github-actions[bot]
commented
7 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
Closed joshoram80 closed 3 weeks ago
github-actions[bot]
commented
7 months ago Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
Arelius-D
commented
6 months ago Mine did also stopp working.. well it's up and running but WebUI can not be accessed.
Docker version 26.1.2, build 211e74b Docker Compose version v2.27.0
services:
qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
container_name: qbittorrent
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Stockholm
- WEBUI_PORT=8085
- TORRENTING_PORT=6881
volumes:
- ./:/config
- /mnt/nas/media:/downloads
network_mode: "container:gluetun"
restart: unless-stoppedservices:
gluetun:
image: qmcgaw/gluetun:latest
container_name: gluetun
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- 9075:9075/tcp #HTTP Control Server
- 8085:8085 # qBittorrent WebUI
- 6881:6881/tcp # qBittorrent torrenting port
- 6881:6881/udp # qBittorrent torrenting port
volumes:
- ./:/gluetun
environment:
- VPN_SERVICE_PROVIDER=mullvad
- VPN_TYPE=wireguard
- WIREGUARD_PRIVATE_KEY=***************************
- WIREGUARD_ADDRESSES=***************************/**
- SERVER_CITIES=***************************
- TZ=Europe/Stockholm
- UPDATER_PERIOD=24h
- HTTP_CONTROL_SERVER_ADDRESS=:9075
- HTTP_CONTROL_SERVER_LOG=ON
restart: unless-stopped[migrations] started
[migrations] no migrations found
───────────────────────────────────────
██╗ ███████╗██╗ ██████╗
██║ ██╔════╝██║██╔═══██╗
██║ ███████╗██║██║ ██║
██║ ╚════██║██║██║ ██║
███████╗███████║██║╚██████╔╝
╚══════╝╚══════╝╚═╝ ╚═════╝
Brought to you by linuxserver.io
───────────────────────────────────────
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID: 1000
User GID: 1000
───────────────────────────────────────
[custom-init] No custom files found, skipping...
WebUI will be started shortly after internal preparations. Please wait...
******** Information ********
To control qBittorrent, access the WebUI at: http://localhost:8085
Connection to localhost (::1) 8085 port [tcp/*] succeeded!
[ls.io-init] done.
Catching signal: SIGTERM
Exiting cleanly
[migrations] started
[migrations] no migrations found
usermod: no changes
───────────────────────────────────────
██╗ ███████╗██╗ ██████╗
██║ ██╔════╝██║██╔═══██╗
██║ ███████╗██║██║ ██║
██║ ╚════██║██║██║ ██║
███████╗███████║██║╚██████╔╝
╚══════╝╚══════╝╚═╝ ╚═════╝
Brought to you by linuxserver.io
───────────────────────────────────────
To support LSIO projects visit:
https://www.linuxserver.io/donate/
───────────────────────────────────────
GID/UID
───────────────────────────────────────
User UID: 1000
User GID: 1000
───────────────────────────────────────
[custom-init] No custom files found, skipping...
WebUI will be started shortly after internal preparations. Please wait...
******** Information ********
To control qBittorrent, access the WebUI at: http://localhost:8085
Connection to localhost (::1) 8085 port [tcp/*] succeeded!
[ls.io-init] done.{
"Id": "sha256:1b6809438ffedd2993f5c742bb4570910d8be64efe23a4c1191b35823c642ca4",
"RepoTags": [
"lscr.io/linuxserver/qbittorrent:latest"
],
"RepoDigests": [
"lscr.io/linuxserver/qbittorrent@sha256:bc39549ede4f4d092e1030b89a0e9ea294c26a7aa5ed7e7e5be6d615f5ea293b"
],
"Parent": "",
"Comment": "buildkit.dockerfile.v0",
"Created": "2024-05-12T06:57:17.446144088Z",
"DockerVersion": "",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"ExposedPorts": {
"6881/tcp": {},
"6881/udp": {},
"8080/tcp": {}
},
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/lsiopy/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"PS1=$(whoami)@$(hostname):$(pwd)\\$ ",
"HOME=/config",
"TERM=xterm",
"S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0",
"S6_VERBOSITY=1",
"S6_STAGE2_HOOK=/docker-mods",
"VIRTUAL_ENV=/lsiopy",
"LSIO_FIRST_PARTY=true",
"XDG_CONFIG_HOME=/config",
"XDG_DATA_HOME=/config"
],
"Cmd": null,
"Image": "",
"Volumes": {
"/config": {}
},
"WorkingDir": "/",
"Entrypoint": [
"/init"
],
"OnBuild": null,
"Labels": {
"build_version": "Linuxserver.io version:- 4.6.4-r1-ls329 Build-date:- 2024-05-12T06:55:51+00:00",
"maintainer": "thespad",
"org.opencontainers.image.authors": "linuxserver.io",
"org.opencontainers.image.created": "2024-05-12T06:55:51+00:00",
"org.opencontainers.image.description": "The [Qbittorrent](https://www.qbittorrent.org/) project aims to provide an open-source software alternative to µTorrent. qBittorrent is based on the Qt toolkit and libtorrent-rasterbar library.",
"org.opencontainers.image.documentation": "https://docs.linuxserver.io/images/docker-qbittorrent",
"org.opencontainers.image.licenses": "GPL-3.0-only",
"org.opencontainers.image.ref.name": "15a3e2fef2740b93de6204463999a6b002002abd",
"org.opencontainers.image.revision": "15a3e2fef2740b93de6204463999a6b002002abd",
"org.opencontainers.image.source": "https://github.com/linuxserver/docker-qbittorrent",
"org.opencontainers.image.title": "Qbittorrent",
"org.opencontainers.image.url": "https://github.com/linuxserver/docker-qbittorrent/packages",
"org.opencontainers.image.vendor": "linuxserver.io",
"org.opencontainers.image.version": "4.6.4-r1-ls329"
}
},
"Architecture": "arm64",
"Os": "linux",
"Size": 235888394,
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/a8d07c142c5283f71fac4cd6f6f62c8be54c1b2ab6d0fef6a3cd30ef461eecae/diff:/var/lib/docker/overlay2/e9eb7d98959f4ce0176e4612b62dd46cbda3f57ca12833b79fe8c3a84d0bc980/diff:/var/lib/docker/overlay2/fa551102800c274b02d760c33b9280a797c4bbf0ec9c4c2297377b1eca1c1864/diff:/var/lib/docker/overlay2/ecc7d499bc256c26de9008d3a43035c25576f9c7e7cadaa60392d811831a8dbc/diff:/var/lib/docker/overlay2/86da807a5bbef03ac04505490271cc70847e93683f459e85031f3f50f4bbcb28/diff:/var/lib/docker/overlay2/21e59c6bb3def6a2aff202b44b5261bf8dc6de2a1687deef952116ade8f203b2/diff:/var/lib/docker/overlay2/bf0bceb77d01123cec8d38e2adf186d636a1e31353f1c10e226c15131ba6d266/diff",
"MergedDir": "/var/lib/docker/overlay2/1aac10e08e1427381688233654e65cf9c02b129b2a5d4d033f18d416fe985873/merged",
"UpperDir": "/var/lib/docker/overlay2/1aac10e08e1427381688233654e65cf9c02b129b2a5d4d033f18d416fe985873/diff",
"WorkDir": "/var/lib/docker/overlay2/1aac10e08e1427381688233654e65cf9c02b129b2a5d4d033f18d416fe985873/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:812c0f118a9b707026a51d6a37f8a13d32b31f466e5e5b2ccbb8eb38fbaa9221",
"sha256:c2b4ff0f7a07f4699d17ad14ac97fa1521e15e064680592920a231afd880dbe6",
"sha256:1012b8dcbccbd46c39bd9fd5eab4902b0831a8d085569e39af64cecc3e252153",
"sha256:0a811998dccd1bab2b3171012d6e7bf0dfcb8bb0a1d56194dd91415e3311c57d",
"sha256:da68de8387717b5992b8100aefaca3f571e3aae6a365ab4a311b0d42b97fe05e",
"sha256:5f373b94498042c150d5586065c99065b714d225e4122a12cbcecb6c13ad8300",
"sha256:df7f6948955e29a2e6232c9756cc1440cdba1f360fc4bd7ebdcf1c3e06e61064",
"sha256:b4ad4721cbe983386d95cb1855c77bae260dc1a8105bd2874f04f8f63a3fd3df"
]
},
"Metadata": {
"LastTagTime": "0001-01-01T00:00:00Z"
}
}
aptalca
commented
6 months ago OP did not do the port mapping correctly. The limitation is explained in the readme.
Second poster's issue is likely gluetun related, which we don't provide support for.
Arelius-D
commented
6 months ago OP did not do the port mapping correctly. The limitation is explained in the readme.
Second poster's issue is likely gluetun related, which we don't provide support for.
You are assuming and you are wrong, cause it has been working without any issues, both services, as I said IT just from everything working fine went to not working.
..so I went ahead and got a older image of qBittorrent and guess what, everything is working.
Assuming shouldn’t be part of troubleshooting.
Roxedus
commented
6 months ago No assumptions are made? Aptalca is just setting expectations that we will not support gluetun.
There are two symptoms here, OPs unauthorized (which is to be expected when the information in the readme about the portmapping is not followed), and your WebUI can not be accessed.
There is not provided enough information to troubleshoot, as the image works fine in our tests, which are not using gluetun.
older image of qBittorrent [...unnecessary hostility..], everything is working
Does not help, what version? some ancient one from years ago? or just 2-3 builds ago?
Arelius-D
commented
6 months ago No assumptions are made? Aptalca is just setting expectations that we will not support gluetun.
There are two symptoms here, OPs
unauthorized(which is to be expected when the information in the readme about the portmapping is not followed), and yourWebUI can not be accessed.There is not provided enough information to troubleshoot, as the image works fine in our tests, which are not using gluetun.
older image of qBittorrent [...unnecessary hostility..], everything is working
Does not help, what version? some ancient one from years ago? or just 2-3 builds ago?
I got triggered by that exact fact, there is no need to point out that this team dose not support some other tools, no one is actively or indirectly seeking any support for such situation or issue either..
OP did (and so did) try to run qBittorrent without the dependency of Gluetun. I actually even removed Qluetune and qBittorrent (including Networks) images entirely and restarted the Docker Daemon even. Pulled the latest image of qBittorrent with all new auto generated config files and the problem was exactly the same.
I for one fail to see logical reasons for this issue being related to any other service I'm running so I have not mentioned any of those.
There is no hostility from my part but sure if that is your take of things then that is on you.
We are here reporting the issue encountered, if the logs and so on are not enough then please do point out what else is required.
Roxedus
commented
6 months ago Would probably need a bit more than the issue template asks for. This should cover enough to troubleshoot further. https://docs.linuxserver.io/general/how-to-get-support/
jzeller2011
commented
5 months ago I realize linuxserver.io does not support gluetun integrations, but I've been having this issue (with gluetun included) and I thought i'd share a workaround that worked for me:
this change persists between restarts/updates. others have had success with compose files with all qbit instances included that list gluetun services last, but I haven't tried that workaround.
LinuxServer-CI
commented
4 months ago This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
Copyrighter
commented
4 months ago @Arelius-D
did You able to resolve problem?
I have the same issue. :-(
tried to recreate on QNAP with newer image and from working environment went to ERR_CONNECTION_REFUSED.
locally on docker bash I'm able to use curl http://
Arelius-D
commented
4 months ago @Arelius-D
did You able to resolve problem?
I have the same issue. :-(
tried to recreate on QNAP with newer image and from working environment went to ERR_CONNECTION_REFUSED.
locally on docker bash I'm able to use curl http://
:8080 and ping to docker from machine on the same network is working. only port 8080 is rejected from machine on the same network.
Hey man, yes, couple of updates later it all works again without any changes to my compose files. So this is (was) an issue with this container (qBittorrent) and not at all related to Gluetun.
Copyrighter
commented
4 months ago @Arelius-D thank man!!! :-)
I found the problem ... it's with docker problem of MAC Address propagation.
Copyrighter
commented
4 months ago @Roxedus I found a bug in a Docker running on QNAP Docker Station.
WebUI is not accessible after Docker deployment in Bridge mode with Static IP and Default Ports. Error message: ERR_CONNECTION_REFUSED. Locally from Docker the port :8080 is accessible both in 127.0.0.1 and Static IP. the ICMP is working from Machine in the same network. but, no telnet to Static IP:8080.
from Docker, no ICMP to DG ... but is working to Local Machine ... as mentioned ...
the resolution which works everytime: ICMP from Docker to Local Machine ( not from Machine to a Docker ). then ICMP to DG is starting to work. and now :8080 is accessible from local network.
hope it will help to someone.
Lukas-Heiligenbrunner
commented
4 months ago Qbittorrent doesn't like a port mappings, it expects the same port it has been configured via the env variable. -> 8080:8080 works fine for me 8087:8080 i get unauthorized
j0nnymoe
commented
4 months ago Our documentation does explain how to handle this.
LinuxServer-CI
commented
3 months ago This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
V33m
commented
2 months ago CSRF protection ensures that requests to the Web UI come from trusted sources. If the WEBUI_PORT environment variable and the actual port you're using to access the Web UI don't match, CSRF protection will reject the request, resulting in the "Unauthorized" error.
I’m using Glueton and have been using Transmission from Linuxserver for years without issues. I honestly think we should improve the README description about this a little. If we start with the current description:
Due to issues with CSRF and port mapping, should you require to alter the port for the web UI you need to change both sides of the -p 8080 switch AND set the WEBUI_PORT variable to the new port.
For example, to set the port to 8090 you need to set -p 8090:8090 and -e WEBUI_PORT=8090
This alone might not be clear enough for most people. Even after changing both the WEBUI_PORT and the published port for Glueton (or the Qbittorrent container), one might encounter the same "Unauthorized" message due to having a reverse proxy mapping to a different port later on. Despite matching the WEBUI_PORT and the container's published port, the issue will persist.
Here is a suggestion which I highly welcome to be changed:
⚠️ Note on CSRF and Port Mapping ⚠️
To avoid "Unauthorized" errors caused by CSRF protection, it's essential to ensure that the
WEBUI_PORTvariable and the actual port used to access the Web UI match. If you need to change the port for the web UI, you must update both the published port and theWEBUI_PORTenvironment variable.For example, to set the port to 8090, configure both the published port and
WEBUI_PORTas follows:-p 8090:8090 -e WEBUI_PORT=8090Important: If you're using a reverse proxy (e.g., Caddy) that maps the port to a final port which is different, ensure that the proxy's port configuration aligns with the
WEBUI_PORTto avoid "Unauthorized" errors. Even ifWEBUI_PORTand the container's published port match, a mismatch with the reverse proxy can still cause issues.
One might add an example related to the reverse proxy subsection, yet the only aspect which needs to match is the WEBUI_PORT and the port of the reverse proxy. Meaning that one can have an entirely different published port from the container. So, If I have a reverse proxy using port 29897, I need to set WEBUI_PORT to 29897. The container's published port and the source port for my reverse proxy can be a totally different port as long as the former match. I think it's easier to state in the documentation that all three ports need to match👍
One question left to answer is if we want to tell the user that there is a toggle in the UI which can be unitcked if the user want to disable CSRF under Options -> Web UI -> Security
- [x] Enable Cross-Site Request Forgery (CSRF) protection
hundredfire
commented
2 months ago I read that simply adding WebUI\HostHeaderValidation=false to qbitorrent.conf bypassed this issue. What does turning off this setting entails? Wouldn't it fix issues with reverse proxies?
LinuxServer-CI
commented
1 month ago This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
drizuid
commented
3 weeks ago I've hidden a lot of posts in this thread as they are offtopic as related to the issue that was opened, which was ostensibly related to the OP not reading how to handle port mapping. It is clearly outlined in the readme.
Unfortunately, the OP never responded for requests for more information, so I will close this as non-reproducible.
Is there an existing issue for this?
Current Behavior
Attempt to access via IP:Port. Get unauthorized
Expected Behavior
WebUI should load
Steps To Reproduce
docker compose up -d
Environment
CPU architecture
x86-64
Docker creation
Container logs