Skip to content

Commit

Permalink
Add gluetun auth support (#10) + renamed GSP_PORT_INDEX.
Browse files Browse the repository at this point in the history
  • Loading branch information
@t-anc
t-anc committed Sep 22, 2024
1 parent 02b9649 commit 52d2909
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 10 deletions.
35 changes: 31 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,20 +15,45 @@ This mod is to be used with [linuxserver/qbittorrent container](https://github.c
Follow the instructions [here](https://docs.linuxserver.io/general/container-customization/#docker-mods).
With the following link for the mod `ghcr.io/t-anc/gsp-qbittorent-gluetun-sync-port-mod:main`.

### qBittorrent
- You will need to enable `Bypass authentication for clients on localhost` inside qbittorrent's `settings` > `Web UI`. Otherwise you can set the `GSP_QBT_USERNAME` and `GSP_QBT_PASSWORD` (or `GSP_QBT_PASSWORD_FILE`) variables.
- If you have enabled the `Enable Host header validation` option, you will need to add `localhost` to the `Server domains` list.

### Gluetun
You will need to add the following lines to your [config.toml](https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/control-server.md#authentication) :

```toml
[[roles]]
name = "t-anc/GSP-Qbittorent-Gluetun-sync-port-mod"
routes = ["GET /v1/openvpn/portforwarded"]
auth = "apikey"
# This is an example, generate your own. See bellow.
apikey = "yOdKVNFEA3/BSIWhPZohxppHd9I6bHiSJ+FasGlncleveW4LvuO7ONy5w1IsEA2Pu6s="
```
You can generate your own API key with one of the following command :
```bash
# Using GPG
gpg --gen-random --armor 1 50
# Using openssl
openssl rand -base64 50
# Using gluetun's internal program
docker run --rm qmcgaw/gluetun genkey
```

And pass this key to your container via the `GSP_GTN_API_KEY` env variable. You can take a look at the [compose example](#docker-compose-example).

## Variables

The following env variables can be used to configure the mod (all are optional) :
The following env variables can be used to configure the mod (Only `GSP_GTN_API_KEY` is compulsory) :
| Variable | Default value | Comment |
|:----------------------:|:-----------------------:|----------------------------------------------------------------------------------------------------------|
| `GSP_GTN_API_KEY` | | Gluetun's API key. See the [install section](#gluetun). |
| `GSP_GTN_API_KEY_FILE` | | Gluetun's API key file (for [docker secret](https://docs.docker.com/compose/use-secrets/) use). This supplants `GSP_GTN_API_KEY`. |
| `GSP_GTN_ADDR` | `http://localhost:8000` | Gluetun API host address. |
| `GSP_QBT_ADDR` | `http://localhost:8080` | Qbittorrent API host address. If the env variable `WEBUI_PORT` is set, it will be used as default. |
| `GSP_SLEEP` | `60` | Time between checks in seconds. |
| `GSP_RETRY_DELAY` | `10` | Time between retries in case of error (in s). |
| `GSP_PORT_INDEX` | `1` | Index of port to use from gluetun. Set to `2` to use the second one, etc. Only if you have multiple ports forwarded. |
| `GSP_GTN_PORT_INDEX` | `1` | Index of port to use from gluetun. Set to `2` to use the second one, etc. Only if you have multiple ports forwarded. |
| `GSP_QBT_USERNAME` | | Qbittorrent username. |
| `GSP_QBT_PASSWORD` | | Qbittorrent password. |
| `GSP_QBT_PASSWORD_FILE`| | Qbittorrent password file (for [docker secret](https://docs.docker.com/compose/use-secrets/) use). This supplants `GSP_QBT_PASSWORD`. |
Expand Down Expand Up @@ -57,6 +82,8 @@ services:
- VPN_TYPE=wireguard
- VPN_PORT_FORWARDING=on
- VPN_PORT_FORWARDING_PROVIDER=protonvpn
volumes:
- "./config.toml:/gluetun/auth/config.toml:ro"

qbittorrent:
image: ghcr.io/linuxserver/qbittorrent
Expand All @@ -65,7 +92,7 @@ services:
- TZ=Europe/Paris
- WEBUI_PORT=8080
- DOCKER_MODS=ghcr.io/t-anc/gsp-qbittorent-gluetun-sync-port-mod:main
- GSP_SLEEP=120
- GSP_GTN_API_KEY=yOdKVNFEA3/BSIWhPZohxppHd9I6bHiSJ+FasGlncleveW4LvuO7ONy5w1IsEA2Pu6s= # Of course this is an exemple, don't use this
- GSP_MINIMAL_LOGS=false
volumes:
- "./qbittorrent/config/:/config"
Expand Down Expand Up @@ -134,7 +161,7 @@ User GID: 1000
+---------------------------------------------------------+
| Qbittorrent address : http://localhost:8080 |
| Gluetun address : http://localhost:8000 |
| Port index : 1 |
| GTN port index : 1 |
+---------------------------------------------------------+
04/10/24 01:03:49 [GSP] - Waiting for Qbittorrent WebUI ...
Expand Down
27 changes: 21 additions & 6 deletions root/etc/s6-overlay/s6-rc.d/svc-mod-gluetun-sync-port/run
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,11 @@
MAX_SLEEP_TIME="${GSP_SLEEP:-60}"
RETRY_DELAY="${GSP_RETRY_DELAY:-10}"
INIT_RETRY_WAIT="${GSP_INIT_RETRY_WAIT:-10}"
PORT_INDEX="$(( ${GSP_PORT_INDEX:-1} - 1))"
GTN_PORT_INDEX="$(( ${GSP_GTN_PORT_INDEX:-1} - 1))"
[ "${MAX_SLEEP_TIME}" -eq "${RETRY_DELAY}" ] && (( RETRY_DELAY = RETRY_DELAY - 1 )) # To avoid errors later
GLUETUN="${GSP_GTN_ADDR:-http://localhost:8000}"
[ -n "${GSP_GTN_API_KEY_FILE}" ] && GSP_GTN_API_KEY="$(cat "${GSP_GTN_API_KEY_FILE}")"
GTN_API_KEY="${GSP_GTN_API_KEY}"
QBITTORRENT="${GSP_QBT_ADDR:-http://localhost:${WEBUI_PORT:-8080}}"
[ -n "${GSP_QBT_PASSWORD_FILE}" ] && GSP_QBT_PASSWORD="$(cat "${GSP_QBT_PASSWORD_FILE}")"
QBT_USERNAME="${GSP_QBT_USERNAME}"
Expand All @@ -20,15 +22,17 @@ DEBUG="${GSP_DEBUG:-false}"
spaces=' '
QBT_display="${QBITTORRENT}${spaces}"
GTN_display="${GLUETUN}${spaces}"
INDEX_DISPLAY="${GSP_PORT_INDEX:-1}${spaces}"
INDEX_DISPLAY="${GSP_GTN_PORT_INDEX:-1}${spaces}"

GTN_CREDS=("-H" "X-API-Key:${GTN_API_KEY}")

echo "\
+---------------------------------------------------------+
| Gluetun sync port (GSP) mod loaded |
+---------------------------------------------------------+
| Qbittorrent address : ${QBT_display::33}|
| Gluetun address : ${GTN_display::37}|
| Port index : ${INDEX_DISPLAY::42}|
| GTN port index : ${INDEX_DISPLAY::38}|
+---------------------------------------------------------+
"

Expand Down Expand Up @@ -81,6 +85,17 @@ init_checks(){
log "${MSG_prefix} Qbittorrent returned 401. Is the \"Enable Host header validation\" setting set ? Is $(basename "${QBITTORRENT%:*}") whitelisted ?"
fi

# Check 3 :
# Check Gluetun's authentication
if [ -z "${GTN_API_KEY}" ];then
log "[WARNING] It seems you don't have any 'GSP_GTN_API_KEY' set. You should set one, follow the doc here : https://github.com/t-anc/GSP-Qbittorent-Gluetun-sync-port-mod#gluetun"
else
if [ "$(curl --write-out '%{http_code}' --silent --output /dev/null "${GTN_CREDS[@]}" "${GLUETUN}/v1/openvpn/portforwarded")" -eq '401' ]; then
err='true'
log "${MSG_prefix} Gluetun returned 401. Is Gluetun's authentication correctly configured ? See https://github.com/t-anc/GSP-Qbittorent-Gluetun-sync-port-mod#gluetun"
fi
fi

# Display Check results.
# In case of failed checks, enter an empty loop :
# -> exiting the script would make s6-overlay to re-run it.
Expand Down Expand Up @@ -114,10 +129,10 @@ get_ports(){
esac
[ "${QBT}" ] && QBT_PORT=$(curl --silent --fail --show-error ${QBT_COOKIES} "${QBITTORRENT}/api/v2/app/preferences" | jq ".listen_port" 2>/dev/null)
[ "${GTN}" ] && {
GTN_PORTS=$(curl --silent --fail --show-error "${GLUETUN}/v1/openvpn/portforwarded" | jq ".port" 2>/dev/null)
GTN_PORTS=$(curl --silent --fail --show-error "${GTN_CREDS[@]}" "${GLUETUN}/v1/openvpn/portforwarded" | jq ".port" 2>/dev/null)
if echo "${GTN_PORTS}" | grep -Fq '[' ; then # Handle the case of multiple ports - ex : [10550,20550,30550]
GTN_PORT=$(echo "${GTN_PORTS}" | jq .[${PORT_INDEX}] 2>/dev/null)
[ "${GTN_PORT}" = "null" ] && log "[ERROR] GSP_PORT_INDEX (${GSP_PORT_INDEX:-1}) > Nb of ports ($(( $(echo "${GTN_PORTS}" | grep -c ',') + 1 )))."\
GTN_PORT=$(echo "${GTN_PORTS}" | jq .[${GTN_PORT_INDEX}] 2>/dev/null)
[ "${GTN_PORT}" = "null" ] && log "[ERROR] GSP_GTN_PORT_INDEX (${GSP_GTN_PORT_INDEX:-1}) > Nb of ports ($(( $(echo "${GTN_PORTS}" | grep -c ',') + 1 )))."\
&& GTN_PORT=0
else
GTN_PORT="${GTN_PORTS}"
Expand Down

0 comments on commit 52d2909

Please sign in to comment.