TrueNAS/docker-apps
TrueNAS/docker-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34e1836ffe
docker-apps/gluetun-qb/gluetun-qb_jm.txt
Chris d067d5f1f7 first commit
2025-04-03 22:57:52 +02:00

107 lines
4.6 KiB
Plaintext
Raw Blame History

https://github.com/qdm12/gluetun-wiki
https://www.youtube.com/watch?v=0F6I03LQcI4
# all services in this project will make use of the gluetun VPN
Create user and group
---------------------
Credentials -> Local Users -> Add
Full Name: gluetun
Username: gluetun
Disable Password: <selected>
Email:
UID: 3029
Create New Primary Group: <selected>
Create Home Directory: <unchecked>
Samba Authentication: <unchecked>
Save
Check Credentials -> Local Groups for GID
Name: gluetun
GID: 3028
gluetun UID: 3029
gluetun GID: 3028
Create datasets
---------------
# In Truenas shell:
# list datasets
zfs list | grep -i "docker.*gluetun-qb"
# create following datasets if not present
zfs create SSD1/docker/data/gluetun-qb
zfs create SSD1/docker/data/gluetun-qb/appdata
zfs create SSD1/docker/data/qbittorrent
zfs create SSD1/docker/data/qbittorrent/config
zfs create SSD1/docker/data/qbittorrent/themes
chown -R gluetun:gluetun /mnt/SSD1/docker/data/gluetun-qb
Create folder
-------------
mkdir /mnt/SSD1/docker/stacks/gluetun-qb
Copy folder to docker stacks
----------------------------
# In Windows cmd shell in gluetun-qb folder, enter:
./cp2nas 10.0.0.20
# OR
pscp -P 22 -r stacks/*.* root@10.0.0.20:/mnt/SSD1/docker/stacks/gluetun-qb/
# The above should copy compose.yaml, .env and secrets folder to /mnt/SSD1/docker/stacks/gluetun-qb
Creating secrets
----------------
In Truenas shell:
cd /mnt/SSD1/docker/stacks/gluetun-qb/secrets
echo -n 'nordvpn private key' > wireguard_private_key
cd /mnt/SSD1/docker/stacks/gluetun-qb
chown -R gluetun:gluetun secrets/
chmod -R 400 secrets/
Creating user password hash strings for user authorisation using traefik basic-auth
-----------------------------------------------------------------------------------
# If not installed, install htpasswd:
jlmkr shell docker
apt update & apt install apache2-utils
# The user credentials can be applied as a label entry in the compose.yml file or as a line entry in a text file
# When used as a label entry, all '$' needs to be escaped with a second '$'; sed can be used for this purpose:
# To create user list textfile line item
echo $(htpasswd -nB admin) > /opt/stacks/traefik/users/<appname>.txt
# To create string to be used in compose file label
echo $(htpasswd -nB admin) | sed -e s/\\$/\\$\\$/g
# See traefik_jm.txt for more detailed instructions
gluetun folder mappings
----------------------
# To avoid problems setting up new app, it is recommended that the mount path for downloads inside the container be kept exactly the same as what the old app use to have
# As we did not migrate data from old app to new, on initial import, all tvshows will default to being monitored. Make changes accordingly.
Check gluetun ip
----------------
# Exec into any of the apps' container using gluetun
docker exec -it <app-container-name> sh
# Check remote ip
curl ifconfig.me # or curl http://whatismyip.akamai.com
Update .env and compose.yml for app
-----------------------------------
# The gluetun .env file requires the following entries for each app using the gluetun VPN, e.g. for radarr:
RADARR_APP=radarr
RADARR_PORT=7878
# The gluetun compose.yml file requires the following label entries for each app using the gluetun VPN, e.g. for radarr:
#- "traefik.http.middlewares.${RADARR_APP}-auth.basicauth.users=${ADMIN_CREDENTIALS}, ${USER_CREDENTIALS}" # uncomment to use common credentials
#- "traefik.http.middlewares.${RADARR_APP}-auth.basicauth.usersfile=/mnt/users/${RADARR_APP}.txt" # uncomment to use credentials stored in /opt/stacks/traefik/users/<appname>.txt
- "traefik.http.services.${RADARR_APP}-gt-svc.loadbalancer.server.port=${RADARR_PORT}"
- "traefik.http.routers.${RADARR_APP}.entrypoints=web"
- "traefik.http.routers.${RADARR_APP}.rule=Host(`${RADARR_APP}.${DOMAINNAME}`)&& PathPrefix(`/`)"
- "traefik.http.routers.${RADARR_APP}-secure.entrypoints=websecure"
- "traefik.http.routers.${RADARR_APP}-secure.rule=Host(`${RADARR_APP}.${DOMAINNAME}`)&& PathPrefix(`/`)"
- "traefik.http.routers.${RADARR_APP}-secure.tls=true"
- "traefik.http.routers.${RADARR_APP}-secure.tls.certresolver=sthomeresolver"
#- "traefik.http.routers.${RADARR_APP}-secure.middlewares=${RADARR_APP}-auth" # uncomment to use basic-auth; requires one or both of above basicauth middlewares to be uncommented
- "traefik.http.routers.${RADARR_APP}-secure.service=${RADARR_APP}-gt-svc"
Troubleshooting
---------------
If dockge / docker compose up complains about "parsing /opt/stacks/.../compose.yml: yaml: line ##: did not find expected '-' indicator", where ## is the "labels:" line number in compose.yml:
- look for missing trailing '"' amongst the labels
Reference in New Issue View Git Blame Copy Permalink