Docker stack with OpenVPN, Transmission, and a reverse nginx proxy.
This is useful if you want to run containers over a VPN but don't want to run the openvpn directly on a container host. It uses Docker Container Networking and requires docker-engine 1.10+ and docker-compose 1.6.0+, although more current versions are highly recommended.
- Dockerfile.openvpn
- Takes a .ovpn configuration and connects an openvpn client
- Dockerfile.transmission
- Runs the
transmission-daemon
bittorrent application - Listens on port 20000 for incoming UDP connections
- Listens on port 9091 for RPC (web) connections
- Runs the
- docker-compose.yml
- Brings up OpenVPN, Transmission, and Nginx containers
openvpn
service will connect to VPN, granting NET_ADMIN capability and using the/dev/net/tun
device for VPNtransmission
service brings up Transmission listening on port 9091 and volume mounts a local directory for stateful configuration- Uses the
openvpn
service networking to route all traffic over the VPN
- Uses the
nginx
service proxies incoming requests to port 9091 on the container hosts interface and routs traffic totransmission
service- required since port 9091 on the
transmission
service does not listen on the container hosts network interface since it's using theopenvpn
service network
- required since port 9091 on the
- OpenVPN
- Download/generate a
.ovpn
configuration and update theDockerfile.ovpn
configuration to copy it into the container at build time
- Download/generate a
- Transmission
- All transmission settings are stateful and are defined in the volume mount, which defaults to
/opt/transmission
. Put thesettings.json
file thereand it will be used everytime the service starts up. This allows for resuming and stateful operation.
- All transmission settings are stateful and are defined in the volume mount, which defaults to
- Nginx
- Simple reverse proxy, but could include SSL and other configuration if needed.
The docker-compose.yml
file will bring up a container stack, building the required containers the first time.
Bring the stack up
docker-compose up
Re-building
docker-compose build
docker-compose up
Stdout will show the openvpn
service making the connection, and after 10 seconds the transmission
service will start, using the openvpn
service networking and routing all traffic over OpenVPN.
Once the stack is running, connect to the nginx reverse proxy to use Transmission at http://localhost:9091.