Deluge, Couchpotato, Sonarr, VPN Setup

VPN
1

So I want to automate and containerize my downloads process and I was wondering if it was possible to run to have a setup in which I could get my downloads from Couchpotato/Sonarr and then download them through deluge with all BitTorrent traffic going through an OpenVPN client.

I was thinking that the VPN traffic would need to be restricted to only torrentss so I could still access the webUI of deluge. Am I on the right track or is there a better way to protect the privacy of your torrents? Thanks in advance for your help!

2

I do all this already.
I wrote a chef-cookbook to configure my vanilla Ubuntu installation with the following:

  • Conky
  • DNSMasq - which I use for creating nice subdomains for my docker containers
  • Docker engine
  • Duckdns agent - Dynamic-dns so I can route to my home server from an external network
  • MergerFS - For JBOD storage, but you can use any RAID system instead
  • OpenVPN - I found that it’s almost impossible to run a VPN inside Docker, and still access the other docker containers transparently. - Samba
  • S.M.A.R.T disk monitoring
  • X11VNC client

Then I run the following on docker:

  • Rancher - UI for my docker containers, also loadbalancer routing.
  • BTSync
  • Couchpotato
  • Deluge
  • Guacamole
  • Headphones
  • LazyLibrarian
  • Madsonic
  • Plex
  • PlexPy
  • PlexRequest
  • SickRage
  • LocalTunnel wrapper for PlexRequests (so friends can access it from the internet without VPN access)

This system gives me the following:

  • Nice domains, *.depot.local address for all my docker containers, from any computer on the network/VPN
  • No extra external ports are open on my router, just VPN ports
  • Friends can request movies/tvshows
  • Media is downloaded automatically and automatically added to Plex
  • Updating software is as easy as restarting a container (all my images update to latest version on container start)
  • Config folders for all services are volume mounted and persistent

If your interested, the cookbook I wrote is GitHub - mediadepot/chef-depot: DEPRECATED: Replaced by mediadepot/ignition

That Github organization also has a bunch of customized docker repos, which are all available in a customized Rancher service catalog that gets configured automatically.

I also have some docs here: GitHub - mediadepot/docs: Documentation for Mediadepot Home Server though a couple of things might be out of date, but the core ideas havent changed.

3

I’m doing this on a regular ubuntu-box, where we only use the VPN connection for the deluged process. You create another routing table (we call it vpn) set up ip rules that says that traffic to and from the tun interface should use the vpn routing table, remove the “redirect-gateway” stuff from the openvpn config and add a startup script which tells deluge to bind to the vpn tunnel IP and updates the vpn routing table with the info for the tunnel.

Also have another script that checks connectivity for the VPN and restarts openvpn if it can’t ping the gateway which we run in cron like every 5 minutes since our vpn provider likes to force disconnects so that we reconncet and get provided another IP from time to time.

openvpn up script:

vpn_check script:

4

I am doing something similar to /u/analogj’s set-up however not as many containers (yet) and no chef.

I also went with Portainer over Rancher as the Docker UI tool.

This uses Private Internet Access VPN for the torrent traffic in the Deluge container. (Via the awesome binhex deluge-vpn container)

/u/analogj Your set-up is pretty awesome!

Very nice work - I might have to add some of those features and additional containers.

5

Also, would a feasible solution be to run a SOCKS proxy with the OpenVPN client setup in it and route the deluge traffic through there? Sorry if this is a noob question.

6

Could you elaborate on your VPN setup? How do you access the web interfaces of couchpotato and sonarr?

7

I did this in a normal ubuntu environment basically. Had a VPN and just configured deluge proxy settings with VPN info.

I have all of my stuff running in esxi. Been toying with the idea of a docker swarm and running the clients between the 2 nodes.