feat(extras/scripts): update qBittorrent peer port with optional authentication #2700
Conversation
|
I'm currently working on something similar, but I guess this would be a better solution. 👍 |
|
The only downside of these scripts is that they don't cover a scenario when a client is started after gluetun. |
|
@astappiev Looks good to me. The only thing I would appreciate is if we could add an option for Nmap to check whether the port is actually open. I'm on a couple of private trackers, and if my TCP port is filtered, I could get heat—or in the worst case—have my account banned. I tried integrating it into my script and controlling the VPN via the control server, but Gluetun doesn't have an API for WireGuard yet. |
|
I think it should be implemented as another script (as it is not client dependent), or even in the gluetun core. |
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
This comment was marked as off-topic.
qdm12
changed the title
| echo " (Omit if not required)" | ||
| echo " -p, --pass PASS Specify the qBittorrent password." | ||
| echo " (Omit if not required)" | ||
| echo " -P, --port PORT Specify the qBittorrent peer-port." |
There was a problem hiding this comment.
this should accept a comma separated list of ports from Gluetun's {{PORTS}} to simplify usage of this script.
And then it should use $(echo {{PORTS}} | cut -d, -f1) to take only the first port just in case, since qbitorrent supports only one port.
There was a problem hiding this comment.
Not sure if I got it right, does it mean we should use it like this bittorrent-port-update.sh --port {{PORTS}}?
E.g. via VPN_PORT_FORWARDING_UP_COMMAND=/bin/sh -c "/scripts/qbittorrent-port-update.sh --port {{PORTS}} --webui-port 9081"
If so, it's already supported, this is exactly how I used it since beggining.
There was a problem hiding this comment.
Correct, but {{PORTS}} can have multiple ports so for convenience and a shorter command, let's cut and use the first port within the script. The flag should be renamed to --ports and indicate that despite the name it only picks the first port
There was a problem hiding this comment.
I think the other way around, let's keep it named as --port to indicate that only one of them is used.
The logic to split and keep the first was already there
https://github.com/astappiev/gluetun/blob/839e318c9c30676c8ecd9f042c524e87a1634f32/extras/scripts/qbittorrent-port-update.sh#L60
There was a problem hiding this comment.
Actually....
Added support for {{PORT}} variable in fcdba0a which takes the first of the ports. No reason to have it supported in scripts!
There was a problem hiding this comment.
I updated the example to use --port {{PORT}}, but left PORT=$(echo "$2" | cut -d',' -f1) in to keep it more foolproof
qdm12
added
Status: 🗯️ Waiting for feedback
Status: 🔒 After next release
This comment was marked as off-topic.
This comment was marked as off-topic.
|
@AndaPlays for this nmap command to succeed, I suppose you do need a program listening on the forwarded port right? What I'm thinking is to, when setting up port forwarding:
I'm going to mark our comments as off topic, would you please open an issue for this? Thanks!! |
|
Hey guys, I know it's not a native solution but this use case is exactly why I made qSticky. Been working very well and it doesn't matter what order things come up as it's a middleman between the two applications. |
| fi | ||
|
|
||
| # update peer host via API, 0 is a dummy port, required due to https://github.com/qdm12/gluetun-wiki/pull/147 | ||
| wget ${WGET_OPTS} -qO- --post-data="json={\"random_port\":false,\"upnp\":false,\"listen_port\":0}" "$PREF_URL/v2/app/setPreferences" |
There was a problem hiding this comment.
as per #2997 (comment)
let's add
| wget ${WGET_OPTS} -qO- --post-data="json={\"random_port\":false,\"upnp\":false,\"listen_port\":0}" "$PREF_URL/v2/app/setPreferences" | |
| wget ${WGET_OPTS} -qO- --post-data="json={\"random_port\":false,\"upnp\":false,\"listen_port\":0,\"current_network_interface\":\"\",\"current_interface_address\":\"\"}" "$PREF_URL/v2/app/setPreferences" |
There was a problem hiding this comment.
I have added that, but maybe let's use lo as a temporal interface; it feels safer.
There was a problem hiding this comment.
Great idea! Updated the wiki with that suggestion.
| fi | ||
|
|
||
| # second call to set the actual port | ||
| wget ${WGET_OPTS} -qO- --post-data="json={\"listen_port\":$PORT}" "$PREF_URL/v2/app/setPreferences" |
There was a problem hiding this comment.
| wget ${WGET_OPTS} -qO- --post-data="json={\"listen_port\":$PORT}" "$PREF_URL/v2/app/setPreferences" | |
| wget ${WGET_OPTS} -qO- --post-data="json={\"listen_port\":$PORT,\"current_network_interface\":\"$VPN_INTERFACE\",\"current_interface_address\":\"0.0.0.0\"}" "$PREF_URL/v2/app/setPreferences" |
and I'll add a {{VPN_INTERFACE}} to the template variable available to the command.
There was a problem hiding this comment.
Added, but I'm concerned by the 0.0.0.0 as the default address.
It means we restrict to never use IPv6 (I don't know if there are any IPv6 VPNs)
There was a problem hiding this comment.
There are (airvpn, mullvad) AFAIK; I copied this from a comment of someone; any idea if we can make it for all ipv4 and ipv6? What's the default? Maybe not touching that one would be a better idea.
There was a problem hiding this comment.
New template variable {{VPN_INTERFACE}} is available, so we can use it for the current network interface json field.
| # How to use: | ||
| # 1. (Optional) Disable authentication for localhost clients in qBittorrent WebUI settings ("Bypass authentication for clients on localhost" or `bypass_local_auth` in json). | ||
| # 2. Set the environment variable: | ||
| # VPN_PORT_FORWARDING_UP_COMMAND=/bin/sh -c "/scripts/qbittorrent-port-update.sh --port {{PORT}} --webui-port 9081" |
There was a problem hiding this comment.
| # VPN_PORT_FORWARDING_UP_COMMAND=/bin/sh -c "/scripts/qbittorrent-port-update.sh --port {{PORT}} --webui-port 9081" | |
| # VPN_PORT_FORWARDING_UP_COMMAND=/bin/sh -c "/scripts/qbittorrent-port-update.sh --port {{PORT}} --iface {{VPN_INTERFACE}} --webui-port 9081" |
4 participants
Inspired by #2611 and talks in #1555 created a script to update peer-port of qBittorrent.
Upd: added option to authenticate.