Just a curious question, would I be better running Qbittorrent behind a vpn in a container, or just running a full VM?
I obviously need to use a VPN for this, and would set up gluetun in a container and link Qbit and Prowlarr to it.
Interested in thoughts and best option.
I run Qbit in an LXC and route it via Opnsense (with killswitch configured) to Mullvad VPN
Container would use less resources. But technically a VM would be more secure.
i was running qbitT plus gluetun in a docker container inside a ubuntu VM. i just switched to the qbitT LXC with openvpn installed on the lxc and am getting significantly faster download speeds
LXC is quicker/easier/lighter.
I run qbit in LXC with nordvpn.
Are you running OPNsense in proxmox? I am running it on a standalone device…
How are you getting to the storage for the torrents? Surely not saving in the LXC…
Secure in what sense? Not being able to escape the VM? Not so sure that applies to a torrent client.
Now if you’re installing cracked games or something…
Ok, so VM for things needing be behind a VPN and then LXC for other things like Plex, or just put all under the VM?
Sorry for my ignorance, how did you install the openvpn on the qbit LXC?
Did you use any resources when setting this up? This is what I would like to achieve too, any insight?
I do run Opnsense as a VM in Proxmox but the should not make any difference for the firewall rules etc
How to manually configure OpenVPN for Proton VPN in Linux | Proton VPN i used this doc. it is for protonVPN but it applies to openVPN as well. you need your configuration file for this. once i got openVPN working i set up a cron job on reboot to automatically start when the container starts, and set qbit to tun0 network interface so if openvpn is not running it doesn’t have a network interface and won’t download
I used tteck’s deployment script for qbit LXC, and then just followed NordVPNs install guide for Debian. I also added a small delay for starting of qbit service so that I could be sure the VPN was up and running - had noticed in the past sometimes if the VPN is slower to start then torrents could already be seeding on your native IP.
Lol, but if it’s privileged it can’t connect to cifs…without odd workarounds
Awesome thank you for that. Another question, how do you handle the storage side and allowing both VM and LXC accessing the HDD with the media?
put media on a NAS share and give them both access
So are you running unpriveleged lxc or privileged? I hate the workaround for privileged as that part of the config isn’t backed up.
i think unprivileged. if you’re talking about plex i just used the tteck script
Yes but you have to show plex the media. I’d never run a privileged lxc