diff --git a/qbittorrent/CHANGELOG.md b/qbittorrent/CHANGELOG.md index 146ab0e38..c7d866c02 100644 --- a/qbittorrent/CHANGELOG.md +++ b/qbittorrent/CHANGELOG.md @@ -1,4 +1,8 @@ -- Don't upgrade, I'll revert middle of next week to previous upstream version +- ⚠ BREAKING CHANGE : I've decided to revert to the initial upstream image, apologies for this whole incovenience. After receiving many constructive (or plainly negative) feedbacks I have decided it was just not worth it to implement a new upstream image supposed to prevent ip leak for openvpn, plus wireguard support, and decided to just restore my own code. I've still kept qbit_manage, and will perhaps implement wireguard in the future but with my own code. As the databases were migrated for users to the new config locations, I've decided to keep it like that. It is more sustainable as HA is pushing in this direction and allows to backup the config with the addon (which was not the case previously). + +- ⚠ ACTION (preferred) : Please restore a backup prior to the versions containing wireguard_openvpn in the name, then update (as was mentioned in the 4.6.2-5wireguard_openvpn changelog asking a full backup prior to update). This will make sure all your options are kept and you don't need to reconfigure + +- ⚠ IF NO BACKUP : You'll need to update directly, but you'll need to reconfigure the addon (in theory the database should be kept) ### 4.6.2-23_wireguard_openvpn (15-12-2023) - Perform migration of previous files a single time to allow backup restore prior to the change of image diff --git a/qbittorrent/Dockerfile b/qbittorrent/Dockerfile index bb67252f9..86309c1eb 100644 --- a/qbittorrent/Dockerfile +++ b/qbittorrent/Dockerfile @@ -16,6 +16,7 @@ ARG BUILD_FROM ARG BUILD_VERSION +ARG BUILD_UPSTREAM="4.6.2" FROM ${BUILD_FROM} ################## @@ -27,10 +28,17 @@ ENV S6_CMD_WAIT_FOR_SERVICES=1 \ S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \ S6_SERVICES_GRACETIME=0 -USER root - -# GENERAL MODIFICATIONS -####################### +# Environment variables +ENV \ + DEBIAN_FRONTEND="noninteractive"\ + LANG="C.UTF-8" \ + PS1="$(whoami)@$(hostname):$(pwd)$ " \ + S6_BEHAVIOUR_IF_STAGE2_FAILS=2 \ + S6_CMD_WAIT_FOR_SERVICES=1 \ + TERM="xterm-256color" \ + HOME="/config" \ + XDG_CONFIG_HOME="/config" \ + XDG_DATA_HOME="/config" # Image specific modifications # hadolint ignore=DL4006 @@ -48,6 +56,11 @@ RUN \ && unzip -o vuetorrent.zip -d / >/dev/null \ && rm vuetorrent.zip >/dev/null +# Global LSIO modifications +ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_lsio.sh" "/ha_lsio.sh" +ARG CONFIGLOCATION="/config" +RUN chmod 744 /ha_lsio.sh && if grep -qr "lsio" /etc; then /ha_lsio.sh "$CONFIGLOCATION"; fi && rm /ha_lsio.sh + # ADD QBIT_MANAGE ################# @@ -67,13 +80,10 @@ RUN \ BUILD_ARCH=$(uname -m) && \ echo "${BUILD_ARCH}" && \ BUILD_ARCH=${BUILD_ARCH:-x86} && \ - if [[ "${BUILD_ARCH}" != *amd64* ]]; then apk add python3-dev; else apk add python3; fi && \ + if [[ "${BUILD_ARCH}" != *amd64* ]]; then apk add python3-dev; else apk add python3; fi && \ ln -sf python3 /usr/bin/python && \ - python3 -m ensurepip && \ - ## Install other - pip3 install --no-cache --upgrade pip setuptools && \ - apk add gcc musl-dev && \ - pip3 install --no-cache-dir --upgrade --requirement /qbit_manage/requirements.txt --ignore-installed + apk add --no-cache py3-pip gcc musl-dev && \ + pip3 install --break-system-packages --no-cache-dir --ignore-installed --upgrade --requirement /qbit_manage/requirements.txt ################## # 3 Install apps # @@ -95,7 +105,7 @@ RUN chmod 744 /ha_automodules.sh && /ha_automodules.sh "$MODULES" && rm /ha_auto # && chmod a+x /etc/s6-overlay/s6-rc.d/$SCRIPTSNAME/* ; done; fi # Manual apps -ARG PACKAGES="dos2unix" +ARG PACKAGES="wireguard-tools" # Automatic apps & bashio ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_autoapps.sh" "/ha_autoapps.sh" @@ -150,3 +160,12 @@ LABEL \ ################# # 6 Healthcheck # ################# + +ENV HEALTH_PORT="" \ + HEALTH_URL="" +HEALTHCHECK \ + --interval=5s \ + --retries=5 \ + --start-period=30s \ + --timeout=25s \ + CMD pgrep qbittorrent || exit 1 diff --git a/qbittorrent/README.md b/qbittorrent/README.md index 4eae45b23..856f0f1f0 100644 --- a/qbittorrent/README.md +++ b/qbittorrent/README.md @@ -1,8 +1,3 @@ -## ⚠ Open Issue : [🐛 [qbittorrent] Problems with network drive (opened 2023-12-10)](https://github.com/alexbelgium/hassio-addons/issues/1125) by [@floralvikings](https://github.com/floralvikings) -## ⚠ Open Issue : [[qbittorrent] Mullvad vpn : udp4 permission denied (opened 2023-12-11)](https://github.com/alexbelgium/hassio-addons/issues/1127) by [@Stooovie](https://github.com/Stooovie) -## ⚠ Open Issue : [🐛 [qbittorrent] Unable to get qbitmanage to run (opened 2023-12-13)](https://github.com/alexbelgium/hassio-addons/issues/1131) by [@hacshacdgacs](https://github.com/hacshacdgacs) -DON'T UPGRADE, I'll REVERT MIDDLE OF NEXT WEEK TO THE PREVIOUS UPSTREAM VERSION - # Home assistant add-on: qbittorrent [![Donate][donation-badge]](https://www.buymeacoffee.com/alexbelgium) @@ -28,10 +23,21 @@ _Thanks to everyone having starred my repo! To star it click on the image below, --- [Qbittorrent](https://github.com/qbittorrent/qBittorrent) is a cross-platform free and open-source BitTorrent client. -This addon is based on the docker image from [trigus42](trigus42/qbittorrentvpn). +This addon is based on the docker image from [linuxserver.io](https://www.linuxserver.io/). + +This addons has several configurable options : + +- allowing to mount local external drive, or smb share from the addon +- [alternative webUI](https://github.com/qbittorrent/qBittorrent/wiki/List-of-known-alternate-WebUIs) +- usage of ssl +- ingress +- optional openvpn support +- allow setting specific DNS servers ## Configuration +--- + Webui can be found at , or in your sidebar using Ingress. The default username/password : described in the startup log. Configurations can be done through the app webUI, except for the following options @@ -40,17 +46,13 @@ Network disk is mounted to /mnt/share name You need to map the exposed port in your router if you want the best speed and connectivity. -Options can be configured through two ways : - -- Addon options - ```yaml PGID: user GPID: user ssl: true/false certfile: fullchain.pem #ssl certificate, must be located in /ssl keyfile: privkey.pem #sslkeyfile, must be located in /ssl -LAN_NETWORK: "localhost,192.168.0.0/16" # list ip subnets that won't need a password (optional) +whitelist: "localhost,192.168.0.0/16" # Type `null` to disable. List ip subnets that won't need a password (optional) customUI: selection from list # alternative webUI can be set here. Latest version set at each addon start. Select 'custom' to fill it yourself in the webui DNS_servers: 8.8.8.8,1.1.1.1 # Keep blank to use router’s DNS, or set custom DNS to avoid spamming in case of local DNS ad-remover SavePath: "/share/qbittorrent" # Define the download directory @@ -59,19 +61,15 @@ networkdisks: "//SERVER/SHARE" # optional, list of smb servers to mount, separat cifsusername: "username" # optional, smb username, same for all smb shares cifspassword: "password" # optional, smb password cifsdomain: "domain" # optional, allow setting the domain for the smb share -VPN_ENABLED: true/false # is openvpn required to start qbittorrent -VPN_USERNAME": USERNAME -VPN_PASSWORD: YOURPASSWORD +openvpn_enabled: true/false # is openvpn required to start qbittorrent +openvpn_config": For example "config.ovpn" # name of the file located in /config/openvpn. +openvpn_username": USERNAME +openvpn_password: YOURPASSWORD +openvpn_alt_mode: bind at container level and not app level run_duration: 12h #for how long should the addon run. Must be formatted as number + time unit (ex : 5s, or 2m, or 12h, or 5d...) silent: true #suppresses debug messages ``` -- Config.yaml (advanced usage) - -Additional variables can be set as ENV variables by adding them in the config.yaml in the location defined in your addon options according to this guide : https://github.com/alexbelgium/hassio-addons/wiki/Add%E2%80%90ons-feature-:-add-env-variables - -The complete list of ENV variables can be seen here : https://github.com/Trigus42/alpine-qbittorrentvpn#environment-variables - ## Installation --- @@ -108,20 +106,6 @@ These lines will expose a `sensor.get_torrent_speed` that updates every 60 secon ## Common issues -Click to expand : - -
- ### Configure Jackett as qBittorrent engine - -- Install Filebrowser addon -- Go to /addon_configs/db21ed7f_qbittorrent/data/nova3/engines/ -- Open jackett.json -- Change 'url': 'http://127.0.0.1:9117' with your HomeAssistant addon url and password -- Set your API key with one you are given in the Jackett addon webui -- Save, restart - -
-
### ipv6 issues with openvpn (@happycoo) Add this code to your .ovpn config @@ -135,10 +119,8 @@ pull-filter ignore "dhcp-option DNS6" pull-filter ignore "tun-ipv6" pull-filter ignore "ifconfig-ipv6" ``` -
-
### Monitored folders (@FaliseDotCom) @@ -148,31 +130,30 @@ pull-filter ignore "ifconfig-ipv6" ```json { - "folder/to/watch": { - "add_torrent_params": { - "category": "", - "content_layout": "Original", - "download_limit": -1, - "download_path": "[folder/for/INCOMPLETE_downloads]", - "operating_mode": "AutoManaged", - "ratio_limit": -2, - "save_path": "[folder/for/COMPLETED_downloads]", - "seeding_time_limit": -2, - "skip_checking": false, - "stopped": false, - "tags": [], - "upload_limit": -1, - "use_auto_tmm": false, - "use_download_path": true - }, - "recursive": false - } + "folder/to/watch": { + "add_torrent_params": { + "category": "", + "content_layout": "Original", + "download_limit": -1, + "download_path": "[folder/for/INCOMPLETE_downloads]", + "operating_mode": "AutoManaged", + "ratio_limit": -2, + "save_path": "[folder/for/COMPLETED_downloads]", + "seeding_time_limit": -2, + "skip_checking": false, + "stopped": false, + "tags": [ + ], + "upload_limit": -1, + "use_auto_tmm": false, + "use_download_path": true + }, + "recursive": false + } } ``` -
-
### nginx error code (@Nanianmichaels) @@ -190,24 +171,19 @@ Wait a couple minutes and restart addon, it could be a temporary unavailability > [cont-init.d] 00-local_mounts.sh: exited 0. Try to mount by putting the partition label in the "localdisks" options instead of the hardware name -
-
### Loss of metadata fetching with openvpn after several days (@almico) Add `ping-restart 60` to your config.ovpn -
-
### Downloads info are empty on small scale window (@aviadlevy) When my window size width is lower than 960 pixels my downloads are empty. Solution is to reset the Vuetorrent settings. -
## Support diff --git a/qbittorrent/build.json b/qbittorrent/build.json index 586b300ef..16ddf9633 100644 --- a/qbittorrent/build.json +++ b/qbittorrent/build.json @@ -1,8 +1,8 @@ { "build_from": { - "aarch64": "trigus42/qbittorrentvpn:latest", - "amd64": "trigus42/qbittorrentvpn:latest", - "armv7": "trigus42/qbittorrentvpn:latest" + "aarch64": "lscr.io/linuxserver/qbittorrent:arm64v8-latest", + "amd64": "lscr.io/linuxserver/qbittorrent:amd64-latest", + "armv7": "lscr.io/linuxserver/qbittorrent:arm32v7-4.5.3" }, "codenotary": { "signer": "alexandrep.github@gmail.com" diff --git a/qbittorrent/config.json b/qbittorrent/config.json index ff8a55986..e82f4c3dc 100644 --- a/qbittorrent/config.json +++ b/qbittorrent/config.json @@ -61,16 +61,9 @@ "/dev/nvme2" ], "environment": { - "ADDITIONAL_PORTS": "59595,6882", - "DOWNLOAD_DIR_CHOWN": "true", - "HEALTH_CHECK_INTERVAL": "15", - "HEALTH_CHECK_TIMEOUT": "30", "PGID": "0", "PUID": "0", - "QBITTORRENTLOGPATH": "/config/qBittorrent/data/logs", - "SET_FWMARK": "true", - "WEBUI_PORT": "8080", - "WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD": "1" + "WEBUI_PORT": "8080" }, "homeassistant": "2023.12.0", "image": "ghcr.io/alexbelgium/qbittorrent-{arch}", @@ -81,23 +74,21 @@ "addon_config:rw", "homeassistant_config:rw", "share:rw", - "ssl:rw" + "ssl" ], "name": "Qbittorrent", "options": { "DNS_server": "8.8.8.8,1.1.1.1", - "LAN_NETWORK": "localhost,127.0.0.1,172.30.0.0/16,192.168.0.0/16", "PGID": "0", "PUID": "0", - "QBT_USERNAME": "admin", "SavePath": "/share/qBittorrent", - "VPN_ENABLED": "yes", - "VPN_TYPE": "openvpn", + "Username": "admin", "certfile": "fullchain.pem", "customUI": "vuetorrent", "keyfile": "privkey.pem", "qbit_manage": false, - "ssl": false + "ssl": false, + "whitelist": "localhost,127.0.0.1,172.30.0.0/16,192.168.0.0/16" }, "panel_icon": "mdi:progress-download", "ports": { @@ -116,23 +107,16 @@ }, "privileged": [ "SYS_ADMIN", - "SYS_MODULE", "DAC_READ_SEARCH", "NET_ADMIN" ], "schema": { "DNS_server": "str?", - "LAN_NETWORK": "str", "PGID": "int?", "PUID": "int?", - "QBT_USERNAME": "str?", "SavePath": "str?", "TZ": "str?", "Username": "str?", - "VPN_ENABLED": "list(yes|no)", - "VPN_PASSWORD": "str?", - "VPN_TYPE": "list(openvpn|wireguard)?", - "VPN_USERNAME": "str?", "certfile": "str", "cifsdomain": "str?", "cifspassword": "str?", @@ -141,19 +125,19 @@ "keyfile": "str", "localdisks": "str?", "networkdisks": "str?", + "openvpn_alt_mode": "bool?", "openvpn_config": "str?", - "openvpn_enable": "bool?", + "openvpn_enabled": "bool?", "openvpn_password": "str?", "openvpn_username": "str?", - "qbit_manage": "bool", + "qbit_manage": "bool?", "run_duration": "str?", "silent": "bool?", - "smbv1": "bool?", "ssl": "bool", "whitelist": "str?" }, "slug": "qbittorrent", "udev": true, "url": "https://github.com/alexbelgium/hassio-addons", - "version": "4.6.2-23_wireguard_openvpn" + "version": "4.6.2_test" } diff --git a/qbittorrent/rootfs/etc/cont-init.d/00-folders.sh b/qbittorrent/rootfs/etc/cont-init.d/00-folders.sh new file mode 100644 index 000000000..e088528a7 --- /dev/null +++ b/qbittorrent/rootfs/etc/cont-init.d/00-folders.sh @@ -0,0 +1,59 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash + +mkdir -p /config/qBittorrent +mkdir -p /config/wireguard +mkdir -p /config/openvpn + +MIGRATED="" + +# Move main folder +if [ -f /homeassistant/addons_config/qBittorrent/qBittorrent.conf ] && [ ! -f /homeassistant/addons_config/qBittorrent/migrated ]; then + bashio::log.warning "----------------------------------------" + bashio::log.warning "Migrating configuration to the new addon" + bashio::log.warning "----------------------------------------" + cp -rnp /homeassistant/addons_config/qBittorrent/* /config/qBittorrent/ &>/dev/null || true + if [ -d /config/qBittorrent/addons_config ]; then rm -r /config/qBittorrent/addons_config; fi + if [ -d /config/qBittorrent/qBittorrent ]; then rm -r /config/qBittorrent/qBittorrent; fi + echo "Files moved to /addon_configs/$HOSTNAME/openvpn" > /homeassistant/addons_config/qBittorrent/migrated + bashio::log.yellow "... moved files from /config/addons_config/qBittorrent to /addon_configs/$HOSTNAME/qBitorrent (must be accessed with my Filebrowser addon)" + MIGRATED=true +fi + +# Move config +if [ -f /config/qBittorrent/config/qBittorrent.conf ]; then + mv /config/qBittorrent/config/* /config/qBittorrent/ || true + mv /config/qBittorrent/data/* /config/qBittorrent/ || true + rm -r /config/qBittorrent/config || true + rm -r /config/qBittorrent/data || true + MIGRATED=true +fi + +# Move openvpn +if [ -d /homeassistant/openvpn ]; then + if [ ! -f /homeassistant/openvpn/migrated ] && [ "$(ls -A /homeassistant/openvpn)" ]; then + cp -rnf /homeassistant/openvpn/* /config/openvpn &>/dev/null || true + echo "Files moved to /addon_configs/$HOSTNAME/openvpn" > /homeassistant/openvpn/migrated + fi +fi + +# Move config.yaml +if [ -f /homeassistant/addons_config/qbittorrent/config.yaml ] && [ ! -f /homeassistant/addons_config/qbittorrent/migrated ]; then + cp -rnf /homeassistant/addons_config/qbittorrent/* /config/ &>/dev/null || true + rm -r /homeassistant/addons_config/qbittorrent + bashio::log.yellow "... moved config.yaml from /config/addons_config/qbittorrent to /addon_configs/$HOSTNAME" +fi + +# Move autoscript +if [ -f /homeassistant/addons_autoscrips/qbittorrent.sh ]; then + cp -rnf /homeassistant/addons_autoscrips/qbittorrent.sh /config/ &>/dev/null || true + mv /homeassistant/addons_autoscrips/qbittorrent.sh /homeassistant/addons_autoscrips/qbittorrent.sh.bak + bashio::log.yellow "... moved qbittorrent.sh from /config/addons_autoscripts to /addon_configs/$HOSTNAME" +fi + +# Reboot post migration +if [[ "$MIGRATED" == "true" ]]; then + bashio::log.warning "Options were changed, restarting the addon" + sleep 5 + bashio::addon.restart +fi diff --git a/qbittorrent/rootfs/etc/cont-init.d/00-global_migration.sh b/qbittorrent/rootfs/etc/cont-init.d/00-global_migration.sh deleted file mode 100755 index 897b6a778..000000000 --- a/qbittorrent/rootfs/etc/cont-init.d/00-global_migration.sh +++ /dev/null @@ -1,112 +0,0 @@ -#!/usr/bin/with-contenv bashio -# shellcheck shell=bash - -# Create new folders -mkdir -p /config/wireguard -mkdir -p /config/openvpn -mkdir -p /config/qBittorrent/config -mkdir -p /config/qBittorrent/data - -MIGRATED="" - -if [ -f /homeassistant/addons_config/qBittorrent/qBittorrent.conf ] && [ ! -f /homeassistant/addons_config/qBittorrent/migrated ]; then - bashio::log.warning "----------------------------------------" - bashio::log.warning "Migrating configuration to the new addon" - bashio::log.warning "----------------------------------------" - cp -rnf /homeassistant/addons_config/qBittorrent/*.json /config/qBittorrent/config/ - cp -rnf /homeassistant/addons_config/qBittorrent/*.conf /config/qBittorrent/config/ - if [ -d /homeassistant/addons_config/qBittorrent/rss ]; then cp -rnf /homeassistant/addons_config/qBittorrent/rss /config/qBittorrent/config/; fi - cp -rnf /homeassistant/addons_config/qBittorrent/* /config/qBittorrent/data/ - if [ -d /config/qBittorrent/data/addons_config ]; then rm -r /config/qBittorrent/data/addons_config; fi - if [ -d /config/qBittorrent/data/qBittorrent ]; then rm -r /config/qBittorrent/data/qBittorrent; fi - touch /homeassistant/addons_config/qBittorrent/migrated - bashio::log.yellow "... moved files from /config/addons_config/qBittorrent to /addon_configs/$HOSTNAME/qBitorrent (must be accessed with my Filebrowser addon)" - - if [ -d /homeassistant/openvpn ]; then - if [ "$(ls -A /homeassistant/openvpn)" ]; then - cp -rnf /homeassistant/openvpn/* /config/openvpn/ - fi - fi -fi - -if [ -f /homeassistant/addons_config/qbittorrent/config.yaml ] && [ ! -f /homeassistant/addons_config/qbittorrent/migrated ]; then - cp -rnf /homeassistant/addons_config/qbittorrent/* /config/ - rm -r /homeassistant/addons_config/qbittorrent - touch /homeassistant/addons_config/qbittorrent/migrated - bashio::log.yellow "... moved config.yaml from /config/addons_config/qbittorrent to /addon_configs/$HOSTNAME" - MIGRATED=true -fi - -if [ -f /homeassistant/addons_autoscrips/qbittorrent.sh ]; then - cp -rnf /homeassistant/addons_autoscrips/qbittorrent.sh /config/ - mv /homeassistant/addons_autoscrips/qbittorrent.sh /homeassistant/addons_autoscrips/qbittorrent.sh.bak - bashio::log.yellow "... moved qbittorrent.sh from /config/addons_autoscripts to /addon_configs/$HOSTNAME" - MIGRATED=true -fi - -if bashio::config.has_value 'openvpn_enable'; then - if bashio::config.true 'openvpn_enabled'; then - bashio::addon.option "VPN_ENABLED" "yes" - bashio::log.yellow "... openvpn_enable : was true, VPN_ENABLED set to yes" - bashio::addon.option "VPN_TYPE" "openvpn" - bashio::log.yellow "... openvpn_enable : was true, VPN_TYPE set to openvpn" - fi - bashio::addon.option "openvpn_enable" - bashio::log.yellow "... openvpn_enable : removed as not used anymore" - MIGRATED=true -fi || true - -if bashio::config.has_value 'openvpn_username'; then - bashio::addon.option "VPN_USERNAME" "$(bashio::config "openvpn_username")" - bashio::log.yellow "... openvpn_username : was set, VPN_USERNAME set to $(bashio::config "openvpn_username")" - bashio::addon.option "openvpn_username" - bashio::log.yellow "... openvpn_username : removed as not used anymore" - MIGRATED=true -fi || true - -if bashio::config.has_value 'Username'; then - bashio::addon.option "QBT_USERNAME" "$(bashio::config "Username")" - bashio::log.yellow "... Username : was set, QBT_USERNAME set to $(bashio::config "Username")" - bashio::addon.option "Username" - bashio::log.yellow "... Username : removed as not used anymore" - MIGRATED=true -fi || true - -if bashio::config.has_value 'openvpn_password'; then - bashio::addon.option "VPN_PASSWORD" "$(bashio::config "openvpn_password")" - bashio::log.yellow "... openvpn_password : was set, VPN_PASSWORD set to $(bashio::config "openvpn_password")" - bashio::addon.option "openvpn_password" - bashio::log.yellow "... openvpn_password : removed as not used anymore" - MIGRATED=true -fi || true - -if bashio::config.has_value 'whitelist'; then - bashio::addon.option "LAN_NETWORK" "$(bashio::config "whitelist")" - bashio::log.yellow "... whitelist : was set, LAN_NETWORK set to $(bashio::config "whitelist")" - bashio::addon.option "whitelist" - bashio::log.yellow "... whitelist : removed as not used anymore" - MIGRATED=true -fi - -if bashio::config.has_value 'smbv1'; then - bashio::addon.option "smbv1" - bashio::log.yellow "... smbv1 : removed as not used anymore" -fi - -if bashio::config.has_value 'openvpn_config'; then - openvpn_config="$(bashio::config "openvpn_config")" - if [ -f "$openvpn_config" ]; then - cp -rnf "$openvpn_config" /config/openvpn/ - bashio::log.yellow "... openvpn file migrated to new location" - fi - bashio::addon.option "openvpn_config" -fi - -if [[ "$MIGRATED" == "true" ]]; then - bashio::log.warning "Options were changed, restarting the addon" - bashio::addon.restart -fi - -if [ -d /config/qBittorrent/qBittorrent ]; then -rm -r /config/qBittorrent/qBittorrent -fi diff --git a/qbittorrent/rootfs/etc/cont-init.d/00-ipleak.sh b/qbittorrent/rootfs/etc/cont-init.d/00-ipleak.sh deleted file mode 100755 index 6029cb94f..000000000 --- a/qbittorrent/rootfs/etc/cont-init.d/00-ipleak.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/with-contenv bashio -# shellcheck shell=bash - -curl --max-time 10 --connect-timeout 5 -s https://ipecho.net/plain > /currentip diff --git a/qbittorrent/rootfs/etc/cont-init.d/00-openvpn.sh b/qbittorrent/rootfs/etc/cont-init.d/00-openvpn.sh deleted file mode 100755 index de07f03a2..000000000 --- a/qbittorrent/rootfs/etc/cont-init.d/00-openvpn.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/with-contenv bashio -# shellcheck shell=bash -set -e - -mkdir -p /config/openvpn -chmod -R 777 /config/openvpn -QBT_CONFIG_FILE="/config/qBittorrent/config/qBittorrent.conf" - -# Ensure no redirection by removing the direction tag -if [ -f "$QBT_CONFIG_FILE" ]; then - sed -i '/Interface/d' "$QBT_CONFIG_FILE" -fi - -# Correct openvpn files -if [[ "$(bashio::config "VPN_ENABLED")" == "yes" ]] && [[ "$(bashio::config "VPN_TYPE")" == "openvpn" ]]; then - - # If there is a config file, remove nopull - if [ -n "$(ls -A /config/openvpn 2>/dev/null)" ]; then - for file in /config/openvpn/*.ovpn; do - if [ -f "$file" ]; then - - # Convert to unix - echo "... converting to unix format $file" - dos2unix "$file" - - # Remove route-nopull - if grep -q route-nopull "$file"; then - echo "... removing route-nopull from $file" - sed -i "/route-nopull/d" "$file" - fi - - # Correct paths - sed -i "s=/etc/openvpn=/config/openvpn=g" "$file" - - # Remove blank characters and add a trailing blank line - sed -i '/^[[:space:]]*$/d' "$file" - echo "" >> "$file" - fi - done - fi - - # Add iproute - ip route add 10.0.0.0/8 via 172.30.32.1 - ip route add 192.168.0.0/16 via 172.30.32.1 - ip route add 172.16.0.0/12 via 172.30.32.1 - -elif [[ "$(bashio::config "VPN_TYPE")" == "openvpn" ]]; then - -export WG_I_PREFER_BUGGY_USERSPACE_TO_POLISHED_KMOD=1 -sed -i -E 's/&& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1//gm' "$(command -v wg-quick)" || true - -fi - diff --git a/qbittorrent/rootfs/etc/cont-init.d/03-nginx_ssl.sh b/qbittorrent/rootfs/etc/cont-init.d/03-nginx_ssl.sh deleted file mode 100755 index 26c14e926..000000000 --- a/qbittorrent/rootfs/etc/cont-init.d/03-nginx_ssl.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/usr/bin/with-contenv bashio -# shellcheck shell=bash -set -e - -################ -# SSL CONFIG # -################ - -if bashio::config.true 'ssl'; then - bashio::log.info "ssl enabled. If webui don't work, disable ssl or check your certificate paths" - - # Enable ssl in script - sed -i "1a ENABLE_SSL=yes" /etc/cont-init.d/04-qbittorrent-setup.sh - - #set variables - CERTFILE=$(bashio::config 'certfile') - CERTFILE="${CERTFILE:-null}" - KEYFILE=$(bashio::config 'keyfile') - KEYFILE="${KEYFILE:-null}" - - # Correct certificate file - if [ ! -f /ssl/"$CERTFILE" ]; then - bashio::log.warning "... CERTFILE option not found or valid, using self-generated /config/qBittorrent/config/WebUICertificate.crt" - else - chmod 744 /ssl/"$CERTFILE" - sed -i "s|/config/qBittorrent/config/WebUICertificate.crt|/ssl/$CERTFILE|g" /etc/cont-init.d/04-qbittorrent-setup.sh - sed -i "s|WebUICertificate.crt|$CERTFILE|g" /etc/cont-init.d/04-qbittorrent-setup.sh - fi - - # Correct keyfile - if [ ! -f /ssl/"$KEYFILE" ]; then - bashio::log.warning "... KEYFILE option not found or valid, using self-generated /config/qBittorrent/config/WebUICertificate.crt" - else - chmod 744 /ssl/"$KEYFILE" - sed -i "s|/config/qBittorrent/config/WebUIKey.key|/ssl/$KEYFILE|g" /etc/cont-init.d/04-qbittorrent-setup.sh - sed -i "s|WebUIKey.key|$KEYFILE|g" /etc/cont-init.d/04-qbittorrent-setup.sh - fi - - # Set nginx protocol - qbittorrent_protocol=https -else - # Disable ssl in script - sed -i "1a ENABLE_SSL=no" /etc/cont-init.d/04-qbittorrent-setup.sh - # Prepare ingress - qbittorrent_protocol="http" - # Correct qBittorrent.conf - if [ -f /config/qBittorrent/config/qBittorrent.conf ]; then - sed -i "/HTTPS/d" /config/qBittorrent/config/qBittorrent.conf - fi -fi - -################# -# NGINX SETTING # -################# - -cp /etc/nginx/templates/ingress.gtpl /etc/nginx/servers/ingress.conf - -sed -i "s|{{ .interface }}|$(bashio::addon.ip_address)|g" /etc/nginx/servers/ingress.conf -sed -i "s|{{ .port }}|$(bashio::addon.ingress_port)|g" /etc/nginx/servers/ingress.conf -sed -i "s|{{ .protocol }}|${qbittorrent_protocol}|g" /etc/nginx/servers/ingress.conf -sed -i "s|{{ .certfile }}|$(bashio::config 'certfile')|g" /etc/nginx/servers/ingress.conf -sed -i "s|{{ .keyfile }}|$(bashio::config 'keyfile')|g" /etc/nginx/servers/ingress.conf -sed -i "s|{{ .ssl }}|$(bashio::config 'ssl')|g" /etc/nginx/servers/ingress.conf diff --git a/qbittorrent/rootfs/etc/cont-init.d/05-wpn.sh b/qbittorrent/rootfs/etc/cont-init.d/05-wpn.sh deleted file mode 100755 index cf82dc6f7..000000000 --- a/qbittorrent/rootfs/etc/cont-init.d/05-wpn.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/usr/bin/with-contenv bashio -# shellcheck shell=bash - -# wait until vpn is up -sleep 5 - -# test if vpn is up -counter=0 -until [ "$counter" -gt 10 ] -do - echo "... waiting until vpn is up" - ( ping -c 1 "1.1.1.1" &> /dev/null ) && exit 0 || true - ((counter++)) - sleep 5 -done - -bashio::log.fatal "vpn failed to get up for 60 seconds. Issue with your config file ?" - -if [ ! -d /REBOOT ]; then - touch /REBOOT - bashio::addon.restart -fi diff --git a/qbittorrent/rootfs/etc/cont-init.d/30-nginx.sh b/qbittorrent/rootfs/etc/cont-init.d/30-nginx.sh new file mode 100644 index 000000000..169f8f801 --- /dev/null +++ b/qbittorrent/rootfs/etc/cont-init.d/30-nginx.sh @@ -0,0 +1,32 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -e + +DEBUG=$(bashio::config 'TZ') +[ "$DEBUG" = "debug" ] && echo "Before declare" + +################# +# NGINX SETTING # +################# + +#declare admin_port +declare qbittorrent_protocol=http + +[ "$DEBUG" = "debug" ] && echo "Before ssl" + +# Generate Ingress configuration +if bashio::config.true 'ssl'; then + qbittorrent_protocol=https +fi + +[ "$DEBUG" = "debug" ] && echo "Before cp" + +cp /etc/nginx/templates/ingress.gtpl /etc/nginx/servers/ingress.conf + +[ "$DEBUG" = "debug" ] && echo "Before sed" +sed -i "s|{{ .interface }}|$(bashio::addon.ip_address)|g" /etc/nginx/servers/ingress.conf +sed -i "s|{{ .port }}|$(bashio::addon.ingress_port)|g" /etc/nginx/servers/ingress.conf +sed -i "s|{{ .protocol }}|${qbittorrent_protocol}|g" /etc/nginx/servers/ingress.conf +sed -i "s|{{ .certfile }}|$(bashio::config 'certfile')|g" /etc/nginx/servers/ingress.conf +sed -i "s|{{ .keyfile }}|$(bashio::config 'keyfile')|g" /etc/nginx/servers/ingress.conf +sed -i "s|{{ .ssl }}|$(bashio::config 'ssl')|g" /etc/nginx/servers/ingress.conf diff --git a/qbittorrent/rootfs/etc/cont-init.d/91-qbittorrent_configuration.sh b/qbittorrent/rootfs/etc/cont-init.d/91-qbittorrent_configuration.sh index ecd389029..ef8cda52a 100755 --- a/qbittorrent/rootfs/etc/cont-init.d/91-qbittorrent_configuration.sh +++ b/qbittorrent/rootfs/etc/cont-init.d/91-qbittorrent_configuration.sh @@ -6,15 +6,11 @@ set -e # INIT # ########## -if [ -f /REBOOT ]; then - rm /REBOOT -fi - # Define preferences line -CONFIG_LOCATION=/config/qBittorrent/config/ +CONFIG_LOCATION=/config/qBittorrent mkdir -p "$CONFIG_LOCATION" -# copy default config +# copy default config if [ ! -f "$CONFIG_LOCATION"/qBittorrent.conf ]; then cp /defaults/qBittorrent.conf "$CONFIG_LOCATION"/qBittorrent.conf fi @@ -23,6 +19,10 @@ cd "$CONFIG_LOCATION"/ || true LINE=$(sed -n '/\[Preferences\]/=' qBittorrent.conf) || bashio::exit.nok "qBittorrent.conf not valid" LINE=$((LINE + 1)) +# Remove unused folders +if [ -d "$CONFIG_LOCATION"/addons_config ]; then rm -r "$CONFIG_LOCATION"/addons_config; fi +if [ -d "$CONFIG_LOCATION"/qBittorrent ]; then rm -r "$CONFIG_LOCATION"/qBittorrent; fi + # Check file size ORIGINAL_SIZE="$(wc -c "$CONFIG_LOCATION"/qBittorrent.conf)" @@ -61,7 +61,7 @@ if bashio::config.has_value 'SavePath'; then fi # Create default location -if [ ! -d "$DOWNLOADS" ]; then +if [ ! -d "$DOWNLOADS" ]; then mkdir -p "$DOWNLOADS" || bashio::log.fatal "Error : folder defined in SavePath doesn't exist and can't be created. Check path" fi chown -R "$PUID:$PGID" "$DOWNLOADS" || bashio::log.fatal "Error, please check default save folder configuration in addon" @@ -70,28 +70,53 @@ chown -R "$PUID:$PGID" "$DOWNLOADS" || bashio::log.fatal "Error, please check de # Avoid bugs # ############## -sed -i -e '/CSRFProtection/d' \ - -e '/ClickjackingProtection/d' \ - -e '/HostHeaderValidation/d' \ - -e '/Address/d' \ - -e "$LINE i\WebUI\\\CSRFProtection=false" \ - -e "$LINE i\WebUI\\\ClickjackingProtection=false" \ - -e "$LINE i\WebUI\\\HostHeaderValidation=false" \ - -e "$LINE i\WebUI\\\Address=\*" qBittorrent.conf +sed -i -e "/CSRFProtection/d" \ + -e "/ClickjackingProtection/d" \ + -e "/HostHeaderValidation/d" \ + -e "/WebUI\\\Address/d" \ + -e "/\[Preferences\]/a \WebUI\\\CSRFProtection=false" \ + -e "/\[Preferences\]/a \WebUI\\\ClickjackingProtection=false" \ + -e "/\[Preferences\]/a \WebUI\\\HostHeaderValidation=false" \ + -e "/\[Preferences\]/a \WebUI\\\Address=\*" qBittorrent.conf + +#sed -i '/WebUI\ReverseProxySupportEnabled/d' qBittorrent.conf +#sed -i "$LINE i\WebUI\\\ReverseProxySupportEnabled=true" qBittorrent.conf ################ # Correct Port # ################ +# sed -i '/PortRangeMin/d' qBittorrent.conf +# sed -i "$LINE i\Connection\\\PortRangeMin=6881" qBittorrent.conf sed -i "s|6881|59595|g" qBittorrent.conf # Correction if required +################ +# SSL CONFIG # +################ + +# Clean data +sed -i '/HTTPS/d' qBittorrent.conf + +bashio::config.require.ssl +if bashio::config.true 'ssl'; then + bashio::log.info "ssl enabled. If webui don't work, disable ssl or check your certificate paths" + #set variables + CERTFILE=$(bashio::config 'certfile') + KEYFILE=$(bashio::config 'keyfile') + + #Modify configuration + sed -i "$LINE i\WebUI\\\HTTPS\\\Enabled=True" qBittorrent.conf + sed -i "$LINE i\WebUI\\\HTTPS\\\CertificatePath=/ssl/$CERTFILE" qBittorrent.conf + sed -i "$LINE i\WebUI\\\HTTPS\\\KeyPath=/ssl/$KEYFILE" qBittorrent.conf +fi + ################ # WHITELIST # ################ cd "$CONFIG_LOCATION"/ || true -WHITELIST="$(bashio::config 'LAN_NETWORK')" +WHITELIST="$(bashio::config 'whitelist')" #clean data sed -i '/AuthSubnetWhitelist/d' qBittorrent.conf @@ -109,32 +134,21 @@ fi ############### cd "$CONFIG_LOCATION"/ || true -if bashio::config.has_value 'QBT_USERNAME'; then - QBT_USERNAME=$(bashio::config 'QBT_USERNAME') +if bashio::config.has_value 'Username'; then + USERNAME="$(bashio::config 'Username')" else - QBT_USERNAME="admin" + USERNAME=admin fi + #clean data sed -i '/WebUI\\\Username/d' qBittorrent.conf #add data -sed -i "/\[Preferences\]/a\WebUI\\\Username=$QBT_USERNAME" qBittorrent.conf -bashio::log.info "WEBUI username set to $QBT_USERNAME" +sed -i "/\[Preferences\]/a\WebUI\\\Username=$USERNAME" qBittorrent.conf +bashio::log.info "WEBUI username set to $USERNAME" -############### -# PASSWORD # -############### - -# Set initial password to homeassistant -cd "$CONFIG_LOCATION"/ || true -if ! grep -q "Password_PBKDF2" qBittorrent.conf; then - function escape_special_characters() { - local value="$1" - value=$(echo "$value" | sed 's/[&/\;.<>`$*(){}[\]~^|!?@%#=,:+_-]/\\&/g') - echo "$value" - } - PBKDF2="UDxNW6zG8wJHG9PvnGFP4A==:gJZEXLbR2XYNN042G4ygLMvZi2BhHm2m6Soz6GVCrCuVZH6OSkUan7AvUDEiSodHckUm8oNTkx9atQwcUf/JLQ==" - PBKDF2="$(escape_special_characters "$PBKDF2")" - sed -i "/\[Preferences\]/a\WebUI\\\Password_PBKDF2=\"@ByteArray($PBKDF2)\"" qBittorrent.conf +# Add default password if not existing +if ! grep -q Password_PBKDF2 qBittorrent.conf; then + sed -i "/\[Preferences\]/a\WebUI\\\Password_PBKDF2=\"@ByteArray(cps93Gf8ma8EM3QRon+spg==:wYFoMNVmdiqzWYQ6mFrvET+RRbBSIPVfXFFeEy0ZEagxvNuEF7uGVnG5iq8oeu38kGLtmJqCM2w8cTdtORDP2A==)\"" qBittorrent.conf fi #################### @@ -146,6 +160,7 @@ fi # Check file size if [[ "$ORIGINAL_SIZE" != "$(wc -c "$CONFIG_LOCATION"/qBittorrent.conf)" ]]; then bashio::log.warning "Configuration changed, rebooting" + sleep 5 bashio::addon.restart fi @@ -219,5 +234,5 @@ fi # CLOSE # ########## -bashio::log.info "Default username/password : $QBT_USERNAME/homeassistant. Please change your password on first connection" +bashio::log.info "Default username/password : $USERNAME/homeassistant" bashio::log.info "Configuration can be found in $CONFIG_LOCATION" diff --git a/qbittorrent/rootfs/etc/cont-init.d/93-openvpn.sh b/qbittorrent/rootfs/etc/cont-init.d/93-openvpn.sh new file mode 100644 index 000000000..a2f704984 --- /dev/null +++ b/qbittorrent/rootfs/etc/cont-init.d/93-openvpn.sh @@ -0,0 +1,175 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -e + +declare openvpn_config +declare openvpn_username +declare openvpn_password + +QBT_CONFIG_FILE="/config/qBittorrent/qBittorrent.conf" + +if bashio::config.true 'openvpn_enabled'; then + + bashio::log.info "----------------------------" + bashio::log.info "Openvpn enabled, configuring" + bashio::log.info "----------------------------" + + # Get current ip + curl -s ipecho.net/plain > /currentip + + ##################### + # CONFIGURE OPENVPN # + ##################### + + # If openvpn_config option used + if bashio::config.has_value "openvpn_config"; then + openvpn_config=$(bashio::config 'openvpn_config') + # If file found + if [ -f /config/openvpn/"$openvpn_config" ]; then + # If correct type + if [[ "$openvpn_config" == *".ovpn" ]] || [[ "$openvpn_config" == *".conf" ]]; then + echo "... configured ovpn file : using /addon_configs/$HOSTNAME/openvpn/$openvpn_config" + # Copy potential additional files + cp /config/openvpn/* /etc/openvpn/ + # Standardize file   + cp /config/openvpn/"${openvpn_config}" /etc/openvpn/config.ovpn + # Not correct type + else + bashio::exit.nok "Configured ovpn file : $openvpn_config is set but does not end by .ovpn ; it can't be used!" + fi + # File not found + else + bashio::exit.nok "Configured ovpn file : $openvpn_config not found! Are you sure you added it in /addon_configs/$HOSTNAME/openvpn using the Filebrowser addon ?" + fi + + # If openvpn_config not set, but folder is not empty + elif [ "$(ls -A /config/openvpn/*.ovpn 2>/dev/null)" ]; then + # Look for openvpn files + # Wildcard search for openvpn config files and store results in array + mapfile -t VPN_CONFIGS < <( find /config/openvpn -maxdepth 1 -name "*.ovpn" -print ) + # Choose random config + VPN_CONFIG="${VPN_CONFIGS[$RANDOM % ${#VPN_CONFIGS[@]}]}" + # Get the VPN_CONFIG name without the path and extension + openvpn_config="${VPN_CONFIG##*/}" + echo "... Openvpn enabled, but openvpn_config option empty. Selecting a random ovpn file : ${openvpn_config}" + # Copy potential additional files + cp /config/openvpn/* /etc/openvpn/ + # Standardize file + cp /config/openvpn/"${openvpn_config}" /etc/openvpn/config.ovpn +   + # If openvpn_config not set, and folder is empty + else + bashio::exit.nok "Openvpn enabled, but no .ovpn files in the /addon_configs/$HOSTNAME/openvpn folder ! Exiting"   + fi + + # Correct paths + sed -i "s=/etc/openvpn=/config/openvpn=g" /etc/openvpn/config.ovpn + + # Remove ipv6 + if grep -q "ipv6" /etc/openvpn/config.ovpn; then + bashio::log.warning "ipv6 configured in the ovpn file but not compatible with the addon. You should remove it." + fi +   + # Set credentials + if bashio::config.has_value "openvpn_username"; then + openvpn_username=$(bashio::config 'openvpn_username') + echo "${openvpn_username}" >/etc/openvpn/credentials + else + bashio::exit.nok "Openvpn is enabled, but openvpn_username option is empty! Exiting" + fi + if bashio::config.has_value "openvpn_password"; then + openvpn_password=$(bashio::config 'openvpn_password') + echo "${openvpn_password}" >>/etc/openvpn/credentials + else + bashio::exit.nok "Openvpn is enabled, but openvpn_password option is empty! Exiting" + fi +   + # Add credentials file + if grep -q auth-user-pass /etc/openvpn/config.ovpn; then + sed -i "s/auth-user-pass.*/auth-user-pass \/etc\/openvpn\/credentials/g" /etc/openvpn/config.ovpn + else + echo "auth-user-pass /etc/openvpn/credentials" >> /etc/openvpn/config.ovpn + fi + + # Permissions + chmod 755 /etc/openvpn/* + chmod 600 /etc/openvpn/credentials + chmod 755 /etc/openvpn/up.sh + chmod 755 /etc/openvpn/down.sh + chmod 755 /etc/openvpn/up-qbittorrent.sh + chmod +x /etc/openvpn/up.sh + chmod +x /etc/openvpn/up-qbittorrent.sh + + echo "... openvpn correctly set, qbittorrent will run tunnelled through openvpn" + + ######################### + # CONFIGURE QBITTORRENT # + ######################### + + # WITH CONTAINER BINDING + ######################### + # If alternative mode enabled, bind container + if bashio::config.true 'openvpn_alt_mode'; then + echo "Using container binding" + + # Remove interface + echo "... deleting previous interface settings" + sed -i '/Interface/d' "$QBT_CONFIG_FILE" + + # Modify ovpn config + if grep -q route-nopull /etc/openvpn/config.ovpn; then + echo "... removing route-nopull from your config.ovpn" + sed -i '/route-nopull/d' /etc/openvpn/config.ovpn + fi + + # Exit + exit 0 + fi + + # WITH INTERFACE BINDING + ######################### + # Connection with interface binding + echo "Using interface binding in the qBittorrent app" + + # Define preferences line + cd /config/qBittorrent/ || exit 1 + + # If qBittorrent.conf exists + if [ -f "$QBT_CONFIG_FILE" ]; then + # Remove previous line and bind tun0 + echo "... deleting previous interface settings" + sed -i '/Interface/d' "$QBT_CONFIG_FILE" + + # Bind tun0 + echo "... binding tun0 interface in qBittorrent configuration" + sed -i "/\[Preferences\]/ i\Connection\\\Interface=tun0" "$QBT_CONFIG_FILE" + sed -i "/\[Preferences\]/ i\Connection\\\InterfaceName=tun0" "$QBT_CONFIG_FILE" + + # Add to ongoing session + sed -i "/\[BitTorrent\]/a \Session\\\Interface=tun0" "$QBT_CONFIG_FILE" + sed -i "/\[BitTorrent\]/a \Session\\\InterfaceName=tun0" "$QBT_CONFIG_FILE" + + else + bashio::log.error "qBittorrent config file doesn't exist, openvpn must be added manually to qbittorrent options " + exit 1 + fi + + # Modify ovpn config + if ! grep -q route-nopull /etc/openvpn/config.ovpn; then + echo "... adding route-nopull to your config.ovpn" + sed -i "1a route-nopull" /etc/openvpn/config.ovpn + fi + +else + + ################## + # REMOVE OPENVPN # + ################## + + # Ensure no redirection by removing the direction tag + if [ -f "$QBT_CONFIG_FILE" ]; then + sed -i '/Interface/d' "$QBT_CONFIG_FILE" + fi + bashio::log.info "Direct connection without VPN enabled" + +fi diff --git a/qbittorrent/rootfs/etc/openvpn/down.sh b/qbittorrent/rootfs/etc/openvpn/down.sh new file mode 100644 index 000000000..8f31dd6b5 --- /dev/null +++ b/qbittorrent/rootfs/etc/openvpn/down.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# shellcheck disable=SC2154,SC2004,SC2059,SC2086 +# Copyright (c) 2006-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# Contributed by Roy Marples (uberlord@gentoo.org) + +# If we have a service specific script, run this now +if [ -x /etc/openvpn/"${RC_SVCNAME}"-down.sh ] ; then + /etc/openvpn/"${RC_SVCNAME}"-down.sh "$@" +fi + +# Restore resolv.conf to how it was +if [ "${PEER_DNS}" != "no" ]; then + if [ -x /sbin/resolvconf ] ; then + /sbin/resolvconf -d "${dev}" + elif [ -e /etc/resolv.conf-"${dev}".sv ] ; then + # Important that we cat instead of move incase resolv.conf is + # a symlink and not an actual file + cat /etc/resolv.conf-"${dev}".sv > /etc/resolv.conf + rm -f /etc/resolv.conf-"${dev}".sv + fi +fi + +if [ -n "${RC_SVCNAME}" ]; then + # Re-enter the init script to start any dependant services + if /etc/init.d/"${RC_SVCNAME}" --quiet status ; then + export IN_BACKGROUND=true + if [ -d /var/run/s6/container_environment ]; then printf "%s" "true" > /var/run/s6/container_environment/IN_BACKGROUND; fi + printf "%s" "IN_BACKGROUND=\"true\"" >> ~/.bashrc + /etc/init.d/"${RC_SVCNAME}" --quiet stop + fi +fi + +exit 0 + +# vim: ts=4 : diff --git a/qbittorrent/rootfs/etc/openvpn/up-qbittorrent.sh b/qbittorrent/rootfs/etc/openvpn/up-qbittorrent.sh new file mode 100644 index 000000000..0f0101dbc --- /dev/null +++ b/qbittorrent/rootfs/etc/openvpn/up-qbittorrent.sh @@ -0,0 +1,9 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -e + +WEBUI_PORT=${WEBUI_PORT:-8080} + +exec \ + s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost ${WEBUI_PORT}" \ + s6-setuidgid abc /usr/bin/qbittorrent-nox --webui-port="${WEBUI_PORT}" diff --git a/qbittorrent/rootfs/etc/openvpn/up.sh b/qbittorrent/rootfs/etc/openvpn/up.sh new file mode 100644 index 000000000..33a8b877a --- /dev/null +++ b/qbittorrent/rootfs/etc/openvpn/up.sh @@ -0,0 +1,97 @@ +#!/bin/sh +# shellcheck disable=SC2154,SC2004,SC2059,SC2086 + +# launch qbittorrent +/etc/openvpn/up-qbittorrent.sh "${4}" & + +# Copyright (c) 2006-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# Contributed by Roy Marples (uberlord@gentoo.org) + +# Setup our resolv.conf +# Vitally important that we use the domain entry in resolv.conf so we +# can setup the nameservers are for the domain ONLY in resolvconf if +# we're using a decent dns cache/forwarder like dnsmasq and NOT nscd/libc. +# nscd/libc users will get the VPN nameservers before their other ones +# and will use the first one that responds - maybe the LAN ones? +# non resolvconf users just the the VPN resolv.conf + +# FIXME:- if we have >1 domain, then we have to use search :/ +# We need to add a flag to resolvconf to say +# "these nameservers should only be used for the listed search domains +# if other global nameservers are present on other interfaces" +# This however, will break compatibility with Debians resolvconf +# A possible workaround would be to just list multiple domain lines +# and try and let resolvconf handle it + +if [ "${PEER_DNS}" != "no" ]; then + NS= + DOMAIN= + SEARCH= + i=1 + while true ; do + eval opt=\$foreign_option_${i} + [ -z "${opt}" ] && break + if [ "${opt}" != "${opt#dhcp-option DOMAIN *}" ] ; then + if [ -z "${DOMAIN}" ] ; then + DOMAIN="${opt#dhcp-option DOMAIN *}" + else + SEARCH="${SEARCH}${SEARCH:+ }${opt#dhcp-option DOMAIN *}" + fi + elif [ "${opt}" != "${opt#dhcp-option DNS *}" ] ; then + NS="${NS}nameserver ${opt#dhcp-option DNS *}\n" + fi + i=$((${i} + 1)) + done + + if [ -n "${NS}" ] ; then + DNS="# Generated by openvpn for interface ${dev}\n" + if [ -n "${SEARCH}" ] ; then + DNS="${DNS}search ${DOMAIN} ${SEARCH}\n" + elif [ -n "${DOMAIN}" ]; then + DNS="${DNS}domain ${DOMAIN}\n" + fi + DNS="${DNS}${NS}" + if [ -x /sbin/resolvconf ] ; then + printf "${DNS}" | /sbin/resolvconf -a "${dev}" + else + # Preserve the existing resolv.conf + if [ -e /etc/resolv.conf ] ; then + cp /etc/resolv.conf /etc/resolv.conf-"${dev}".sv + fi + printf "${DNS}" > /etc/resolv.conf + chmod 644 /etc/resolv.conf + fi + fi +fi + +# Below section is Gentoo specific +# Quick summary - our init scripts are re-entrant and set the RC_SVCNAME env var +# as we could have >1 openvpn service + +if [ -n "${RC_SVCNAME}" ]; then + # If we have a service specific script, run this now + if [ -x /etc/openvpn/"${RC_SVCNAME}"-up.sh ] ; then + /etc/openvpn/"${RC_SVCNAME}"-up.sh "$@" + fi + + # Re-enter the init script to start any dependant services + if ! /etc/init.d/"${RC_SVCNAME}" --quiet status ; then + export IN_BACKGROUND=true + if [ -d /var/run/s6/container_environment ]; then printf "%s" "true" > /var/run/s6/container_environment/IN_BACKGROUND; fi + printf "%s" "IN_BACKGROUND=\"true\"" >> ~/.bashrc + /etc/init.d/${RC_SVCNAME} --quiet start + fi +fi + +############### +# ALLOW WEBUI # +############### + +ip route add 10.0.0.0/8 via 172.30.32.1 +ip route add 192.168.0.0/16 via 172.30.32.1 +ip route add 172.16.0.0/12 via 172.30.32.1 + +exit 0 + +# vim: ts=4 : diff --git a/qbittorrent/rootfs/etc/s6-overlay/s6-rc.d/svc-qbittorrent/run b/qbittorrent/rootfs/etc/s6-overlay/s6-rc.d/svc-qbittorrent/run new file mode 100644 index 000000000..4a9f251f3 --- /dev/null +++ b/qbittorrent/rootfs/etc/s6-overlay/s6-rc.d/svc-qbittorrent/run @@ -0,0 +1,24 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -e + +WEBUI_PORT=${WEBUI_PORT:-8080} + +if bashio::config.true 'silent'; then + sed -i 's|/proc/1/fd/1 hassio;|off;|g' /etc/nginx/nginx.conf +fi + +if bashio::config.true 'openvpn_enabled'; then + cd /etc/openvpn || true + exec /usr/sbin/openvpn --config /etc/openvpn/config.ovpn --script-security 2 --up /etc/openvpn/up.sh --down /etc/openvpn/down.sh +else + if bashio::config.true 'silent'; then + exec \ + s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost ${WEBUI_PORT}" \ + s6-setuidgid abc /usr/bin/qbittorrent-nox --webui-port="${WEBUI_PORT}" >/dev/null + else + exec \ + s6-notifyoncheck -d -n 300 -w 1000 -c "nc -z localhost ${WEBUI_PORT}" \ + s6-setuidgid abc /usr/bin/qbittorrent-nox --webui-port="${WEBUI_PORT}" + fi +fi diff --git a/qbittorrent/rootfs/etc/services.d/nginx/run b/qbittorrent/rootfs/etc/services.d/nginx/run index 9807d585e..2c53a31bc 100644 --- a/qbittorrent/rootfs/etc/services.d/nginx/run +++ b/qbittorrent/rootfs/etc/services.d/nginx/run @@ -8,15 +8,20 @@ bashio::net.wait_for 8080 localhost 900 bashio::log.info "Starting NGinx..." -if [[ "$(bashio::config 'VPN_ENABLED')" == "yes" ]]; then +# Check vpn is working +if [ -f /currentip ]; then exec nginx & \ while true; do # Get vpn ip - curl -s ipecho.net/plain --interface tun0 > /vpnip + if bashio::config.true 'openvpn_alt_mode'; then + curl -s ipecho.net/plain > /vpnip + else + curl -s ipecho.net/plain --interface tun0 > /vpnip + fi # Verify ip has changed if [[ "$(cat /vpnip)" = "$(cat /currentip)" ]]; then - bashio::log.fatal "VPN is not properly configured. Your ip is exposed." + bashio::log.fatal "VPN is not properly configured. Your ip is exposed. Please fix this, or do not use the vpn alt mode" bashio::exit.nok fi @@ -27,7 +32,7 @@ if [[ "$(bashio::config 'VPN_ENABLED')" == "yes" ]]; then bashio::log.info "VPN is up and running with ip $(cat /vpnip), based in country : $COUNTRY" # Check every 15m - sleep 30m + sleep 15m true done diff --git a/qbittorrent/stats.png b/qbittorrent/stats.png index 574815181..3b63dc271 100644 Binary files a/qbittorrent/stats.png and b/qbittorrent/stats.png differ diff --git a/qbittorrent/updater.json b/qbittorrent/updater.json index e3020f7fe..a95a5707f 100644 --- a/qbittorrent/updater.json +++ b/qbittorrent/updater.json @@ -4,6 +4,6 @@ "repository": "alexbelgium/hassio-addons", "slug": "qbittorrent", "source": "github", - "upstream_repo": "trigus42/qbittorrentvpn", + "upstream_repo": "linuxserver/docker-qbittorrent", "upstream_version": "4.6.2" }