• Appoxo@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Would it be possible to reveal what you did to increase security?
    I always (want to) try to improve mine.

    • ANIMATEK@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 year ago

      I have two containers, qBittorrent and the VPN:

      • VPN is fully tunneled and encrypted.
      • qbt only ever sees the VPN as its network. It is logically isolated from my main gateway.
      • there are healthchecks running, so if the VPN fails qbt enters in a restart loop until the VPN is back to a healthy status.
      • I use private trackers for 99% of my torrents.

      You also have to know that these scummy law firms use honey pot attacks, where they advertise themselves as leechers and record your IP if you upload to them. Technically a proxy to another country would just be enough here, but hey, this works too and I sleep better.

      • Appoxo@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Since you use a torrent container and a vpn container I am interested in how you manage to communicate with the torrent container.
        Do you utilize the *arr stack? Also with a docker?
        If the answer is yes, how did you achieve the communication between the containers?

        Reason I am asking is, that I want to connect to my other container but when I bind my container to the service I am unable to let it communicate directly with it.
        By that logic, I’d need to access the container through the vpn container, right? (*arr <-> vpn container <-> downloader container)

        • ANIMATEK@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          You have to expose the qbt http port in your VPN container. All API communication (arrs etc) goes through here.

          • Appoxo@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            After much thinking I managed it myself and found that out as well. What I also needed was the environment variable FIREWALL_OUTBOUND_SUBNETS so my other containers could connect to the container.