From 05d7d260cd1c4ad2aebb388197ba9c221c97de32 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 18:29:14 +0200 Subject: [PATCH 01/10] updated list of vpn servers --- piaconfig/AU Melbourne.ovpn | 18 ++++++++++++++++++ piaconfig/AU Sydney.ovpn | 18 ++++++++++++++++++ piaconfig/Israel.ovpn | 18 ++++++++++++++++++ piaconfig/Japan.ovpn | 18 ++++++++++++++++++ piaconfig/Mexico.ovpn | 18 ++++++++++++++++++ piaconfig/Russia.ovpn | 18 ++++++++++++++++++ piaconfig/Singapore.ovpn | 18 ++++++++++++++++++ piaconfig/US Silicon Valley.ovpn | 18 ++++++++++++++++++ 8 files changed, 144 insertions(+) create mode 100644 piaconfig/AU Melbourne.ovpn create mode 100644 piaconfig/AU Sydney.ovpn create mode 100644 piaconfig/Israel.ovpn create mode 100644 piaconfig/Japan.ovpn create mode 100644 piaconfig/Mexico.ovpn create mode 100644 piaconfig/Russia.ovpn create mode 100644 piaconfig/Singapore.ovpn create mode 100644 piaconfig/US Silicon Valley.ovpn diff --git a/piaconfig/AU Melbourne.ovpn b/piaconfig/AU Melbourne.ovpn new file mode 100644 index 0000000000..61d8684da4 --- /dev/null +++ b/piaconfig/AU Melbourne.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote aus-melbourne.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/AU Sydney.ovpn b/piaconfig/AU Sydney.ovpn new file mode 100644 index 0000000000..c988e618de --- /dev/null +++ b/piaconfig/AU Sydney.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote aus.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Israel.ovpn b/piaconfig/Israel.ovpn new file mode 100644 index 0000000000..2a81484455 --- /dev/null +++ b/piaconfig/Israel.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote israel.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Japan.ovpn b/piaconfig/Japan.ovpn new file mode 100644 index 0000000000..d696dd986d --- /dev/null +++ b/piaconfig/Japan.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote japan.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Mexico.ovpn b/piaconfig/Mexico.ovpn new file mode 100644 index 0000000000..8205f12906 --- /dev/null +++ b/piaconfig/Mexico.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote mexico.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Russia.ovpn b/piaconfig/Russia.ovpn new file mode 100644 index 0000000000..e32360709b --- /dev/null +++ b/piaconfig/Russia.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote russia.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/Singapore.ovpn b/piaconfig/Singapore.ovpn new file mode 100644 index 0000000000..99a2fca8e2 --- /dev/null +++ b/piaconfig/Singapore.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote sg.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + diff --git a/piaconfig/US Silicon Valley.ovpn b/piaconfig/US Silicon Valley.ovpn new file mode 100644 index 0000000000..0d8691d4b6 --- /dev/null +++ b/piaconfig/US Silicon Valley.ovpn @@ -0,0 +1,18 @@ +client +dev tun +proto udp +remote us-siliconvalley.privateinternetaccess.com 1194 +resolv-retry infinite +nobind +persist-key +persist-tun +ca ca.crt +tls-client +remote-cert-tls server +auth-user-pass +comp-lzo +verb 1 +reneg-sec 0 +crl-verify crl.pem + + From 50b5aa7d466168a3a01d4ef0055b123562a682e2 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 18:38:31 +0200 Subject: [PATCH 02/10] customized config for this container --- piaconfig/AU Melbourne.ovpn | 10 +++++++--- piaconfig/AU Sydney.ovpn | 10 +++++++--- piaconfig/CA North York.ovpn | 10 +++++++--- piaconfig/CA Toronto.ovpn | 10 +++++++--- piaconfig/France.ovpn | 10 +++++++--- piaconfig/Germany.ovpn | 10 +++++++--- piaconfig/Hong Kong.ovpn | 10 +++++++--- piaconfig/Israel.ovpn | 10 +++++++--- piaconfig/Japan.ovpn | 10 +++++++--- piaconfig/Mexico.ovpn | 10 +++++++--- piaconfig/Netherlands.ovpn | 10 +++++++--- piaconfig/Romania.ovpn | 10 +++++++--- piaconfig/Russia.ovpn | 10 +++++++--- piaconfig/Singapore.ovpn | 10 +++++++--- piaconfig/Sweden.ovpn | 10 +++++++--- piaconfig/Switzerland.ovpn | 10 +++++++--- piaconfig/UK London.ovpn | 10 +++++++--- piaconfig/UK Southampton.ovpn | 10 +++++++--- piaconfig/US California.ovpn | 10 +++++++--- piaconfig/US East.ovpn | 10 +++++++--- piaconfig/US Florida.ovpn | 10 +++++++--- piaconfig/US Midwest.ovpn | 10 +++++++--- piaconfig/US Seattle.ovpn | 10 +++++++--- piaconfig/US Silicon Valley.ovpn | 10 +++++++--- piaconfig/US Texas.ovpn | 10 +++++++--- piaconfig/US West.ovpn | 10 +++++++--- 26 files changed, 182 insertions(+), 78 deletions(-) diff --git a/piaconfig/AU Melbourne.ovpn b/piaconfig/AU Melbourne.ovpn index 61d8684da4..b2be48ea22 100644 --- a/piaconfig/AU Melbourne.ovpn +++ b/piaconfig/AU Melbourne.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/AU Sydney.ovpn b/piaconfig/AU Sydney.ovpn index c988e618de..51061446f9 100644 --- a/piaconfig/AU Sydney.ovpn +++ b/piaconfig/AU Sydney.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/CA North York.ovpn b/piaconfig/CA North York.ovpn index e45149c1c1..80853f201d 100644 --- a/piaconfig/CA North York.ovpn +++ b/piaconfig/CA North York.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/CA Toronto.ovpn b/piaconfig/CA Toronto.ovpn index 0db9b9ea48..7baeb4bdb7 100644 --- a/piaconfig/CA Toronto.ovpn +++ b/piaconfig/CA Toronto.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/France.ovpn b/piaconfig/France.ovpn index 085688ccc6..140c3e9cce 100644 --- a/piaconfig/France.ovpn +++ b/piaconfig/France.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Germany.ovpn b/piaconfig/Germany.ovpn index 6e140af4d4..fa1cce72d1 100644 --- a/piaconfig/Germany.ovpn +++ b/piaconfig/Germany.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Hong Kong.ovpn b/piaconfig/Hong Kong.ovpn index b59005c289..299f9840c9 100644 --- a/piaconfig/Hong Kong.ovpn +++ b/piaconfig/Hong Kong.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Israel.ovpn b/piaconfig/Israel.ovpn index 2a81484455..bcf0d7686b 100644 --- a/piaconfig/Israel.ovpn +++ b/piaconfig/Israel.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Japan.ovpn b/piaconfig/Japan.ovpn index d696dd986d..2a1d44e88c 100644 --- a/piaconfig/Japan.ovpn +++ b/piaconfig/Japan.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Mexico.ovpn b/piaconfig/Mexico.ovpn index 8205f12906..7199dd32d9 100644 --- a/piaconfig/Mexico.ovpn +++ b/piaconfig/Mexico.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Netherlands.ovpn b/piaconfig/Netherlands.ovpn index 806eb79d49..7293b2a802 100644 --- a/piaconfig/Netherlands.ovpn +++ b/piaconfig/Netherlands.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Romania.ovpn b/piaconfig/Romania.ovpn index 3cbfae3973..15e4d3f946 100644 --- a/piaconfig/Romania.ovpn +++ b/piaconfig/Romania.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Russia.ovpn b/piaconfig/Russia.ovpn index e32360709b..1e885d6e25 100644 --- a/piaconfig/Russia.ovpn +++ b/piaconfig/Russia.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Singapore.ovpn b/piaconfig/Singapore.ovpn index 99a2fca8e2..15f14ff61f 100644 --- a/piaconfig/Singapore.ovpn +++ b/piaconfig/Singapore.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Sweden.ovpn b/piaconfig/Sweden.ovpn index 1c37cb976f..cd8a96362e 100644 --- a/piaconfig/Sweden.ovpn +++ b/piaconfig/Sweden.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/Switzerland.ovpn b/piaconfig/Switzerland.ovpn index a1f7aed05b..98bcef0b80 100644 --- a/piaconfig/Switzerland.ovpn +++ b/piaconfig/Switzerland.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/UK London.ovpn b/piaconfig/UK London.ovpn index 13e911c64a..ed5ceb558e 100644 --- a/piaconfig/UK London.ovpn +++ b/piaconfig/UK London.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/UK Southampton.ovpn b/piaconfig/UK Southampton.ovpn index 570d647c3a..e0c426ac6d 100644 --- a/piaconfig/UK Southampton.ovpn +++ b/piaconfig/UK Southampton.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US California.ovpn b/piaconfig/US California.ovpn index 344125a276..907d10c339 100644 --- a/piaconfig/US California.ovpn +++ b/piaconfig/US California.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US East.ovpn b/piaconfig/US East.ovpn index b8f7aa2395..c67929f193 100644 --- a/piaconfig/US East.ovpn +++ b/piaconfig/US East.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Florida.ovpn b/piaconfig/US Florida.ovpn index c2a05ab1b9..b5937387c6 100644 --- a/piaconfig/US Florida.ovpn +++ b/piaconfig/US Florida.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Midwest.ovpn b/piaconfig/US Midwest.ovpn index 0fcdbe4c45..ac68135467 100644 --- a/piaconfig/US Midwest.ovpn +++ b/piaconfig/US Midwest.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Seattle.ovpn b/piaconfig/US Seattle.ovpn index 7a3f838a53..127dc4e48e 100644 --- a/piaconfig/US Seattle.ovpn +++ b/piaconfig/US Seattle.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Silicon Valley.ovpn b/piaconfig/US Silicon Valley.ovpn index 0d8691d4b6..92eb68c080 100644 --- a/piaconfig/US Silicon Valley.ovpn +++ b/piaconfig/US Silicon Valley.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US Texas.ovpn b/piaconfig/US Texas.ovpn index 5eab59e961..289a73e305 100644 --- a/piaconfig/US Texas.ovpn +++ b/piaconfig/US Texas.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh diff --git a/piaconfig/US West.ovpn b/piaconfig/US West.ovpn index 6aa241142e..d09b1e87ce 100644 --- a/piaconfig/US West.ovpn +++ b/piaconfig/US West.ovpn @@ -6,13 +6,17 @@ resolv-retry infinite nobind persist-key persist-tun -ca ca.crt tls-client remote-cert-tls server -auth-user-pass comp-lzo verb 1 reneg-sec 0 -crl-verify crl.pem +ca /etc/openvpn/ca.crt +auth-user-pass /config/pia-credentials.txt +crl-verify /etc/openvpn/crl.pem +# OpenVPN control startup and shut down of transmission +script-security 2 +up /etc/transmission-daemon/start.sh +down /etc/transmission-daemon/stop.sh From 6f07f0324b04e254afe78c3d1f071effaf7a3d26 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 18:59:36 +0200 Subject: [PATCH 03/10] choose config to use by optionally setting environment variable. --- Dockerfile | 2 +- piaconfig/config.ovpn | 21 --------------------- runOpenVpn.sh | 17 ++++++++++++++++- 3 files changed, 17 insertions(+), 23 deletions(-) delete mode 100644 piaconfig/config.ovpn diff --git a/Dockerfile b/Dockerfile index 5bd42c9694..3276f33a71 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,7 +25,7 @@ RUN apt-get install -y curl VOLUME /config # Add configuration and scripts -ADD piaconfig/config.ovpn /etc/openvpn/config.ovpn +ADD piaconfig/* /etc/openvpn/ ADD piaconfig/ca.crt /etc/openvpn/ca.crt ADD piaconfig/crl.pem /etc/openvpn/crl.pem ADD transmission/defaultSettings.json /etc/transmission-daemon/settings.json diff --git a/piaconfig/config.ovpn b/piaconfig/config.ovpn deleted file mode 100644 index c3f8b067d2..0000000000 --- a/piaconfig/config.ovpn +++ /dev/null @@ -1,21 +0,0 @@ -client -dev tun -proto udp -remote nl.privateinternetaccess.com 1194 -resolv-retry infinite -nobind -persist-key -persist-tun -ca /etc/openvpn/ca.crt -tls-client -remote-cert-tls server -auth-user-pass /config/pia-credentials.txt -comp-lzo -verb 1 -reneg-sec 0 -crl-verify /etc/openvpn/crl.pem - -# OpenVPN control startup and shut down of transmission -script-security 2 -up /etc/transmission-daemon/start.sh -down /etc/transmission-daemon/stop.sh diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 4dbc3f5a7a..6240674580 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -1,3 +1,18 @@ #!/bin/sh -exec openvpn --config /etc/openvpn/config.ovpn +if [ ! -z "$OPEN_VPN_CONFIG" ] +then + if [ -f /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn ] + then + echo "Starting OpenVPN using config ${OPEN_VPN_CONFIG}.ovpn" + exec openvpn --config /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn + else + echo "Supplied config ${OPEN_VPN_CONFIG}.ovpn could not be found." + echo "Using default OpenVPN gateway: Netherlands" + exec openvpn --config /etc/openvpn/Netherlands.ovpn + fi +else + echo "No VPN configuration provided. Using default: Netherlands" + exec openvpn --config /etc/openvpn/Netherlands.ovpn +fi + From 29618ffbcbd614f9c2a84c0d4e5edc20654e4a7b Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sat, 9 May 2015 19:22:07 +0200 Subject: [PATCH 04/10] Update README.md --- README.md | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 805b39f0e0..fb844e21bf 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,20 @@ This Docker container lets you run Transmission with WebUI while connecting to P The container is available from the Docker registry and this is the simplest way to get it. To run the container use this command: ``` -$ docker run --privileged -d -v /your/storage/path/:/data -v /your/config/path/:/config -p 9091:9091 haugene/transmission-openvpn +$ docker run --privileged -d \ + -v /your/storage/path/:/data \ + -v /your/config/path/:/config \ + -p 9091:9091 \ + haugene/transmission-openvpn +``` +or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable in this folder. +``` +$ docker run --privileged -d \ + -v /your/storage/path/:/data \ + -v /your/config/path/:/config \ + -p 9091:9091 \ + -e "OPEN_VPN_CONFIG=US West" \ + haugene/transmission-openvpn ``` As you can see, the container expects two volumes to be mounted. One is used for storing your downloads from Transmission, and the other provides configurations. The container comes with a default Transmission settings.json file that expects the folders "completed, incomplete and watch" to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files. @@ -25,7 +38,11 @@ $ docker build -t="docker-transmission-openvpn" . ``` ### Run it: ``` -$ docker run --privileged -d -v /your/storage/path/:/data -v /your/config/path/:/config -p 9091:9091 docker-transmission-openvpn +$ docker run --privileged -d \ + -v /your/storage/path/:/data \ + -v /your/config/path/:/config \ + -p 9091:9091 \ + docker-transmission-openvpn ``` As described in the "Run container from Docker registry" section, this will start a container with default settings. This means that you should have the folders "completed, incomplete and watch" in /your/storage/path, and pia-credentials.txt in /your/config/path. From 268480358dbcc82057171a6395c545e86e584f7c Mon Sep 17 00:00:00 2001 From: Ian Neubert Date: Sat, 9 May 2015 12:49:07 -0700 Subject: [PATCH 05/10] Added PIA username/password to env vars Added transmission settings to env vars. Fixed #8. Updated readme. Added ability to override /etc/resolv.conf. Fixes #4. Save docker image size by combining all apt commands into a single RUN statement. --- Dockerfile | 100 +++++++++++++++++---- README.md | 42 +++++++-- runOpenVpn.sh | 29 +++++- transmission/defaultSettings.json | 142 +++++++++++++++--------------- 4 files changed, 215 insertions(+), 98 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3276f33a71..789c96b374 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,22 +7,14 @@ MAINTAINER Kristian Haugene VOLUME /data -# Update package sources list -RUN apt-get update - -# Add transmission ppa repository for latest releases -RUN apt-get -y install software-properties-common -RUN add-apt-repository ppa:transmissionbt/ppa - # Update packages and install software -RUN apt-get update -RUN apt-get install -y transmission-cli -RUN apt-get install -y transmission-common -RUN apt-get install -y transmission-daemon -RUN apt-get install -y openvpn -RUN apt-get install -y curl - -VOLUME /config +RUN apt-get update \ + && apt-get -y install software-properties-common \ + && add-apt-repository ppa:transmissionbt/ppa \ + && apt-get update \ + && apt-get install -y transmission-cli transmission-common transmission-daemon openvpn curl \ + && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ + && curl -L https://github.com/jwilder/dockerize/releases/download/v0.0.2/dockerize-linux-amd64-v0.0.2.tar.gz | tar -C /usr/local/bin -xzv # Add configuration and scripts ADD piaconfig/* /etc/openvpn/ @@ -36,9 +28,81 @@ ADD transmission/runUpdates.sh /etc/transmission-daemon/startPortUpdates.sh ADD transmission/down.sh /etc/transmission-daemon/stop.sh ADD runOpenVpn.sh /etc/openvpn/start.sh +ENV PIA_USERNAME=**None** \ + PIA_PASSWORD=**None** \ + "TRANSMISSION_ALT_SPEED_DOWN=50" \ + "TRANSMISSION_ALT_SPEED_ENABLED=false" \ + "TRANSMISSION_ALT_SPEED_TIME_BEGIN=540" \ + "TRANSMISSION_ALT_SPEED_TIME_DAY=127" \ + "TRANSMISSION_ALT_SPEED_TIME_ENABLED=false" \ + "TRANSMISSION_ALT_SPEED_TIME_END=1020" \ + "TRANSMISSION_ALT_SPEED_UP=50" \ + "TRANSMISSION_BIND_ADDRESS_IPV4=0.0.0.0" \ + "TRANSMISSION_BIND_ADDRESS_IPV6=::" \ + "TRANSMISSION_BLOCKLIST_ENABLED=false" \ + "TRANSMISSION_BLOCKLIST_URL=http://www.example.com/blocklist" \ + "TRANSMISSION_CACHE_SIZE_MB=4" \ + "TRANSMISSION_DHT_ENABLED=true" \ + "TRANSMISSION_DOWNLOAD_DIR=/data/completed" \ + "TRANSMISSION_DOWNLOAD_LIMIT=100" \ + "TRANSMISSION_DOWNLOAD_LIMIT_ENABLED=0" \ + "TRANSMISSION_DOWNLOAD_QUEUE_ENABLED=true" \ + "TRANSMISSION_DOWNLOAD_QUEUE_SIZE=5" \ + "TRANSMISSION_ENCRYPTION=1" \ + "TRANSMISSION_IDLE_SEEDING_LIMIT=30" \ + "TRANSMISSION_IDLE_SEEDING_LIMIT_ENABLED=false" \ + "TRANSMISSION_INCOMPLETE_DIR=/data/incomplete" \ + "TRANSMISSION_INCOMPLETE_DIR_ENABLED=true" \ + "TRANSMISSION_LPD_ENABLED=false" \ + "TRANSMISSION_MAX_PEERS_GLOBAL=200" \ + "TRANSMISSION_MESSAGE_LEVEL=2" \ + "TRANSMISSION_PEER_CONGESTION_ALGORITHM=" \ + "TRANSMISSION_PEER_ID_TTL_HOURS=6" \ + "TRANSMISSION_PEER_LIMIT_GLOBAL=200" \ + "TRANSMISSION_PEER_LIMIT_PER_TORRENT=50" \ + "TRANSMISSION_PEER_PORT=51413" \ + "TRANSMISSION_PEER_PORT_RANDOM_HIGH=65535" \ + "TRANSMISSION_PEER_PORT_RANDOM_LOW=49152" \ + "TRANSMISSION_PEER_PORT_RANDOM_ON_START=false" \ + "TRANSMISSION_PEER_SOCKET_TOS=default" \ + "TRANSMISSION_PEX_ENABLED=true" \ + "TRANSMISSION_PORT_FORWARDING_ENABLED=false" \ + "TRANSMISSION_PREALLOCATION=1" \ + "TRANSMISSION_PREFETCH_ENABLED=1" \ + "TRANSMISSION_QUEUE_STALLED_ENABLED=true" \ + "TRANSMISSION_QUEUE_STALLED_MINUTES=30" \ + "TRANSMISSION_RATIO_LIMIT=2" \ + "TRANSMISSION_RATIO_LIMIT_ENABLED=false" \ + "TRANSMISSION_RENAME_PARTIAL_FILES=true" \ + "TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=false" \ + "TRANSMISSION_RPC_BIND_ADDRESS=0.0.0.0" \ + "TRANSMISSION_RPC_ENABLED=true" \ + "TRANSMISSION_RPC_PASSWORD={425745bf3914984c2abcc013276f40e8fa5d84ecC5.df8oF" \ + "TRANSMISSION_RPC_PORT=9091" \ + "TRANSMISSION_RPC_URL=/transmission/" \ + "TRANSMISSION_RPC_USERNAME=username" \ + "TRANSMISSION_RPC_WHITELIST=127.0.0.1" \ + "TRANSMISSION_RPC_WHITELIST_ENABLED=false" \ + "TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED=true" \ + "TRANSMISSION_SCRIPT_TORRENT_DONE_ENABLED=false" \ + "TRANSMISSION_SCRIPT_TORRENT_DONE_FILENAME=" \ + "TRANSMISSION_SEED_QUEUE_ENABLED=false" \ + "TRANSMISSION_SEED_QUEUE_SIZE=10" \ + "TRANSMISSION_SPEED_LIMIT_DOWN=100" \ + "TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED=false" \ + "TRANSMISSION_SPEED_LIMIT_UP=100" \ + "TRANSMISSION_SPEED_LIMIT_UP_ENABLED=false" \ + "TRANSMISSION_START_ADDED_TORRENTS=true" \ + "TRANSMISSION_TRASH_ORIGINAL_TORRENT_FILES=false" \ + "TRANSMISSION_UMASK=2" \ + "TRANSMISSION_UPLOAD_LIMIT=100" \ + "TRANSMISSION_UPLOAD_LIMIT_ENABLED=0" \ + "TRANSMISSION_UPLOAD_SLOTS_PER_TORRENT=14" \ + "TRANSMISSION_UTP_ENABLED=true" \ + "TRANSMISSION_WATCH_DIR=/data/watch" \ + "TRANSMISSION_WATCH_DIR_ENABLED=true" \ + RESOLV_OVERRIDE=**None** + # Expose port and run. Use baseimage-docker's init system EXPOSE 9091 CMD ["/etc/openvpn/start.sh"] - -# Clean up APT when done. -RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* diff --git a/README.md b/README.md index fb844e21bf..116f61a23f 100644 --- a/README.md +++ b/README.md @@ -8,26 +8,55 @@ The container is available from the Docker registry and this is the simplest way ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ - -v /your/config/path/:/config \ + -e "PIA_USERNAME=user" \ + -e "PIA_PASSWORD=pass" \ -p 9091:9091 \ haugene/transmission-openvpn ``` -or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable in this folder. +or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable [in this folder](https://github.com/haugene/docker-transmission-openvpn/tree/master/piaconfig). ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ - -v /your/config/path/:/config \ + -e "PIA_USERNAME=user" \ + -e "PIA_PASSWORD=pass" \ -p 9091:9091 \ -e "OPEN_VPN_CONFIG=US West" \ haugene/transmission-openvpn ``` -As you can see, the container expects two volumes to be mounted. One is used for storing your downloads from Transmission, and the other provides configurations. The container comes with a default Transmission settings.json file that expects the folders "completed, incomplete and watch" to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files. +As you can see, the container expects a data volume to be mounted. It is used for storing your downloads from Transmission. The container comes with a default Transmission `settings.json` file that expects the folders `completed`, `incomplete`, and `watch` to be present in /your/storage/path (aka /data). This is where Transmission will store your downloads, incomplete downloads and a watch directory to look for new .torrent files. -The only mandatory configuration is a pia-credentials.txt file that needs to be put in /your/config/path/ directory. In the file you supply your username and password for Private Internet Access VPN connections. The file should have two lines; your username on line 1 and your password on line 2. The container will connect to the Private Internet Access VPN servers in Netherlands by default. +The only mandatory configuration is to set two environment variables for your PIA username and password. You must set the environment variables `PIA_USERNAME` and `PIA_PASSWORD` to your login credentials. The container will connect to the Private Internet Access VPN servers in Netherlands by default. NB: Instructions on how to use your own Transmission settings, and how to connect to the WebUI, is further down in the README. +## Required environment options +| Variable | Function | Example | +|----------|----------|-------| +|`PIA_USERNAME`|Your login username for PIA|`PIA_USERNAME=asdf`| +|`PIA_PASSWORD`|Your login password for PIA|`PIA_PASSWORD=asdf`| + +## Network configuration options +| Variable | Function | Example | +|----------|----------|-------| +|`OPEN_VPN_CONFIG` | Sets the PIA endpoint to connect to. | `OPEN_VPN_CONFIG=UK Southampton`| +|`RESOLV_OVERRIDE` | The value of this variable will be written to `/etc/resolv.conf`. | `RESOLV_OVERRIDE=nameserver 8.8.8.8\nnameserver 8.8.4.4\n`| + +## Transmission configuration options + +You may override transmission options by setting the appropriate environment variable. + +The environment variables are the same name as used in the transmission settings.json file and follow the format given in these examples: + +| Transmission variable name | Environment variable name | +|----------------------------|---------------------------| +| `speed-limit-up` | `TRANSMISSION_SPEED_LIMIT_UP` | +| `speed-limit-up-enabled` | `TRANSMISSION_SPEED_LIMIT_UP_ENABLED` | +| `ratio-limit` | `TRANSMISSION_RATIO_LIMIT` | +| `ratio-limit-enabled` | `TRANSMISSION_RATIO_LIMIT_ENABLED` | + +As you can see the variables are prefixed with `TRANSMISSION_`, the variable is capitalized, and `-` is converted to `_`. + # Building the container yourself To build this container, clone the repository and cd into it. @@ -40,7 +69,8 @@ $ docker build -t="docker-transmission-openvpn" . ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ - -v /your/config/path/:/config \ + -e "PIA_USERNAME=user" \ + -e "PIA_PASSWORD=pass" \ -p 9091:9091 \ docker-transmission-openvpn ``` diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 6240674580..dffa00eb1f 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -5,14 +5,37 @@ then if [ -f /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn ] then echo "Starting OpenVPN using config ${OPEN_VPN_CONFIG}.ovpn" - exec openvpn --config /etc/openvpn/"${OPEN_VPN_CONFIG}".ovpn + OPEN_VPN_CONFIG=/etc/openvpn/${OPEN_VPN_CONFIG}.ovpn else echo "Supplied config ${OPEN_VPN_CONFIG}.ovpn could not be found." echo "Using default OpenVPN gateway: Netherlands" - exec openvpn --config /etc/openvpn/Netherlands.ovpn + OPEN_VPN_CONFIG=/etc/openvpn/Netherlands.ovpn fi else echo "No VPN configuration provided. Using default: Netherlands" - exec openvpn --config /etc/openvpn/Netherlands.ovpn + OPEN_VPN_CONFIG=/etc/openvpn/Netherlands.ovpn fi +# override resolv.conf +if [ "$RESOLV_OVERRIDE" != "**None**" ]; +then + echo "Overriding resolv.conf..." + printf "$RESOLV_OVERRIDE" > /etc/resolv.conf +fi + +# add PIA user/pass +if [ "$PIA_USERNAME" != "**None**" ]; +then + echo "Setting PIA credentials..." + mkdir -p /config + echo $PIA_USERNAME > /config/pia-credentials.txt + echo $PIA_PASSWORD >> /config/pia-credentials.txt +else + echo "Not setting PIA credentials." +fi + +dockerize \ + -template /etc/transmission-daemon/settings.json:/etc/transmission-daemon/settings.json \ + true + +exec openvpn --config "$OPEN_VPN_CONFIG" diff --git a/transmission/defaultSettings.json b/transmission/defaultSettings.json index 20c1864f22..3f3b11c7fb 100644 --- a/transmission/defaultSettings.json +++ b/transmission/defaultSettings.json @@ -1,74 +1,74 @@ { - "alt-speed-down": 50, - "alt-speed-enabled": false, - "alt-speed-time-begin": 540, - "alt-speed-time-day": 127, - "alt-speed-time-enabled": false, - "alt-speed-time-end": 1020, - "alt-speed-up": 50, - "bind-address-ipv4": "0.0.0.0", - "bind-address-ipv6": "::", - "blocklist-enabled": false, - "blocklist-url": "http://www.example.com/blocklist", - "cache-size-mb": 4, - "dht-enabled": true, - "download-dir": "/data/completed", - "download-limit": 100, - "download-limit-enabled": 0, - "download-queue-enabled": true, - "download-queue-size": 5, - "encryption": 1, - "idle-seeding-limit": 30, - "idle-seeding-limit-enabled": false, - "incomplete-dir": "/data/incomplete", - "incomplete-dir-enabled": true, - "lpd-enabled": false, - "max-peers-global": 200, - "message-level": 2, - "peer-congestion-algorithm": "", - "peer-id-ttl-hours": 6, - "peer-limit-global": 200, - "peer-limit-per-torrent": 50, - "peer-port": 51413, - "peer-port-random-high": 65535, - "peer-port-random-low": 49152, - "peer-port-random-on-start": false, - "peer-socket-tos": "default", - "pex-enabled": true, - "port-forwarding-enabled": false, - "preallocation": 1, - "prefetch-enabled": 1, - "queue-stalled-enabled": true, - "queue-stalled-minutes": 30, - "ratio-limit": 2, - "ratio-limit-enabled": false, - "rename-partial-files": true, - "rpc-authentication-required": false, - "rpc-bind-address": "0.0.0.0", - "rpc-enabled": true, - "rpc-password": "{425745bf3914984c2abcc013276f40e8fa5d84ecC5.df8oF", - "rpc-port": 9091, - "rpc-url": "/transmission/", - "rpc-username": "username", - "rpc-whitelist": "127.0.0.1", - "rpc-whitelist-enabled": false, - "scrape-paused-torrents-enabled": true, - "script-torrent-done-enabled": false, - "script-torrent-done-filename": "", - "seed-queue-enabled": false, - "seed-queue-size": 10, - "speed-limit-down": 100, - "speed-limit-down-enabled": false, - "speed-limit-up": 100, - "speed-limit-up-enabled": false, - "start-added-torrents": true, - "trash-original-torrent-files": false, - "umask": 2, - "upload-limit": 100, - "upload-limit-enabled": 0, - "upload-slots-per-torrent": 14, - "utp-enabled": true, - "watch-dir": "/data/watch", - "watch-dir-enabled": true + "alt-speed-down": {{ .Env.TRANSMISSION_ALT_SPEED_DOWN }}, + "alt-speed-enabled": {{ .Env.TRANSMISSION_ALT_SPEED_ENABLED }}, + "alt-speed-time-begin": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_BEGIN }}, + "alt-speed-time-day": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_DAY }}, + "alt-speed-time-enabled": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_ENABLED }}, + "alt-speed-time-end": {{ .Env.TRANSMISSION_ALT_SPEED_TIME_END }}, + "alt-speed-up": {{ .Env.TRANSMISSION_ALT_SPEED_UP }}, + "bind-address-ipv4": "{{ .Env.TRANSMISSION_BIND_ADDRESS_IPV4 }}", + "bind-address-ipv6": "{{ .Env.TRANSMISSION_BIND_ADDRESS_IPV6 }}", + "blocklist-enabled": {{ .Env.TRANSMISSION_BLOCKLIST_ENABLED }}, + "blocklist-url": "{{ .Env.TRANSMISSION_BLOCKLIST_URL }}", + "cache-size-mb": {{ .Env.TRANSMISSION_CACHE_SIZE_MB }}, + "dht-enabled": {{ .Env.TRANSMISSION_DHT_ENABLED }}, + "download-dir": "{{ .Env.TRANSMISSION_DOWNLOAD_DIR }}", + "download-limit": {{ .Env.TRANSMISSION_DOWNLOAD_LIMIT }}, + "download-limit-enabled": {{ .Env.TRANSMISSION_DOWNLOAD_LIMIT_ENABLED }}, + "download-queue-enabled": {{ .Env.TRANSMISSION_DOWNLOAD_QUEUE_ENABLED }}, + "download-queue-size": {{ .Env.TRANSMISSION_DOWNLOAD_QUEUE_SIZE }}, + "encryption": {{ .Env.TRANSMISSION_ENCRYPTION }}, + "idle-seeding-limit": {{ .Env.TRANSMISSION_IDLE_SEEDING_LIMIT }}, + "idle-seeding-limit-enabled": {{ .Env.TRANSMISSION_IDLE_SEEDING_LIMIT_ENABLED }}, + "incomplete-dir": "{{ .Env.TRANSMISSION_INCOMPLETE_DIR }}", + "incomplete-dir-enabled": {{ .Env.TRANSMISSION_INCOMPLETE_DIR_ENABLED }}, + "lpd-enabled": {{ .Env.TRANSMISSION_LPD_ENABLED }}, + "max-peers-global": {{ .Env.TRANSMISSION_MAX_PEERS_GLOBAL }}, + "message-level": {{ .Env.TRANSMISSION_MESSAGE_LEVEL }}, + "peer-congestion-algorithm": "{{ .Env.TRANSMISSION_PEER_CONGESTION_ALGORITHM }}", + "peer-id-ttl-hours": {{ .Env.TRANSMISSION_PEER_ID_TTL_HOURS }}, + "peer-limit-global": {{ .Env.TRANSMISSION_PEER_LIMIT_GLOBAL }}, + "peer-limit-per-torrent": {{ .Env.TRANSMISSION_PEER_LIMIT_PER_TORRENT }}, + "peer-port": {{ .Env.TRANSMISSION_PEER_PORT }}, + "peer-port-random-high": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_HIGH }}, + "peer-port-random-low": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_LOW }}, + "peer-port-random-on-start": {{ .Env.TRANSMISSION_PEER_PORT_RANDOM_ON_START }}, + "peer-socket-tos": "{{ .Env.TRANSMISSION_PEER_SOCKET_TOS }}", + "pex-enabled": {{ .Env.TRANSMISSION_PEX_ENABLED }}, + "port-forwarding-enabled": {{ .Env.TRANSMISSION_PORT_FORWARDING_ENABLED }}, + "preallocation": {{ .Env.TRANSMISSION_PREALLOCATION }}, + "prefetch-enabled": {{ .Env.TRANSMISSION_PREFETCH_ENABLED }}, + "queue-stalled-enabled": {{ .Env.TRANSMISSION_QUEUE_STALLED_ENABLED }}, + "queue-stalled-minutes": {{ .Env.TRANSMISSION_QUEUE_STALLED_MINUTES }}, + "ratio-limit": {{ .Env.TRANSMISSION_RATIO_LIMIT }}, + "ratio-limit-enabled": {{ .Env.TRANSMISSION_RATIO_LIMIT_ENABLED }}, + "rename-partial-files": {{ .Env.TRANSMISSION_RENAME_PARTIAL_FILES }}, + "rpc-authentication-required": {{ .Env.TRANSMISSION_RPC_AUTHENTICATION_REQUIRED }}, + "rpc-bind-address": "{{ .Env.TRANSMISSION_RPC_BIND_ADDRESS }}", + "rpc-enabled": {{ .Env.TRANSMISSION_RPC_ENABLED }}, + "rpc-password": "{{ .Env.TRANSMISSION_RPC_PASSWORD }}", + "rpc-port": {{ .Env.TRANSMISSION_RPC_PORT }}, + "rpc-url": "{{ .Env.TRANSMISSION_RPC_URL }}", + "rpc-username": "{{ .Env.TRANSMISSION_RPC_USERNAME }}", + "rpc-whitelist": "{{ .Env.TRANSMISSION_RPC_WHITELIST }}", + "rpc-whitelist-enabled": {{ .Env.TRANSMISSION_RPC_WHITELIST_ENABLED }}, + "scrape-paused-torrents-enabled": {{ .Env.TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED }}, + "script-torrent-done-enabled": {{ .Env.TRANSMISSION_SCRIPT_TORRENT_DONE_ENABLED }}, + "script-torrent-done-filename": "{{ .Env.TRANSMISSION_SCRIPT_TORRENT_DONE_FILENAME }}", + "seed-queue-enabled": {{ .Env.TRANSMISSION_SEED_QUEUE_ENABLED }}, + "seed-queue-size": {{ .Env.TRANSMISSION_SEED_QUEUE_SIZE }}, + "speed-limit-down": {{ .Env.TRANSMISSION_SPEED_LIMIT_DOWN }}, + "speed-limit-down-enabled": {{ .Env.TRANSMISSION_SPEED_LIMIT_DOWN_ENABLED }}, + "speed-limit-up": {{ .Env.TRANSMISSION_SPEED_LIMIT_UP }}, + "speed-limit-up-enabled": {{ .Env.TRANSMISSION_SPEED_LIMIT_UP_ENABLED }}, + "start-added-torrents": {{ .Env.TRANSMISSION_START_ADDED_TORRENTS }}, + "trash-original-torrent-files": {{ .Env.TRANSMISSION_TRASH_ORIGINAL_TORRENT_FILES }}, + "umask": {{ .Env.TRANSMISSION_UMASK }}, + "upload-limit": {{ .Env.TRANSMISSION_UPLOAD_LIMIT }}, + "upload-limit-enabled": {{ .Env.TRANSMISSION_UPLOAD_LIMIT_ENABLED }}, + "upload-slots-per-torrent": {{ .Env.TRANSMISSION_UPLOAD_SLOTS_PER_TORRENT }}, + "utp-enabled": {{ .Env.TRANSMISSION_UTP_ENABLED }}, + "watch-dir": "{{ .Env.TRANSMISSION_WATCH_DIR }}", + "watch-dir-enabled": {{ .Env.TRANSMISSION_WATCH_DIR_ENABLED }} } From faa3972ab42e528334958f69ac1bab956feb9cda Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 18:30:28 +0200 Subject: [PATCH 06/10] Not starting if PIA credentials is not set --- Dockerfile | 4 +--- runOpenVpn.sh | 8 ++++---- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 789c96b374..ac18e3869a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,9 +28,7 @@ ADD transmission/runUpdates.sh /etc/transmission-daemon/startPortUpdates.sh ADD transmission/down.sh /etc/transmission-daemon/stop.sh ADD runOpenVpn.sh /etc/openvpn/start.sh -ENV PIA_USERNAME=**None** \ - PIA_PASSWORD=**None** \ - "TRANSMISSION_ALT_SPEED_DOWN=50" \ +ENV "TRANSMISSION_ALT_SPEED_DOWN=50" \ "TRANSMISSION_ALT_SPEED_ENABLED=false" \ "TRANSMISSION_ALT_SPEED_TIME_BEGIN=540" \ "TRANSMISSION_ALT_SPEED_TIME_DAY=127" \ diff --git a/runOpenVpn.sh b/runOpenVpn.sh index dffa00eb1f..7985be7c8b 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -24,14 +24,14 @@ then fi # add PIA user/pass -if [ "$PIA_USERNAME" != "**None**" ]; -then +if [ -z "$PIA_USERNAME" ] || [ -z "$PIA_PASSWORD" ] ; then + echo "PIA credentials not set. Exiting." + exit 1 +else echo "Setting PIA credentials..." mkdir -p /config echo $PIA_USERNAME > /config/pia-credentials.txt echo $PIA_PASSWORD >> /config/pia-credentials.txt -else - echo "Not setting PIA credentials." fi dockerize \ From d129497ca5579ff63c589d99fca9cf21aa60a12b Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 18:51:52 +0200 Subject: [PATCH 07/10] keeping env vars --- Dockerfile | 4 +++- runOpenVpn.sh | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index ac18e3869a..789c96b374 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,7 +28,9 @@ ADD transmission/runUpdates.sh /etc/transmission-daemon/startPortUpdates.sh ADD transmission/down.sh /etc/transmission-daemon/stop.sh ADD runOpenVpn.sh /etc/openvpn/start.sh -ENV "TRANSMISSION_ALT_SPEED_DOWN=50" \ +ENV PIA_USERNAME=**None** \ + PIA_PASSWORD=**None** \ + "TRANSMISSION_ALT_SPEED_DOWN=50" \ "TRANSMISSION_ALT_SPEED_ENABLED=false" \ "TRANSMISSION_ALT_SPEED_TIME_BEGIN=540" \ "TRANSMISSION_ALT_SPEED_TIME_DAY=127" \ diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 7985be7c8b..4ea3f86fac 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -24,7 +24,7 @@ then fi # add PIA user/pass -if [ -z "$PIA_USERNAME" ] || [ -z "$PIA_PASSWORD" ] ; then +if [ "${PIA_USERNAME}" = "**None**" ] || [ "${PIA_PASSWORD}" = "**None**" ] ; then echo "PIA credentials not set. Exiting." exit 1 else From 629e8d0fac852170f75e142a38be3a88e5a9b664 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 20:51:19 +0200 Subject: [PATCH 08/10] transmission startup handles setting.json, and possible to have transmission data-dir on mounted volume for persistent state --- Dockerfile | 2 +- runOpenVpn.sh | 4 ---- ...faultSettings.json => defaultSettings.tmpl} | 0 transmission/run.sh | 18 ++++++++++++++---- 4 files changed, 15 insertions(+), 9 deletions(-) rename transmission/{defaultSettings.json => defaultSettings.tmpl} (100%) diff --git a/Dockerfile b/Dockerfile index 789c96b374..bcbc88d4b2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ RUN apt-get update \ ADD piaconfig/* /etc/openvpn/ ADD piaconfig/ca.crt /etc/openvpn/ca.crt ADD piaconfig/crl.pem /etc/openvpn/crl.pem -ADD transmission/defaultSettings.json /etc/transmission-daemon/settings.json +ADD transmission/defaultSettings.tmpl /etc/transmission-daemon/settings.tmpl ADD transmission/updateTransmissionPort.sh /etc/transmission-daemon/updatePort.sh ADD transmission/periodicUpdates.sh /etc/transmission-daemon/periodicUpdates.sh ADD transmission/run.sh /etc/transmission-daemon/start.sh diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 4ea3f86fac..287d069d26 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -34,8 +34,4 @@ else echo $PIA_PASSWORD >> /config/pia-credentials.txt fi -dockerize \ - -template /etc/transmission-daemon/settings.json:/etc/transmission-daemon/settings.json \ - true - exec openvpn --config "$OPEN_VPN_CONFIG" diff --git a/transmission/defaultSettings.json b/transmission/defaultSettings.tmpl similarity index 100% rename from transmission/defaultSettings.json rename to transmission/defaultSettings.tmpl diff --git a/transmission/run.sh b/transmission/run.sh index 09bf33f57d..c640dcced7 100755 --- a/transmission/run.sh +++ b/transmission/run.sh @@ -1,11 +1,21 @@ #!/bin/sh -if [ -f /config/transmission/settings.json ]; +if [ ! -z "${KEEP_TRANSMISSION_STATE}" ] then - echo "STARTING TRANSMISSION: Using custom config directory /config/transmission" - exec /usr/bin/transmission-daemon -g /config/transmission/ & + echo "STARTING TRANSMISSION: Using transmission-data subdirectory to your /data mount point to store state." + + # Initialize settings from environment variables + dockerize -template /etc/transmission-daemon/settings.tmpl:/data/transmission-data/settings.json \ + true + + exec /usr/bin/transmission-daemon -g /data/transmission-data/ & else - echo "STARTING TRANSMISSION: No configuration provided, using defaults" + echo "STARTING TRANSMISSION: Storing state in container only." + + # Initialize settings from environment variables + dockerize -template /etc/transmission-daemon/settings.tmpl:/etc/transmission-daemon/settings.json \ + true + exec /usr/bin/transmission-daemon -g /etc/transmission-daemon/ & fi From f7a7c2d4b47016787b33111cb78582f9d2276b38 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 22:15:25 +0200 Subject: [PATCH 09/10] fixing switch for keeping transmission state. also persist transmission rpc username and password for port updates if authentication is enabled. --- Dockerfile | 2 +- runOpenVpn.sh | 13 +++++++++++++ transmission/run.sh | 12 +----------- transmission/updateTransmissionPort.sh | 4 ++-- 4 files changed, 17 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index bcbc88d4b2..e749218dbc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -77,7 +77,7 @@ ENV PIA_USERNAME=**None** \ "TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=false" \ "TRANSMISSION_RPC_BIND_ADDRESS=0.0.0.0" \ "TRANSMISSION_RPC_ENABLED=true" \ - "TRANSMISSION_RPC_PASSWORD={425745bf3914984c2abcc013276f40e8fa5d84ecC5.df8oF" \ + "TRANSMISSION_RPC_PASSWORD=password" \ "TRANSMISSION_RPC_PORT=9091" \ "TRANSMISSION_RPC_URL=/transmission/" \ "TRANSMISSION_RPC_USERNAME=username" \ diff --git a/runOpenVpn.sh b/runOpenVpn.sh index 287d069d26..8909c2a2f5 100755 --- a/runOpenVpn.sh +++ b/runOpenVpn.sh @@ -34,4 +34,17 @@ else echo $PIA_PASSWORD >> /config/pia-credentials.txt fi +# add transmission credentials from env vars +echo $TRANSMISSION_RPC_USERNAME > /config/transmission-credentials.txt +echo $TRANSMISSION_RPC_PASSWORD >> /config/transmission-credentials.txt + + +if [ ! -z ${KEEP_TRANSMISSION_STATE} ] +then + mkdir -p /data/transmission-data/ + dockerize -template /etc/transmission-daemon/settings.tmpl:/data/transmission-data/settings.json true +else + dockerize -template /etc/transmission-daemon/settings.tmpl:/etc/transmission-daemon/settings.json true +fi + exec openvpn --config "$OPEN_VPN_CONFIG" diff --git a/transmission/run.sh b/transmission/run.sh index c640dcced7..59a25f9128 100755 --- a/transmission/run.sh +++ b/transmission/run.sh @@ -1,21 +1,11 @@ #!/bin/sh -if [ ! -z "${KEEP_TRANSMISSION_STATE}" ] +if [ -f /data/transmission-data/settings.json ] then echo "STARTING TRANSMISSION: Using transmission-data subdirectory to your /data mount point to store state." - - # Initialize settings from environment variables - dockerize -template /etc/transmission-daemon/settings.tmpl:/data/transmission-data/settings.json \ - true - exec /usr/bin/transmission-daemon -g /data/transmission-data/ & else echo "STARTING TRANSMISSION: Storing state in container only." - - # Initialize settings from environment variables - dockerize -template /etc/transmission-daemon/settings.tmpl:/etc/transmission-daemon/settings.json \ - true - exec /usr/bin/transmission-daemon -g /etc/transmission-daemon/ & fi diff --git a/transmission/updateTransmissionPort.sh b/transmission/updateTransmissionPort.sh index bcaedf7009..f798ff1e11 100755 --- a/transmission/updateTransmissionPort.sh +++ b/transmission/updateTransmissionPort.sh @@ -13,9 +13,9 @@ pia_client_id_file=/etc/transmission-daemon/pia_client_id transmission_settings_file=/etc/transmission-daemon/settings.json port_assignment_url=https://www.privateinternetaccess.com/vpninfo/port_forward_assignment -if [ -f /config/transmission/settings.json ]; +if [ -f /data/transmission-data/settings.json ]; then - transmission_settings_file=/config/transmission/settings.json + transmission_settings_file=/data/transmission-data/settings.json else transmission_settings_file=/etc/transmission-daemon/settings.json fi From 3b2e2eebeb7832672d302026717b8458029b9ce7 Mon Sep 17 00:00:00 2001 From: Kristian Haugene Date: Sun, 10 May 2015 22:25:43 +0200 Subject: [PATCH 10/10] Update README.md --- README.md | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 116f61a23f..abb3cc8f96 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,9 @@ $ docker run --privileged -d \ -p 9091:9091 \ haugene/transmission-openvpn ``` -or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable [in this folder](https://github.com/haugene/docker-transmission-openvpn/tree/master/piaconfig). + +or you could optionally specify which vpn server to use by setting an environment variable to one of the ovpn configs avaliable [in this folder](https://github.com/haugene/docker-transmission-openvpn/tree/master/piaconfig). + ``` $ docker run --privileged -d \ -v /your/storage/path/:/data \ @@ -42,6 +44,11 @@ NB: Instructions on how to use your own Transmission settings, and how to connec |`OPEN_VPN_CONFIG` | Sets the PIA endpoint to connect to. | `OPEN_VPN_CONFIG=UK Southampton`| |`RESOLV_OVERRIDE` | The value of this variable will be written to `/etc/resolv.conf`. | `RESOLV_OVERRIDE=nameserver 8.8.8.8\nnameserver 8.8.4.4\n`| +## Storage options +| Variable | Function | Example | +|----------|----------|-------| +|`KEEP_TRANSMISSION_STATE`|If set, persists transmission data to your /data mount point. Keeps state between restarts. Delete the folder to disable this later. |`KEEP_TRANSMISSION_STATE=YES`| + ## Transmission configuration options You may override transmission options by setting the appropriate environment variable. @@ -77,15 +84,6 @@ $ docker run --privileged -d \ As described in the "Run container from Docker registry" section, this will start a container with default settings. This means that you should have the folders "completed, incomplete and watch" in /your/storage/path, and pia-credentials.txt in /your/config/path. -### But I want to provide my own Transmission settings! -OK, so you're advanced. If you want to change the Transmission settings from the defaults, create your own settings.json file or base it on the default config. Then make the container use it by adding a folder called "transmission" in /your/config/path and place your settings.json there. - -On container startup it checks for /config/transmission/settings.json and uses /config/transmission as config directory if the settings file is present. This also means that Transmission will store its state here, so that you don't have to add torrents again when the container restarts. - -If you enable rpc-authentication in your Transmission settings, you need to provide your credentials in a file called transmission-credentials.txt and place it in your config directory. The file is on the same format as pia-credentials.txt, username and password. This is needed because we run a script hourly to get an open port, making us connectable, from PIA. To set this port in Transmission the script needs to know your rpc-authentication username and password. - -NB: Do not change the settings.json file while container is running. Transmission persist its config on shutdown, and this will override your changes. Stop the container, do configurations, then start it again. - ### Access the WebUI But what's going on? My http://my-host:9091 isn't responding? This is because the VPN is active, and since docker is running in a different ip range than your client the response to your request will be treated as "non-local" traffic and therefore be routed out through the VPN interface.