Merge pull request #12 from haugene/dev

Externalized configuration by environment variables.
This commit is contained in:
Kristian Haugene 2015-05-11 22:36:34 +02:00
commit a43f60506f
33 changed files with 554 additions and 171 deletions

View File

@ -7,28 +7,20 @@ MAINTAINER Kristian Haugene
VOLUME /data VOLUME /data
# Update package sources list
RUN apt-get update
# Add transmission ppa repository for latest releases
RUN apt-get -y install software-properties-common
RUN add-apt-repository ppa:transmissionbt/ppa
# Update packages and install software # Update packages and install software
RUN apt-get update RUN apt-get update \
RUN apt-get install -y transmission-cli && apt-get -y install software-properties-common \
RUN apt-get install -y transmission-common && add-apt-repository ppa:transmissionbt/ppa \
RUN apt-get install -y transmission-daemon && apt-get update \
RUN apt-get install -y openvpn && apt-get install -y transmission-cli transmission-common transmission-daemon openvpn curl \
RUN apt-get install -y curl && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
&& curl -L https://github.com/jwilder/dockerize/releases/download/v0.0.2/dockerize-linux-amd64-v0.0.2.tar.gz | tar -C /usr/local/bin -xzv
VOLUME /config
# Add configuration and scripts # Add configuration and scripts
ADD piaconfig/config.ovpn /etc/openvpn/config.ovpn ADD piaconfig/* /etc/openvpn/
ADD piaconfig/ca.crt /etc/openvpn/ca.crt ADD piaconfig/ca.crt /etc/openvpn/ca.crt
ADD piaconfig/crl.pem /etc/openvpn/crl.pem ADD piaconfig/crl.pem /etc/openvpn/crl.pem
ADD transmission/defaultSettings.json /etc/transmission-daemon/settings.json ADD transmission/defaultSettings.tmpl /etc/transmission-daemon/settings.tmpl
ADD transmission/updateTransmissionPort.sh /etc/transmission-daemon/updatePort.sh ADD transmission/updateTransmissionPort.sh /etc/transmission-daemon/updatePort.sh
ADD transmission/periodicUpdates.sh /etc/transmission-daemon/periodicUpdates.sh ADD transmission/periodicUpdates.sh /etc/transmission-daemon/periodicUpdates.sh
ADD transmission/run.sh /etc/transmission-daemon/start.sh ADD transmission/run.sh /etc/transmission-daemon/start.sh
@ -36,9 +28,81 @@ ADD transmission/runUpdates.sh /etc/transmission-daemon/startPortUpdates.sh
ADD transmission/down.sh /etc/transmission-daemon/stop.sh ADD transmission/down.sh /etc/transmission-daemon/stop.sh
ADD runOpenVpn.sh /etc/openvpn/start.sh ADD runOpenVpn.sh /etc/openvpn/start.sh
ENV PIA_USERNAME=**None** \
PIA_PASSWORD=**None** \
"TRANSMISSION_ALT_SPEED_DOWN=50" \
"TRANSMISSION_ALT_SPEED_ENABLED=false" \
"TRANSMISSION_ALT_SPEED_TIME_BEGIN=540" \
"TRANSMISSION_ALT_SPEED_TIME_DAY=127" \
"TRANSMISSION_ALT_SPEED_TIME_ENABLED=false" \
"TRANSMISSION_ALT_SPEED_TIME_END=1020" \
"TRANSMISSION_ALT_SPEED_UP=50" \
"TRANSMISSION_BIND_ADDRESS_IPV4=0.0.0.0" \
"TRANSMISSION_BIND_ADDRESS_IPV6=::" \
"TRANSMISSION_BLOCKLIST_ENABLED=false" \
"TRANSMISSION_BLOCKLIST_URL=http://www.example.com/blocklist" \
"TRANSMISSION_CACHE_SIZE_MB=4" \
"TRANSMISSION_DHT_ENABLED=true" \
"TRANSMISSION_DOWNLOAD_DIR=/data/completed" \
"TRANSMISSION_DOWNLOAD_LIMIT=100" \
"TRANSMISSION_DOWNLOAD_LIMIT_ENABLED=0" \
"TRANSMISSION_DOWNLOAD_QUEUE_ENABLED=true" \
"TRANSMISSION_DOWNLOAD_QUEUE_SIZE=5" \
"TRANSMISSION_ENCRYPTION=1" \
"TRANSMISSION_IDLE_SEEDING_LIMIT=30" \
"TRANSMISSION_IDLE_SEEDING_LIMIT_ENABLED=false" \
"TRANSMISSION_INCOMPLETE_DIR=/data/incomplete" \
"TRANSMISSION_INCOMPLETE_DIR_ENABLED=true" \
"TRANSMISSION_LPD_ENABLED=false" \
"TRANSMISSION_MAX_PEERS_GLOBAL=200" \
"TRANSMISSION_MESSAGE_LEVEL=2" \
"TRANSMISSION_PEER_CONGESTION_ALGORITHM=" \
"TRANSMISSION_PEER_ID_TTL_HOURS=6" \
"TRANSMISSION_PEER_LIMIT_GLOBAL=200" \
"TRANSMISSION_PEER_LIMIT_PER_TORRENT=50" \
"TRANSMISSION_PEER_PORT=51413" \
"TRANSMISSION_PEER_PORT_RANDOM_HIGH=65535" \
"TRANSMISSION_PEER_PORT_RANDOM_LOW=49152" \
"TRANSMISSION_PEER_PORT_RANDOM_ON_START=false" \
"TRANSMISSION_PEER_SOCKET_TOS=default" \
"TRANSMISSION_PEX_ENABLED=true" \
"TRANSMISSION_PORT_FORWARDING_ENABLED=false" \
"TRANSMISSION_PREALLOCATION=1" \
"TRANSMISSION_PREFETCH_ENABLED=1" \
"TRANSMISSION_QUEUE_STALLED_ENABLED=true" \
"TRANSMISSION_QUEUE_STALLED_MINUTES=30" \
"TRANSMISSION_RATIO_LIMIT=2" \
"TRANSMISSION_RATIO_LIMIT_ENABLED=false" \
"TRANSMISSION_RENAME_PARTIAL_FILES=true" \
"TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=false" \
"TRANSMISSION_RPC_BIND_ADDRESS=0.0.0.0" \
"TRANSMISSION_RPC_ENABLED=true" \
"TRANSMISSION_RPC_PASSWORD=password" \
"TRANSMISSION_RPC_PORT=9091" \
"TRANSMISSION_RPC_URL=/transmission/" \
"TRANSMISSION_RPC_USERNAME=username" \
"TRANSMISSION_RPC_WHITELIST=127.0.0.1" \
"TRANSMISSION_RPC_WHITELIST_ENABLED=false" \
"TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED=true" \
"TRANSMISSION_SCRIPT_TORRENT_DONE_ENABLED=false" \
"TRANSMISSION_SCRIPT_TORRENT_DONE_FILENAME=" \
"TRANSMISSION_SEED_QUEUE_ENABLED=false" \
"TRANSMISSION_SEED_QUEUE_SIZE=10" \
"TRANSMISSION_SPEED_LIMIT_DOWN=100" \
"TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED=false" \
"TRANSMISSION_SPEED_LIMIT_UP=100" \
"TRANSMISSION_SPEED_LIMIT_UP_ENABLED=false" \
"TRANSMISSION_START_ADDED_TORRENTS=true" \
"TRANSMISSION_TRASH_ORIGINAL_TORRENT_FILES=false" \
"TRANSMISSION_UMASK=2" \
"TRANSMISSION_UPLOAD_LIMIT=100" \
"TRANSMISSION_UPLOAD_LIMIT_ENABLED=0" \
"TRANSMISSION_UPLOAD_SLOTS_PER_TORRENT=14" \
"TRANSMISSION_UTP_ENABLED=true" \
"TRANSMISSION_WATCH_DIR=/data/watch" \
"TRANSMISSION_WATCH_DIR_ENABLED=true" \
RESOLV_OVERRIDE=**None**
# Expose port and run. Use baseimage-docker's init system # Expose port and run. Use baseimage-docker's init system
EXPOSE 9091 EXPOSE 9091
CMD ["/etc/openvpn/start.sh"] CMD ["/etc/openvpn/start.sh"]
# Clean up APT when done.
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

View File

@ -6,15 +6,64 @@ This Docker container lets you run Transmission with WebUI while connecting to P
The container is available from the Docker registry and this is the simplest way to get it. To run the container use this command: The container is available from the Docker registry and this is the simplest way to get it. To run the container use this command:
``` ```
$ docker run --privileged -d -v /your/storage/path/:/data -v /your/config/path/:/config -p 9091:9091 haugene/transmission-openvpn $ docker run --privileged -d \
-v /your/storage/path/:/data \
-e "PIA_USERNAME=user" \
-e "PIA_PASSWORD=pass" \
-p 9091:9091 \
haugene/transmission-openvpn
``` ```
As you can see, the container expects two volumes to be mounted. One is used for storing your downloads from Transmission, and the other provides configurations. The container comes with a default Transmission settings.json file that expects the folders "completed, incomplete and watch" to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files. or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable [in this folder](https://github.com/haugene/docker-transmission-openvpn/tree/master/piaconfig).
The only mandatory configuration is a pia-credentials.txt file that needs to be put in /your/config/path/ directory. In the file you supply your username and password for Private Internet Access VPN connections. The file should have two lines; your username on line 1 and your password on line 2. The container will connect to the Private Internet Access VPN servers in Netherlands by default. ```
$ docker run --privileged -d \
-v /your/storage/path/:/data \
-e "PIA_USERNAME=user" \
-e "PIA_PASSWORD=pass" \
-p 9091:9091 \
-e "OPEN_VPN_CONFIG=US West" \
haugene/transmission-openvpn
```
As you can see, the container expects a data volume to be mounted. It is used for storing your downloads from Transmission. The container comes with a default Transmission `settings.json` file that expects the folders `completed`, `incomplete`, and `watch` to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files.
The only mandatory configuration is to set two environment variables for your PIA username and password. You must set the environment variables `PIA_USERNAME` and `PIA_PASSWORD` to your login credentials. The container will connect to the Private Internet Access VPN servers in Netherlands by default.
NB: Instructions on how to use your own Transmission settings, and how to connect to the WebUI, is further down in the README. NB: Instructions on how to use your own Transmission settings, and how to connect to the WebUI, is further down in the README.
## Required environment options
| Variable | Function | Example |
|----------|----------|-------|
|`PIA_USERNAME`|Your login username for PIA|`PIA_USERNAME=asdf`|
|`PIA_PASSWORD`|Your login password for PIA|`PIA_PASSWORD=asdf`|
## Network configuration options
| Variable | Function | Example |
|----------|----------|-------|
|`OPEN_VPN_CONFIG` | Sets the PIA endpoint to connect to. | `OPEN_VPN_CONFIG=UK Southampton`|
|`RESOLV_OVERRIDE` | The value of this variable will be written to `/etc/resolv.conf`. | `RESOLV_OVERRIDE=nameserver 8.8.8.8\nnameserver 8.8.4.4\n`|
## Storage options
| Variable | Function | Example |
|----------|----------|-------|
|`KEEP_TRANSMISSION_STATE`|If set, persists transmission data to your /data mount point. Keeps state between restarts. Delete the folder to disable this later. |`KEEP_TRANSMISSION_STATE=YES`|
## Transmission configuration options
You may override transmission options by setting the appropriate environment variable.
The environment variables are the same name as used in the transmission settings.json file and follow the format given in these examples:
| Transmission variable name | Environment variable name |
|----------------------------|---------------------------|
| `speed-limit-up` | `TRANSMISSION_SPEED_LIMIT_UP` |
| `speed-limit-up-enabled` | `TRANSMISSION_SPEED_LIMIT_UP_ENABLED` |
| `ratio-limit` | `TRANSMISSION_RATIO_LIMIT` |
| `ratio-limit-enabled` | `TRANSMISSION_RATIO_LIMIT_ENABLED` |
As you can see the variables are prefixed with `TRANSMISSION_`, the variable is capitalized, and `-` is converted to `_`.
# Building the container yourself # Building the container yourself
To build this container, clone the repository and cd into it. To build this container, clone the repository and cd into it.
@ -25,20 +74,16 @@ $ docker build -t="docker-transmission-openvpn" .
``` ```
### Run it: ### Run it:
``` ```
$ docker run --privileged -d -v /your/storage/path/:/data -v /your/config/path/:/config -p 9091:9091 docker-transmission-openvpn $ docker run --privileged -d \
-v /your/storage/path/:/data \
-e "PIA_USERNAME=user" \
-e "PIA_PASSWORD=pass" \
-p 9091:9091 \
docker-transmission-openvpn
``` ```
As described in the "Run container from Docker registry" section, this will start a container with default settings. This means that you should have the folders "completed, incomplete and watch" in /your/storage/path, and pia-credentials.txt in /your/config/path. As described in the "Run container from Docker registry" section, this will start a container with default settings. This means that you should have the folders "completed, incomplete and watch" in /your/storage/path, and pia-credentials.txt in /your/config/path.
### But I want to provide my own Transmission settings!
OK, so you're advanced. If you want to change the Transmission settings from the defaults, create your own settings.json file or base it on the default config. Then make the container use it by adding a folder called "transmission" in /your/config/path and place your settings.json there.
On container startup it checks for /config/transmission/settings.json and uses /config/transmission as config directory if the settings file is present. This also means that Transmission will store its state here, so that you don't have to add torrents again when the container restarts.
If you enable rpc-authentication in your Transmission settings, you need to provide your credentials in a file called transmission-credentials.txt and place it in your config directory. The file is on the same format as pia-credentials.txt, username and password. This is needed because we run a script hourly to get an open port, making us connectable, from PIA. To set this port in Transmission the script needs to know your rpc-authentication username and password.
NB: Do not change the settings.json file while container is running. Transmission persist its config on shutdown, and this will override your changes. Stop the container, do configurations, then start it again.
### Access the WebUI ### Access the WebUI
But what's going on? My http://my-host:9091 isn't responding? But what's going on? My http://my-host:9091 isn't responding?
This is because the VPN is active, and since docker is running in a different ip range than your client the response to your request will be treated as "non-local" traffic and therefore be routed out through the VPN interface. This is because the VPN is active, and since docker is running in a different ip range than your client the response to your request will be treated as "non-local" traffic and therefore be routed out through the VPN interface.

View File

@ -0,0 +1,22 @@
client
dev tun
proto udp
remote aus-melbourne.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

22
piaconfig/AU Sydney.ovpn Normal file
View File

@ -0,0 +1,22 @@
client
dev tun
proto udp
remote aus.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

22
piaconfig/Israel.ovpn Normal file
View File

@ -0,0 +1,22 @@
client
dev tun
proto udp
remote israel.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

22
piaconfig/Japan.ovpn Normal file
View File

@ -0,0 +1,22 @@
client
dev tun
proto udp
remote japan.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

22
piaconfig/Mexico.ovpn Normal file
View File

@ -0,0 +1,22 @@
client
dev tun
proto udp
remote mexico.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

22
piaconfig/Russia.ovpn Normal file
View File

@ -0,0 +1,22 @@
client
dev tun
proto udp
remote russia.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -1,18 +1,19 @@
client client
dev tun dev tun
proto udp proto udp
remote nl.privateinternetaccess.com 1194 remote sg.privateinternetaccess.com 1194
resolv-retry infinite resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca /etc/openvpn/ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass /config/pia-credentials.txt
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission # OpenVPN control startup and shut down of transmission

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -0,0 +1,22 @@
client
dev tun
proto udp
remote us-siliconvalley.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
tls-client
remote-cert-tls server
comp-lzo
verb 1
reneg-sec 0
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -6,13 +6,17 @@ resolv-retry infinite
nobind nobind
persist-key persist-key
persist-tun persist-tun
ca ca.crt
tls-client tls-client
remote-cert-tls server remote-cert-tls server
auth-user-pass
comp-lzo comp-lzo
verb 1 verb 1
reneg-sec 0 reneg-sec 0
crl-verify crl.pem
ca /etc/openvpn/ca.crt
auth-user-pass /config/pia-credentials.txt
crl-verify /etc/openvpn/crl.pem
# OpenVPN control startup and shut down of transmission
script-security 2
up /etc/transmission-daemon/start.sh
down /etc/transmission-daemon/stop.sh

View File

@ -1,3 +1,50 @@
#!/bin/sh #!/bin/sh
exec openvpn --config /etc/openvpn/config.ovpn if [ ! -z "$OPEN_VPN_CONFIG" ]
then
if [ -f /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn ]
then
echo "Starting OpenVPN using config ${OPEN_VPN_CONFIG}.ovpn"
OPEN_VPN_CONFIG=/etc/openvpn/${OPEN_VPN_CONFIG}.ovpn
else
echo "Supplied config ${OPEN_VPN_CONFIG}.ovpn could not be found."
echo "Using default OpenVPN gateway: Netherlands"
OPEN_VPN_CONFIG=/etc/openvpn/Netherlands.ovpn
fi
else
echo "No VPN configuration provided. Using default: Netherlands"
OPEN_VPN_CONFIG=/etc/openvpn/Netherlands.ovpn
fi
# override resolv.conf
if [ "$RESOLV_OVERRIDE" != "**None**" ];
then
echo "Overriding resolv.conf..."
printf "$RESOLV_OVERRIDE" > /etc/resolv.conf
fi
# add PIA user/pass
if [ "${PIA_USERNAME}" = "**None**" ] || [ "${PIA_PASSWORD}" = "**None**" ] ; then
echo "PIA credentials not set. Exiting."
exit 1
else
echo "Setting PIA credentials..."
mkdir -p /config
echo $PIA_USERNAME > /config/pia-credentials.txt
echo $PIA_PASSWORD >> /config/pia-credentials.txt
fi
# add transmission credentials from env vars
echo $TRANSMISSION_RPC_USERNAME > /config/transmission-credentials.txt
echo $TRANSMISSION_RPC_PASSWORD >> /config/transmission-credentials.txt
if [ ! -z ${KEEP_TRANSMISSION_STATE} ]
then
mkdir -p /data/transmission-data/
dockerize -template /etc/transmission-daemon/settings.tmpl:/data/transmission-data/settings.json true
else
dockerize -template /etc/transmission-daemon/settings.tmpl:/etc/transmission-daemon/settings.json true
fi
exec openvpn --config "$OPEN_VPN_CONFIG"

View File

@ -1,74 +0,0 @@
{
"alt-speed-down": 50,
"alt-speed-enabled": false,
"alt-speed-time-begin": 540,
"alt-speed-time-day": 127,
"alt-speed-time-enabled": false,
"alt-speed-time-end": 1020,
"alt-speed-up": 50,
"bind-address-ipv4": "0.0.0.0",
"bind-address-ipv6": "::",
"blocklist-enabled": false,
"blocklist-url": "http://www.example.com/blocklist",
"cache-size-mb": 4,
"dht-enabled": true,
"download-dir": "/data/completed",
"download-limit": 100,
"download-limit-enabled": 0,
"download-queue-enabled": true,
"download-queue-size": 5,
"encryption": 1,
"idle-seeding-limit": 30,
"idle-seeding-limit-enabled": false,
"incomplete-dir": "/data/incomplete",
"incomplete-dir-enabled": true,
"lpd-enabled": false,
"max-peers-global": 200,
"message-level": 2,
"peer-congestion-algorithm": "",
"peer-id-ttl-hours": 6,
"peer-limit-global": 200,
"peer-limit-per-torrent": 50,
"peer-port": 51413,
"peer-port-random-high": 65535,
"peer-port-random-low": 49152,
"peer-port-random-on-start": false,
"peer-socket-tos": "default",
"pex-enabled": true,
"port-forwarding-enabled": false,
"preallocation": 1,
"prefetch-enabled": 1,
"queue-stalled-enabled": true,
"queue-stalled-minutes": 30,
"ratio-limit": 2,
"ratio-limit-enabled": false,
"rename-partial-files": true,
"rpc-authentication-required": false,
"rpc-bind-address": "0.0.0.0",
"rpc-enabled": true,
"rpc-password": "{425745bf3914984c2abcc013276f40e8fa5d84ecC5.df8oF",
"rpc-port": 9091,
"rpc-url": "/transmission/",
"rpc-username": "username",
"rpc-whitelist": "127.0.0.1",
"rpc-whitelist-enabled": false,
"scrape-paused-torrents-enabled": true,
"script-torrent-done-enabled": false,
"script-torrent-done-filename": "",
"seed-queue-enabled": false,
"seed-queue-size": 10,
"speed-limit-down": 100,
"speed-limit-down-enabled": false,
"speed-limit-up": 100,
"speed-limit-up-enabled": false,
"start-added-torrents": true,
"trash-original-torrent-files": false,
"umask": 2,
"upload-limit": 100,
"upload-limit-enabled": 0,
"upload-slots-per-torrent": 14,
"utp-enabled": true,
"watch-dir": "/data/watch",
"watch-dir-enabled": true
}

View File

@ -0,0 +1,74 @@
{
"alt-speed-down": {{ .Env.TRANSMISSION_ALT_SPEED_DOWN }},
"alt-speed-enabled": {{ .Env.TRANSMISSION_ALT_SPEED_ENABLED }},
"alt-speed-time-begin": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_BEGIN }},
"alt-speed-time-day": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_DAY }},
"alt-speed-time-enabled": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_ENABLED }},
"alt-speed-time-end": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_END }},
"alt-speed-up": {{ .Env.TRANSMISSION_ALT_SPEED_UP }},
"bind-address-ipv4": "{{ .Env.TRANSMISSION_BIND_ADDRESS_IPV4 }}",
"bind-address-ipv6": "{{ .Env.TRANSMISSION_BIND_ADDRESS_IPV6 }}",
"blocklist-enabled": {{ .Env.TRANSMISSION_BLOCKLIST_ENABLED }},
"blocklist-url": "{{ .Env.TRANSMISSION_BLOCKLIST_URL }}",
"cache-size-mb": {{ .Env.TRANSMISSION_CACHE_SIZE_MB }},
"dht-enabled": {{ .Env.TRANSMISSION_DHT_ENABLED }},
"download-dir": "{{ .Env.TRANSMISSION_DOWNLOAD_DIR }}",
"download-limit": {{ .Env.TRANSMISSION_DOWNLOAD_LIMIT }},
"download-limit-enabled": {{ .Env.TRANSMISSION_DOWNLOAD_LIMIT_ENABLED }},
"download-queue-enabled": {{ .Env.TRANSMISSION_DOWNLOAD_QUEUE_ENABLED }},
"download-queue-size": {{ .Env.TRANSMISSION_DOWNLOAD_QUEUE_SIZE }},
"encryption": {{ .Env.TRANSMISSION_ENCRYPTION }},
"idle-seeding-limit": {{ .Env.TRANSMISSION_IDLE_SEEDING_LIMIT }},
"idle-seeding-limit-enabled": {{ .Env.TRANSMISSION_IDLE_SEEDING_LIMIT_ENABLED }},
"incomplete-dir": "{{ .Env.TRANSMISSION_INCOMPLETE_DIR }}",
"incomplete-dir-enabled": {{ .Env.TRANSMISSION_INCOMPLETE_DIR_ENABLED }},
"lpd-enabled": {{ .Env.TRANSMISSION_LPD_ENABLED }},
"max-peers-global": {{ .Env.TRANSMISSION_MAX_PEERS_GLOBAL }},
"message-level": {{ .Env.TRANSMISSION_MESSAGE_LEVEL }},
"peer-congestion-algorithm": "{{ .Env.TRANSMISSION_PEER_CONGESTION_ALGORITHM }}",
"peer-id-ttl-hours": {{ .Env.TRANSMISSION_PEER_ID_TTL_HOURS }},
"peer-limit-global": {{ .Env.TRANSMISSION_PEER_LIMIT_GLOBAL }},
"peer-limit-per-torrent": {{ .Env.TRANSMISSION_PEER_LIMIT_PER_TORRENT }},
"peer-port": {{ .Env.TRANSMISSION_PEER_PORT }},
"peer-port-random-high": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_HIGH }},
"peer-port-random-low": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_LOW }},
"peer-port-random-on-start": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_ON_START }},
"peer-socket-tos": "{{ .Env.TRANSMISSION_PEER_SOCKET_TOS }}",
"pex-enabled": {{ .Env.TRANSMISSION_PEX_ENABLED }},
"port-forwarding-enabled": {{ .Env.TRANSMISSION_PORT_FORWARDING_ENABLED }},
"preallocation": {{ .Env.TRANSMISSION_PREALLOCATION }},
"prefetch-enabled": {{ .Env.TRANSMISSION_PREFETCH_ENABLED }},
"queue-stalled-enabled": {{ .Env.TRANSMISSION_QUEUE_STALLED_ENABLED }},
"queue-stalled-minutes": {{ .Env.TRANSMISSION_QUEUE_STALLED_MINUTES }},
"ratio-limit": {{ .Env.TRANSMISSION_RATIO_LIMIT }},
"ratio-limit-enabled": {{ .Env.TRANSMISSION_RATIO_LIMIT_ENABLED }},
"rename-partial-files": {{ .Env.TRANSMISSION_RENAME_PARTIAL_FILES }},
"rpc-authentication-required": {{ .Env.TRANSMISSION_RPC_AUTHENTICATION_REQUIRED }},
"rpc-bind-address": "{{ .Env.TRANSMISSION_RPC_BIND_ADDRESS }}",
"rpc-enabled": {{ .Env.TRANSMISSION_RPC_ENABLED }},
"rpc-password": "{{ .Env.TRANSMISSION_RPC_PASSWORD }}",
"rpc-port": {{ .Env.TRANSMISSION_RPC_PORT }},
"rpc-url": "{{ .Env.TRANSMISSION_RPC_URL }}",
"rpc-username": "{{ .Env.TRANSMISSION_RPC_USERNAME }}",
"rpc-whitelist": "{{ .Env.TRANSMISSION_RPC_WHITELIST }}",
"rpc-whitelist-enabled": {{ .Env.TRANSMISSION_RPC_WHITELIST_ENABLED }},
"scrape-paused-torrents-enabled": {{ .Env.TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED }},
"script-torrent-done-enabled": {{ .Env.TRANSMISSION_SCRIPT_TORRENT_DONE_ENABLED }},
"script-torrent-done-filename": "{{ .Env.TRANSMISSION_SCRIPT_TORRENT_DONE_FILENAME }}",
"seed-queue-enabled": {{ .Env.TRANSMISSION_SEED_QUEUE_ENABLED }},
"seed-queue-size": {{ .Env.TRANSMISSION_SEED_QUEUE_SIZE }},
"speed-limit-down": {{ .Env.TRANSMISSION_SPEED_LIMIT_DOWN }},
"speed-limit-down-enabled": {{ .Env.TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED }},
"speed-limit-up": {{ .Env.TRANSMISSION_SPEED_LIMIT_UP }},
"speed-limit-up-enabled": {{ .Env.TRANSMISSION_SPEED_LIMIT_UP_ENABLED }},
"start-added-torrents": {{ .Env.TRANSMISSION_START_ADDED_TORRENTS }},
"trash-original-torrent-files": {{ .Env.TRANSMISSION_TRASH_ORIGINAL_TORRENT_FILES }},
"umask": {{ .Env.TRANSMISSION_UMASK }},
"upload-limit": {{ .Env.TRANSMISSION_UPLOAD_LIMIT }},
"upload-limit-enabled": {{ .Env.TRANSMISSION_UPLOAD_LIMIT_ENABLED }},
"upload-slots-per-torrent": {{ .Env.TRANSMISSION_UPLOAD_SLOTS_PER_TORRENT }},
"utp-enabled": {{ .Env.TRANSMISSION_UTP_ENABLED }},
"watch-dir": "{{ .Env.TRANSMISSION_WATCH_DIR }}",
"watch-dir-enabled": {{ .Env.TRANSMISSION_WATCH_DIR_ENABLED }}
}

View File

@ -1,11 +1,11 @@
#!/bin/sh #!/bin/sh
if [ -f /config/transmission/settings.json ]; if [ -f /data/transmission-data/settings.json ]
then then
echo "STARTING TRANSMISSION: Using custom config directory /config/transmission" echo "STARTING TRANSMISSION: Using transmission-data subdirectory to your /data mount point to store state."
exec /usr/bin/transmission-daemon -g /config/transmission/ & exec /usr/bin/transmission-daemon -g /data/transmission-data/ &
else else
echo "STARTING TRANSMISSION: No configuration provided, using defaults" echo "STARTING TRANSMISSION: Storing state in container only."
exec /usr/bin/transmission-daemon -g /etc/transmission-daemon/ & exec /usr/bin/transmission-daemon -g /etc/transmission-daemon/ &
fi fi

View File

@ -13,9 +13,9 @@ pia_client_id_file=/etc/transmission-daemon/pia_client_id
transmission_settings_file=/etc/transmission-daemon/settings.json transmission_settings_file=/etc/transmission-daemon/settings.json
port_assignment_url=https://www.privateinternetaccess.com/vpninfo/port_forward_assignment port_assignment_url=https://www.privateinternetaccess.com/vpninfo/port_forward_assignment
if [ -f /config/transmission/settings.json ]; if [ -f /data/transmission-data/settings.json ];
then then
transmission_settings_file=/config/transmission/settings.json transmission_settings_file=/data/transmission-data/settings.json
else else
transmission_settings_file=/etc/transmission-daemon/settings.json transmission_settings_file=/etc/transmission-daemon/settings.json
fi fi