-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcompose.yaml
More file actions
97 lines (80 loc) · 2.76 KB
/
compose.yaml
File metadata and controls
97 lines (80 loc) · 2.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
name: transmission-wireguard
x-daemonless:
title: "Transmission with WireGuard"
icon: ":simple-wireguard:"
category: "Downloaders"
description: "Transmission BitTorrent client with built-in WireGuard VPN support."
upstream_url: "https://github.com/transmission/transmission"
web_url: "https://transmissionbt.com/"
freshports_url: "https://www.freshports.org/net-p2p/transmission-daemon/"
user: "bsd"
mlock: false
upstream_binary: false
appjail: true
notes: |
## WireGuard Setup
### Host Requirements
Load the WireGuard kernel module on the host:
```bash
kldload if_wg
echo 'if_wg_load="YES"' >> /boot/loader.conf
```
### VNET Required
This container requires its own network stack. Add the annotation:
```
--annotation 'org.freebsd.jail.vnet=new'
```
### Getting VPN Credentials
From your VPN provider (Mullvad, PIA, ProtonVPN, etc.), get:
- **Private Key** - Your client private key
- **Public Key** - The VPN server's public key
- **Endpoint** - Server address like `vpn.example.com:51820`
- **Address** - Your assigned tunnel IP
### Kill Switch
Traffic is routed through the VPN interface. If the VPN connection drops, Transmission loses connectivity - no IP leaks.
### Verifying VPN
Check your public IP from inside the container:
```bash
podman exec transmission-wireguard fetch -qo - https://ifconfig.me
```
docs:
env:
PUID: "User ID for the application process"
PGID: "Group ID for the application process"
TZ: "Timezone for the container"
WG_PRIVATE_KEY: "Your WireGuard private key"
WG_PEER_PUBLIC_KEY: "VPN server's public key"
WG_ENDPOINT: "VPN server address (host:port)"
WG_ADDRESS: "Your tunnel IP address (default: 10.5.0.2/32)"
WG_DNS: "DNS server to use (default: 1.1.1.1)"
volumes:
/config: "Configuration directory (settings.json, WireGuard configs)"
/downloads: "Download directory"
/watch: "Watch directory for torrent files"
ports:
9091: "Web UI"
51413: "Torrent traffic (TCP/UDP)"
services:
transmission-wireguard:
image: ghcr.io/daemonless/transmission-wireguard:latest
container_name: transmission-wireguard
restart: unless-stopped
annotations:
org.freebsd.jail.vnet: "new"
environment:
- WG_PRIVATE_KEY=your-private-key
- WG_PEER_PUBLIC_KEY=vpn-server-public-key
- WG_ENDPOINT=vpn.example.com:51820
- WG_ADDRESS=10.5.0.2/32
- WG_DNS=1.1.1.1
- PUID=1000
- PGID=1000
- TZ=UTC
volumes:
- /path/to/containers/transmission-wireguard:/config
- /path/to/downloads:/downloads
- /path/to/watch:/watch
ports:
- "9091:9091"
- "51413:51413"
- "51413:51413/udp"