There are a number of docker containers that bundle VPN software with different torrent software (such as these projects for Transmission or rTorrent). You can certainly use those projects, but they don't follow the general Docker ethos of "one job per container". Additionally, some flexibility is lost by combining packages like this. So here I'm doing to go over how to get the same functionality using different containers, working together.
We'll start with the OpenVPN software. There are quite a few openvpn clients out there. I happened to use this one but Diego Schmidt made a version based on Haugene's docker-transmission-openvpn container. In the end, any openvpn client container should work, and once you understand how to set this up, you should be able to recreate this using a Wireguard or other client as well.
I use docker compose, so my instructions will be tailored for that. In my opinion, this makes it much easier to read and maintain installations.
Based on the docs, my docker-compose.yml entry for openvpn looks like this:
openvpn:
container_name: openvpn
image: dperson/openvpn-client
cap_add:
- net_admin
env_file: docker.env
environment:
- VPNPORT=42350
ports:
- 8000:80
- 42350:42350
- 8888:8888
tmpfs:
- /run
- /tmpfs
restart: unless-stopped
stdin_open: true
tty: true
volumes:
- /dev/net:/dev/net:z
- /home/docker/openvpn/:/vpn
The VPNPORT entry tells the openvpn container to expect incoming connections through the VPN on port 42350. Those are forwarded from my VPN provider - you'll have to set that up deepending on your provider. It's necessary for seeding.
My ovpn file is in /home/docker/openvpn/config.ovpn. My provider includes authentication information in the ovpn file, so nothing more is needed. If you need to specify a server/username/password, you can do so on the command line (command: 'server;user;password[;port]'). Check the docs for more information.
You'll notice this entry references docker.env. Here are the contents of that file:
PGID=1006
PUID=1005
UMASK=002
LANG=en_US.UTF-8
LC_ALL=en_US.UTF-8
TZ=America/New_York
The PGID and PUID listed here belong to my htpc:htpc user/group, which collectively owns all my media files. The LANG and LC_ALL entries can be left out for our purposes here, but this is a file I use for most of my docker-compose entries.
Fire up your container (docker-compose up -d openvpn). You can check the logs (docker logs openvpn) but the quickest way to see if it is working is to check your IP outside the container (curl ifconfig.me) and then enter the container (docker exec -it openvpn bash) and check it again (curl ifconfig.me). You should see the IP provided by your openvpn provider in the container, and your ISP's IP outside the container.
Once you have the openvpn software working, now you can use that container to provide secure network access for any container you want. What torrent client do you want? rTorrent? Deluge? Transmission? You name it - find a container, and set it up according to the maintainer's instructions. I used linuxserver.io/rutorrent.
Just add two lines to the docker-compose.yml file to make it use openvpn:
network_mode: container:openvpn
depends_on:
- openvpn
Start that container up and enter it (docker exec -ti torrent_container_x bash) and check the IP (curl ifconfig.me). It should show your VPN IP.
Do you want to set up a proxy to use your VPN? I find that helpful since some trackers require a login from the same IP. It's simple to set up, once you have the VPN container running. Pick a proxy container. I liked this one, but you can pick pretty much any software and/or maintainer you desire.
Set it up according to their instructions, and as before add these lines to your docker-compose.yml:
network_mode: container:openvpn
depends_on:
- openvpn
Starting to see the pattern?
I hope you've found this useful!