[+] Added Dockerfile, docker-compose. OpenVPN Scripts, and qBitTorren…

…t configs

config/.bash_history

@@ -0,0 +1,7 @@
+ls
+curl ifconfig.me
+curl ifconfig.me
+curl ifconfig.me
+cd config/
+ls
+ls openvpn/

config/qBittorrent/config/qBittorrent.conf

@@ -0,0 +1,69 @@
+[General]
+enabled=false
+program=
+
+[AutoRun]
+enabled=false
+program=
+
+[Core]
+AutoDeleteAddedTorrentFile=Never
+
+[Preferences]
+Advanced\RecheckOnCompletion=false
+Advanced\trackerPort=9000
+Bittorrent\AddTrackers=false
+Bittorrent\MaxRatioAction=0
+Bittorrent\PeX=true
+Connection\GlobalDLLimitAlt=10
+Connection\GlobalUPLimitAlt=10
+Connection\PortRangeMin=42962
+Connection\ResolvePeerCountries=true
+Connection\UPnP=false
+Downloads\PreAllocation=false
+Downloads\SavePath=/downloads/
+Downloads\ScanDirsV2=@Variant(\0\0\0\x1c\0\0\0\0)
+Downloads\TempPath=/downloads/temp/
+Downloads\TempPathEnabled=true
+DynDNS\DomainName=changeme.dyndns.org
+DynDNS\Enabled=false
+DynDNS\Password=
+DynDNS\Service=0
+DynDNS\Username=
+General\Locale=en
+General\UseRandomPort=false
+MailNotification\email=
+MailNotification\enabled=false
+MailNotification\password=
+MailNotification\req_auth=true
+MailNotification\req_ssl=false
+MailNotification\[email protected]
+MailNotification\smtp_server=smtp.changeme.com
+MailNotification\username=
+Queueing\QueueingEnabled=false
+WebUI\Address=*
+WebUI\AlternativeUIEnabled=true
+WebUI\AuthSubnetWhitelist=192.168.0.0/24
+WebUI\AuthSubnetWhitelistEnabled=true
+WebUI\BanDuration=60
+WebUI\CSRFProtection=false
+WebUI\ClickjackingProtection=true
+WebUI\CustomHTTPHeaders=
+WebUI\CustomHTTPHeadersEnabled=false
+WebUI\HTTPS\CertificatePath=
+WebUI\HTTPS\Enabled=false
+WebUI\HTTPS\KeyPath=
+WebUI\HostHeaderValidation=false
+WebUI\LocalHostAuth=false
+WebUI\MaxAuthenticationFailCount=10
+WebUI\Port=8080
+WebUI\RootFolder=/vuetorrent
+WebUI\SecureCookie=true
+WebUI\ServerDomains=*
+WebUI\SessionTimeout=3600
+WebUI\UseUPnP=true
+WebUI\Username=admin
+
+[RSS]
+AutoDownloader\DownloadRepacks=true
+AutoDownloader\SmartEpisodeFilter=s(\\d+)e(\\d+), (\\d+)x(\\d+), "(\\d{4}[.\\-]\\d{1,2}[.\\-]\\d{1,2})", "(\\d{1,2}[.\\-]\\d{1,2}[.\\-]\\d{4})"

docker-compose.yml

@@ -0,0 +1,24 @@
+version: '3.6'
+services:
+    qbittorrent:
+        privileged: true
+        build: qbittorrentvpn_mc
+        container_name: qbit
+        environment:
+            - VPN_ENABLED=yes
+            - VPN_USERNAME=#put your vpn creds here
+            - VPN_PASSWORD=#and here
+            - NAME_SERVERS=1.1.1.1,8.8.8.8
+            - PUID=1000
+            - PGID=1000
+            - TZ=Europe/Paris
+            - UMASK_SET=022
+            - WEBUI_PORT=8080
+            - LAN_NETWORK=192.168.0.0/24
+        volumes:
+            - ./config:/config
+            - ./downloads:/downloads #chose where you want to store downloaded files
+            - ./vuetorrent:/vuetorrent
+        ports:
+            - 8000:8080
+        restart: unless-stopped

qbittorrentvpn_mc/Dockerfile

@@ -0,0 +1,35 @@
+FROM ubuntu:20.04 as qbittorrentvpn_mc
+MAINTAINER MrChausson
+
+VOLUME /downloads
+VOLUME /config
+
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN usermod -u 99 nobody
+
+# Update packages and install software
+RUN apt-get update \
+&& apt-get install -y --no-install-recommends apt-utils openssl \
+&& apt-get install -y software-properties-common \
+&& add-apt-repository ppa:qbittorrent-team/qbittorrent-stable \
+&& apt-get update \
+&& apt-get install -y qbittorrent-nox openvpn curl moreutils net-tools dos2unix kmod iptables ipcalc unrar \
+&& apt-get install -y binutils \
+&& apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+# Add configuration and scripts
+ADD openvpn/ /etc/openvpn/
+ADD qbittorrent/ /etc/qbittorrent/
+
+RUN chmod +x /etc/qbittorrent/*.sh /etc/qbittorrent/*.init /etc/openvpn/*.sh
+
+#Fix qbittorrent start
+RUN strip --remove-section=.note.ABI-tag /usr/lib/x86_64-linux-gnu/libQt5Core.so.5
+
+# Expose ports and run
+EXPOSE 8080
+EXPOSE 8999
+EXPOSE 8999/udp
+CMD ["/bin/bash", "/etc/openvpn/start.sh"]
+

qbittorrentvpn_mc/openvpn/start.sh

@@ -0,0 +1,172 @@
+#!/bin/bash
+# Forked from binhex's OpenVPN dockers
+set -e
+
+# check for presence of network interface docker0
+check_network=$(ifconfig | grep docker0 || true)
+
+# if network interface docker0 is present then we are running in host mode and thus must exit
+if [[ ! -z "${check_network}" ]]; then
+	echo "[crit] Network type detected as 'Host', this will cause major issues, please stop the container and switch back to 'Bridge' mode" | ts '%Y-%m-%d %H:%M:%.S' && exit 1
+fi
+
+export VPN_ENABLED=$(echo "${VPN_ENABLED}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+if [[ ! -z "${VPN_ENABLED}" ]]; then
+	echo "[info] VPN_ENABLED defined as '${VPN_ENABLED}'" | ts '%Y-%m-%d %H:%M:%.S'
+else
+	echo "[warn] VPN_ENABLED not defined,(via -e VPN_ENABLED), defaulting to 'yes'" | ts '%Y-%m-%d %H:%M:%.S'
+	export VPN_ENABLED="yes"
+fi
+
+if [[ $VPN_ENABLED == "yes" ]]; then
+	# create directory to store openvpn config files
+	mkdir -p /config/openvpn
+	# set perms and owner for files in /config/openvpn directory
+	set +e
+	chown -R "${PUID}":"${PGID}" "/config/openvpn" &> /dev/null
+	exit_code_chown=$?
+	chmod -R 775 "/config/openvpn" &> /dev/null
+	exit_code_chmod=$?
+	set -e
+	if (( ${exit_code_chown} != 0 || ${exit_code_chmod} != 0 )); then
+		echo "[warn] Unable to chown/chmod /config/openvpn/, assuming SMB mountpoint" | ts '%Y-%m-%d %H:%M:%.S'
+	fi
+
+	# wildcard search for openvpn config files (match on first result)
+	export VPN_CONFIG=$(find /config/openvpn -maxdepth 1 -name "*.ovpn" -print -quit)
+
+	# if ovpn file not found in /config/openvpn then exit
+	if [[ -z "${VPN_CONFIG}" ]]; then
+		echo "[crit] No OpenVPN config file located in /config/openvpn/ (ovpn extension), please download from your VPN provider and then restart this container, exiting..." | ts '%Y-%m-%d %H:%M:%.S' && exit 1
+	fi
+
+	echo "[info] OpenVPN config file (ovpn extension) is located at ${VPN_CONFIG}" | ts '%Y-%m-%d %H:%M:%.S'
+
+	# Read username and password env vars and put them in credentials.conf, then add ovpn config for credentials file
+	if [[ ! -z "${VPN_USERNAME}" ]] && [[ ! -z "${VPN_PASSWORD}" ]]; then
+		if [[ ! -e /config/openvpn/credentials.conf ]]; then
+			touch /config/openvpn/credentials.conf
+		fi
+
+		echo "${VPN_USERNAME}" > /config/openvpn/credentials.conf
+		echo "${VPN_PASSWORD}" >> /config/openvpn/credentials.conf
+
+		# Replace line with one that points to credentials.conf
+		auth_cred_exist=$(cat ${VPN_CONFIG} | grep -m 1 'auth-user-pass')
+		if [[ ! -z "${auth_cred_exist}" ]]; then
+			# Get line number of auth-user-pass
+			LINE_NUM=$(grep -Fn -m 1 'auth-user-pass' ${VPN_CONFIG} | cut -d: -f 1)
+			sed -i "${LINE_NUM}s/.*/auth-user-pass credentials.conf\n/" ${VPN_CONFIG}
+		else
+			sed -i "1s/.*/auth-user-pass credentials.conf\n/" ${VPN_CONFIG}
+		fi
+	fi
+
+	# convert CRLF (windows) to LF (unix) for ovpn
+	/usr/bin/dos2unix "${VPN_CONFIG}" 1> /dev/null
+
+	# parse values from ovpn file
+	export vpn_remote_line=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^remote\s)[^\n\r]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${vpn_remote_line}" ]]; then
+		echo "[info] VPN remote line defined as '${vpn_remote_line}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		echo "[crit] VPN configuration file ${VPN_CONFIG} does not contain 'remote' line, showing contents of file before exit..." | ts '%Y-%m-%d %H:%M:%.S'
+		cat "${VPN_CONFIG}" && exit 1
+	fi
+	export VPN_REMOTE=$(echo "${vpn_remote_line}" | grep -P -o -m 1 '^[^\s\r\n]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${VPN_REMOTE}" ]]; then
+		echo "[info] VPN_REMOTE defined as '${VPN_REMOTE}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		echo "[crit] VPN_REMOTE not found in ${VPN_CONFIG}, exiting..." | ts '%Y-%m-%d %H:%M:%.S' && exit 1
+	fi
+	export VPN_PORT=$(echo "${vpn_remote_line}" | grep -P -o -m 1 '(?<=\s)\d{2,5}(?=\s)?+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${VPN_PORT}" ]]; then
+		echo "[info] VPN_PORT defined as '${VPN_PORT}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		echo "[crit] VPN_PORT not found in ${VPN_CONFIG}, exiting..." | ts '%Y-%m-%d %H:%M:%.S' && exit 1
+	fi
+	export VPN_PROTOCOL=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^proto\s)[^\r\n]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${VPN_PROTOCOL}" ]]; then
+		echo "[info] VPN_PROTOCOL defined as '${VPN_PROTOCOL}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		export VPN_PROTOCOL=$(echo "${vpn_remote_line}" | grep -P -o -m 1 'udp|tcp-client|tcp$' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+		if [[ ! -z "${VPN_PROTOCOL}" ]]; then
+			echo "[info] VPN_PROTOCOL defined as '${VPN_PROTOCOL}'" | ts '%Y-%m-%d %H:%M:%.S'
+		else
+			echo "[warn] VPN_PROTOCOL not found in ${VPN_CONFIG}, assuming udp" | ts '%Y-%m-%d %H:%M:%.S'
+			export VPN_PROTOCOL="udp"
+		fi
+	fi
+
+	# required for use in iptables
+	if [[ "${VPN_PROTOCOL}" == "tcp-client" ]]; then
+		export VPN_PROTOCOL="tcp"
+	fi
+
+	VPN_DEVICE_TYPE=$(cat "${VPN_CONFIG}" | grep -P -o -m 1 '(?<=^dev\s)[^\r\n\d]+' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${VPN_DEVICE_TYPE}" ]]; then
+		export VPN_DEVICE_TYPE="${VPN_DEVICE_TYPE}0"
+		echo "[info] VPN_DEVICE_TYPE defined as '${VPN_DEVICE_TYPE}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		echo "[crit] VPN_DEVICE_TYPE not found in ${VPN_CONFIG}, exiting..." | ts '%Y-%m-%d %H:%M:%.S' && exit 1
+	fi
+	# get values from env vars as defined by user
+	export LAN_NETWORK=$(echo "${LAN_NETWORK}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${LAN_NETWORK}" ]]; then
+		echo "[info] LAN_NETWORK defined as '${LAN_NETWORK}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		echo "[crit] LAN_NETWORK not defined (via -e LAN_NETWORK), exiting..." | ts '%Y-%m-%d %H:%M:%.S' && exit 1
+	fi
+	export NAME_SERVERS=$(echo "${NAME_SERVERS}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${NAME_SERVERS}" ]]; then
+		echo "[info] NAME_SERVERS defined as '${NAME_SERVERS}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		echo "[warn] NAME_SERVERS not defined (via -e NAME_SERVERS), defaulting to Google and FreeDNS name servers" | ts '%Y-%m-%d %H:%M:%.S'
+		export NAME_SERVERS="8.8.8.8,37.235.1.174,8.8.4.4,37.235.1.177"
+	fi
+	export VPN_OPTIONS=$(echo "${VPN_OPTIONS}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+	if [[ ! -z "${VPN_OPTIONS}" ]]; then
+		echo "[info] VPN_OPTIONS defined as '${VPN_OPTIONS}'" | ts '%Y-%m-%d %H:%M:%.S'
+	else
+		echo "[info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)" | ts '%Y-%m-%d %H:%M:%.S'
+		export VPN_OPTIONS=""
+	fi
+elif [[ $VPN_ENABLED == "no" ]]; then
+	echo "[warn] !!IMPORTANT!! You have set the VPN to disabled, you will NOT be secure!" | ts '%Y-%m-%d %H:%M:%.S'
+fi
+
+# split comma seperated string into list from NAME_SERVERS env variable
+IFS=',' read -ra name_server_list <<< "${NAME_SERVERS}"
+
+# process name servers in the list
+for name_server_item in "${name_server_list[@]}"; do
+
+	# strip whitespace from start and end of lan_network_item
+	name_server_item=$(echo "${name_server_item}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
+
+	echo "[info] Adding ${name_server_item} to resolv.conf" | ts '%Y-%m-%d %H:%M:%.S'
+	echo "nameserver ${name_server_item}" >> /etc/resolv.conf
+
+done
+
+if [[ -z "${PUID}" ]]; then
+	echo "[info] PUID not defined. Defaulting to root user" | ts '%Y-%m-%d %H:%M:%.S'
+	export PUID="root"
+fi
+
+if [[ -z "${PGID}" ]]; then
+	echo "[info] PGID not defined. Defaulting to root group" | ts '%Y-%m-%d %H:%M:%.S'
+	export PGID="root"
+fi
+
+if [[ $VPN_ENABLED == "yes" ]]; then
+	echo "[info] Starting OpenVPN..." | ts '%Y-%m-%d %H:%M:%.S'
+	cd /config/openvpn
+	exec openvpn --config ${VPN_CONFIG} &
+	# give openvpn some time to connect
+	sleep 5
+	#exec /bin/bash /etc/openvpn/openvpn.init start &
+	exec /bin/bash /etc/qbittorrent/iptables.sh
+else
+	exec /bin/bash /etc/qbittorrent/start.sh
+fi