⚠️ Your qbittorrent.conf may not be compatible with 4.4.0 and may need to be deleted
Lightweight qBittorrent & Private Internet Access VPN client
Click to show base components
- Ubuntu 20.04 for a base image
- Alpine 3.15.0 for a base image
- OpenVPN 2.4.4 to tunnel to PIA nextgen servers
- IPtables 1.6.1 enforces the container to communicate only through the VPN or with other containers in its virtual network (acts as a killswitch)
-
Configure everything with environment variables
- Destination region
- Internet protocol
- Level of encryption
- PIA Username and password
- DNS Servers
-
Self contained qBittorrent
-
Exposed webUI
-
Downloads & config Volumes
-
The iptables firewall allows traffic only with needed PIA servers (IP addresses, port, protocol) combinations
-
OpenVPN reconnects automatically on failure
-
Requirements
- A Private Internet Access username and password - Sign up referral link
- External firewall requirements, if you have one
- Allow outbound TCP 853 to 1.1.1.1 to allow Unbound to resolve the PIA domain name at start. You can then block it once the container is started.
- For UDP normal encryption, allow outbound UDP 1198
- For the built-in web HTTP proxy, allow inbound TCP 8888
- Docker API 1.25 to support
init
-
Launch the container with:
docker run -d --init --name=pia --cap-add=NET_ADMIN -v /My/Downloads/Folder/:/downloads \ -p 8888:8888 -e REGION="Netherlands" -e USER=xxxxxxx -e PASSWORD=xxxxxxxx \ j4ym0/pia-qbittorrentNote that you can:
- Change the many environment variables available
- Use
-p 8888:8888/tcpto access the HTTP web proxy - Pass additional arguments to openvpn using Docker's command function (commands after the image name)
Check the PIA IP address matches your expectations
try http://checkmyip.torrentprivacy.com/
| Environment variable | Default | Description |
|---|---|---|
REGION |
Netherlands |
One of the PIA regions |
USER |
Your PIA username | |
PASSWORD |
Your PIA password | |
WEBUI_PORT |
8888 |
1024 to 65535 internal port for HTTP proxy |
! DNS_SERVERS |
209.222.18.222,209.222.18.218,103.196.38.38,103.196.38.39 |
DNS servers to use, comma separated |
PIA DNS Servers 209.222.18.222 and 209.222.18.218 Handshake DNS Servers 103.196.38.38 and 103.196.38.39
You can connect via your web browser using http://127.0.0.1:8888 or you public ip / LAN if you have forwarding set up
Default username: admin Default Password: adminadmin
-
You can review the code which essential consists in the Dockerfile and entrypoint.sh
-
Any issues please raise them!!
-
Build the images straight from git:
docker build -t j4ym0/pia-qbittorrent https://github.com/j4ym0/pia-qbittorrent-docker.git
-
clone the repository and build:
git clone https://github.com/j4ym0/pia-qbittorrent-docker.git cd pia-qbittorrent-docker docker build -t j4ym0/pia-qbittorrent .
-
Using docker compose:
git clone https://github.com/j4ym0/pia-qbittorrent-docker.git cd pia-qbittorrent-docker docker-compose up -d -
The download and unziping of PIA openvpn files is done at build for the ones not able to download the zip files
-
Checksums for PIA openvpn zip files are not used as these files change often (but HTTPS is used)
-
PIA Nextgen servers are used
-
DNS Leaks tests seems to be ok, NEED FEEDBACK
- More DNS leack testing
- Edit config from environment vars
This repository is under an MIT license