I am trying to connect qbittorrent and wireguard.

rfvizarra@lemmy.ml

mind sharing how? Thanks

__init__@programming.dev

This doesn’t exactly answer your question, but I use the binhex qbittorrent-vpn image for this. It might work for you too unless you were wanting to be able to reuse the same wireguard container for something else?

dunes@feddit.org

I can’t access the web interface what have i configured wrong.

dunes@feddit.org

Not fixed the issue but the post.

dunes@feddit.org

Thanks for the recommendation. My only concern is trust because the containers do not appear to have many downloads

chema@lemmy.world

You can't access your instance because the only way to reach the container is through the VPN server (as it should be). You have to open a hole in the container's firewall to access it through the local network.

In the [Interface] section in your Wireguard configuration, add the following lines:

PostUp = DROUTE=$(ip route | grep default | awk '{print $3}'); HOMENET=172.16.0.0/12; ip route add $HOMENET via $DROUTE;iptables -I OUTPUT -d $HOMENET -j ACCEPT; iptables -A OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT

PreDown = HOMENET=172.16.0.0/12; ip route delete $HOMENET; iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT; iptables -D OUTPUT -d $HOMENET -j ACCEPT

Replace the value of HOMENET with whichever network you're accessing it from, mine's set to the docker network because it's behind an nginx reverse proxy.

pwet@lemmynsfw.com

I would advice you to use Gluetun instead of crude Wireguard. Within gluetun you just have to set the port for the qbittorrent's gui to be accessible locally, and open docker's firewall for qbittorrent. Then set qbittorrent container to use Gluetun's network.

dunes@feddit.org

Still doesn't work. My wireguard conf file looks like this.

[Interface]
PrivateKey = MyPrivateKey
Address = 1.1.1.1
DNS = 1.1.1.1

PostUp = DROUTE=$(ip route | grep default | awk '{print $3}'); HOMENET=172.16.0.0/12; ip route add $HOMENET via $DROUTE;iptables -I OUTPUT -d $HOMENET -j ACCEPT; iptables -A OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT

PreDown = HOMENET=172.16.0.0/12; ip route delete $HOMENET; iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT; iptables -D OUTPUT -d $HOMENET -j ACCEPT

[Peer]
PublicKey = MyPublicKey
AllowedIPs = 0.0.0.0/0
Endpoint = 1.1.1.1

plantsmakemehappy@lemmy.world

Look at hotio instead, recommended by me and popular among those that support the *arrs.

dunes@feddit.org

Thanks looks a lot simpler to setup.

matron1049@lemmy.dbzer0.com

Move the ports you are exposing from the qbit container to the wireguard container. The VPN container should be the only one exposing ports in this case.

But like someone else said, the gluetun container works really well for this.

dunes@feddit.org

Thanks for the suggestion. This is what I ended up doing, and it works really well.

rfvizarra@lemmy.ml

Ahh, ok. I have the same issue

fhein@lemmy.world

This is my wireguard docker setup:

version: "3.6"
services:
  wireguard:
    image: linuxserver/wireguard
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=116
      - PGID=122
      - TZ=Europe/Stockholm
      - ALLOWEDIPS=192.168.1.0/24
    volumes:
      - /data/torrent/wireguard/config:/config
      - /lib/modules:/lib/modules
    ports:
      - 192.168.1.111:8122:8122  # Deluge webui
      - 192.168.1.111:9127:9127  # jackett webui
      - 192.168.1.111:9666:9666  # prowlarr webui
      - 51820:51820/udp           # wireguard
      - 192.168.1.111:58426:58426  # Deluge RPC
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv6.conf.all.disable_ipv6=1
      - net.ipv6.conf.default.disable_ipv6=1
    restart: unless-stopped

Can reach the webuis from LAN, no other network configuration was necessary. 192.168.1.111 is the server's LAN address. The other services are configured very similar to your qbittorrent, and don't expose any ports. Can't promise it's 100% correct but it's working for me.

shaserlark@sh.itjust.works

https://hotio.dev/containers/qbittorrent/

Why don’t you use the hotio container? That already has it baked in