Gluetun using ProtonVPN docker, with the following apps running through:

Qbittorrent

Sonarr/Radarr/Readarr/Prowlarr

Jellyseerr

Deemix - though I’m having trouble finding good arls lately

Slskd

Requester - linked to discord

      • Helix 🧬@feddit.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        how is the rest of your setup? Do you use a reverse proxy for this? Can you give us a small high level “network overview” on how you provide the services to friends and family?

        Do you use Docker? If so, can you share your configs? How do you do backups?

        • butter@lemmy.jamestrey.comOP
          link
          fedilink
          English
          arrow-up
          3
          ·
          2 years ago

          *.domain points to my server, nginx reverse proxy separates it out between the various services. I have jellyfin and navidrome. As well as audiobookshelf for my wife. No hardware transcoding.

          Everything is Docker except nginx. I have gluetun routing everything that my ISP probably wouldn’t like through a VPN.

          Jellyseerr, I thought would be more popular, but it turns out requestrr is doing most of the media grabbing now days. My brother has a family discord, I attached to it.

          The only thing I stress about backups with is my music. I could (and have) rebuilt my server in a day. But it’s taken years to build my library. It’s syncthing’d between my server, laptop, and my brother’s computer (who helps build the library). It’s also syncing to pcloud, but less regularly. Movies are trivial to regrab, and TV can be hit or miss, but it’s still not worth the effort to back it up.

          Last time I upgraded my server, I just copied out my Docker compose files and config folders. As well as my nginx. Since then, if I had to, I could back up everything and restore from a single folder.

          I’ll attach my docker for my torrent stack below. It’s a single large docker because it’s easier to make services use the VPN if they’re attached like that. The rest of my services that don’t run through VPN are individuals that I can stop without commenting them out.

          • Helix 🧬@feddit.de
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 years ago

            Nice, thanks!

            I actually use lots of the same software apart from Traefik instead of nginx and my own wireguard reverse proxy in the WWW with an external IP.

            I solved a similar problem with having irreplaceable audio files by using a friend backup system where I just gave a few friends a free hard disk with the condition they install syncthing so I can give them even more free music from time to time.

            • butter@lemmy.jamestrey.comOP
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 years ago

              I’ve never messed with Traefik. I did a 5 second internet search for “best reverse proxy”, but later realized it would never matter at my scale of less than a dozen. I guess caddy is supposed to be really good and easy to use, but I still find more guides for nginx.

        • butter@lemmy.jamestrey.comOP
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          edit-2
          2 years ago

          version: “3.7” services: gluetun: image: qmcgaw/gluetun:latest cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun

          environment: #WIREGUARD ENVIRONMENT

          - VPN_SERVICE_PROVIDER=custom

          - VPN_SERVICE_PROVIDER=mullvad

          - VPN_TYPE=wireguard

          - WIREGUARD_PRIVATE_KEY=asdf#Mullvad

          - WIREGUARD_ADDRESSES=asdf #Mullvad

          - WIREGUARD_PUBLIC_KEY=asdf=#ProtonVPN

          - WIREGUARD_PRIVATE_KEY=asdf=#ProtonVPN

          - WIREGUARD_PRESHARED_KEY= #ProtonVPN

          - WIREGUARD_ADDRESSES=asdf#ProtonVPN

          - SERVER_CITIES=New York NY

          - FIREWALL_VPN_INPUT_PORTS=55106

          - VPN_ENDPOINT_PORT=51820

          environment:
            - VPN_SERVICE_PROVIDER=protonvpn
            - OPENVPN_USER=asdf
            - OPENVPN_PASSWORD=asdf
            - SERVER_COUNTRIES=United States,Canada
          ports:
             - 5055:5055 #Jellyseerr
             - 8123:8123 #QBT web interface
             - 6881:6881/tcp #QBT Torrenting
             - 6881:6881/udp #Above
             - 9000:9000 #gluetun
          

          - 9117:9117 #Jackett

             - 9696:9696 #Prowlarr
          

          - 8686:8686 #Lidarr

             - 6595:6595 #Deemix
             - 8787:8787 #Readarr
             - 8888:8888/tcp #gluetun
             - 8388:8388/tcp #gluetun
             - 8388:8388/udp #gluetun
             - 8989:8989 #Sonarr
             - 7878:7878 #Radarr
          

          - 7575:7575 #Homarr

          - 4000:4000 #Midarr

             - 5100:5000 #slskd http
             - 5101:5001 #slskd https
             - 50000:50000 #slskd connections
             - 4545:4545 #requestrr
          

          qbittorrent: image: lscr.io/linuxserver/qbittorrent:latest #Master

          image: cr.hotio.dev/hotio/qbittorrent #With VueTorrent Built in

            container_name: qbittorrent
            network_mode: "service:gluetun"
            environment:
              - PUID=1000
              - PGID=1001
              - TZ=America/New_York
              - WEBUI_PORT=8123
              - DOCKER_MODS=arafatamim/linuxserver-io-mod-vuetorrent
            volumes:
              - ./qbittorrent:/config
              - /External/Downloads:/downloads
          

          ports:

          - 8080:8080

          - 6881:6881

          - 6881:6881/udp

            restart: unless-stopped
          

          prowlarr: image: lscr.io/linuxserver/prowlarr:develop container_name: prowlarr network_mode: “service:gluetun” environment: - PUID=1000 - PGID=1001 - TZ=America/New_York - AUTO_UPDATE=true #optional

          - RUN_OPTS=<run options here> #optional

          volumes:
            - ./prowlarr:/config
          

          - /External/Prowlarr:/downloads

          ports:

          - 9696:9696

          restart: unless-stopped
          

          sonarr: image: lscr.io/linuxserver/sonarr:latest container_name: sonarr network_mode: “service:gluetun” environment: - PUID=1000 - PGID=1000 - TZ=America/New_York volumes: - ./sonarr:/config - /External/Jellyfin/TV:/tv #optional - /External/Downloads:/downloads #optional - /home/butter/Jellyfin/TV:/internalTV

          ports:

          - 8989:8989

          - 8990:8123

          restart: unless-stopped
          

          radarr: image: lscr.io/linuxserver/radarr:latest container_name: radarr network_mode: “service:gluetun” environment: - PUID=1000 - PGID=1000 - TZ=America/New_York volumes: - ./radarr:/config - /External/Jellyfin/Movies:/movies #optional - /External/Downloads:/downloads #optional - /home/butter/Jellyfin:/internalmovies

          ports:

          - 7878:7878

          restart: unless-stopped
          

          homarr:

          container_name: homarr

          image: ghcr.io/ajnart/homarr:latest

          network_mode: “service:gluetun”

          restart: unless-stopped

          volumes:

          - ./homarr/configs:/app/data/configs

          - ./homarr/icons:/app/public/icons

          ports:

          - ‘7575:7575’

          jellyseerr: image: fallenbagel/jellyseerr:latest network_mode: “service:gluetun” container_name: jellyseerr environment: - LOG_LEVEL=debug - TZ=America/New_York

          ports:

          - 5055:5055

          volumes:
               - ./jellyseerr:/app/config
          restart: unless-stopped
          

          readarr: image: lscr.io/linuxserver/readarr:develop container_name: readarr network_mode: “service:gluetun” environment: - PUID=1000 - PGID=1000 - TZ=America/New_York volumes: - ./readarr:/config - /External/Books:/books #optional - /External/Downloads:/downloads #optional

          ports:

          - 8787:8787

          restart: unless-stopped
          

          lidarr:

          container_name: lidarr

          network_mode: “service:gluetun”

          image: lscr.io/linuxserver/lidarr:latest #Official

          image: youegraillot/lidarr-on-steroids #Fork based off guide online; Very outdated

          image: cr.hotio.dev/hotio/lidarr #Fork from Reddit

          #ports:
          #  - "8686:8686"
          

          environment:

          - PUID=1000

          - PGID=1000

          - UMASK=002

          - TZ=America/New_York

          volumes:

          - ./lidarr:/config

          - ./deemix:/config_deemix

          - /External/Music/Lidarr:/music #optional

          - /External/Downloads/Lidarr:/downloads #optional

          lidarr-extended:

          image: randomninjaatk/lidarr-extended:latest

          container_name: lidarr-extended

          network_mode: “service:gluetun”

          volumes:

          - ./lidarr-extended:/config

          - /External/Downloads/Lidarr:/downloads-lidarr-extended

          - /External/Music/Lidarr:/music

          - /External/Music/Lidarr/Videos:/music-videos

          environment:

          - TZ=America/New_York

          - PUID=1000

          - PGID=1000

          - enableAudioScript=true

          - enableVideoScript=false

          - scriptInterval=5m

          - configureLidarrWithOptimalSettings=true

          - searchSort=date

          - audioFormat=native

          - audioBitrate=lossless

          - requireQuality=true

          - enableReplaygainTags=true

          - audioLyricType=both

          - dlClientSource=deezer

          - arlToken=

          - tidalCountryCode=US

          - addDeezerTopArtists=false

          - addDeezerTopAlbumArtists=false

          - addDeezerTopTrackArtists=false

          - topLimit=10

          - addRelatedArtists=false

          - numberOfRelatedArtistsToAddPerArtist=5

          - addFeaturedVideoArtists=false

          - plexUrl=http://x.x.x.x:32400

          - plexToken=Token_Goes_Here

          - youtubeSubtitleLanguage=en

          - enableQueueCleaner=true

          - matchDistance=5

          - enableBeetsTagging=true

          - beetsMatchPercentage=90

          ports:

          - 8686:8686

          restart: unless-stopped

          midarr:

          container_name: midarr

          image: ghcr.io/midarrlabs/midarr-server:latest

          network_mode: “service:gluetun”

          ports:

          - 4000:4000

          volumes:

          Database path

          - ./midarr:/app/database

          Media path

          - /External/Jellyfin/Movies:/radarr/movies/path

          - /External/Jellyfin/TV:/sonarr/shows/path

          environment:

          App config

          - APP_URL=http://localhost:4000

          - APP_MAILER_FROM=

          - SENDGRID_API_KEY=someAPIKEY

          Admin account

          - SETUP_ADMIN_EMAIL=

          - SETUP_ADMIN_NAME=

          - SETUP_ADMIN_PASSWORD= # minimum length 12

          Radarr integration

          - RADARR_BASE_URL=localhost:7878

          - RADARR_API_KEY=asdf

          Sonarr integration

          - SONARR_BASE_URL=localhost:8989

          - SONARR_API_KEY=asdf

          slskd: image: slskd/slskd container_name: slskd network_mode: “service:gluetun” volumes: - ./slskd:/app - /External/Music:/music - /External/Books:/audiobooks restart: always

          deemix: image: registry.gitlab.com/bockiii/deemix-docker container_name: Deemix network_mode: “service:gluetun” volumes: - /External/Music/Deezer:/downloads - ./Deezer:/config environment: - PUID=1000 - PGID=1000 - UMASK_SET=022 - DEEMIX_SINGLE_USER=true

          ports:

          - 6595:6595

          requestrr: container_name: requestrr network_mode: “service:gluetun”

          ports:

          - ‘4545:4545’

            volumes:
                - ./requestrr:/root/config
            restart: unless-stopped
            image: darkalfx/requestrr
          
    • butter@lemmy.jamestrey.comOP
      link
      fedilink
      arrow-up
      3
      ·
      2 years ago

      Slskd has taken second fiddle to deemix, lately, but it’s making a comeback since freedeezerarl was shut down.

      At least I’ve been contributing this entire time.

      • krolden
        link
        fedilink
        arrow-up
        2
        ·
        2 years ago

        Yeah but didnt deezer finally block the method used to grab flacs with deemix? I grabbed a bunch of flacs from there years ago and found a lot of errors in the audio in different rips. Even downloaded some twice to be sure I didn’t screw it up so apparently it was bad on deezers end.

        Between slsk and redacted, ive been able to find pretty much anything I could think of.

        • butter@lemmy.jamestrey.comOP
          link
          fedilink
          arrow-up
          2
          ·
          2 years ago

          Yes, redacted is the end goal. I’m just not quite in it. Deemix works as long as you had a paid account. I followed a guy who had “a method” to generate premium ARLs, that he would never share. Didn’t mind at first, but eventually he started trying to charge for them. Then he rage quit and deleted the subreddit, which actually had a little community of people sharing their own accounts.

  • Sam
    link
    fedilink
    arrow-up
    2
    ·
    2 years ago

    Newbie question for you. I’m in the process of building myself a server for the first time after running Jellyfin on my computer for a while. One issue I had on my computer is every time I have my VPN connected to download content, my server is unavailable. How does this work on a server?

    • butter@lemmy.jamestrey.comOP
      link
      fedilink
      arrow-up
      3
      ·
      2 years ago

      I’m also going to recommend gluetun. It lets you run any docker through the VPN. I use it for grey areas, like Prowlarr or slskd.

      It works by creating a new network adapter that can only access the VPN. If your VPN expires or otherwise goes down, all of your services stop.

      https://github.com/qdm12/gluetun

      I also dropped an example config in another comment.

      • Sam
        link
        fedilink
        arrow-up
        2
        ·
        2 years ago

        So it basically only routes your torrent client through the vpn instead of your whole system?

          • Sam
            link
            fedilink
            arrow-up
            2
            ·
            2 years ago

            Oh wow that’s great. I had been hoping to find something like that! Thanks!

    • Helix 🧬@feddit.de
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      You can have multiple routes. If you put your download software in one network namespace which only has the route via VPN to the internet (default / 0.0.0.0 / ::) you can make sure that it always downloads via VPN. You can still provide services via another route. To be 100% sure I’d also use a firewall for this.

      every time I have my VPN connected to download content, my server is unavailable

      Is that the inbuilt kill-switch of your VPN? Which VPN software do you use, which provider?

      • Sam
        link
        fedilink
        arrow-up
        2
        ·
        2 years ago

        Thanks for the explanation. Hopefully I can figure all that out when the time comes.

        “Is that the inbuilt kill-switch of your VPN? Which VPN software do you use, which provider?”

        To be clear I meant remote access and access on other devices. So I can still access my JellyFin server on my computer when my vpn is connected, but if I try to access it on my TV or outside my home network it tells me the server is down. I’ve always assumed it’s just because the vpn is hiding my actual ip that my server is connected to so other devices can’t see it.