I have a Raspberry Pi that I want to be able to run Transmission on for torrenting purposes. I have Transmission installed.
I want to have openvpn running but only for Transmission and not touching the rest of the services. I have to access many of the other services on the Pi from the web and therefore cannot have the VPN interfering with that.
I have a ProtonVPN account and downloaded all of the openvpn UDP config files.
I would like to have the VPN running but split-tunneled so that only Transmission is covered by the VPN.
I have searched for guides that explain how to do this but so far none of them are adequate or go into enough detail.
Does anybody have a guide that can explain it all in detail, or know what files to edit and what to put in them?
Thank you in advance for any help you can provide.
None of this is using Docker.
I don’t have a guide for this, but assuming you’re on raspbian you can make a new network namespace, create your VPN device within the network namespace and then run your process within that namespace. That’s going to require getting your hands dirty though.
Why not just use docker or podman? It’s much easier to do this with that.
docker run -d --name vpn gluetun
anddocker run -d --network container:vpn myimage
and you’re done, because OCI containers have their own network namespace by default.ProtonVPN doesn’t support split tunneling on Linux currently and Transmission doesn’t support network interface binding either.
If you are open to using qBittorrent, you should be able to do network interface binding by choosing the ProtonVPN interface.
Run OpenVPN and Transmission in a separate network namespace.
See https://github.com/cladmi/openvpn-netns
After setting it up, run as root:
ip netns exec sudo -u <username> transmission
(or replace with the correct binary)Alternatively, Wireguard has native support for network namespaces.
I can’t provide much help, but any reason you’re choosing OpenVPN over Wireguard? I’ve just found Wireguard to be easier to configure in general.
I know that you said none of this is using Docker, however if you are willing to go the Docker/Podman route, I’ve been using docker-transmission-openvpn for quite a long time with great success.
It does exactly what you need
If you’re opposed to the Docker/Podman route, why not just go with another container solution like LXC/LXD/systemd-nspawn? I have LXC set up on mine with a dedicated torrent container for Wireguard and Transmission. It was far easier than mucking around with split tunneling and hasn’t given me any issues yet.
I’m not expert enough to comment on everything you’ve asked for here but I did run a torrent server on a pi 4 8gb, connected via LAN on 1Gb and it was terrible. The Pi just couldn’t handle the connections and speed etc.,
Ran the same torrent server on an old satellite receiver (Dreambox dm900) with Linux (Enigma 2, Debian) and it ran perfect for years.
Would like to see if anyone else inputs on this as I wouldn’t mind having it on the Pi really, if things have improved.
That’s a good point. I might just put the torrents on another machine just for that and then share the files via samba with the Pi.