Can we get a docket-compose example in the documentation?

[akasoldats]

Here's what I'm using in my docker-compose.yml file

leech: image: binhex/arch-delugevpn container_name: leech cap_add:

• net_admin ports:
• 8112:8112
• 8118:8118
• 58846:58846
• 58946:58946 volumes:
• /local/path/to/downloads:/data
• /local/path/to/container/configs/leech:/config
• /etc/localtime:/etc/localtime:ro
• /local/path/to/PIA/auth.conf:/pia/auth.conf #this will vary depending on what VPN service you use environment:
• VPN_ENABLED=yes
• VPN_USER=NOP%%%$$
• VPN_PASS=replaceme
• VPN_PROV=pia
• STRICT_PORT_FORWARD=yes
• ENABLE_PRIVOXY=yes
• LAN_NETWORK=10.0.0.0/24 # this is the subnet my local config uses to allow connections to the deluge webui.
• NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1
• DELUGE_DAEMON_LOG_LEVEL=info
• DELUGE_WEB_LOG_LEVEL=info
• ADDITIONAL_PORTS=1234
• DEBUG=false
• UMASK=000
• PUID=1001
• PGID=8118

It's worth saying that since the nextgen update most of the servers available no longer support the port forwarding used in the most recent release. Hopefully, this container gets updated to support the nextgen port forwarding, otherwise, I will have to change containers or VPN hosts...

[oregonpillow]

Thanks @akasoldats much appreciated. Bit confused why there is so many ports for this image? I'm currently using the other infamous Haugene image (https://hub.docker.com/r/haugene/transmission-openvpn/) which basically only needs one port for transmission and an optional proxy.

This image supports Wireguard, right? I would prefer to use Wireguard over OpenVPN for the lower overhead on my raspberry pi.

[akasoldats]

That is interesting, 8112 is the deluge webui itself, 8118 is for privoxy to share the web traffic outside of the VPN tunnel. 58846 is the deluge daemon port, that has to be exposed for the webui to connect to the daemon itself. I haven't found any mentions of 58946 but it looks like an extra port for the daemon.

[akasoldats]

I don't have any experience with wiregaurd but if it is supported in this configuration it's probably pretty easy to set up, assuming you are familiar with configuring containers. It looks like you can update the cap_add: section to reflect the sysctl and privileged info rather than what is used for ovpn, add a local path to "/config/wireguard/wg0.conf" then add your auth info from whatever service you use.

[akasoldats]

Last update here, I was able to switch over to the next-gen servers by downloading a new config file from PIA and specifying nextgen. The only noticeable difference in the config file appears to be the URL has changed from .privateinternetaccess.com to .privacy.network

[shayaknyc]

If it helps, this is the docker-compose I'm using under WSL2 (needed to recompile kernel to support wireguard) with wireguard support via mullvad.net:

version: '3.3'
services:
    arch-delugevpn:
        sysctls:
           net.ipv4.conf.all.src_valid_mark: 1
        privileged: true
        ports:
            - '8112:8112'
            - '8118:8118'
            - '58846:58846'
            - '58946:58946'
        container_name: delugevpn
        volumes:
            - '<change local path>:/data'
            - '<change local path>:/config'
            - '/etc/localtime:/etc/localtime:ro'
        environment:
            - VPN_ENABLED=yes
            - VPN_USER=
            - VPN_PASS=
            - VPN_PROV=custom
            - VPN_CLIENT=wireguard
            - VPN_OPTIONS=
            - STRICT_PORT_FORWARD=no
            - ENABLE_PRIVOXY=yes
            - LAN_NETWORK=<replace with LAN CIDR>
            - 'NAME_SERVERS=<replace with NS>'
            - DELUGE_DAEMON_LOG_LEVEL=error
            - DELUGE_WEB_LOG_LEVEL=error
            - VPN_INPUT_PORTS=51820
            - VPN_OUTPUT_PORTS=51820
            - DEBUG=false
            - UMASK=022
            - PUID=1000
            - PGID=1000
        image: binhex/arch-delugevpn

Works like a charm!