From 05d7d260cd1c4ad2aebb388197ba9c221c97de32 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 18:29:14 +0200 Subject: [PATCH 01/10] updated list of vpn servers --- piaconfig/AU Melbourne.ovpn | 18 ++++++++++++++++++ piaconfig/AU Sydney.ovpn | 18 ++++++++++++++++++ piaconfig/Israel.ovpn | 18 ++++++++++++++++++ piaconfig/Japan.ovpn | 18 ++++++++++++++++++ piaconfig/Mexico.ovpn | 18 ++++++++++++++++++ piaconfig/Russia.ovpn | 18 ++++++++++++++++++ piaconfig/Singapore.ovpn | 18 ++++++++++++++++++ piaconfig/US Silicon Valley.ovpn | 18 ++++++++++++++++++ 8 files changed, 144 insertions(+) create mode 100644 piaconfig/AU Melbourne.ovpn create mode 100644 piaconfig/AU Sydney.ovpn create mode 100644 piaconfig/Israel.ovpn create mode 100644 piaconfig/Japan.ovpn create mode 100644 piaconfig/Mexico.ovpn create mode 100644 piaconfig/Russia.ovpn create mode 100644 piaconfig/Singapore.ovpn create mode 100644 piaconfig/US Silicon Valley.ovpn diff --git a/piaconfig/AU Melbourne.ovpn b/piaconfig/AU Melbourne.ovpn new file mode 100644 index 0000000..61d8684 --- /dev/null +++ b/piaconfig/AU Melbourne.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote aus-melbourne.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/AU Sydney.ovpn b/piaconfig/AU Sydney.ovpn new file mode 100644 index 0000000..c988e61 --- /dev/null +++ b/piaconfig/AU Sydney.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote aus.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Israel.ovpn b/piaconfig/Israel.ovpn new file mode 100644 index 0000000..2a81484 --- /dev/null +++ b/piaconfig/Israel.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote israel.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Japan.ovpn b/piaconfig/Japan.ovpn new file mode 100644 index 0000000..d696dd9 --- /dev/null +++ b/piaconfig/Japan.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote japan.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Mexico.ovpn b/piaconfig/Mexico.ovpn new file mode 100644 index 0000000..8205f12 --- /dev/null +++ b/piaconfig/Mexico.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote mexico.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Russia.ovpn b/piaconfig/Russia.ovpn new file mode 100644 index 0000000..e323607 --- /dev/null +++ b/piaconfig/Russia.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote russia.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Singapore.ovpn b/piaconfig/Singapore.ovpn new file mode 100644 index 0000000..99a2fca --- /dev/null +++ b/piaconfig/Singapore.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote sg.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/US Silicon Valley.ovpn b/piaconfig/US Silicon Valley.ovpn new file mode 100644 index 0000000..0d8691d --- /dev/null +++ b/piaconfig/US Silicon Valley.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote us-siliconvalley.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + From 50b5aa7d466168a3a01d4ef0055b123562a682e2 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 18:38:31 +0200 Subject: [PATCH 02/10] customized config for this container --- piaconfig/AU Melbourne.ovpn | 10 +++++++--- piaconfig/AU Sydney.ovpn | 10 +++++++--- piaconfig/CA North York.ovpn | 10 +++++++--- piaconfig/CA Toronto.ovpn | 10 +++++++--- piaconfig/France.ovpn | 10 +++++++--- piaconfig/Germany.ovpn | 10 +++++++--- piaconfig/Hong Kong.ovpn | 10 +++++++--- piaconfig/Israel.ovpn | 10 +++++++--- piaconfig/Japan.ovpn | 10 +++++++--- piaconfig/Mexico.ovpn | 10 +++++++--- piaconfig/Netherlands.ovpn | 10 +++++++--- piaconfig/Romania.ovpn | 10 +++++++--- piaconfig/Russia.ovpn | 10 +++++++--- piaconfig/Singapore.ovpn | 10 +++++++--- piaconfig/Sweden.ovpn | 10 +++++++--- piaconfig/Switzerland.ovpn | 10 +++++++--- piaconfig/UK London.ovpn | 10 +++++++--- piaconfig/UK Southampton.ovpn | 10 +++++++--- piaconfig/US California.ovpn | 10 +++++++--- piaconfig/US East.ovpn | 10 +++++++--- piaconfig/US Florida.ovpn | 10 +++++++--- piaconfig/US Midwest.ovpn | 10 +++++++--- piaconfig/US Seattle.ovpn | 10 +++++++--- piaconfig/US Silicon Valley.ovpn | 10 +++++++--- piaconfig/US Texas.ovpn | 10 +++++++--- piaconfig/US West.ovpn | 10 +++++++--- 26 files changed, 182 insertions(+), 78 deletions(-) diff --git a/piaconfig/AU Melbourne.ovpn b/piaconfig/AU Melbourne.ovpn index 61d8684..b2be48e 100644 --- a/piaconfig/AU Melbourne.ovpn +++ b/piaconfig/AU Melbourne.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/AU Sydney.ovpn b/piaconfig/AU Sydney.ovpn index c988e61..5106144 100644 --- a/piaconfig/AU Sydney.ovpn +++ b/piaconfig/AU Sydney.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/CA North York.ovpn b/piaconfig/CA North York.ovpn index e45149c..80853f2 100644 --- a/piaconfig/CA North York.ovpn +++ b/piaconfig/CA North York.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/CA Toronto.ovpn b/piaconfig/CA Toronto.ovpn index 0db9b9e..7baeb4b 100644 --- a/piaconfig/CA Toronto.ovpn +++ b/piaconfig/CA Toronto.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/France.ovpn b/piaconfig/France.ovpn index 085688c..140c3e9 100644 --- a/piaconfig/France.ovpn +++ b/piaconfig/France.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Germany.ovpn b/piaconfig/Germany.ovpn index 6e140af..fa1cce7 100644 --- a/piaconfig/Germany.ovpn +++ b/piaconfig/Germany.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Hong Kong.ovpn b/piaconfig/Hong Kong.ovpn index b59005c..299f984 100644 --- a/piaconfig/Hong Kong.ovpn +++ b/piaconfig/Hong Kong.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Israel.ovpn b/piaconfig/Israel.ovpn index 2a81484..bcf0d76 100644 --- a/piaconfig/Israel.ovpn +++ b/piaconfig/Israel.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Japan.ovpn b/piaconfig/Japan.ovpn index d696dd9..2a1d44e 100644 --- a/piaconfig/Japan.ovpn +++ b/piaconfig/Japan.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Mexico.ovpn b/piaconfig/Mexico.ovpn index 8205f12..7199dd3 100644 --- a/piaconfig/Mexico.ovpn +++ b/piaconfig/Mexico.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Netherlands.ovpn b/piaconfig/Netherlands.ovpn index 806eb79..7293b2a 100644 --- a/piaconfig/Netherlands.ovpn +++ b/piaconfig/Netherlands.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Romania.ovpn b/piaconfig/Romania.ovpn index 3cbfae3..15e4d3f 100644 --- a/piaconfig/Romania.ovpn +++ b/piaconfig/Romania.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Russia.ovpn b/piaconfig/Russia.ovpn index e323607..1e885d6 100644 --- a/piaconfig/Russia.ovpn +++ b/piaconfig/Russia.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Singapore.ovpn b/piaconfig/Singapore.ovpn index 99a2fca..15f14ff 100644 --- a/piaconfig/Singapore.ovpn +++ b/piaconfig/Singapore.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Sweden.ovpn b/piaconfig/Sweden.ovpn index 1c37cb9..cd8a963 100644 --- a/piaconfig/Sweden.ovpn +++ b/piaconfig/Sweden.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Switzerland.ovpn b/piaconfig/Switzerland.ovpn index a1f7aed..98bcef0 100644 --- a/piaconfig/Switzerland.ovpn +++ b/piaconfig/Switzerland.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/UK London.ovpn b/piaconfig/UK London.ovpn index 13e911c..ed5ceb5 100644 --- a/piaconfig/UK London.ovpn +++ b/piaconfig/UK London.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/UK Southampton.ovpn b/piaconfig/UK Southampton.ovpn index 570d647..e0c426a 100644 --- a/piaconfig/UK Southampton.ovpn +++ b/piaconfig/UK Southampton.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US California.ovpn b/piaconfig/US California.ovpn index 344125a..907d10c 100644 --- a/piaconfig/US California.ovpn +++ b/piaconfig/US California.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US East.ovpn b/piaconfig/US East.ovpn index b8f7aa2..c67929f 100644 --- a/piaconfig/US East.ovpn +++ b/piaconfig/US East.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Florida.ovpn b/piaconfig/US Florida.ovpn index c2a05ab..b593738 100644 --- a/piaconfig/US Florida.ovpn +++ b/piaconfig/US Florida.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Midwest.ovpn b/piaconfig/US Midwest.ovpn index 0fcdbe4..ac68135 100644 --- a/piaconfig/US Midwest.ovpn +++ b/piaconfig/US Midwest.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Seattle.ovpn b/piaconfig/US Seattle.ovpn index 7a3f838..127dc4e 100644 --- a/piaconfig/US Seattle.ovpn +++ b/piaconfig/US Seattle.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Silicon Valley.ovpn b/piaconfig/US Silicon Valley.ovpn index 0d8691d..92eb68c 100644 --- a/piaconfig/US Silicon Valley.ovpn +++ b/piaconfig/US Silicon Valley.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Texas.ovpn b/piaconfig/US Texas.ovpn index 5eab59e..289a73e 100644 --- a/piaconfig/US Texas.ovpn +++ b/piaconfig/US Texas.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US West.ovpn b/piaconfig/US West.ovpn index 6aa2411..d09b1e8 100644 --- a/piaconfig/US West.ovpn +++ b/piaconfig/US West.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh From 6f07f0324b04e254afe78c3d1f071effaf7a3d26 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 18:59:36 +0200 Subject: [PATCH 03/10] choose config to use by optionally setting environment variable. --- Dockerfile | 2 +- piaconfig/config.ovpn | 21 --------------------- runOpenVpn.sh | 17 ++++++++++++++++- 3 files changed, 17 insertions(+), 23 deletions(-) delete mode 100644 piaconfig/config.ovpn diff --git a/Dockerfile b/Dockerfile index 5bd42c9..3276f33 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,7 +25,7 @@ RUN apt-get install -y curl VOLUME /config # Add configuration and scripts -ADD piaconfig/config.ovpn /etc/openvpn/config.ovpn +ADD piaconfig/* /etc/openvpn/ ADD piaconfig/ca.crt /etc/openvpn/ca.crt ADD piaconfig/crl.pem /etc/openvpn/crl.pem ADD transmission/defaultSettings.json /etc/transmission-daemon/settings.json diff --git a/piaconfig/config.ovpn b/piaconfig/config.ovpn deleted file mode 100644 index c3f8b06..0000000 --- a/piaconfig/config.ovpn +++ /dev/null @@ -1,21 +0,0 @@ -client -dev tun -proto udp -remote nl.privateinternetaccess.com 1194 -resolv-retry infinite -nobind -persist-key -persist-tun -ca /etc/openvpn/ca.crt -tls-client -remote-cert-tls server -auth-user-pass /config/pia-credentials.txt -comp-lzo -verb 1 -reneg-sec 0 -crl-verify /etc/openvpn/crl.pem - -# OpenVPN control startup and shut down of transmission -script-security 2 -up /etc/transmission-daemon/start.sh -down /etc/transmission-daemon/stop.sh diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 4dbc3f5..6240674 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -1,3 +1,18 @@ #!/bin/sh -exec openvpn --config /etc/openvpn/config.ovpn +if [ ! -z "$OPEN_VPN_CONFIG" ] +then + if [ -f /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn ] + then + echo "Starting OpenVPN using config ${OPEN_VPN_CONFIG}.ovpn" + exec openvpn --config /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn + else + echo "Supplied config ${OPEN_VPN_CONFIG}.ovpn could not be found." + echo "Using default OpenVPN gateway: Netherlands" + exec openvpn --config /etc/openvpn/Netherlands.ovpn + fi +else + echo "No VPN configuration provided. Using default: Netherlands" + exec openvpn --config /etc/openvpn/Netherlands.ovpn +fi + From 29618ffbcbd614f9c2a84c0d4e5edc20654e4a7b Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 19:22:07 +0200 Subject: [PATCH 04/10] Update README.md --- README.md | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 805b39f..fb844e2 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,20 @@ This Docker container lets you run Transmission with WebUI while connecting to P The container is available from the Docker registry and this is the simplest way to get it. To run the container use this command: ``` -$ docker run --privileged -d -v /your/storage/path/:/data -v /your/config/path/:/config -p 9091:9091 haugene/transmission-openvpn +$ docker run --privileged -d \ + -v /your/storage/path/:/data \ + -v /your/config/path/:/config \ + -p 9091:9091 \ + haugene/transmission-openvpn +``` +or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable in this folder. +``` +$ docker run --privileged -d \ + -v /your/storage/path/:/data \ + -v /your/config/path/:/config \ + -p 9091:9091 \ + -e "OPEN_VPN_CONFIG=US West" \ + haugene/transmission-openvpn ``` As you can see, the container expects two volumes to be mounted. One is used for storing your downloads from Transmission, and the other provides configurations. The container comes with a default Transmission settings.json file that expects the folders "completed, incomplete and watch" to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files. @@ -25,7 +38,11 @@ $ docker build -t="docker-transmission-openvpn" . ``` ### Run it: ``` -$ docker run --privileged -d -v /your/storage/path/:/data -v /your/config/path/:/config -p 9091:9091 docker-transmission-openvpn +$ docker run --privileged -d \ + -v /your/storage/path/:/data \ + -v /your/config/path/:/config \ + -p 9091:9091 \ + docker-transmission-openvpn ``` As described in the "Run container from Docker registry" section, this will start a container with default settings. This means that you should have the folders "completed, incomplete and watch" in /your/storage/path, and pia-credentials.txt in /your/config/path. From 268480358dbcc82057171a6395c545e86e584f7c Mon Sep 17 00:00:00 2001 From: Ian Neubert Date: Sat, 9 May 2015 12:49:07 -0700 Subject: [PATCH 05/10] Added PIA username/password to env vars Added transmission settings to env vars. Fixed #8. Updated readme. Added ability to override /etc/resolv.conf. Fixes #4. Save docker image size by combining all apt commands into a single RUN statement. --- Dockerfile | 100 +++++++++++++++++---- README.md | 42 +++++++-- runOpenVpn.sh | 29 +++++- transmission/defaultSettings.json | 142 +++++++++++++++--------------- 4 files changed, 215 insertions(+), 98 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3276f33..789c96b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,22 +7,14 @@ MAINTAINER Kristian Haugene VOLUME /data -# Update package sources list -RUN apt-get update - -# Add transmission ppa repository for latest releases -RUN apt-get -y install software-properties-common -RUN add-apt-repository ppa:transmissionbt/ppa - # Update packages and install software -RUN apt-get update -RUN apt-get install -y transmission-cli -RUN apt-get install -y transmission-common -RUN apt-get install -y transmission-daemon -RUN apt-get install -y openvpn -RUN apt-get install -y curl - -VOLUME /config +RUN apt-get update \ + && apt-get -y install software-properties-common \ + && add-apt-repository ppa:transmissionbt/ppa \ + && apt-get update \ + && apt-get install -y transmission-cli transmission-common transmission-daemon openvpn curl \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ + && curl -L https://github.com/jwilder/dockerize/releases/download/v0.0.2/dockerize-linux-amd64-v0.0.2.tar.gz | tar -C /usr/local/bin -xzv # Add configuration and scripts ADD piaconfig/* /etc/openvpn/ @@ -36,9 +28,81 @@ ADD transmission/runUpdates.sh /etc/transmission-daemon/startPortUpdates.sh ADD transmission/down.sh /etc/transmission-daemon/stop.sh ADD runOpenVpn.sh /etc/openvpn/start.sh +ENV PIA_USERNAME=**None** \ + PIA_PASSWORD=**None** \ + "TRANSMISSION_ALT_SPEED_DOWN=50" \ + "TRANSMISSION_ALT_SPEED_ENABLED=false" \ + "TRANSMISSION_ALT_SPEED_TIME_BEGIN=540" \ + "TRANSMISSION_ALT_SPEED_TIME_DAY=127" \ + "TRANSMISSION_ALT_SPEED_TIME_ENABLED=false" \ + "TRANSMISSION_ALT_SPEED_TIME_END=1020" \ + "TRANSMISSION_ALT_SPEED_UP=50" \ + "TRANSMISSION_BIND_ADDRESS_IPV4=0.0.0.0" \ + "TRANSMISSION_BIND_ADDRESS_IPV6=::" \ + "TRANSMISSION_BLOCKLIST_ENABLED=false" \ + "TRANSMISSION_BLOCKLIST_URL=http://www.example.com/blocklist" \ + "TRANSMISSION_CACHE_SIZE_MB=4" \ + "TRANSMISSION_DHT_ENABLED=true" \ + "TRANSMISSION_DOWNLOAD_DIR=/data/completed" \ + "TRANSMISSION_DOWNLOAD_LIMIT=100" \ + "TRANSMISSION_DOWNLOAD_LIMIT_ENABLED=0" \ + "TRANSMISSION_DOWNLOAD_QUEUE_ENABLED=true" \ + "TRANSMISSION_DOWNLOAD_QUEUE_SIZE=5" \ + "TRANSMISSION_ENCRYPTION=1" \ + "TRANSMISSION_IDLE_SEEDING_LIMIT=30" \ + "TRANSMISSION_IDLE_SEEDING_LIMIT_ENABLED=false" \ + "TRANSMISSION_INCOMPLETE_DIR=/data/incomplete" \ + "TRANSMISSION_INCOMPLETE_DIR_ENABLED=true" \ + "TRANSMISSION_LPD_ENABLED=false" \ + "TRANSMISSION_MAX_PEERS_GLOBAL=200" \ + "TRANSMISSION_MESSAGE_LEVEL=2" \ + "TRANSMISSION_PEER_CONGESTION_ALGORITHM=" \ + "TRANSMISSION_PEER_ID_TTL_HOURS=6" \ + "TRANSMISSION_PEER_LIMIT_GLOBAL=200" \ + "TRANSMISSION_PEER_LIMIT_PER_TORRENT=50" \ + "TRANSMISSION_PEER_PORT=51413" \ + "TRANSMISSION_PEER_PORT_RANDOM_HIGH=65535" \ + "TRANSMISSION_PEER_PORT_RANDOM_LOW=49152" \ + "TRANSMISSION_PEER_PORT_RANDOM_ON_START=false" \ + "TRANSMISSION_PEER_SOCKET_TOS=default" \ + "TRANSMISSION_PEX_ENABLED=true" \ + "TRANSMISSION_PORT_FORWARDING_ENABLED=false" \ + "TRANSMISSION_PREALLOCATION=1" \ + "TRANSMISSION_PREFETCH_ENABLED=1" \ + "TRANSMISSION_QUEUE_STALLED_ENABLED=true" \ + "TRANSMISSION_QUEUE_STALLED_MINUTES=30" \ + "TRANSMISSION_RATIO_LIMIT=2" \ + "TRANSMISSION_RATIO_LIMIT_ENABLED=false" \ + "TRANSMISSION_RENAME_PARTIAL_FILES=true" \ + "TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=false" \ + "TRANSMISSION_RPC_BIND_ADDRESS=0.0.0.0" \ + "TRANSMISSION_RPC_ENABLED=true" \ + "TRANSMISSION_RPC_PASSWORD={425745bf3914984c2abcc013276f40e8fa5d84ecC5.df8oF" \ + "TRANSMISSION_RPC_PORT=9091" \ + "TRANSMISSION_RPC_URL=/transmission/" \ + "TRANSMISSION_RPC_USERNAME=username" \ + "TRANSMISSION_RPC_WHITELIST=127.0.0.1" \ + "TRANSMISSION_RPC_WHITELIST_ENABLED=false" \ + "TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED=true" \ + "TRANSMISSION_SCRIPT_TORRENT_DONE_ENABLED=false" \ + "TRANSMISSION_SCRIPT_TORRENT_DONE_FILENAME=" \ + "TRANSMISSION_SEED_QUEUE_ENABLED=false" \ + "TRANSMISSION_SEED_QUEUE_SIZE=10" \ + "TRANSMISSION_SPEED_LIMIT_DOWN=100" \ + "TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED=false" \ + "TRANSMISSION_SPEED_LIMIT_UP=100" \ + "TRANSMISSION_SPEED_LIMIT_UP_ENABLED=false" \ + "TRANSMISSION_START_ADDED_TORRENTS=true" \ + "TRANSMISSION_TRASH_ORIGINAL_TORRENT_FILES=false" \ + "TRANSMISSION_UMASK=2" \ + "TRANSMISSION_UPLOAD_LIMIT=100" \ + "TRANSMISSION_UPLOAD_LIMIT_ENABLED=0" \ + "TRANSMISSION_UPLOAD_SLOTS_PER_TORRENT=14" \ + "TRANSMISSION_UTP_ENABLED=true" \ + "TRANSMISSION_WATCH_DIR=/data/watch" \ + "TRANSMISSION_WATCH_DIR_ENABLED=true" \ + RESOLV_OVERRIDE=**None** + # Expose port and run. Use baseimage-docker's init system EXPOSE 9091 CMD ["/etc/openvpn/start.sh"] - -# Clean up APT when done. -RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* diff --git a/README.md b/README.md index fb844e2..116f61a 100644 --- a/README.md +++ b/README.md @@ -8,26 +8,55 @@ The container is available from the Docker registry and this is the simplest way ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ - -v /your/config/path/:/config \ + -e "PIA_USERNAME=user" \ + -e "PIA_PASSWORD=pass" \ -p 9091:9091 \ haugene/transmission-openvpn ``` -or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable in this folder. +or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable [in this folder](https://github.com/haugene/docker-transmission-openvpn/tree/master/piaconfig). ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ - -v /your/config/path/:/config \ + -e "PIA_USERNAME=user" \ + -e "PIA_PASSWORD=pass" \ -p 9091:9091 \ -e "OPEN_VPN_CONFIG=US West" \ haugene/transmission-openvpn ``` -As you can see, the container expects two volumes to be mounted. One is used for storing your downloads from Transmission, and the other provides configurations. The container comes with a default Transmission settings.json file that expects the folders "completed, incomplete and watch" to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files. +As you can see, the container expects a data volume to be mounted. It is used for storing your downloads from Transmission. The container comes with a default Transmission `settings.json` file that expects the folders `completed`, `incomplete`, and `watch` to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files. -The only mandatory configuration is a pia-credentials.txt file that needs to be put in /your/config/path/ directory. In the file you supply your username and password for Private Internet Access VPN connections. The file should have two lines; your username on line 1 and your password on line 2. The container will connect to the Private Internet Access VPN servers in Netherlands by default. +The only mandatory configuration is to set two environment variables for your PIA username and password. You must set the environment variables `PIA_USERNAME` and `PIA_PASSWORD` to your login credentials. The container will connect to the Private Internet Access VPN servers in Netherlands by default. NB: Instructions on how to use your own Transmission settings, and how to connect to the WebUI, is further down in the README. +## Required environment options +| Variable | Function | Example | +|----------|----------|-------| +|`PIA_USERNAME`|Your login username for PIA|`PIA_USERNAME=asdf`| +|`PIA_PASSWORD`|Your login password for PIA|`PIA_PASSWORD=asdf`| + +## Network configuration options +| Variable | Function | Example | +|----------|----------|-------| +|`OPEN_VPN_CONFIG` | Sets the PIA endpoint to connect to. | `OPEN_VPN_CONFIG=UK Southampton`| +|`RESOLV_OVERRIDE` | The value of this variable will be written to `/etc/resolv.conf`. | `RESOLV_OVERRIDE=nameserver 8.8.8.8\nnameserver 8.8.4.4\n`| + +## Transmission configuration options + +You may override transmission options by setting the appropriate environment variable. + +The environment variables are the same name as used in the transmission settings.json file and follow the format given in these examples: + +| Transmission variable name | Environment variable name | +|----------------------------|---------------------------| +| `speed-limit-up` | `TRANSMISSION_SPEED_LIMIT_UP` | +| `speed-limit-up-enabled` | `TRANSMISSION_SPEED_LIMIT_UP_ENABLED` | +| `ratio-limit` | `TRANSMISSION_RATIO_LIMIT` | +| `ratio-limit-enabled` | `TRANSMISSION_RATIO_LIMIT_ENABLED` | + +As you can see the variables are prefixed with `TRANSMISSION_`, the variable is capitalized, and `-` is converted to `_`. + # Building the container yourself To build this container, clone the repository and cd into it. @@ -40,7 +69,8 @@ $ docker build -t="docker-transmission-openvpn" . ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ - -v /your/config/path/:/config \ + -e "PIA_USERNAME=user" \ + -e "PIA_PASSWORD=pass" \ -p 9091:9091 \ docker-transmission-openvpn ``` diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 6240674..dffa00e 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -5,14 +5,37 @@ then if [ -f /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn ] then echo "Starting OpenVPN using config ${OPEN_VPN_CONFIG}.ovpn" - exec openvpn --config /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn + OPEN_VPN_CONFIG=/etc/openvpn/${OPEN_VPN_CONFIG}.ovpn else echo "Supplied config ${OPEN_VPN_CONFIG}.ovpn could not be found." echo "Using default OpenVPN gateway: Netherlands" - exec openvpn --config /etc/openvpn/Netherlands.ovpn + OPEN_VPN_CONFIG=/etc/openvpn/Netherlands.ovpn fi else echo "No VPN configuration provided. Using default: Netherlands" - exec openvpn --config /etc/openvpn/Netherlands.ovpn + OPEN_VPN_CONFIG=/etc/openvpn/Netherlands.ovpn fi +# override resolv.conf +if [ "$RESOLV_OVERRIDE" != "**None**" ]; +then + echo "Overriding resolv.conf..." + printf "$RESOLV_OVERRIDE" > /etc/resolv.conf +fi + +# add PIA user/pass +if [ "$PIA_USERNAME" != "**None**" ]; +then + echo "Setting PIA credentials..." + mkdir -p /config + echo $PIA_USERNAME > /config/pia-credentials.txt + echo $PIA_PASSWORD >> /config/pia-credentials.txt +else + echo "Not setting PIA credentials." +fi + +dockerize \ + -template /etc/transmission-daemon/settings.json:/etc/transmission-daemon/settings.json \ + true + +exec openvpn --config "$OPEN_VPN_CONFIG" diff --git a/transmission/defaultSettings.json b/transmission/defaultSettings.json index 20c1864..3f3b11c 100644 --- a/transmission/defaultSettings.json +++ b/transmission/defaultSettings.json @@ -1,74 +1,74 @@ { - "alt-speed-down": 50, - "alt-speed-enabled": false, - "alt-speed-time-begin": 540, - "alt-speed-time-day": 127, - "alt-speed-time-enabled": false, - "alt-speed-time-end": 1020, - "alt-speed-up": 50, - "bind-address-ipv4": "0.0.0.0", - "bind-address-ipv6": "::", - "blocklist-enabled": false, - "blocklist-url": "http://www.example.com/blocklist", - "cache-size-mb": 4, - "dht-enabled": true, - "download-dir": "/data/completed", - "download-limit": 100, - "download-limit-enabled": 0, - "download-queue-enabled": true, - "download-queue-size": 5, - "encryption": 1, - "idle-seeding-limit": 30, - "idle-seeding-limit-enabled": false, - "incomplete-dir": "/data/incomplete", - "incomplete-dir-enabled": true, - "lpd-enabled": false, - "max-peers-global": 200, - "message-level": 2, - "peer-congestion-algorithm": "", - "peer-id-ttl-hours": 6, - "peer-limit-global": 200, - "peer-limit-per-torrent": 50, - "peer-port": 51413, - "peer-port-random-high": 65535, - "peer-port-random-low": 49152, - "peer-port-random-on-start": false, - "peer-socket-tos": "default", - "pex-enabled": true, - "port-forwarding-enabled": false, - "preallocation": 1, - "prefetch-enabled": 1, - "queue-stalled-enabled": true, - "queue-stalled-minutes": 30, - "ratio-limit": 2, - "ratio-limit-enabled": false, - "rename-partial-files": true, - "rpc-authentication-required": false, - "rpc-bind-address": "0.0.0.0", - "rpc-enabled": true, - "rpc-password": "{425745bf3914984c2abcc013276f40e8fa5d84ecC5.df8oF", - "rpc-port": 9091, - "rpc-url": "/transmission/", - "rpc-username": "username", - "rpc-whitelist": "127.0.0.1", - "rpc-whitelist-enabled": false, - "scrape-paused-torrents-enabled": true, - "script-torrent-done-enabled": false, - "script-torrent-done-filename": "", - "seed-queue-enabled": false, - "seed-queue-size": 10, - "speed-limit-down": 100, - "speed-limit-down-enabled": false, - "speed-limit-up": 100, - "speed-limit-up-enabled": false, - "start-added-torrents": true, - "trash-original-torrent-files": false, - "umask": 2, - "upload-limit": 100, - "upload-limit-enabled": 0, - "upload-slots-per-torrent": 14, - "utp-enabled": true, - "watch-dir": "/data/watch", - "watch-dir-enabled": true + "alt-speed-down": {{ .Env.TRANSMISSION_ALT_SPEED_DOWN }}, + "alt-speed-enabled": {{ .Env.TRANSMISSION_ALT_SPEED_ENABLED }}, + "alt-speed-time-begin": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_BEGIN }}, + "alt-speed-time-day": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_DAY }}, + "alt-speed-time-enabled": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_ENABLED }}, + "alt-speed-time-end": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_END }}, + "alt-speed-up": {{ .Env.TRANSMISSION_ALT_SPEED_UP }}, + "bind-address-ipv4": "{{ .Env.TRANSMISSION_BIND_ADDRESS_IPV4 }}", + "bind-address-ipv6": "{{ .Env.TRANSMISSION_BIND_ADDRESS_IPV6 }}", + "blocklist-enabled": {{ .Env.TRANSMISSION_BLOCKLIST_ENABLED }}, + "blocklist-url": "{{ .Env.TRANSMISSION_BLOCKLIST_URL }}", + "cache-size-mb": {{ .Env.TRANSMISSION_CACHE_SIZE_MB }}, + "dht-enabled": {{ .Env.TRANSMISSION_DHT_ENABLED }}, + "download-dir": "{{ .Env.TRANSMISSION_DOWNLOAD_DIR }}", + "download-limit": {{ .Env.TRANSMISSION_DOWNLOAD_LIMIT }}, + "download-limit-enabled": {{ .Env.TRANSMISSION_DOWNLOAD_LIMIT_ENABLED }}, + "download-queue-enabled": {{ .Env.TRANSMISSION_DOWNLOAD_QUEUE_ENABLED }}, + "download-queue-size": {{ .Env.TRANSMISSION_DOWNLOAD_QUEUE_SIZE }}, + "encryption": {{ .Env.TRANSMISSION_ENCRYPTION }}, + "idle-seeding-limit": {{ .Env.TRANSMISSION_IDLE_SEEDING_LIMIT }}, + "idle-seeding-limit-enabled": {{ .Env.TRANSMISSION_IDLE_SEEDING_LIMIT_ENABLED }}, + "incomplete-dir": "{{ .Env.TRANSMISSION_INCOMPLETE_DIR }}", + "incomplete-dir-enabled": {{ .Env.TRANSMISSION_INCOMPLETE_DIR_ENABLED }}, + "lpd-enabled": {{ .Env.TRANSMISSION_LPD_ENABLED }}, + "max-peers-global": {{ .Env.TRANSMISSION_MAX_PEERS_GLOBAL }}, + "message-level": {{ .Env.TRANSMISSION_MESSAGE_LEVEL }}, + "peer-congestion-algorithm": "{{ .Env.TRANSMISSION_PEER_CONGESTION_ALGORITHM }}", + "peer-id-ttl-hours": {{ .Env.TRANSMISSION_PEER_ID_TTL_HOURS }}, + "peer-limit-global": {{ .Env.TRANSMISSION_PEER_LIMIT_GLOBAL }}, + "peer-limit-per-torrent": {{ .Env.TRANSMISSION_PEER_LIMIT_PER_TORRENT }}, + "peer-port": {{ .Env.TRANSMISSION_PEER_PORT }}, + "peer-port-random-high": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_HIGH }}, + "peer-port-random-low": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_LOW }}, + "peer-port-random-on-start": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_ON_START }}, + "peer-socket-tos": "{{ .Env.TRANSMISSION_PEER_SOCKET_TOS }}", + "pex-enabled": {{ .Env.TRANSMISSION_PEX_ENABLED }}, + "port-forwarding-enabled": {{ .Env.TRANSMISSION_PORT_FORWARDING_ENABLED }}, + "preallocation": {{ .Env.TRANSMISSION_PREALLOCATION }}, + "prefetch-enabled": {{ .Env.TRANSMISSION_PREFETCH_ENABLED }}, + "queue-stalled-enabled": {{ .Env.TRANSMISSION_QUEUE_STALLED_ENABLED }}, + "queue-stalled-minutes": {{ .Env.TRANSMISSION_QUEUE_STALLED_MINUTES }}, + "ratio-limit": {{ .Env.TRANSMISSION_RATIO_LIMIT }}, + "ratio-limit-enabled": {{ .Env.TRANSMISSION_RATIO_LIMIT_ENABLED }}, + "rename-partial-files": {{ .Env.TRANSMISSION_RENAME_PARTIAL_FILES }}, + "rpc-authentication-required": {{ .Env.TRANSMISSION_RPC_AUTHENTICATION_REQUIRED }}, + "rpc-bind-address": "{{ .Env.TRANSMISSION_RPC_BIND_ADDRESS }}", + "rpc-enabled": {{ .Env.TRANSMISSION_RPC_ENABLED }}, + "rpc-password": "{{ .Env.TRANSMISSION_RPC_PASSWORD }}", + "rpc-port": {{ .Env.TRANSMISSION_RPC_PORT }}, + "rpc-url": "{{ .Env.TRANSMISSION_RPC_URL }}", + "rpc-username": "{{ .Env.TRANSMISSION_RPC_USERNAME }}", + "rpc-whitelist": "{{ .Env.TRANSMISSION_RPC_WHITELIST }}", + "rpc-whitelist-enabled": {{ .Env.TRANSMISSION_RPC_WHITELIST_ENABLED }}, + "scrape-paused-torrents-enabled": {{ .Env.TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED }}, + "script-torrent-done-enabled": {{ .Env.TRANSMISSION_SCRIPT_TORRENT_DONE_ENABLED }}, + "script-torrent-done-filename": "{{ .Env.TRANSMISSION_SCRIPT_TORRENT_DONE_FILENAME }}", + "seed-queue-enabled": {{ .Env.TRANSMISSION_SEED_QUEUE_ENABLED }}, + "seed-queue-size": {{ .Env.TRANSMISSION_SEED_QUEUE_SIZE }}, + "speed-limit-down": {{ .Env.TRANSMISSION_SPEED_LIMIT_DOWN }}, + "speed-limit-down-enabled": {{ .Env.TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED }}, + "speed-limit-up": {{ .Env.TRANSMISSION_SPEED_LIMIT_UP }}, + "speed-limit-up-enabled": {{ .Env.TRANSMISSION_SPEED_LIMIT_UP_ENABLED }}, + "start-added-torrents": {{ .Env.TRANSMISSION_START_ADDED_TORRENTS }}, + "trash-original-torrent-files": {{ .Env.TRANSMISSION_TRASH_ORIGINAL_TORRENT_FILES }}, + "umask": {{ .Env.TRANSMISSION_UMASK }}, + "upload-limit": {{ .Env.TRANSMISSION_UPLOAD_LIMIT }}, + "upload-limit-enabled": {{ .Env.TRANSMISSION_UPLOAD_LIMIT_ENABLED }}, + "upload-slots-per-torrent": {{ .Env.TRANSMISSION_UPLOAD_SLOTS_PER_TORRENT }}, + "utp-enabled": {{ .Env.TRANSMISSION_UTP_ENABLED }}, + "watch-dir": "{{ .Env.TRANSMISSION_WATCH_DIR }}", + "watch-dir-enabled": {{ .Env.TRANSMISSION_WATCH_DIR_ENABLED }} } From faa3972ab42e528334958f69ac1bab956feb9cda Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 18:30:28 +0200 Subject: [PATCH 06/10] Not starting if PIA credentials is not set --- Dockerfile | 4 +--- runOpenVpn.sh | 8 ++++---- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 789c96b..ac18e38 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,9 +28,7 @@ ADD transmission/runUpdates.sh /etc/transmission-daemon/startPortUpdates.sh ADD transmission/down.sh /etc/transmission-daemon/stop.sh ADD runOpenVpn.sh /etc/openvpn/start.sh -ENV PIA_USERNAME=**None** \ - PIA_PASSWORD=**None** \ - "TRANSMISSION_ALT_SPEED_DOWN=50" \ +ENV "TRANSMISSION_ALT_SPEED_DOWN=50" \ "TRANSMISSION_ALT_SPEED_ENABLED=false" \ "TRANSMISSION_ALT_SPEED_TIME_BEGIN=540" \ "TRANSMISSION_ALT_SPEED_TIME_DAY=127" \ diff --git a/runOpenVpn.sh b/runOpenVpn.sh index dffa00e..7985be7 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -24,14 +24,14 @@ then fi # add PIA user/pass -if [ "$PIA_USERNAME" != "**None**" ]; -then +if [ -z "$PIA_USERNAME" ] || [ -z "$PIA_PASSWORD" ] ; then + echo "PIA credentials not set. Exiting." + exit 1 +else echo "Setting PIA credentials..." mkdir -p /config echo $PIA_USERNAME > /config/pia-credentials.txt echo $PIA_PASSWORD >> /config/pia-credentials.txt -else - echo "Not setting PIA credentials." fi dockerize \ From d129497ca5579ff63c589d99fca9cf21aa60a12b Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 18:51:52 +0200 Subject: [PATCH 07/10] keeping env vars --- Dockerfile | 4 +++- runOpenVpn.sh | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index ac18e38..789c96b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,7 +28,9 @@ ADD transmission/runUpdates.sh /etc/transmission-daemon/startPortUpdates.sh ADD transmission/down.sh /etc/transmission-daemon/stop.sh ADD runOpenVpn.sh /etc/openvpn/start.sh -ENV "TRANSMISSION_ALT_SPEED_DOWN=50" \ +ENV PIA_USERNAME=**None** \ + PIA_PASSWORD=**None** \ + "TRANSMISSION_ALT_SPEED_DOWN=50" \ "TRANSMISSION_ALT_SPEED_ENABLED=false" \ "TRANSMISSION_ALT_SPEED_TIME_BEGIN=540" \ "TRANSMISSION_ALT_SPEED_TIME_DAY=127" \ diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 7985be7..4ea3f86 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -24,7 +24,7 @@ then fi # add PIA user/pass -if [ -z "$PIA_USERNAME" ] || [ -z "$PIA_PASSWORD" ] ; then +if [ "${PIA_USERNAME}" = "**None**" ] || [ "${PIA_PASSWORD}" = "**None**" ] ; then echo "PIA credentials not set. Exiting." exit 1 else From 629e8d0fac852170f75e142a38be3a88e5a9b664 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 20:51:19 +0200 Subject: [PATCH 08/10] transmission startup handles setting.json, and possible to have transmission data-dir on mounted volume for persistent state --- Dockerfile | 2 +- runOpenVpn.sh | 4 ---- ...faultSettings.json => defaultSettings.tmpl} | 0 transmission/run.sh | 18 ++++++++++++++---- 4 files changed, 15 insertions(+), 9 deletions(-) rename transmission/{defaultSettings.json => defaultSettings.tmpl} (100%) diff --git a/Dockerfile b/Dockerfile index 789c96b..bcbc88d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ RUN apt-get update \ ADD piaconfig/* /etc/openvpn/ ADD piaconfig/ca.crt /etc/openvpn/ca.crt ADD piaconfig/crl.pem /etc/openvpn/crl.pem -ADD transmission/defaultSettings.json /etc/transmission-daemon/settings.json +ADD transmission/defaultSettings.tmpl /etc/transmission-daemon/settings.tmpl ADD transmission/updateTransmissionPort.sh /etc/transmission-daemon/updatePort.sh ADD transmission/periodicUpdates.sh /etc/transmission-daemon/periodicUpdates.sh ADD transmission/run.sh /etc/transmission-daemon/start.sh diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 4ea3f86..287d069 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -34,8 +34,4 @@ else echo $PIA_PASSWORD >> /config/pia-credentials.txt fi -dockerize \ - -template /etc/transmission-daemon/settings.json:/etc/transmission-daemon/settings.json \ - true - exec openvpn --config "$OPEN_VPN_CONFIG" diff --git a/transmission/defaultSettings.json b/transmission/defaultSettings.tmpl similarity index 100% rename from transmission/defaultSettings.json rename to transmission/defaultSettings.tmpl diff --git a/transmission/run.sh b/transmission/run.sh index 09bf33f..c640dcc 100755 --- a/transmission/run.sh +++ b/transmission/run.sh @@ -1,11 +1,21 @@ #!/bin/sh -if [ -f /config/transmission/settings.json ]; +if [ ! -z "${KEEP_TRANSMISSION_STATE}" ] then - echo "STARTING TRANSMISSION: Using custom config directory /config/transmission" - exec /usr/bin/transmission-daemon -g /config/transmission/ & + echo "STARTING TRANSMISSION: Using transmission-data subdirectory to your /data mount point to store state." + + # Initialize settings from environment variables + dockerize -template /etc/transmission-daemon/settings.tmpl:/data/transmission-data/settings.json \ + true + + exec /usr/bin/transmission-daemon -g /data/transmission-data/ & else - echo "STARTING TRANSMISSION: No configuration provided, using defaults" + echo "STARTING TRANSMISSION: Storing state in container only." + + # Initialize settings from environment variables + dockerize -template /etc/transmission-daemon/settings.tmpl:/etc/transmission-daemon/settings.json \ + true + exec /usr/bin/transmission-daemon -g /etc/transmission-daemon/ & fi From f7a7c2d4b47016787b33111cb78582f9d2276b38 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 22:15:25 +0200 Subject: [PATCH 09/10] fixing switch for keeping transmission state. also persist transmission rpc username and password for port updates if authentication is enabled. --- Dockerfile | 2 +- runOpenVpn.sh | 13 +++++++++++++ transmission/run.sh | 12 +----------- transmission/updateTransmissionPort.sh | 4 ++-- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index bcbc88d..e749218 100644 --- a/Dockerfile +++ b/Dockerfile @@ -77,7 +77,7 @@ ENV PIA_USERNAME=**None** \ "TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=false" \ "TRANSMISSION_RPC_BIND_ADDRESS=0.0.0.0" \ "TRANSMISSION_RPC_ENABLED=true" \ - "TRANSMISSION_RPC_PASSWORD={425745bf3914984c2abcc013276f40e8fa5d84ecC5.df8oF" \ + "TRANSMISSION_RPC_PASSWORD=password" \ "TRANSMISSION_RPC_PORT=9091" \ "TRANSMISSION_RPC_URL=/transmission/" \ "TRANSMISSION_RPC_USERNAME=username" \ diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 287d069..8909c2a 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -34,4 +34,17 @@ else echo $PIA_PASSWORD >> /config/pia-credentials.txt fi +# add transmission credentials from env vars +echo $TRANSMISSION_RPC_USERNAME > /config/transmission-credentials.txt +echo $TRANSMISSION_RPC_PASSWORD >> /config/transmission-credentials.txt + + +if [ ! -z ${KEEP_TRANSMISSION_STATE} ] +then + mkdir -p /data/transmission-data/ + dockerize -template /etc/transmission-daemon/settings.tmpl:/data/transmission-data/settings.json true +else + dockerize -template /etc/transmission-daemon/settings.tmpl:/etc/transmission-daemon/settings.json true +fi + exec openvpn --config "$OPEN_VPN_CONFIG" diff --git a/transmission/run.sh b/transmission/run.sh index c640dcc..59a25f9 100755 --- a/transmission/run.sh +++ b/transmission/run.sh @@ -1,21 +1,11 @@ #!/bin/sh -if [ ! -z "${KEEP_TRANSMISSION_STATE}" ] +if [ -f /data/transmission-data/settings.json ] then echo "STARTING TRANSMISSION: Using transmission-data subdirectory to your /data mount point to store state." - - # Initialize settings from environment variables - dockerize -template /etc/transmission-daemon/settings.tmpl:/data/transmission-data/settings.json \ - true - exec /usr/bin/transmission-daemon -g /data/transmission-data/ & else echo "STARTING TRANSMISSION: Storing state in container only." - - # Initialize settings from environment variables - dockerize -template /etc/transmission-daemon/settings.tmpl:/etc/transmission-daemon/settings.json \ - true - exec /usr/bin/transmission-daemon -g /etc/transmission-daemon/ & fi diff --git a/transmission/updateTransmissionPort.sh b/transmission/updateTransmissionPort.sh index bcaedf7..f798ff1 100755 --- a/transmission/updateTransmissionPort.sh +++ b/transmission/updateTransmissionPort.sh @@ -13,9 +13,9 @@ pia_client_id_file=/etc/transmission-daemon/pia_client_id transmission_settings_file=/etc/transmission-daemon/settings.json port_assignment_url=https://www.privateinternetaccess.com/vpninfo/port_forward_assignment -if [ -f /config/transmission/settings.json ]; +if [ -f /data/transmission-data/settings.json ]; then - transmission_settings_file=/config/transmission/settings.json + transmission_settings_file=/data/transmission-data/settings.json else transmission_settings_file=/etc/transmission-daemon/settings.json fi From 3b2e2eebeb7832672d302026717b8458029b9ce7 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 22:25:43 +0200 Subject: [PATCH 10/10] Update README.md --- README.md | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 116f61a..abb3cc8 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,9 @@ $ docker run --privileged -d \ -p 9091:9091 \ haugene/transmission-openvpn ``` -or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable [in this folder](https://github.com/haugene/docker-transmission-openvpn/tree/master/piaconfig). + +or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable [in this folder](https://github.com/haugene/docker-transmission-openvpn/tree/master/piaconfig). + ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ @@ -42,6 +44,11 @@ NB: Instructions on how to use your own Transmission settings, and how to connec |`OPEN_VPN_CONFIG` | Sets the PIA endpoint to connect to. | `OPEN_VPN_CONFIG=UK Southampton`| |`RESOLV_OVERRIDE` | The value of this variable will be written to `/etc/resolv.conf`. | `RESOLV_OVERRIDE=nameserver 8.8.8.8\nnameserver 8.8.4.4\n`| +## Storage options +| Variable | Function | Example | +|----------|----------|-------| +|`KEEP_TRANSMISSION_STATE`|If set, persists transmission data to your /data mount point. Keeps state between restarts. Delete the folder to disable this later. |`KEEP_TRANSMISSION_STATE=YES`| + ## Transmission configuration options You may override transmission options by setting the appropriate environment variable. @@ -77,15 +84,6 @@ $ docker run --privileged -d \ As described in the "Run container from Docker registry" section, this will start a container with default settings. This means that you should have the folders "completed, incomplete and watch" in /your/storage/path, and pia-credentials.txt in /your/config/path. -### But I want to provide my own Transmission settings! -OK, so you're advanced. If you want to change the Transmission settings from the defaults, create your own settings.json file or base it on the default config. Then make the container use it by adding a folder called "transmission" in /your/config/path and place your settings.json there. - -On container startup it checks for /config/transmission/settings.json and uses /config/transmission as config directory if the settings file is present. This also means that Transmission will store its state here, so that you don't have to add torrents again when the container restarts. - -If you enable rpc-authentication in your Transmission settings, you need to provide your credentials in a file called transmission-credentials.txt and place it in your config directory. The file is on the same format as pia-credentials.txt, username and password. This is needed because we run a script hourly to get an open port, making us connectable, from PIA. To set this port in Transmission the script needs to know your rpc-authentication username and password. - -NB: Do not change the settings.json file while container is running. Transmission persist its config on shutdown, and this will override your changes. Stop the container, do configurations, then start it again. - ### Access the WebUI But what's going on? My http://my-host:9091 isn't responding? This is because the VPN is active, and since docker is running in a different ip range than your client the response to your request will be treated as "non-local" traffic and therefore be routed out through the VPN interface.