Skip to content

Instantly share code, notes, and snippets.

@Webreaper
Last active December 27, 2024 15:03
Show Gist options
  • Save Webreaper/81ecda3ecc45fa61a16dfc90cfc4550d to your computer and use it in GitHub Desktop.
Save Webreaper/81ecda3ecc45fa61a16dfc90cfc4550d to your computer and use it in GitHub Desktop.
Sample Docker-compose file which shows how to set up Sonarr, Radarr, Prowlarr, Lidarr, QBittorrent and a VPN container so that all all traffic from the containers is routed through the VPN. Also includes Plex and get_iplayer containers, which are not routed through the VPN.
# Docker compose to set up containers for all services you need:
# VPN
# Sonarr, Radarr, Lidarr, Qbittorrent
# Non-VPN
# Plex, get_iplayer
# Before running docker-compose, you should pre-create all of the following folders.
# Folders for Docker State:
# /volume1/dockerdata. - root where this docker-compose.yml should live
# /volume1/dockerdata/plex - Plex config and DB
# /volume1/dockerdata/sonarr - Sonarr config and DB
# /volume1/dockerdata/radarr - Radarr config and DB
# /volume1/dockerdata/lidarr - Lidarr config and DB
# /volume1/dockerdata/qbt - QBitorrent config and DB
# /volume1/dockerdata/prowlarr - Prowlarr config and DB
# /volume1/dockerdata/get_iplayer - Get_iPlayer config and DB
# Folders for Media etc:
# /volume1/photo - Root storage for photo files
# /volume1/music - Root storage for music files
# /volume1/video - Root storage for video files
# /volume1/video/TV - folder for Sonarr/Plex TV shows
# /volume1/video/Films - folder for Radarr/Plex Movies
# /volume1/video/Downloads - QBT folder for TV downloads (that Sonarr will process)
# /volume1/video/FilmDownloads - QBT folder for Movie downloads (that Radarr will process)
# /volume1/video/MusicDownloads - QBT folder for Music downloads (that Lidarr will process)
# /volume1/video/Downloads/iPlayer - Destination folder for get_iplayer. See https://github.com/Webreaper/SonarrAutoImport
#
# Note that Sonarr and Radarr don't necessarily need the VPN if you're using Prowlarr for the indexers.
# But Prowlarr should be behind the VPN to avoid ISPs that block indexers.
version: "2"
services:
expressvpn:
image: polkaned/expressvpn
container_name: expressvpn
environment:
- ACTIVATION_CODE=YOUR_CODE_HERE
cap_add:
- NET_ADMIN
devices:
- "/dev/net/tun:/dev/net/tun"
privileged: true
tty: true
ports:
# QBT UI Port
- 8090:8090
# Bittorrent port
- 6881:6881
- 6881:6881/udp
# Web port
- 8080:8080
- 9117:9117
# Sonarr port
- 8989:8989
# Radarr port
- 7878:7878
# Lidarr port
- 8686:8686
# Prowlarr port
- 9696:9696
command: /bin/bash
restart: unless-stopped
qbittorrent:
image: linuxserver/qbittorrent
container_name: qbittorrent
environment:
- PUID=1024
- PGID=101
- TZ=Europe/London
- UMASK_SET=022
- WEBUI_PORT=8090
volumes:
- /volume1/dockerdata/qbt/config:/config
- /volume1/video/Seeding:/downloads
- /volume1/video/Downloads:/tvdownloads
- /volume1/video/FilmDownloads:/filmdownloads
- /volume1/video/MusicDownloads:/musicdownloads
network_mode: service:expressvpn
restart: unless-stopped
prowlarr:
image: linuxserver/prowlarr:develop
container_name: prowlarr
environment:
- PUID=1024
- PGID=101
- TZ=GB
volumes:
- /volume1/dockerdata/prowlarr:/config
restart: unless-stopped
network_mode: service:expressvpn
depends_on:
- expressvpn
- qbittorrent
sonarr:
image: linuxserver/sonarr:latest
container_name: sonarr_v3
environment:
- PUID=1024
- PGID=101
- TZ=GB
volumes:
- /etc/localtime:/etc/localtime:ro
- /volume1/dockerdata/sonarr/config:/config
- /volume1/video/TV:/tv
- /volume1/video/Downloads:/downloads
restart: unless-stopped
network_mode: service:expressvpn
depends_on:
- prowlarr
- qbittorrent
radarr:
image: linuxserver/radarr:latest
container_name: radarr_v3
environment:
- PUID=1024
- PGID=101
- TZ=GB
volumes:
- /etc/localtime:/etc/localtime:ro
- /volume1/dockerdata/radarr3/config:/config
- /volume1/video/Films:/movies
- /volume1/video/FilmDownloads:/downloads
restart: unless-stopped
network_mode: service:expressvpn
depends_on:
- prowlarr
- qbittorrent
lidarr:
image: linuxserver/lidarr
container_name: lidarr
environment:
- PUID=1024
- PGID=101
- TZ=GB
volumes:
- /etc/localtime:/etc/localtime:ro
- /volume1/dockerdata/lidarr/config:/config
- /volume1/music:/music
- /volume1/video/MusicDownloads:/downloads
restart: unless-stopped
network_mode: service:expressvpn
depends_on:
- prowlarr
- qbittorrent
plex:
container_name: plex
image: linuxserver/plex
devices:
- /dev/dri:/dev/dri
privileged: true
environment:
PGID: '101'
PUID: '1024'
VERSION: docker
network_mode: host
restart: unless-stopped
volumes:
- /volume1/dockerdata/plex:/config:rw
- /volume1/video/TV:/tv:rw
- /volume1/video/Films:/movies:rw
- /volume1/music:/music:rw
get_player:
container_name: get_iplayer
image: kolonuk/get_iplayer
environment:
PGID: '101'
PUID: '1024'
ports:
- 8181:8181/tcp
restart: unless-stopped
volumes:
- /etc/localtime:/etc/localtime:ro
- /volume1/dockerdata/get_iplayer:/root/.get_iplayer:rw
- /volume1/video/Downloads/iPlayer:/root/output:rw
@Webreaper
Copy link
Author

Good spot - forgot to update the dependencies when I swapped Jackett => Prowlarr. Have fixed!

@gsxryan
Copy link

gsxryan commented Dec 29, 2021

check out gluetun to replace / alternatives to expressvpn - it can utilize expressvpnp, and also does not require privilege access

@macieqq
Copy link

macieqq commented Jan 5, 2022

Hi. I have tried to use your file with nordvpn instead of expressvpn. When it comes to the entire stack everything seems to get along just fine. However, I am not able to actually use qbittorrent - it gets stuck on downloading metadata as if it had some IP issues. Do I need to forward any ports or do anything else for this template to work?

@Webreaper
Copy link
Author

It should work, if your vpn is connected correctly.

@rbazin
Copy link

rbazin commented Jun 20, 2022

Thank you for your work ! Can you explain why you're creating /volume1/video/Downloads:/tvdownloads and /volume1/video/FilmDownloads:/filmdownloads for qbittorent instead of just making sonarr (and radarr) /downloads points to qbittorrent /downloads please ?

@Webreaper
Copy link
Author

Sure. If you download films into the Sonarr downloads folder, or TV shows into the Radarr downloads folder, then they get confused when importing (for example, there are some films and TV shows with the same name). So I have Sonarr apply its own label, which then means that QBT puts the resulting file into its own folder, keeping the two completely separate. I also have Lidarr setup which also needs its own download folder.

I also use https://github.com/Webreaper/SonarrAutoImport to pull in shows from other download clients/services (e.g., get_iplayer) so it makes things cleaner to keep them separate.

@bryceprutsos
Copy link

You should add overseerr to your stack as well and Tdarr.

@Webreaper
Copy link
Author

I don't use overseer. I have tdarr in my Docker-compose that I actually use, but it's pretty specialist and can be set in in various ways depending on how you're running the nodes, so I figured those who want it can figure it out.

@eknofsky
Copy link

This has been working great for me, but randomly the qbt container stopped actually using my express VPN connection. Any thoughts on what I might've done?

https://gist.github.com/eknofsky/60c68cb013d994e4f4e411140bd3ee9c

@TheGilias
Copy link

TheGilias commented Sep 11, 2022

Is there a reason this docker-compose uses preview and testing tags for some of these docker images? I'm having some issues with my Sonarr trying to grab metadata from an outdated URL and I'm wondering if this might be reponsible. Sonarr's preview image hasn't been updated for a year, and Radarr's preview image is two years old.

@Webreaper
Copy link
Author

Good point, well made. Those were correct when I first posted this a couple of years ago, but they should be 'latest' now. I've updated it accordingly (and switched the prowlarr image to use the linuxserver develop tag, which is the best one to use right now).

@pmbsa
Copy link

pmbsa commented Jan 19, 2023

I know this is an old thread but I am hoping somebody might be able to help me... I need to put get_iplayer behond the vpn as well.... should be no issue right, just add the network tag to tell it to use the expressvpn service... problem is it doesnt work, ipinfo reports the IP in use as being in the UK BUT, get-iplayer seems to somehow being using something else cause it just fails... the odd thing is I cam able to get it working fine nordvpn (problem there being my subscription is about to expire and I have moved to expressvpn)... anybody have any thoughts? chasing my tail here.

@danparr
Copy link

danparr commented Feb 6, 2023

I'm not having much luck with the ExpressVPN side of things...

See message. Looks like its failing to start the daemon? @Webreaper, have you seen this before?

I appreciate that the ExpressVPN image isn't yours but the original repo seems quite inactive.

I'm using a Synology 920+

image

@Webreaper
Copy link
Author

Sorry, no idea. I'm running that container right now on my 1520+ and it's working just fine....

@danparr
Copy link

danparr commented Feb 6, 2023

@Webreaper, no worries, I'll keep at it! If I restart EXPRESS VPN will every other container need restarting in order?

@godshades
Copy link

You should add overseerr to your stack as well and Tdarr.

@bryceprutsos do you have any sample of adding 2 services

@Cedrik12
Copy link

Cedrik12 commented Mar 28, 2023

Hi does anyone know how to setup the same docker-composer file with NordVPN? I tried a lot of things but nothing worked for me. The problem is when i go to connect the VPN all the containers ip addresses are changing. But Cedrik12 that's a good news you would say? Yes but the problem is that i can't go on the Web UI of my containers trough the localhost:. because every traffic is redirecting trough the vpn I can't access the containers web page to change configuration. There's my docker container file if you want to take a look.

version: "2"

services:
nordvpn:
image: ubuntu
container_name: nordvpn_test
cap_add:
- NET_ADMIN
devices:
- "/dev/net/tun:/dev/net/tun"
privileged: true
tty: true
ports:
# QBT UI Port
- 8080:8080
# Bittorrent port
- 6881:6881
- 6881:6881/udp
# Sonarr port
- 8989:8989
# Radarr port
- 7878:7878
# Jackett port
- 9117:9117
restart: unless-stopped

qbittorrent:
image: linuxserver/qbittorrent
container_name: qbittorrent_test
environment:
- PUID=1003
- PGID=1004
- TZ=America/New_York
- UMASK_SET=022
- WEBUI_PORT=8080
volumes:
- /media/dockerdata/qbt/config:/config
- /media/jellyfin/downloads
- /media/jellyfin/movies
- /media/jellyfin/shows
network_mode: service:nordvpn
restart: unless-stopped

jackett:
image: linuxserver/jackett
container_name: jackett_test
environment:
- TZ=America/New_York
volumes:
- /media/dockerdata/prowlarr:/config
restart: unless-stopped
network_mode: service:nordvpn
depends_on:
- nordvpn
- qbittorrent

sonarr:
image: linuxserver/sonarr:latest
container_name: sonarr_test
environment:
- PUID=1002
- PGID=1004
- TZ=America/New_York
volumes:
- /etc/localtime:/etc/localtime:ro
- /media/dockerdata/sonarr/config:/config

I did contact NordVPN and they said : NordVPN currently does not offer a port forwarding feature due to security reasons, although we are actively discussing whether this could be added to our server configuration in the future.

I'm lost. Anyway thanks for your help

@M6268
Copy link

M6268 commented Dec 26, 2023

Try Gluetun.

@Kautious619
Copy link

Thanks for this EZ setup.. It's been working for me for months now.. Today qbt stopped working.. Firewalled.. So I stopped my container and restarted. Now qbt cant find tun0 in the advanced setting....expressvpn is running from the look in my log files.. I am running this in Synology 1552+.
Any tips on getting this back up and running behind my VPN?

@mushroomsouper
Copy link

I've run this script. I removed Plex since I already had it working. My question is:

In Prowlarr >Add Download Client > qBittorrent

what do I put in the "Host" field

tried:
qbittorrent
localhost
192.168.1.24 (internal IP, works for accessing the webUI)

when i run:
docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' qbittorrent

i get no output.

Can anyone help?

@Kautious619
Copy link

Thanks for this EZ setup.. It's been working for me for months now.. Today qbt stopped working.. Firewalled.. So I stopped my container and restarted. Now qbt cant find tun0 in the advanced setting....expressvpn is running from the look in my log files.. I am running this in Synology 1552+. Any tips on getting this back up and running behind my VPN?

I got it working. I just removed polkaned/expressvpn code and replaced it with misioslav/expressvpn.. Now qbt see my tun0 in advance settings.

@Mrs-Feathers
Copy link

Mrs-Feathers commented Feb 16, 2024

@vnl this should work just fine for nordVPN

  vpn:
    image: qmcgaw/gluetun
    container_name: vpn
    cap_add:
      - NET_ADMIN
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 8090:8090 # qbittorrent Web UI
      - 6881:6881 # qbittorrent
      - 6881:6881/udp # qbittorrent
      - 8389:8389/udp # Gluetun-Shadowsocks?
      - 8389:8389/tcp # Gluetun-Shadowsocks?
      - 8889:8889/tcp # Gluetun
      - 9696:9696 # prowlarr
      - 9117:9117
      - 8080:8080
      - 8989:8989 # sonarr
      - 7878:7878 # radarr
      - 8686:8686 # lidarr
    volumes:
      - /volume1/docker/gluetun:/gluetun
    environment:
      - VPNSP=nordvpn
      - OPENVPN_USER=abc
      - OPENVPN_PASSWORD=abc
      - REGION=Netherlands
      # Timezone for accurate log times
      - TZ=Europe/London
    restart: unless-stopped

@Kautious619
Copy link

Is anyone having problems with their vpn not connecting to servers? All i did was update my expressvpn... It starts, but says cant connect to smart location.

@Webreaper
Copy link
Author

There's a few issues with https://github.com/Misioslav/expressvpn/issues?q=is%3Aissue+ so you might need to switch to another container.

@InfinityATX
Copy link

My VPN connects fine, I am able to see my external IP on the expressvpn container, which geolocates where I would expect.

root@:/# curl ifconfig.io
xxx.xxx.36.46

However, my connected containers (qBitorrent, Radarr, etc) are not able to resolve DNS, although they are able to ping IP directly.

root@:/# curl ifconfig.io
curl: (6) Could not resolve host: ifconfig.io
root@:/# ping google.com
ping: bad address 'google.com'
root@:/# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=55 time=105.545 ms
64 bytes from 8.8.8.8: seq=1 ttl=55 time=42.904 ms

A portion of my docker-compose.yml

# ExpressVPN - VPN Manager
  expressvpn:
    image: polkaned/expressvpn
    container_name: expressvpn
    environment:
      - ACTIVATION_CODE=<code>
    cap_add:
      - NET_ADMIN
    devices:
     - "/dev/net/tun:/dev/net/tun"
    privileged: true
    tty: true
    ports:
      - 8090:8090 #qbittorrent WebUI
      - 6881:6881 #qbittorrent Torrent
      - 6881:6881/udp
      - 8091:8080 #WebUI
      - 9117:9117
      - 8989:8989 #Sonarr
      - 7878:7878 #Radarr
      - 8787:8787 #Readarr 
      - 9696:9696 #Prowlarr
    command: /bin/bash
    restart: unless-stopped
# qbittorrent - Torrent Manager
  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:latest
    container_name: qbittorrent
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=US/Central
      - WEBUI_PORT=8090
      - TORRENTING_PORT=6881
    volumes:
      - ~/qbittorrent/data:/config
      - /downloads:/downloads
    network_mode: service:expressvpn
    restart: unless-stopped

Any thoughts on how to troubleshoot?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment