26
Yunohost, the *arr stack and VPN (feddit.org)
submitted 1 day ago by Bababasti@feddit.org to c/selfhosted@lemmy.world
19 comments fedilink hide all child comments

Hey there!

I know Yunohost is perfectly fine for beginners while being limiting to advanced users. I think I am somewhere in the middle. Right now, I hope you maybe have some advice for me on how you could set something like this up:

Yunohost has Sonarr, Lidarr and Prowlarr installed and configured. Inside these, there are working connections to a qBittorrent client.

Disclaimer: for legal reasons I want to use a VPN for torrenting purposes. In Germany, seeding is what can get you in big trouble, so I’ll just say I want to use a VPN to protect my privacy. Not because I want to torrent copyrighted material of course.

This whole *arr apps in Yunohost in connection with a qBittorrent client, also installed via yunohost, works very well, but I don’t know/can’t figure out how to setup a VPN together with it. When just add my Mullvad wireguard config, my whole setup goes behind the VPN obviously, so my Immich and Nextcloud will also be gone for my other apps while in the VPN. I would like to be able to just put the qBittorrent in a vpn, but couldn’t figure out how. In a next step, I uninstalled the qBittorrent client and started it as a docker container to connect gluetun to it as a network interface. Both services started fine using the recommended docker-compose files and so on. But qBittorrent wouldn’t connect to any trackers, I think they were blocked or something.

Anyways, does anyone have any recommendations on where to go from here or how to maybe setup this whole thing in a different way? For now, Yunohost is very comfortable for me since I don’t have much free time for this project and it lets me make a lot of progress fast. So completely switching away from it might be too big of a hurdle, so for now I’d probably just give up on the *arr stack magic, I don’t know.

Thanks for reading and happy hosting.

top 19 comments
sorted by: hot top new old
[-] eli@lemmy.world 2 points 19 hours ago

You can check out MediaStack: https://github.com/geekau/mediastack

Here is their "full vpn" compose file here(all of *arr goes through vpn): https://github.com/geekau/mediastack/blob/master/full-download-vpn/docker-compose.yaml

And their "mini vpn" compose(only torrenting goes through vpn): https://github.com/geekau/mediastack/blob/master/mini-download-vpn/docker-compose.yaml

Probably something there will give you the right push towards fixing your setup? Best of luck! I am actually going to be attempting this soon(gluetun+qbit), but with ProtonVPN.

[-] plantsmakemehappy@lemmy.zip 4 points 1 day ago

Mullvad doesn't support port forwarding which you want for this use case.

[-] eager_eagle@lemmy.world 2 points 23 hours ago* (last edited 23 hours ago)

it just means they'll be a passive node, but still able to seed if they connect to the other node (edited). It's the setup I have and I manage to keep an overall ratio >1, especially if the torrent is popular.

[-] Bababasti@feddit.org 2 points 22 hours ago

That’s what I figured as well. I probably wouldn’t be a super seeder (sorry) but to my understanding it should work without port forwarding somehow.

[-] CmdrShepard49@sh.itjust.works 2 points 19 hours ago

You'll only connect to people who do have port forwarding setup, but nobody else.

[-] plantsmakemehappy@lemmy.zip 1 points 21 hours ago

But you wouldn't be able to seed to other passive nodes, so yea it works but it's not optimal and makes things harder for older/not popular torrents.

[-] Undaunted@feddit.org 3 points 1 day ago

Did you test your gluetun setup manually and made sure it generally works (e.g. by setting up another container that is connected to gluetun, go into the shell and try to ping a public service, that you're sure isn't blocking requests from VPN users)?

If it does work and only qBittorrent can't connect, it could be due to the trackers blocking VPN users. I'm not torrenting but I've read about that in the past.

[-] Bababasti@feddit.org 1 points 22 hours ago

Last I checked the pings and curls from inside the container worked. I think I even checked that I was coming out of the mullvad vpn and all seemed fine, but qBittorrent was telling me it couldn’t reach any trackers.

it could be due to the trackers blocking VPN users.

Hmm I’ve never even thought about it like that but sounds plausible, I’ll look into that more later, thank you.

[-] ChaosMonkey@lemmy.dbzer0.com 2 points 1 day ago

You could share your compose file. Can you exec into the qBittorrent container to ensure internet connectivity works? For example attempt to ping 9.9.9.9 or curl duckduckgo.org. If it doesn't work, try the same from the gluetun container directly. If it doesn't work from the gluetun container, there likely is an issue with the Wireguard configuration.

[-] IntriguedIceberg@lemmy.world 1 points 21 hours ago

I've actually had to deal with this very recently. My setup is via docker-compose and the way to solve it was to have an OpenVPN container with its own network defined. Then, in the same compose file I'd put qbittorrent in the same network as the VPN. That way all of the services go through my normal network but qbittorrent can only go through the VPN's network.

[-] Buck@jlai.lu 2 points 1 day ago

Never tried Yunohost, but I use the docker container Transmission-OpenVPN to have a torrent client, and only a torrent client, connected to a VPN. I don’t like my IP appearing anywhere and everywhere either.

[-] Paddy66@lemmy.ml 1 points 1 day ago

I've been using that same container, with Mullvad as the VPN. Fine for many months, then recently Transmission won't surface on localhost... 🤷‍♂️

Seems to be something to do with Mullvad (from the logs) but I don't understand what. I didn't change anything 😂

[-] Bababasti@feddit.org 2 points 22 hours ago

From what I’ve read mullvad stopped openVPN support, so that might be the issue there

[-] Paddy66@lemmy.ml 1 points 22 hours ago

Thank you! Mystery solved... Is there another container that couples Transmission and Wireguard?

[-] snekerpimp@lemmy.world 2 points 1 day ago* (last edited 1 day ago)

~~Look into a container call gluetun. It enables you to run containers through a vpn connection. I am unfamiliar with yunohost, so I don’t know the difficulty of doing this. But gluetun is exactly what you need.~~

Edit: Never mind, read this too early in the morning.

[-] mrnobody@reddthat.com 1 points 1 day ago

Sorry, but reread, as OP mentioned exactly this, using gluetun, but no trackers connected.

[-] Mniot@programming.dev 0 points 23 hours ago

Set your expectations: networking is complex and the configuration you're hoping for is particularly complex. It sounds to me like you're looking for a split-horizon configuration where local traffic stays local but internet traffic is routed over VPN. But also you want that configuration only for specific apps.

It's not the *arr programs that are tricky, it's that any service you try to configure this way will be some of the hardest sysadmin work.

[-] Bababasti@feddit.org 2 points 22 hours ago

Thank you for putting into perspective for me. That actually helped not stressing out about it so much. My life doesn’t depend on these services working, I’m not a heavy user anyways. It just itched me that I’ve felt like I’m 95% there to the perfect setup but just couldn’t get there.

[-] CmdrShepard49@sh.itjust.works 1 points 19 hours ago

I have no familiarity with Yunohost but this is just a matter of separating your services. Have one container with the *arrs, qbit, glutun, and VPN and a separate container with Immich and Nextcloud. I personally use Proxmox with Portainer to run tne containers, but you may be able to just run Portainer on your OS to accomplish the same thing.

this post was submitted on 04 Feb 2026
26 points (93.3% liked)

Selfhosted

55917 readers
509 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz