I currenly reside in a country with strict piracy rules but also have access to the internet in a country where piracy is not enforced. I want to setup a VPN and route qBittorrent’s traffic through it. The idea is to do something like this:
I am fresh to selfhosting and most of the time have no clue how to achieve what I want. So far I have tried Tailscale but I think it won’t work how I want it to. If it helps, I have domain name registered. Can anybody point me to the right direction?
Update (if anyone is seeking answers):
I went with tailscale which I have already set up before on the rpi3. Somehow, no matter what I try, wireguard or pivpn would not work. Maybe I have hands growing out of my ass or something, no idea.
What did work is Dante. I setup socks5 on pi through tailscale0 and it worked wonders. Qbittorent did connect and detected IP of rpi3. The best part is that opposed to wireguard, dedicated port does not have to be open in order for Dante to work. I see it as a win win! Now I’m hyped to go back to my homeland and install pi there.
Raspberry Pi:
- Install wireguard (as a server)
- Set up a peer/client config
- Open wireguard port on the router
MiniPC:
- Install wireguard (as a client)
- Add server config and connect to server
- Verify connection
- Ensure connect on boot
Points to note:
-
Configure them both locally and ensure you have a connection before you move the pi to another country
-
If you’re behind a CGNAT on one network, that’ll change some things. That network will have to be the client. (If both are behind CGNAT, you’re out of luck and cant use this - will have to be tailscale or other method)
-
If using a domain name make sure its always pointing to your ip (in case it’s not static)
-
I think if you set allowed ip as 0.0.0.0/0 on the client it’ll route all traffic.
Edit:
Saw your comment about just having qbt use the vpn. Check this guide out
I will look into WireGuard! Thank you!
MiniPC runs Mint. I will check firejail. Thank you!
Doesn’t firejail only allow sandboxing to an actual eth or wifi interface, and not a wireguard one? I’ve tried this before with firejail, and hit this wall.
Damn you’re right, it doesn’t work out of the box like I expected. Have to admit that I never used it this way around. But it should work with --netns (network name spaces) which Wireguard uses: https://www.wireguard.com/netns/
Afaik it should work if you move Wireguard to it’s own namespace and than start qBittorrent with the new namespace (should even be doable without firejail).
@imetators @lemmy.dbzer0.com sorry for chasing you down that rabbit-hole, it sounded easier in my head
Why can’t you just use a VPN service, locally? It’s essentially the same thing, except you don’t have to host the exit node in country B yourself.
Tailscale is wireguard behind the scenes. I would think it should be able to work as you describe, you would again just set your machine in country B as the exit node.
None of this should require a domain name.
I have to pay for a VPN service. If I can skip paying by hosting it myself, I’d go the distance. It has been fun selfhosting services so far. I want to go deeper.
I cannot resist enjoyng the idea that there could be countries where piracy is enforced :)
Check out I2P. No need for this setup.
A second option for docker is the hotio image for qbit. Has VPN support built in so you can just throw it your wg0 conf to use.
run installer
curl -L https://install.pivpn.io/ | bash- configure wireguard
- setup non root user
- Set a port
Create a user with
pivpn addExample:
root@funhaus:~# pivpn add Enter a Name for the Client: user.nameThe conf file can also be found in
/home/user.name/configsCopy the conf to your machine. Install WireGuard and use that conf.
In qbitorrent you should make sure the application is set to use the VPN network, otherwise it’ll use both. Go to Settings > Advanced > Set Wireguard from “Network Interface”
