| openvpn | ||
| transmission | ||
| docker-compose.yml | ||
| Dockerfile | ||
| LICENSE | ||
| README.md | ||
Transmission with WebUI and OpenVPN
Docker container which runs Transmission torrent client with WebUI while connecting to OpenVPN. It bundles certificates and configurations for the following VPN providers:
- Private Internet Access
- BTGuard
- TigerVPN
- FrootVPN
- TorGuard
- NordVPN
- UsenetServerVPN
- IPVanish
- Anonine
- HideMe
- PureVPN
- HideMyAss
When using PIA as provider it will update Transmission hourly with assigned open port. Please read the instructions below.
Run container from Docker registry
The container is available from the Docker registry and this is the simplest way to get it. To run the container use this command:
$ docker run --privileged -d \
-v /your/storage/path/:/data \
-e "OPENVPN_PROVIDER=PIA" \
-e "OPENVPN_CONFIG=Netherlands" \
-e "OPENVPN_USERNAME=user" \
-e "OPENVPN_PASSWORD=pass" \
-p 9091:9091 \
haugene/transmission-openvpn
You must set the environment variables OPENVPN_PROVIDER, OPENVPN_USERNAME and OPENVPN_PASSWORD to provide basic connection details.
The OPENVPN_CONFIG is an optional variable. If no config is given, a default config will be selected for the provider you have chosen.
Find available OpenVPN configurations by looking in the openvpn folder of the GitHub repository.
As you can see, the container also expects a data volume to be mounted. This is where Transmission will store your downloads, incomplete downloads and look for a watch directory for new .torrent files. By default a folder named transmission-home will also be created under /data, this is where Transmission stores its state.
Required environment options
| Variable | Function | Example |
|---|---|---|
OPENVPN_PROVIDER |
Sets the OpenVPN provider to use. | OPENVPN_PROVIDER=provider. Supported providers are PIA, BTGUARD, TIGER, FROOT, TORGUARD, NORDVPN, USENETSERVER, IPVANISH, ANONINE, HIDEME, PUREVPN and HIDEMYASS |
OPENVPN_USERNAME |
Your OpenVPN username | OPENVPN_USERNAME=asdf |
OPENVPN_PASSWORD |
Your OpenVPN password | OPENVPN_PASSWORD=asdf |
Network configuration options
| Variable | Function | Example |
|---|---|---|
OPENVPN_CONFIG |
Sets the OpenVPN endpoint to connect to. | OPENVPN_CONFIG=UK Southampton |
OPENVPN_OPTS |
Will be passed to OpenVPN on startup | See OpenVPN doc |
Transmission configuration options
You may override transmission options by setting the appropriate environment variable.
The environment variables are the same name as used in the transmission settings.json file and follow the format given in these examples:
| Transmission variable name | Environment variable name |
|---|---|
speed-limit-up |
TRANSMISSION_SPEED_LIMIT_UP |
speed-limit-up-enabled |
TRANSMISSION_SPEED_LIMIT_UP_ENABLED |
ratio-limit |
TRANSMISSION_RATIO_LIMIT |
ratio-limit-enabled |
TRANSMISSION_RATIO_LIMIT_ENABLED |
As you can see the variables are prefixed with TRANSMISSION_, the variable is capitalized, and - is converted to _.
PS: TRANSMISSION_BIND_ADDRESS_IPV4 will be overridden to the IP assigned to your OpenVPN tunnel interface.
This is to prevent leaking the host IP.
Access the WebUI
But what's going on? My http://my-host:9091 isn't responding? This is because the VPN is active, and since docker is running in a different ip range than your client the response to your request will be treated as "non-local" traffic and therefore be routed out through the VPN interface.
How to fix this
There are several ways to fix this. You can pipe and do fancy iptables or ip route configurations on the host and in the container. But I found that the simplest solution is just to proxy my traffic. Start an nginx container like this:
$ docker run -d \
-v /path/to/nginx.conf:/etc/nginx/nginx.conf:ro \
-p 8080:8080 \
nginx
Where /path/to/nginx.conf has this content:
events {
worker_connections 1024;
}
http {
server {
listen 8080;
location / {
proxy_pass http://host.ip.address.here:9091;
}
}
}
Your Transmission WebUI should now be avaliable at "your.host.ip.addr:8080/transmission/web/". Change the port in the docker run command if 8080 is not suitable for you. Alternatively if you use container linking, either directly or via docker-compose, you can replace "your.host.ip.addr" with the name or alias of the openvpn container.
Known issues
Some have encountered problems with DNS resolving inside the docker container. This causes trouble because OpenVPN will not be able to resolve the host to connect to. If you have this problem use dockers --dns flag to override the resolv.conf of the container. For example use googles dns servers by adding --dns 8.8.8.8 --dns 8.8.4.4 as parameters to the usual run command.
If you are having issues with this container please submit an issue on GitHub. Please provide logs, docker version and other information that can simplify reproducing the issue. Using the latest stable verison of Docker is always recommended. Support for older version is on a best-effort basis.
Adding new providers
If your VPN provider is not in the list of supported providers you could always create an issue on GitHub and see if someone could add it for you. But if you're feeling up for doing it yourself, here's a couple of pointers.
You clone this repository and create a new folder under "openvpn" where you put the .ovpn files your provider gives you. Depending on the structure of these files you need to make some adjustments. For example if they come with a ca.crt file that is referenced in the config you need to update this reference to the path it will have inside the container (which is /etc/openvpn/...). You also have to set where to look for your username/password and what to do when a connection is created (namely starting Transmission). In this commit you can see the changes done when adding IPVanish as provider. In general, it's all been done before so look around the commits and you should find what you're looking for.
There is also a script called adjustConfigs.sh that could help you. After putting your .ovpn files in a folder, run that script with your folder name as parameter and it will try to do the changes descibed above. If you use it or not, reading it might give you some help in what you're looking to change in the .ovpn files.
Once you've finished modifying configs, you build the container and run it with OPENVPN_PROVIDER set to the name of the folder of configs you just created (it will be lowercased to match the folder names). And that should be it!
So, you've just added your own provider and you're feeling pretty good about it! Why don't you fork this repository, commit and push your changes and submit a pull request? Share your provider with the rest of us! :) Please submit your PR to the dev branch in that case.
Ok, good. That's how you should do it. But if you don't want to build a new image you could also make it work by volume mounting your configs into /etc/openvpn/your-provider and then using it directly from there. You still need to modify your config files though.
Building the container yourself
To build this container, clone the repository and cd into it.
Build it:
$ cd /repo/location/docker-transmission-openvpn
$ docker build -t transmission-openvpn .
Run it:
$ docker run --privileged -d \
-v /your/storage/path/:/data \
-e "OPENVPN_PROVIDER=PIA" \
-e "OPENVPN_CONFIG=Netherlands" \
-e "OPENVPN_USERNAME=user" \
-e "OPENVPN_PASSWORD=pass" \
-p 9091:9091 \
transmission-openvpn
This will start a container as described in the "Run container from Docker registry" section.
Controlling Transmission remotely
The container exposes /config as a volume. This is the directory where the supplied transmission and OpenVPN credentials will be stored. If you have transmission authentication enabled and want scripts in another container to access and control the transmission-daemon, this can be a handy way to access the credentials. For example, another container may pause or restrict transmission speeds while the server is streaming video.