bea/docker-deluge-openvpn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Reduce the amount of privileges needed

Browse Source
This commit is contained in:
Aaron Wood
2017-03-05 21:04:50 -05:00
parent 77756be6cb
commit d225283321
3 changed files with 14 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@@ -39,7 +39,7 @@ The container is available from the Docker registry and this is the simplest way
To run the container use this command: To run the container use this command:
``` ```
$ docker run --privileged -d \ $ docker run --cap-add=NET_ADMIN --device=/dev/net/tun -d \
-v /your/storage/path/:/data \ -v /your/storage/path/:/data \
-v /etc/localtime:/etc/localtime:ro \ -v /etc/localtime:/etc/localtime:ro \
-e "OPENVPN_PROVIDER=PIA" \ -e "OPENVPN_PROVIDER=PIA" \
@@ -117,7 +117,7 @@ Please note that if you pass in env. variables on the command line these will ov
See explanation of variables above. See explanation of variables above.
To use this env file, use the following to run the docker image: To use this env file, use the following to run the docker image:
``` ```
$ docker run --privileged -d \ $ docker run --cap-add=NET_ADMIN --device=/dev/net/tun -d \
-v /your/storage/path/:/data \ -v /your/storage/path/:/data \
-v /etc/localtime:/etc/localtime:ro \ -v /etc/localtime:/etc/localtime:ro \
--env-file /your/docker/env/file \ --env-file /your/docker/env/file \
@@ -233,7 +233,7 @@ nameserver 8.8.8.8
nameserver 8.8.4.4 nameserver 8.8.4.4
``` ```
- Save the file with [escape] + `:wq!` - Save the file with [escape] + `:wq!`
- Create your docker container with a classic command like `docker run --privileged -d -v /volume1/foldername/resolv.conf:/etc/resolv.conf -v /volume1/yourpath/:/data -e "OPENVPN_PROVIDER=PIA" -e "OPENVPN_CONFIG=Netherlands" -e "OPENVPN_USERNAME=XXXXX" -e "OPENVPN_PASSWORD=XXXXX" -p 9091:9091 --name "TransmissionVPN" haugene/transmission-openvpn` - Create your docker container with a classic command like `docker run --cap-add=NET_ADMIN --device=/dev/net/tun -d -v /volume1/foldername/resolv.conf:/etc/resolv.conf -v /volume1/yourpath/:/data -e "OPENVPN_PROVIDER=PIA" -e "OPENVPN_CONFIG=Netherlands" -e "OPENVPN_USERNAME=XXXXX" -e "OPENVPN_PASSWORD=XXXXX" -p 9091:9091 --name "TransmissionVPN" haugene/transmission-openvpn`
- To make it work after a nas restart, create an automated task in your synology web interface : go to **Settings Panel > Task Scheduler ** create a new task that run `/volume1/foldername/TUN.sh` as root (select '_root_' in 'user' selectbox). This task will start module that permit the container to run, you can make a task that run on startup. These kind of task doesn't work on my nas so I just made a task that run every minute. - To make it work after a nas restart, create an automated task in your synology web interface : go to **Settings Panel > Task Scheduler ** create a new task that run `/volume1/foldername/TUN.sh` as root (select '_root_' in 'user' selectbox). This task will start module that permit the container to run, you can make a task that run on startup. These kind of task doesn't work on my nas so I just made a task that run every minute.
- Enjoy - Enjoy
@@ -261,7 +261,8 @@ ExecStartPre=-/usr/bin/docker rm transmission-openvpn
ExecStartPre=/usr/bin/docker pull haugene/transmission-openvpn ExecStartPre=/usr/bin/docker pull haugene/transmission-openvpn
ExecStart=/usr/bin/docker run \ ExecStart=/usr/bin/docker run \
--name transmission-openvpn \ --name transmission-openvpn \
--privileged \ --cap-add=NET_ADMIN \
--device=/dev/net/tun \
-v /home/bittorrent/data/:/data \ -v /home/bittorrent/data/:/data \
-e "OPENVPN_PROVIDER=TORGUARD" \ -e "OPENVPN_PROVIDER=TORGUARD" \
-e "OPENVPN_USERNAME=bittorrent@example.com" \ -e "OPENVPN_USERNAME=bittorrent@example.com" \

5
docker-compose-armhf.yml
View File

@@ -6,7 +6,10 @@ services:
context: . context: .
dockerfile: Dockerfile.armhf dockerfile: Dockerfile.armhf
image: haugene/rpi-transmission-openvpn image: haugene/rpi-transmission-openvpn
privileged: true cap_add:
- NET_ADMIN
devices:
- "/dev/net/tun"
restart: always restart: always
ports: ports:
- "9091:9091" - "9091:9091"

5
docker-compose.yml
View File

@@ -2,7 +2,10 @@ version: '2'
services: services:
transmission: transmission:
image: haugene/transmission-openvpn image: haugene/transmission-openvpn
privileged: true cap_add:
- NET_ADMIN
devices:
- "/dev/net/tun"
restart: always restart: always
ports: ports:
- "9091:9091" - "9091:9091"