first commit

.gitignore

@@ -0,0 +1 @@
+build/certs/*.ovpn

Makefile

@@ -0,0 +1,30 @@
+.PHONY: *
+
+ip_test:
+	whois $(shell docker exec transmission curl -s ipaddr.ovh) | grep -e "\(descr\|org-name\)"
+
+start:
+	docker compose up -d
+
+stop:
+	docker compose down
+
+restart: stop start
+
+build:
+	$(MAKE) -C ./build $@
+
+build_force:
+	$(MAKE) -C ./build $@
+
+debug:
+	docker exec -ti transmission bash
+
+logs:
+	docker logs --follow transmission
+
+iptables:
+	iptables -t nat -A PREROUTING -p tcp --dport 9091 -j DNAT --to-destination 192.168.1.2:9091
+	iptables -A FORWARD -p tcp -d 192.168.1.2 --dport 9091 -j ACCEPT
+	iptables -t nat -A POSTROUTING -j MASQUERADE
+

build/Dockerfile

@@ -0,0 +1,18 @@
+FROM debian:bullseye-slim
+
+RUN groupadd --gid 1000 debian-transmission
+RUN useradd --uid 1000 --gid 1000 -d /var/lib/transmission-daemon debian-transmission
+
+RUN mkdir /home/torrent/
+RUN chown debian-transmission.debian-transmission /home/torrent
+
+RUN apt update && apt upgrade -y
+RUN apt install -y openvpn transmission-daemon
+RUN apt install -y curl wget iputils-ping bind9-dnsutils net-tools whois vim
+
+COPY certs/ /etc/openvpn/expressvpn/
+COPY login.conf /root/login.conf
+RUN chmod 600 /root/login.conf
+
+COPY entrypoint.sh /
+ENTRYPOINT ["/bin/bash","/entrypoint.sh"]

build/Makefile

@@ -0,0 +1,5 @@
+build:
+	docker build -t transmission .
+
+build_force:
+	docker build -t transmission --no-cache .

build/entrypoint.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# VPN
+openvpn \
+  --config /etc/openvpn/expressvpn/$SERVER.ovpn \
+  --script-security 2 \
+  --up /etc/openvpn/update-resolv-conf \
+  --down /etc/openvpn/update-resolv-conf \
+&
+
+# TRANSMISSION
+su - debian-transmission -c "transmission-daemon -f --log-debug"

build/login.conf

@@ -0,0 +1,2 @@
+<VPN user>
+<VPN password>

data/.config/transmission-daemon/settings.json

@@ -0,0 +1,70 @@
+{
+    "alt-speed-down": 50,
+    "alt-speed-enabled": false,
+    "alt-speed-time-begin": 540,
+    "alt-speed-time-day": 127,
+    "alt-speed-time-enabled": false,
+    "alt-speed-time-end": 1020,
+    "alt-speed-up": 50,
+    "bind-address-ipv4": "0.0.0.0",
+    "bind-address-ipv6": "::",
+    "blocklist-enabled": false,
+    "blocklist-url": "http://www.example.com/blocklist",
+    "cache-size-mb": 4,
+    "dht-enabled": true,
+    "download-dir": "/home/torrent/new",
+    "download-queue-enabled": true,
+    "download-queue-size": 5,
+    "encryption": 1,
+    "idle-seeding-limit": 30,
+    "idle-seeding-limit-enabled": false,
+    "incomplete-dir": "/home/torrent/incoming",
+    "incomplete-dir-enabled": true,
+    "lpd-enabled": true,
+    "message-level": 3,
+    "peer-congestion-algorithm": "",
+    "peer-id-ttl-hours": 6,
+    "peer-limit-global": 200,
+    "peer-limit-per-torrent": 50,
+    "peer-port": 52285,
+    "peer-port-random-high": 65535,
+    "peer-port-random-low": 49152,
+    "peer-port-random-on-start": true,
+    "peer-socket-tos": "default",
+    "pex-enabled": true,
+    "port-forwarding-enabled": false,
+    "preallocation": 1,
+    "prefetch-enabled": true,
+    "queue-stalled-enabled": true,
+    "queue-stalled-minutes": 30,
+    "ratio-limit": 2,
+    "ratio-limit-enabled": false,
+    "rename-partial-files": true,
+    "rpc-authentication-required": false,
+    "rpc-bind-address": "0.0.0.0",
+    "rpc-enabled": true,
+    "rpc-host-whitelist": "127.0.0.1",
+    "rpc-host-whitelist-enabled": true,
+    "rpc-password": "{554579ba2ac687fe32efae06fd0d6b8e760bbe3bFw9mp65f",
+    "rpc-port": 9091,
+    "rpc-url": "/transmission/",
+    "rpc-username": "",
+    "rpc-whitelist": "127.0.0.1,192.168.0.*,192.168.1.*",
+    "rpc-whitelist-enabled": true,
+    "scrape-paused-torrents-enabled": true,
+    "script-torrent-done-enabled": true,
+    "script-torrent-done-filename": "/var/lib/transmission-daemon/finisher.pl",
+    "seed-queue-enabled": false,
+    "seed-queue-size": 10,
+    "speed-limit-down": 100,
+    "speed-limit-down-enabled": false,
+    "speed-limit-up": 100,
+    "speed-limit-up-enabled": false,
+    "start-added-torrents": false,
+    "trash-original-torrent-files": true,
+    "umask": 2,
+    "upload-slots-per-torrent": 14,
+    "utp-enabled": true,
+    "watch-dir": "/home/torrent/pool",
+    "watch-dir-enabled": true
+}

data/finisher.pl

@@ -0,0 +1,11 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+# Stop sharing
+if( $ENV{ "TR_TORRENT_ID" } )
+{
+        print "/usr/bin/transmission-remote -t ".$ENV{ "TR_TORRENT_ID" }." -r\n";
+        system("/usr/bin/transmission-remote", "-t", $ENV{ "TR_TORRENT_ID" }, "-r" );
+}

docker-compose.yml

@@ -0,0 +1,37 @@
+services:
+  transmission:
+    container_name: transmission
+    privileged: true
+    hostname: transmission
+    build: ./build
+    image: transmission
+    environment:
+      - TZ=Europe/Paris
+      - SERVER=alsace
+    volumes:
+      - /etc/localtime:/etc/localtime:ro
+      - ./data:/var/lib/transmission-daemon/
+      - torrent:/home/torrent
+    restart: unless-stopped
+    networks:
+      br0:
+        ipv4_address: 192.168.1.2
+    ports:
+      - "192.168.0.1:9091:9091"
+      - 51413:51413
+      - 51413:51413/udp
+
+volumes:
+  torrent:
+    driver_opts:
+      type: "nfs"
+      o: "addr=192.168.0.2,nolock,soft,nfsvers=4"
+      device: ":/Volume1/torrent"
+
+networks:
+  br0:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 192.168.1.0/24
+