-10-15 11:46:03,191 DEBG 'watchdog-script' stdout output:
[debug] Waiting for iptables chain policies to be in place...

2021-10-15 11:46:03,200 DEBG 'watchdog-script' stdout output:
[debug] iptables chain policies are in place

 

Does anyone have any ideas?

Has there been a recent update that may have affected anything?

 

I am trying direct access, so no reverse proxy or anything like that to consider.

 

Cheers,

Pacman

 

 

PS: Oh, and if I access the console for the docker I cannot see anything going nuts in "top".

Edited by SudoPacman
Link to comment
48 minutes ago, SudoPacman said:

I've also tried with debug on but that doesn't yield any clues.

that looks like a clean start from the small snippet of the log you have provided, have you changed lan network range?, created more vlan's?, reconfigured firewall etc?.

Link to comment
17 minutes ago, binhex said:

that looks like a clean start from the small snippet of the log you have provided, have you changed lan network range?, created more vlan's?, reconfigured firewall etc?.

 

Yeah, I thought it looked clean too. No errors or anything. Strange.

Tried different browsers, machines, OSes. Rebooted.

Everything i can think of.

 

No, nothing has changed wrt to network or vlans. It's all been setup for months and months now!

It's on br0 and always has been. I've tried changing to bridge but see the same thing.

 

I wonder whether forcing a reinstall of the docker image is worth trying?

Is that just a case of removing it and adding it again?

Link to comment
3 minutes ago, SudoPacman said:

Nope, no dice.

Tried changing the port back to the default 8080 and still no luck. I realised that 8080 is available on br0 after all, but not some others.

 

I'm out of ideas.

are you also setting the WEBU_PORT?, this needs to match, see this from the readme:-

Quote

Due to issues with CSRF and port mapping, should you require to alter the port for the webui you need to change both sides of the -p 8080 switch AND set the WEBUI_PORT variable to the new port.

For example, to set the port to 8090 you need to set -p 8090:8090 and -e WEBUI_PORT=8090

 

Link to comment

Okay, thought I'd try your rtorrentvpn docker and same thing (just times out), which has led me to my opnsense firewall live view.

Looks like an update there may have done something since I can see it getting blocked by the "default deny rule".

 

Thanks for your help binhex, I really appreciate it (and love your dockers).

I'll report back, but sure it's something this end now.

 

Cheers

  • Like 1
Link to comment
On 10/14/2021 at 4:35 AM, binhex said:

are you sure of this?, are you putting in the external ip and the port as shown in the supervisord.log?, you cannot enter in your isp's ip address as the port will not be shown as open.

Yes, I'm entering both the IP address and the port found in the supervisord.log file. I'm using PIA's CA Montreal server, but oddly enough, when I try to geolocate the IP address, it fails; normally, PIA servers show up as the correct region. Any thoughts as to why this might be? Attaching the latest supervisord.log file. Thanks!

supervisord - Copy.log

Link to comment

Apologies if this has already ben covered in this thread!

But I just realized that I have 3 free OpenVPN connection to my remote server available

but is it possible to use OpenVPN? I know PIA is the recommended solution

 

Using any of your great dockers like:

binhex-qbittorrentvpn

binhex-rtorrentvpn

binhex-delugevpn

binhex-sabnzbdvpn

 

Or would the only way to do this be a custum network using my pfsense and creating a tunnel? 

Link to comment

Still pretty new to Unraid, tried to install and run this docker but it won't start. Here's what I did:

 

  • changed ports for webUI to 8585 because 8080 is crowded.
  • Set VPN_PROV to Custom since I'm not using PIA
  • Entered my USER ID and PASSWORD for the VPN in the correct fields (Container Variable: VPN_USER and Container Variable: VPN_PASS)
  • Changed value for Container Path: /data to the Share I'm using to store my downloads

 

Left all the rest to initial settings, Installed the docker, install went OK

 

Then I try to click it and run START but it won't run. I know I need to add my VPN's OpenVPN files lateron but normally the docker should already be able to run, no?

 

Any idea what could cause this? Sorry for being such a noob

Capture.PNG

Link to comment
1 hour ago, Kyo28 said:

Then I try to click it and run START but it won't run. I know I need to add my VPN's OpenVPN files lateron but normally the docker should already be able to run, no?


No

Quote from the GitHub readme-

Quote

OpenVPN
Please note this Docker image does not include the required OpenVPN configuration file and certificates. These will typically be downloaded from your VPN providers website (look for OpenVPN configuration files), and generally are zipped.

PIA users - The URL to download the OpenVPN configuration files and certs is:-

https://www.privateinternetaccess.com/openvpn/openvpn.zip

Once you have downloaded the zip (normally a zip as they contain multiple ovpn files) then extract it to /config/openvpn/ folder (if that folder doesn't exist then start and stop the docker container to force the creation of the folder).

If there are multiple ovpn files then please delete the ones you don't want to use (normally filename follows location of the endpoint) leaving just a single ovpn file and the certificates referenced in the ovpn file (certificates will normally have a crt and/or pem extension).

 

 

  • Like 1
Link to comment

Thanks a lot! Got everything set up and running now. Only thing is, DL speed is extremely slow (3kb/s) and upload is 0 kbs.

So I'm guessing somewhere, something isn't configured just right. I'll keep looking see if I can find what it is. But thanks again for helping me this far!

Link to comment
1 minute ago, Kyo28 said:

Thanks a lot! Got everything set up and running now. Only thing is, DL speed is extremely slow (3kb/s) and upload is 0 kbs.

So I'm guessing somewhere, something isn't configured just right. I'll keep looking see if I can find what it is. But thanks again for helping me this far!

Are you sure that the VPN you’re using supports port forwarding?

Link to comment

Silly me, the Throttle was still on, didn't notice it.

So DL goes fine now with speeds of over 1Mb/s, UL seems to go a bit slow. Maybe I should try a different OVPN file from my VPN provider (Nord VPN)? They have multiple servers for my country, both FTP and UDP. For now I'm using an FTP one.

Can I add multiple OVPN files and switch between them?

Link to comment
27 minutes ago, Kyo28 said:

Silly me, the Throttle was still on, didn't notice it.

So DL goes fine now with speeds of over 1Mb/s, UL seems to go a bit slow. Maybe I should try a different OVPN file from my VPN provider (Nord VPN)? They have multiple servers for my country, both FTP and UDP. For now I'm using an FTP one.

Can I add multiple OVPN files and switch between them?

Q20: https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Link to comment
1 hour ago, Kyo28 said:

Silly me, the Throttle was still on, didn't notice it.

So DL goes fine now with speeds of over 1Mb/s, UL seems to go a bit slow. Maybe I should try a different OVPN file from my VPN provider (Nord VPN)? They have multiple servers for my country, both FTP and UDP. For now I'm using an FTP one.

Can I add multiple OVPN files and switch between them?

 

In my setup, I've noticed,  the utp (torrent micro transfer protocol) protocol to slow things down remarkably, even with my firewall open to udp and tcp traffic, my vpn, and qbittorrent.

 

So what I've done is just make sure all three are hard-coded to only accept TCP connections and my traffic went from bottlenecking around 1-1.5 MB/sec to hitting 25+ MB/sec (200mbit+), torrent seeds depending.

Edited by mooky
Link to comment

Hi, I was running delugevpn and now need to run qbittorrentvpn as well due to private tracker requirements. I know I need to change the WEB UI access port for qbittorent so following this documentation (https://github.com/binhex/arch-qbittorrentvpn): 

Quote

Due to issues with CSRF and port mapping, should you require to alter the port for the webui you need to change both sides of the -p 8080 switch AND set the WEBUI_PORT variable to the new port.

 

I decided I needed to delete the "Host Port 3" and "Host Port 4" variables from the docker template since I can't edit the container port value and add new Port variables to map host 8070 to container 8070 (replace 8080) and map host 8119 to container

8119 (replace 8118 privoxy). I also updated the WEBUI_PORT from default of 8080 to 8070.

 

The container works as expected but the link in Unraid dashboard takes me still to X.X.X.X:8080 instead of 8070. Obviously I can manually change the address in my browser but I'm concerned I might be missing something important if that didn't update. Any thoughts? 

 

757339216_Screenshot2021-10-27235946.thumb.png.dc17b971a3465c041e22d7625ed1e78e.png1894103036_Screenshot2021-10-28000022.thumb.png.e8aba3a3423387250afd74856d83615b.png391156359_Screenshot2021-10-28000037.thumb.png.e5fc017071b5252931235fb0d22b5397.png59835542_Screenshot2021-10-28000150.png.e6956fc91e12f2818942f56e91649340.png

Link to comment
On 10/28/2021 at 8:04 AM, scd780 said:

Obviously I can manually change the address in my browser but I'm concerned I might be missing something important if that didn't update. Any thoughts? 

you havent missed anything important, but if it bugs you i think you can change it, simply toggle to 'advanced view' in the edit screen and then change the 'WebUI', e.g. mine is set to port 2100:-

 

image.png.5f224b36c9aab2c57cd31ac3f84fd72e.png

  • Thanks 1
Link to comment

Okay, I've scanned and searched this thread, as well as other places here and there, and I'm really beginning to feel dumb.

I'm just trying to setup this qBT docker with Mullvad, and I'm having extremely marginal success.

After much reading and piecing together of data, I have the docker installed and running. I can access the webUI via chrome (won't work with FF for some reason?), and I think I have things mostly configured the way they were when I was using the non-VPN version of qBT. By the way, that setup was working fine, and was as fast as my connection allowed, but obviously wasn't safe.

Now, however, when I add a torrent, it will parse and start, but it either downloads at a crawl (like in the bytes/sec range), or it'll error out or stall fairly quickly. I don't even know where to begin hunting down the issue. I found the video SIO made about deluge and VPN, but that one's rather old, and for different software, so I was having a hard time following it. Can anyone take pity on an unRAID newb and help me out here?


Edit: So I'm seeing that the likely issue is port forwarding, but I can't find anything that spells out how to actually do it with Mullvad. I have a port created from my Mullvad account, I just don't know what to do with the info. I've read the binhex FAQs, and it basically just says "if you don't have PIA, figure it out yourself". lol

Also, I'd really like to use Wireguard, if that's an option. I just couldn't find any info about how to set it up, so I figured I'd start with openVPN.

Edited by Elmojo
Add info
Link to comment
14 hours ago, Elmojo said:

Now, however, when I add a torrent, it will parse and start, but it either downloads at a crawl (like in the bytes/sec range), or it'll error out or stall fairly quickly.

that is a symptom of incorrect location for incomplete and completed in qbittorrent, check that first and ensure its saving to the correct bind mount, e.g. /data

 

14 hours ago, Elmojo said:

So I'm seeing that the likely issue is port forwarding, but I can't find anything that spells out how to actually do it with Mullvad.

its actually really simply, you allocate a incoming port through the mullvad website, then you configure qbittorrent to use this port for incoming connections, thats it!. 

 

14 hours ago, Elmojo said:

Also, I'd really like to use Wireguard, if that's an option. I just couldn't find any info about how to set it up, so I figured I'd start with openVPN.

it is an option yes, you switch the vpn_client to wireguard, drop in the mullvad generated wireguard config file and thats it, again you need to configure qbittorrent for the port allocated to you via mullvad website.

Link to comment
56 minutes ago, binhex said:

that is a symptom of incorrect location for incomplete and completed in qbittorrent, check that first and ensure its saving to the correct bind mount, e.g. /data   <-I'm sorry, but I don't know how to do that. Is that a setting in the container template, or from within the qBT webGUI?

 

its actually really simply, you allocate a incoming port through the mullvad website, then you configure qbittorrent to use this port for incoming connections, thats it!.  <-Again...how? :)  I have my port info from mullvad, but it's not a simple number, and qBT only seems to allow numerical input.

 

it is an option yes, you switch the vpn_client to wireguard, drop in the mullvad generated wireguard config file and thats it, again you need to configure qbittorrent for the port allocated to you via mullvad website.  <-Sweet, I'll give that a try, thanks!

EDIT: Okay.... I'm stuck. How do I get/create the private key for the WG config file? I'm seeing articles that mention using a CLI command to generate the key? Say what now?

 

Edited by Elmojo
Link to comment
26 minutes ago, Elmojo said:

<-I'm sorry, but I don't know how to do that. Is that a setting in the container template, or from within the qBT webGUI?

qbittorrent web ui, options/downloads tab, define the 'Default Save Path:' to something like /data/completed and optionally tick and define 'Keep incomplete torrents in:' to something like /data/incomplete.

 

28 minutes ago, Elmojo said:

I have my port info from mullvad, but it's not a simple number, and qBT only seems to allow numerical input.

then that is not correct, go back to mullvad web ui and figure out how to get the incoming port defined, it must be a numeric, i cant guide you here i dont have a mullvad account.

 

32 minutes ago, Elmojo said:

Okay.... I'm stuck. How do I get/create the private key for the WG config file? I'm seeing articles that mention using a CLI command to generate the key? Say what now?

again sorry but i cant guide you (no mullvad account), you will need to read up and/or reach out to mullvad support and ask them how to generate the wireguard config file.

Link to comment
9 minutes ago, binhex said:

qbittorrent web ui, options/downloads tab, define the 'Default Save Path:' to something like /data/completed and optionally tick and define 'Keep incomplete torrents in:' to something like /data/incomplete.

 

then that is not correct, go back to mullvad web ui and figure out how to get the incoming port defined, it must be a numeric, i cant guide you here i dont have a mullvad account.

 

again sorry but i cant guide you (no mullvad account), you will need to read up and/or reach out to mullvad support and ask them how to generate the wireguard config file.

Thanks man, I'm getting there!

I have the port forwarding worked out, with the help of a FAQ from mullvad. My port is assigned and tests as open. I've plugged it into qBT, so that part should be done.

As for the pathing thing, does it have to be /data/....?   When I was using the non-VPN qBT, I had everything going to a share called "downloads". All my downloader-type apps dump into subfolders of that share. Does this version not support that option?

Link to comment
56 minutes ago, Elmojo said:

Thanks man, I'm getting there!

I have the port forwarding worked out, with the help of a FAQ from mullvad. My port is assigned and tests as open. I've plugged it into qBT, so that part should be done.

As for the pathing thing, does it have to be /data/....?   When I was using the non-VPN qBT, I had everything going to a share called "downloads". All my downloader-type apps dump into subfolders of that share. Does this version not support that option?

 

BTW, I think binhex used /data in his example because of the path mappings for the container setup. You can map whatever you'd like array wise to the /data path within the qbit container. For example: 

 

1168976462_Screenshot2021-10-30123123.thumb.png.817b3f7201bce597185475d7ee90b913.png

 

Then within qbit I put these settings: 

 

1269829486_Screenshot2021-10-30123226.png.2fd323d0380ab641c9c5037d82c89435.png

 

This makes the full path for completed torrents as seen from Unraid GUI or SMB share: /mnt/user/qBitTorrent_Downloads/Complete

 

You can map any share/path from your unraid array to the Host Path 2 variable in the first picture. So you can use your downloads share with the subfolders. I specifically mapped just the qBitTorrent_Downloads folder within my Downloads share instead of the whole thing because I didn't want qbit to be able to cause issues in my other download directories (very unlikely, but safer this way anyways so why not!). 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.