This docker stack has all of the pieces for setting up and maintaining a home grown media rig for acquiring, organizing and playing your favorite movies and TV shows.
- A NordLynx container serving as the gateway to the web. It's server selection is configurable via docker-compose
- A qBittorrent container with a built-in health check that ensures the container has a protected path to the internet (is actually going out over nordlynx) and that qBittorrent is "connected" not firewalled or disconnected (which can sometimes happen as a result of a race condition between the connection to Nord and the startup of the qbittorrent service)
- Autoheal which monitors "unhealthy" container and restarts them until the become healthy. This, combined with the in-built IPTables config in nordlynx prevents connection issues and IP Leaks
- NginX reverse proxy provides an SSL interface for when you access qbittorrent's web UI. This way, if you're managing your torrents remotely, you have an encrypted connection
- DDNS via cloudflare so that you can maintain an external record of your residential IP to have continual remote access to the stack (you'll still need to configure your router)
- Sonarr, Radarr, Bazarr and Prowlarr for monitoring and torrent acquisition as well as subtitle acquisition
- Transcode service to optimize files in the background
- Plex media server
- Duplicate
.env.sampleto.envand then update it with any values you can provide - Audit the docker-compose file and review the inline docs.
- Have docker and docker compose installed
- Have your storage set up
bash ./get_nordvpn_private_key NORDVPN_USER NORDVPN_PASS
Copy the key into the .env file
- Once you've got
.envset up, runbash ./build_stack - Configure Prowlarr to talk to Sonarr and Radarr. In the process of doing this, jot down Sonarr and Radarr's API keys and copy them into the
.envfile. The addresses for sonarr, radarr and qbittorrent arelocalhostand then their respective port numbers. Once you have this set up, configure the indexes you want Prowlarr to use. It will sync these with Sonarr and Radarr as you go. - Configure Sonarr and Radarr to use qbittorrent as your download client. Import any library you already have so that you configure monitoring
- Configure your backups
- Provide a cloudflare API key and subdomain in the
.envso that the rig handles DDNS for you
After your initial startup you may need to adjust your host FS permissions to be able to see certs and the qbittorrent config. As such, I recommend running the following after your initial start from within the parent directory
sudo chown -R $(whoami):$(whoami) .
This will take possession of all of the directories created by your containers. Run the build script again after doing this to ensure nginx can grab your cert
This stack has health checks on both the nordlynx and qbittorrent containers to ensure you're connected to nordvpn and that qbittorrent is actively using that connection. Containers will be restarted by autoheal if either of those things fails. However, I would also bind qbittorrent to the wg0 interface, ensuring that traffic only goes out over wireguard (nordlynx). You can do this by modifying the qbittorrent config
config/qBittorrent/qBittorrent.conf (You'll need to have started the stack once and possibly corrected permissions before you can see this)
Changing
Session\Interface=
to say
Session\Interface=wg0
I say this simply because my use case has me monitoring and adding torrents from my phone, and vuetorrent is awesome for that. I included a /vuetorrent directory within the torrent container and it points to ./vuetorrent -- it's not my project so I am not going to distribute it, but I dropped a readme file in there to tell you how to get it!
Each service is accessible via http://<ip|localhost>:. There is also an nginx reverse proxy available at https://<ip|localhost|domain>:8080 with subdirectory access to services.
- https://<ip|localhost|domain>:8080/qbt - qBittorrent
- https://<ip|localhost|domain>:8080/backup/login.html - backup
- https://<ip|localhost|domain>:8080/sonarr - sonarr
- https://<ip|localhost|domain>:8080/radarr - radarr
- https://<ip|localhost|domain>:8080/prowlarr - prowlarr
- https://<ip|localhost|domain>:8080/portainer - portainer
I set this up this way so that, at your own risk, you can map some external DNS to your external IP and map a single external port back to your rig's port 8080.
Note for the purposes of your client to client communications (indexers, downloaders, etc) I recommend you use localhost:port, which is how the docker network is configured
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature) - Commit your Changes (
git commit -m 'Add some AmazingFeature') - Push to the Branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Distributed under the MIT License. See LICENSE.txt for more information.