From 8be0e9eee45d43967c92d5aaccbd597e249d982d Mon Sep 17 00:00:00 2001 From: binhex Date: Wed, 25 Oct 2023 12:55:28 +0100 Subject: [PATCH 1/3] test multi adapter docker support --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index acd0264..3df45cc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM binhex/arch-int-vpn:latest +FROM binhex/arch-int-vpn:multi_adapter LABEL org.opencontainers.image.authors = "binhex" LABEL org.opencontainers.image.source = "https://github.com/binhex/arch-qbittorrentvpn" From 25c4105f39b27b9c44993c58c3ee03ad1a2b62eb Mon Sep 17 00:00:00 2001 From: binhex Date: Mon, 19 Feb 2024 11:23:41 +0000 Subject: [PATCH 2/3] remove daemon so we get dyn password in log --- .../qbittorrent/config/qBittorrent.conf | 6 + run/nobody/qbittorrent.sh | 164 ++++++++++++------ run/nobody/watchdog.sh | 29 ---- 3 files changed, 115 insertions(+), 84 deletions(-) diff --git a/config/nobody/qbittorrent/config/qBittorrent.conf b/config/nobody/qbittorrent/config/qBittorrent.conf index 03fa772..d58ace1 100644 --- a/config/nobody/qbittorrent/config/qBittorrent.conf +++ b/config/nobody/qbittorrent/config/qBittorrent.conf @@ -2,10 +2,16 @@ enabled=false program= +[BitTorrent] +Session\Interface=wg0 +Session\InterfaceName=wg0 + [Preferences] General\Locale=en Connection\PortRangeMin=6881 Connection\UPnP=false +Connection\Interface=wg0 +Connection\InterfaceName=wg0 General\UseRandomPort=false WebUI\CSRFProtection=false WebUI\LocalHostAuth=false diff --git a/run/nobody/qbittorrent.sh b/run/nobody/qbittorrent.sh index 6448667..12a3388 100644 --- a/run/nobody/qbittorrent.sh +++ b/run/nobody/qbittorrent.sh @@ -1,84 +1,138 @@ #!/usr/bin/dumb-init /bin/bash -if [[ "${qbittorrent_running}" == "false" ]]; then +function edit_qbittorrent_config() { + + # set network interface binding to vpn virtual adapter (wg0/tun0/tap0) for qbittorrent on startup + sed -i -e "s~^Connection\\\\Interface\=.*~Connection\\\\Interface\=${VPN_DEVICE_TYPE}~g" "${qbittorrent_config}" + sed -i -e "s~^Connection\\\\InterfaceName\=.*~Connection\\\\InterfaceName\=${VPN_DEVICE_TYPE}~g" "${qbittorrent_config}" + sed -i -e "s~^Session\\\\Interface\=.*~Session\\\\Interface\=${VPN_DEVICE_TYPE}~g" "${qbittorrent_config}" + sed -i -e "s~^Session\\\\InterfaceName\=.*~Session\\\\InterfaceName\=${VPN_DEVICE_TYPE}~g" "${qbittorrent_config}" + + # forcibly set allow anonymous access from localhost to api (used to change incoming port) + sed -i -e 's~^WebUI\\LocalHostAuth=.*~WebUI\\LocalHostAuth=false~g' "${qbittorrent_config}" + + # set locale to prevent 4.1.4 gui render issues if no locale set + grep -q 'General\\Locale' "${qbittorrent_config}" || sed -i '/\[Preferences\]/a General\\Locale=en' "${qbittorrent_config}" + +} + +function init_qbittorrent() { + + # if qbittorrent config file doesnt exist then copy default to host config volume + if [[ ! -f "${qbittorrent_config}" ]]; then + + echo "[info] qBittorrent config file doesnt exist, copying default to '/config/qBittorrent/config/'..." + + # copy default qbittorrent config file to /config/qBittorrent/config/ + mkdir -p /config/qBittorrent/config && cp /home/nobody/qbittorrent/config/* /config/qBittorrent/config/ + + else + + echo "[info] qBittorrent config file already exists, skipping copy" + + fi echo "[info] Removing session lock file (if it exists)..." rm -f /config/qBittorrent/data/BT_backup/session.lock - # set network interface binding to vpn virtual adapter (wg0/tun0/tap0) for qbittorrent on startup - sed -i -e "s~^Connection\\\\Interface\=.*~Connection\\\\Interface\=${VPN_DEVICE_TYPE}~g" '/config/qBittorrent/config/qBittorrent.conf' - sed -i -e "s~^Connection\\\\InterfaceName\=.*~Connection\\\\InterfaceName\=${VPN_DEVICE_TYPE}~g" '/config/qBittorrent/config/qBittorrent.conf' - sed -i -e "s~^Session\\\\Interface\=.*~Session\\\\Interface\=${VPN_DEVICE_TYPE}~g" '/config/qBittorrent/config/qBittorrent.conf' - sed -i -e "s~^Session\\\\InterfaceName\=.*~Session\\\\InterfaceName\=${VPN_DEVICE_TYPE}~g" '/config/qBittorrent/config/qBittorrent.conf' + # force unix line endings conversion in case user edited qbittorrent.conf with notepad + /usr/local/bin/dos2unix.sh "${qbittorrent_config}" - echo "[info] Attempting to start qBittorrent..." +} - # run qBittorrent (daemonized, non-blocking) - note qbittorrent requires docker privileged flag - /usr/bin/qbittorrent-nox --daemon --webui-port="${WEBUI_PORT}" --profile=/config +function configure_incoming_port(){ - # make sure process qbittorrent-nox DOES exist - retry_count=12 - retry_wait=1 - while true; do + # change incoming port using the qbittorrent api - note this requires anonymous authentication via webui + # option 'Bypass authentication for clients on localhost' + if [[ "${VPN_PROV}" == "pia" || "${VPN_PROV}" == "protonvpn" ]] && [[ -n "${VPN_INCOMING_PORT}" ]]; then - if ! pgrep -x "qbittorrent-nox" > /dev/null; then + # identify protocol, used by curl to connect to api + if grep -q 'WebUI\\HTTPS\\Enabled=true' "${qbittorrent_config}"; then + web_protocol="https" + else + web_protocol="http" + fi - retry_count=$((retry_count-1)) - if [ "${retry_count}" -eq "0" ]; then + # note -k flag required to support insecure connection (self signed certs) when https used + curl -k -i -X POST -d "json={\"random_port\": false}" "${web_protocol}://localhost:${WEBUI_PORT}/api/v2/app/setPreferences" &> /dev/null + curl -k -i -X POST -d "json={\"listen_port\": ${VPN_INCOMING_PORT}}" "${web_protocol}://localhost:${WEBUI_PORT}/api/v2/app/setPreferences" &> /dev/null - echo "[warn] Wait for qBittorrent process to start aborted, too many retries" - echo "[info] Showing output from command before exit..." - timeout 10 yes | /usr/bin/qbittorrent-nox --webui-port="${WEBUI_PORT}" --profile=/config ; return 1 + # set qbittorrent port to current vpn port (used when checking for changes on next run)s + qbittorrent_port="${VPN_INCOMING_PORT}" - else + fi - if [[ "${DEBUG}" == "true" ]]; then - echo "[debug] Waiting for qBittorrent process to start" - echo "[debug] Re-check in ${retry_wait} secs..." - echo "[debug] ${retry_count} retries left" - fi - sleep "${retry_wait}s" + # set qbittorrent ip to current vpn ip (used when checking for changes on next run) + qbittorrent_ip="${vpn_ip}" - fi +} - else +function start() { - echo "[info] qBittorrent process started" - break + if [[ "${qbittorrent_running}" == "false" ]]; then - fi + # define destination file path for qbittorrent config file + qbittorrent_config="/config/qBittorrent/config/qBittorrent.conf" - done + # copy config if it doesn't exist and set line endings + init_qbittorrent - echo "[info] Waiting for qBittorrent process to start listening on port ${WEBUI_PORT}..." + # edit qbittorrent config + edit_qbittorrent_config - while [[ $(netstat -lnt | awk "\$6 == \"LISTEN\" && \$4 ~ \".${WEBUI_PORT}\"") == "" ]]; do - sleep 0.1 - done + echo "[info] Attempting to start qBittorrent..." - echo "[info] qBittorrent process listening on port ${WEBUI_PORT}" + # run qBittorrent (backgrounded, non-blocking) - note qbittorrent requires docker privileged flag + timeout 10 yes | nohup /usr/bin/qbittorrent-nox --webui-port="${WEBUI_PORT}" --profile=/config >> '/config/supervisord.log' 2>&1 & -fi + # make sure process qbittorrent-nox DOES exist + retry_count=12 + retry_wait=1 + while true; do -# change incoming port using the qbittorrent api - note this requires anonymous authentication via webui -# option 'Bypass authentication for clients on localhost' -if [[ "${VPN_PROV}" == "pia" || "${VPN_PROV}" == "protonvpn" ]] && [[ -n "${VPN_INCOMING_PORT}" ]]; then + if ! pgrep "qbittorrent-nox" > /dev/null; then - # identify protocol, used by curl to connect to api - if grep -q 'WebUI\\HTTPS\\Enabled=true' '/config/qBittorrent/config/qBittorrent.conf'; then - web_protocol="https" - else - web_protocol="http" - fi + retry_count=$((retry_count-1)) + if [ "${retry_count}" -eq "0" ]; then + + echo "[warn] Wait for qBittorrent process to start aborted, too many retries" + echo "[info] Showing output from command before exit..." + timeout 10 yes | /usr/bin/qbittorrent-nox --webui-port="${WEBUI_PORT}" --profile=/config ; return 1 + + else + + if [[ "${DEBUG}" == "true" ]]; then + echo "[debug] Waiting for qBittorrent process to start" + echo "[debug] Re-check in ${retry_wait} secs..." + echo "[debug] ${retry_count} retries left" + fi + sleep "${retry_wait}s" + + fi - # note -k flag required to support insecure connection (self signed certs) when https used - curl -k -i -X POST -d "json={\"random_port\": false}" "${web_protocol}://localhost:${WEBUI_PORT}/api/v2/app/setPreferences" &> /dev/null - curl -k -i -X POST -d "json={\"listen_port\": ${VPN_INCOMING_PORT}}" "${web_protocol}://localhost:${WEBUI_PORT}/api/v2/app/setPreferences" &> /dev/null + else + + echo "[info] qBittorrent process started" + break + + fi + + done + + echo "[info] Waiting for qBittorrent process to start listening on port ${WEBUI_PORT}..." + + while [[ $(netstat -lnt | awk "\$6 == \"LISTEN\" && \$4 ~ \".${WEBUI_PORT}\"") == "" ]]; do + sleep 0.1 + done + + echo "[info] qBittorrent process listening on port ${WEBUI_PORT}" + + fi - # set qbittorrent port to current vpn port (used when checking for changes on next run)s - qbittorrent_port="${VPN_INCOMING_PORT}" + # confgure incoming port + configure_incoming_port -fi +} -# set qbittorrent ip to current vpn ip (used when checking for changes on next run) -qbittorrent_ip="${vpn_ip}" +# kickoff +start \ No newline at end of file diff --git a/run/nobody/watchdog.sh b/run/nobody/watchdog.sh index 03d6a50..fb8fa1b 100644 --- a/run/nobody/watchdog.sh +++ b/run/nobody/watchdog.sh @@ -1,34 +1,5 @@ #!/usr/bin/dumb-init /bin/bash -# define destination file path for qbittorrent config file -qbittorrent_config="/config/qBittorrent/config/qBittorrent.conf" - -# if qbittorrent config file doesnt exist then copy default to host config volume -if [[ ! -f "${qbittorrent_config}" ]]; then - - echo "[info] qBittorrent config file doesnt exist, copying default to /config/qBittorrent/config/..." - - # copy default qbittorrent config file to /config/qBittorrent/config/ - mkdir -p /config/qBittorrent/config && cp /home/nobody/qbittorrent/config/* /config/qBittorrent/config/ - -else - - echo "[info] qBittorrent config file already exists, skipping copy" - -fi - -echo "[info] Removing session lock file (if it exists)..." -rm -f /config/qBittorrent/data/BT_backup/session.lock - -# force unix line endings conversion in case user edited qbittorrent.conf with notepad -/usr/local/bin/dos2unix.sh "${qbittorrent_config}" - -# set locale to prevent 4.1.4 gui render issues if no locale set -grep -q 'General\\Locale' "${qbittorrent_config}" || sed -i '/\[Preferences\]/a General\\Locale=en' "${qbittorrent_config}" - -# forcibly set allow anonymous access from localhost to api (used to change incoming port) -sed -i 's~^WebUI\\LocalHostAuth=.*~WebUI\\LocalHostAuth=false~g' "${qbittorrent_config}" - # set default values for port and ip qbittorrent_port="6881" qbittorrent_ip="0.0.0.0" From 1411c26ff2c16c1d9eeda33f5bc18afe79a13082 Mon Sep 17 00:00:00 2001 From: binhex Date: Mon, 19 Feb 2024 11:38:02 +0000 Subject: [PATCH 3/3] undo hard coded test int-vpn tag name --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3df45cc..acd0264 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM binhex/arch-int-vpn:multi_adapter +FROM binhex/arch-int-vpn:latest LABEL org.opencontainers.image.authors = "binhex" LABEL org.opencontainers.image.source = "https://github.com/binhex/arch-qbittorrentvpn"