andscape

@andscape@feddit.it

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Ditching the VPN and port forwarding the selfhosted way⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Idk man, it seems pretty irresponsible to me to write a blogpost with stuff that you got from ChatGPT without understanding it. People will assume that if you wrote a blogpost on this then you know what you’re doing. ChatGPT gets stuff wrong all the time, and we’re talking about firewall configuration here. If it misconfigured some stuff it could leave you and your readers vulnerable to all kinds of shit.

In this case it seems to me that (luckily) there’s just a bunch of redundant routing, but the next time it could be leaking your and your readers’ torrent traffic out of the VPN tunnel, leaving you vulnerable to legal repercussions for piracy.

Please don’t authoritatively post stuff that you got from the automatic bullshit generator without understanding it.
⁨Comment⁩ on ⁨Ditching the VPN and port forwarding the selfhosted way⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Nice, I recently went through the same struggle of setting up this configuration based on that LinuxServer post. My main nitpick on this is that automating the ip route configuration for the qBittorrent container is a pretty important step which is not explained in the post. Leaving any manual steps in any Docker setup is pretty bad practice.

Since you’re using LinuxServer’s QBT image a good way to do this is to make use of their standard custom init scripts. You can just mount a script with the ip route commands to /custom-cont-init.d/my-routes.sh:ro on the container and it will be run automatically on each startup.

Another nitpick is that the PostDown commands in the wireguard configs are useless since you’re running them in Docker.
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Fantastic, thank you
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Wow thank you, this is the most useful reply I’ve received so far!

This means I don’t need to mess around with QBT’s “proxy” settings? I was pretty confused since the only options available are SOCKS/SOCKS5 and HTTP, but I’m guessing that’s a different kind of proxy than what I need…
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I indeed have a domain name pointing to the VPS IP, with Caddy managing TLS. Other apps are exposed this way, and I will do the same for the qBittorrent WebUI as well. I like having Caddy as a single gateway where I can apply security configs and monitor all traffic, I was hoping I would be able to pass torrent traffic through it as well but everybody seems very much against it.

I already have wireguard setup as you describe so I guess I’ll just give up on passing torrent traffic through the proxies and just open a localhost port on the qBittorrent container…
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Resetting the “time since last being told I don’t know shit on the internet” back to 0 once again…

I already have an existing and working setup used for other apps, it’s close to the one described in this blogpost. Yes, it’s complicated and inefficient, but it has reasons to be. I want to keep my qBittorrent configuration as close to this setup as reasonably possible for consistency. If your point is that it’s counterproductive to follow this setup then… fair enough. I can just route traffic from the VPS to an exposed port on the local qBittorrent container over Wireguard, but that wasn’t my preferred solution.

Running a torrent client through a proxy doesn’t isolated a process.

I was talking about network isolation, not process isolation.

make sure your traffic is routing there properly

That was pretty much what I was asking for help with.
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I have already set up all of that. My setup is similar to the one in this blogpost and it’s already working for various apps that only use HTTP. What I’m trying to do is to also route BitTorrent traffic (TCP/UDP) over the same setup without opening up entirely new paths.
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Yes I already have that set up with Wireguard, what I’m figuring out is how to route traffic through it.
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I’m guessing what you mean is setting up port forwarding in Wireguard…

The thing is ideally I would want all connections in and out of my homeserver’s Docker network to go through the local Caddy proxy, so the app containers are isolated. That still means having at least the local Caddy acting as a TCP proxy, even if the VPS Caddy is bypassed. If that’s too much of a hassle though I can instead just expose a port on the qBittorrent container directly to the homeserver’s localhost, and forward that with wireguard to the VPS.
⁨Comment⁩ on ⁨Proxying torrent traffic to homeserver⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
By “set up wireguard to route through the VPS” you mean having wireguard forward a port from the VPS to a port on the homeserver at its wireguard IP address?

qBittorrent will still need to publish the right IP address to peers though, right? So I will need to configure the proxy VPS’s IP address in qBittorrent…
Proxying torrent traffic to homeserver
Submitted ⁨⁨1⁩ ⁨month⁩ ago⁩ to ⁨selfhosted@lemmy.world⁩ | ⁨20⁩ ⁨comments⁩
⁨Comment⁩ on ⁨Samsung A526B no system and booting to TWRP Recovery⁩ ⁨⁨1⁩ ⁨year⁩ ago⁩:
I don’t have the same phone and it’s in general pretty difficult to fix a brick without being able to tinker with it. I can give you some pointers though…

First off, this guide is for a model A525F, but your title says your phone is an A526B. If that’s correct there’s a chance the files you tried to flash were for a different model number and that’s what went wrong. Make sure you download the right files for your exact model number rather than trusting the ones your guide provides.

Secondly, to be honest, this guide does not seem very trustworthy. When doing this kind of thing every little step matters, a single misplaced reboot might screw up the whole process. Also, you’re downloading and installing on your phone some files from some random website, that’s a big risk. The thing is: you don’t need a shitty guide for your exact model. For future reference, you’re better off with a good, detailed guide for your general vendor (Samsung). XDA forums are usually the place to look. Always find the files you need by yourself, don’t just flash whatever some random website makes you download. Go to the official download pages for Samsung stock OS or TWRP and get the files from there, making sure they match your exact model number.

If you’re 100% sure that the firmware you’re trying to flash is the correct one for your model, you can try avoiding Odin and use adb flash directly. There’s plenty of guides on how to do that going around. You might not need TWRP either at that point. Getting familiar with adb is always useful.