gluetun
gluetun copied to clipboard
Published
20 hours ago •
qdm12
qdm12
Bug: Gluetun+qBittorent not working
trafficstars
Is this urgent?
Yes
Host OS
Raspberry Pi OS
CPU arch
aarch64
VPN service provider
ProtonVPN
What are you using to run the container
docker-compose
What is the version of Gluetun
Running version v3.40.0
What's the problem 🤔
gluetun on raspberry pi seems to not work properly. I followed the instructions listed on reddit and while it says that connection was successful and that the port is forwarded, it does not download anything (it is stuck on stalled). Furthermore using curl ifconfig.me on the qBittorent container shows that it is connected to the vpn. Using this stack has worked on my ubuntu pc. I only change the network from 172.20.0.0/16 to 172.25.0.0/16 (the 20 is already occupied) The same config is not working on my raspberry pi. I will share the config file that is on the repo i provide above.
Share your logs (at least 10 lines)
========================================
========================================
=============== gluetun ================
========================================
=========== Made with ❤️ by ============
======= https://github.com/qdm12 =======
========================================
========================================
Running version v3.40.0 built on 2024-12-25T22:01:25.675Z (commit e890c50)
🔧 Need help? ☕ Discussion? https://github.com/qdm12/gluetun/discussions/new/choose
🐛 Bug? ✨ New feature? https://github.com/qdm12/gluetun/issues/new/choose
💻 Email? [email protected]
💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
2025-06-03T12:14:56+03:00 INFO [routing] default route found: interface eth0, gateway 172.23.0.1, assigned IP 172.23.0.2 and family v4
2025-06-03T12:14:56+03:00 INFO [routing] local ethernet link found: eth0
2025-06-03T12:14:56+03:00 INFO [routing] local ipnet found: 172.23.0.0/16
2025-06-03T12:14:56+03:00 INFO [firewall] enabling...
2025-06-03T12:14:56+03:00 INFO [firewall] enabled successfully
2025-06-03T12:14:57+03:00 INFO [storage] merging by most recent 20776 hardcoded servers and 20776 servers read from /gluetun/servers.json
2025-06-03T12:14:57+03:00 INFO Alpine version: 3.20.3
2025-06-03T12:14:57+03:00 INFO OpenVPN 2.5 version: 2.5.10
2025-06-03T12:14:57+03:00 INFO OpenVPN 2.6 version: 2.6.11
2025-06-03T12:14:57+03:00 INFO IPtables version: v1.8.10
2025-06-03T12:14:57+03:00 INFO Settings summary:
├── VPN settings:
| ├── VPN provider settings:
| | ├── Name: protonvpn
| | ├── Server selection settings:
| | | ├── VPN type: wireguard
| | | ├── Countries: greece
| | | ├── Port forwarding only servers: yes
| | | └── Wireguard selection settings:
| | └── Automatic port forwarding settings:
| | ├── Redirection listening port: disabled
| | ├── Use port forwarding code for current provider
| | ├── Forwarded port file path: /tmp/gluetun/forwarded_port
| | ├── Forwarded port up command: /bin/sh -c 'wget -O- --retry-connrefused --post-data "json={\"listen_port\":{{PORTS}}}" http://127.0.0.1:8004/api/v2/app/setPreferences 2>&1'
| | └── Credentials:
| | ├── Username: username+pmp
| | └── Password: [set]
| └── Wireguard settings:
| ├── Private key: WHL...XE=
| ├── Interface addresses:
| | └── 10.2.0.2/32
| ├── Allowed IPs:
| | ├── 0.0.0.0/0
| | └── ::/0
| └── Network interface: tun0
| └── MTU: 1320
├── DNS settings:
| ├── Keep existing nameserver(s): no
| ├── DNS server address to use: 127.0.0.1
| └── DNS over TLS settings:
| ├── Enabled: yes
| ├── Update period: every 24h0m0s
| ├── Upstream resolvers:
| | └── cloudflare
| ├── Caching: yes
| ├── IPv6: no
| └── DNS filtering settings:
| ├── Block malicious: no
| ├── Block ads: no
| ├── Block surveillance: no
| └── Blocked IP networks:
| ├── 127.0.0.1/8
| ├── 10.0.0.0/8
| ├── 172.16.0.0/12
| ├── 192.168.0.0/16
| ├── 169.254.0.0/16
| ├── ::1/128
| ├── fc00::/7
| ├── fe80::/10
| ├── ::ffff:127.0.0.1/104
| ├── ::ffff:10.0.0.0/104
| ├── ::ffff:169.254.0.0/112
| ├── ::ffff:172.16.0.0/108
| └── ::ffff:192.168.0.0/112
├── Firewall settings:
| └── Enabled: yes
├── Log settings:
| └── Log level: info
├── Health settings:
| ├── Server listening address: 127.0.0.1:9999
| ├── Target address: cloudflare.com:443
| ├── Duration to wait after success: 5s
| ├── Read header timeout: 100ms
| ├── Read timeout: 500ms
| └── VPN wait durations:
| ├── Initial duration: 6s
| └── Additional duration: 5s
├── Shadowsocks server settings:
| └── Enabled: no
├── HTTP proxy settings:
| └── Enabled: no
├── Control server settings:
| ├── Listening address: :8000
| ├── Logging: yes
| └── Authentication file path: /gluetun/auth/config.toml
├── Storage settings:
| └── Filepath: /gluetun/servers.json
├── OS Alpine settings:
| ├── Process UID: 1000
| ├── Process GID: 1000
| └── Timezone: europe/athens
├── Public IP settings:
| ├── IP file path: /tmp/gluetun/ip
| ├── Public IP data base API: ipinfo
| └── Public IP data backup APIs:
| ├── ifconfigco
| ├── ip2location
| └── cloudflare
├── Server data updater settings:
| ├── Update period: 24h0m0s
| ├── DNS address: 1.1.1.1:53
| ├── Minimum ratio: 0.8
| └── Providers to update: protonvpn
└── Version settings:
└── Enabled: yes
2025-06-03T12:14:57+03:00 INFO [routing] default route found: interface eth0, gateway 172.23.0.1, assigned IP 172.23.0.2 and family v4
2025-06-03T12:14:57+03:00 INFO [routing] adding route for 0.0.0.0/0
2025-06-03T12:14:57+03:00 INFO [firewall] setting allowed subnets...
2025-06-03T12:14:57+03:00 INFO [routing] default route found: interface eth0, gateway 172.23.0.1, assigned IP 172.23.0.2 and family v4
2025-06-03T12:14:57+03:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2025-06-03T12:14:57+03:00 INFO [http server] http server listening on [::]:8000
2025-06-03T12:14:57+03:00 INFO [healthcheck] listening on 127.0.0.1:9999
2025-06-03T12:14:57+03:00 INFO [firewall] allowing VPN connection...
2025-06-03T12:14:57+03:00 INFO [wireguard] Using available kernelspace implementation
2025-06-03T12:14:57+03:00 INFO [wireguard] Connecting to 185.51.134.194:51820
2025-06-03T12:14:57+03:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2025-06-03T12:14:57+03:00 INFO [dns] downloading hostnames and IP block lists
2025-06-03T12:14:58+03:00 INFO [dns] DNS server listening on [::]:53
2025-06-03T12:15:01+03:00 INFO [dns] ready
2025-06-03T12:15:01+03:00 INFO [ip getter] Public IP address is 185.51.134.198 (Greece, Attica, Athens - source: ipinfo)
2025-06-03T12:15:02+03:00 INFO [vpn] You are running the latest release v3.40.0
2025-06-03T12:15:02+03:00 INFO [port forwarding] starting
2025-06-03T12:15:02+03:00 INFO [port forwarding] gateway external IPv4 address is 185.51.134.198
2025-06-03T12:15:02+03:00 INFO [port forwarding] port forwarded is 44529
2025-06-03T12:15:02+03:00 INFO [firewall] setting allowed input port 44529 through interface tun0...
2025-06-03T12:15:02+03:00 INFO [port forwarding] writing port file /tmp/gluetun/forwarded_port
2025-06-03T12:15:02+03:00 INFO [port forwarding] --2025-06-03 12:15:02-- http://127.0.0.1:8004/api/v2/app/setPreferences
2025-06-03T12:15:02+03:00 INFO [port forwarding] Connecting to 127.0.0.1:8004... failed: Connection refused.
2025-06-03T12:15:02+03:00 INFO [port forwarding] Retrying.
2025-06-03T12:15:02+03:00 INFO [port forwarding]
2025-06-03T12:15:02+03:00 INFO [healthcheck] healthy!
2025-06-03T12:15:03+03:00 INFO [port forwarding] --2025-06-03 12:15:03-- (try: 2) http://127.0.0.1:8004/api/v2/app/setPreferences
2025-06-03T12:15:03+03:00 INFO [port forwarding] Connecting to 127.0.0.1:8004... failed: Connection refused.
2025-06-03T12:15:03+03:00 INFO [port forwarding] Retrying.
2025-06-03T12:15:03+03:00 INFO [port forwarding]
2025-06-03T12:15:05+03:00 INFO [port forwarding] --2025-06-03 12:15:05-- (try: 3) http://127.0.0.1:8004/api/v2/app/setPreferences
2025-06-03T12:15:05+03:00 INFO [port forwarding] Connecting to 127.0.0.1:8004... failed: Connection refused.
2025-06-03T12:15:05+03:00 INFO [port forwarding] Retrying.
2025-06-03T12:15:05+03:00 INFO [port forwarding]
2025-06-03T12:15:08+03:00 INFO [port forwarding] --2025-06-03 12:15:08-- (try: 4) http://127.0.0.1:8004/api/v2/app/setPreferences
2025-06-03T12:15:08+03:00 INFO [port forwarding] Connecting to 127.0.0.1:8004... connected.
2025-06-03T12:15:08+03:00 INFO [port forwarding] HTTP request sent, awaiting response... 200 OK
2025-06-03T12:15:08+03:00 INFO [port forwarding] Length: 0 [text/plain]
2025-06-03T12:15:08+03:00 INFO [port forwarding] Saving to: 'STDOUT'
2025-06-03T12:15:08+03:00 INFO [port forwarding]
2025-06-03T12:15:08+03:00 INFO [port forwarding] 0K 0.00 =0s
2025-06-03T12:15:08+03:00 INFO [port forwarding]
2025-06-03T12:15:08+03:00 INFO [port forwarding] 2025-06-03 12:15:08 (0.00 B/s) - written to stdout [0/0]
2025-06-03T12:15:08+03:00 INFO [port forwarding]
Share your configuration
version: "3.9"
name: media-stack
services:
# To use/enable VPN, Run this compose file with --profile=vpn. Its highly recommended to use VPN.
vpn:
## Read https://github.com/qdm12/gluetun-wiki/tree/main/setup/providers for details on configuring VPN for your service provider.
profiles: ["vpn"]
container_name: vpn
image: qmcgaw/gluetun
cap_add:
- NET_ADMIN
environment:
- VPN_SERVICE_PROVIDER=protonvpn
- VPN_TYPE=wireguard # or wireguard
- SERVER_COUNTRIES=Greece
- WIREGUARD_PRIVATE_KEY=
#- VPN_SERVICE_PROVIDER=${VPN_SERVICE_PROVIDER:-nordvpn} # Valid values: nordvpn, expressvpn, protonvpn, surfshark or custom
#- OPENVPN_USER=${OPENVPN_USER:-""}
#- OPENVPN_PASSWORD=${OPENVPN_PASSWORD:-""}
- VPN_PORT_FORWARDING=on
- PORT_FORWARD_ONLY=on
- VPN_PORT_FORWARDING_UP_COMMAND=/bin/sh -c 'wget -O- --retry-connrefused --post-data "json={\"listen_port\":{{PORTS}}}" http://127.0.0.1:5080/api/v2/app/setPreferences 2>&1'
## For list of server countries, visit https://raw.githubusercontent.com/qdm12/gluetun/master/internal/storage/servers.json
## When VPN_SERVICE_PROVIDER is custom. Comment the below line
#- SERVER_COUNTRIES=${SERVER_COUNTRIES:-Switzerland}
# - FREE_ONLY=on # Valid with protonvpn only. Value willbe set "on" if using free subscription provided by protonvpn
## Enable below if VPN_SERVICE_PROVIDER=custom
# - VPN_TYPE=openvpn # or wireguard.
## If VPN_TYPE is openvpn
# - OPENVPN_CUSTOM_CONFIG=/gluetun/custom.conf
## If VPN_TYPE is wireguard. Replace below env variables as required.
# - VPN_ENDPOINT_IP=1.2.3.4 # Replace with your wg endpoint ip or domain
# - VPN_ENDPOINT_PORT=51820 # Replace with wg server port
# - WIREGUARD_PUBLIC_KEY=wAUaJMhAq3NFutLHIdF8AN0B5WG8RndfQKLPTEDHal0= # Replace with your wg public key
# - WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU= # Replace with your wg client private key
# - WIREGUARD_PRESHARED_KEY=xOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU= # Replaced with your wg pre-shared key
# - WIREGUARD_ADDRESSES="10.64.222.21/32" # Replace with wg address
## Enable volume if VPN_SERVICE_PROVIDER=custom and VPN_TYPE=openvpn is used
# volumes:
# - /yourpath/yourconfig.conf:/gluetun/config.conf:ro
networks:
- mynetwork
devices:
- /dev/net/tun:/dev/net/tun
# Uncomment/enable below ports if VPN is used/enabled
ports:
# # qbittorrent ports
- 5080:5080
- 6881:6881
- 6881:6881/udp
# prowlarr ports
- 9696:9696
restart: "unless-stopped"
## Default credentials of qBittorrent - Username: admin password: adminadmin ##
## Change password after install from UI --> Tools --> Options --> WebUI ##
qbittorrent:
profiles: ["vpn", "no-vpn"]
container_name: qbittorrent
image: lscr.io/linuxserver/qbittorrent:5.0.4
# Unomment below if vpn is enabled
depends_on: # Uncomment this line if vpn is enabled
vpn: # Uncomment this line if vpn is enabled
condition: service_healthy # Uncomment this line if vpn is enabled
## Comment below lines if VPN is enabled
#networks: # Comment this line if vpn is enabled
# - mynetwork # Comment this line if vpn is enabled
# Unomment below line if vpn is enabled
network_mode: service:vpn
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
- WEBUI_PORT=5080
- TORRENTING_PORT=6881
volumes:
- qbittorrent-config:/config
- torrent-downloads:/downloads
## Comment/Disable below ports if VPN is enabled
#ports:
# - 5080:5080
# - 6881:6881
# - 6881:6881/udp
restart: "unless-stopped"
radarr:
profiles: ["vpn", "no-vpn"]
container_name: radarr
image: lscr.io/linuxserver/radarr:5.21.1
networks:
# - mynetwork # Comment this line if VPN is enabled
## Uncomment below lines if VPN is enabled
mynetwork:
ipv4_address: ${RADARR_STATIC_CONTAINER_IP} # It should be available IPv4 address in range of docker network `mynetwork` e.g. 172.20.0.2
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
ports:
- 7878:7878
volumes:
- radarr-config:/config
- torrent-downloads:/downloads
restart: "unless-stopped"
sonarr:
profiles: ["vpn", "no-vpn"]
image: linuxserver/sonarr:4.0.14
container_name: sonarr
networks:
# - mynetwork # Comment this line if VPN is enabled
## Uncomment below lines if VPN is enabled
mynetwork:
ipv4_address: ${SONARR_STATIC_CONTAINER_IP} # It should be available IPv4 address in range of docker network `mynetwork` e.g. 172.20.0.2
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
volumes:
- sonarr-config:/config
- torrent-downloads:/downloads
ports:
- 8989:8989
restart: unless-stopped
prowlarr:
profiles: ["vpn", "no-vpn"]
container_name: prowlarr
image: linuxserver/prowlarr:1.32.2
# Uncomment below if vpn is enabled
depends_on: # Uncomment this line if vpn is enabled
vpn: # Uncomment this line if vpn is enabled
condition: service_healthy # Uncomment this line if vpn is enabled
network_mode: service:vpn # Uncomment this line if vpn is enabled
#networks: # Comment this line if vpn is enabled
# - mynetwork # Comment this line if vpn is enabled
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
volumes:
- prowlarr-config:/config
# Comment below ports if VPN is enabled.
#ports:
# - 9696:9696
restart: unless-stopped
recommendarr:
profiles: ["recommendarr"]
container_name: recommendarr
image: tannermiddleton/recommendarr:v1.3.0
networks:
- mynetwork
environment:
- NODE_ENV=production
- DOCKER_ENV=true
- PORT=3000
- PUBLIC_URL=https://localhost:3000 # Change this public URL if you are accessing recommendarr on a domain
volumes:
- recommendarr-data:/app/server/data
ports:
- 3000:3000
restart: unless-stopped
jellyseerr:
profiles: ["vpn", "no-vpn"]
image: fallenbagel/jellyseerr:2.5.2
container_name: jellyseerr
networks:
- mynetwork
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
volumes:
- jellyseerr-config:/app/config
ports:
- 5055:5055
restart: unless-stopped
jellyfin:
profiles: ["vpn", "no-vpn"]
image: linuxserver/jellyfin:10.10.6
container_name: jellyfin
networks:
- mynetwork
environment:
- PUID=1000
- PGID=1000
- TZ=UTC
volumes:
- jellyfin-config:/config
- torrent-downloads:/data
# devices:
# - /dev/videoN:/dev/videoN # Mount GPU device
ports:
- 8096:8096
- 7359:7359/udp
- 8920:8920
restart: unless-stopped
# Doc: https://github.com/navilg/cleanmyarr
# cleanmyarr:
# profiles: ["vpn", "no-vpn"]
# depends_on:
# - radarr
# - sonarr
# image: linuxshots/cleanmyarr:0.8.1
# container_name: cleanmyarr
# networks:
# - mynetwork
# volumes:
# - cleanmyarr-config:/config
# restart: unless-stopped
# environment:
# - CMA_MAINTENANCE_CYCLE=${CMA_MAINTENANCE_CYCLE:-""}
# - CMA_DELETE_AFTER_DAYS=${CMA_DELETE_AFTER_DAYS:-""}
# - CMA_ENABLE_EMAIL_NOTIFICATION=${CMA_ENABLE_EMAIL_NOTIFICATION:-""}
# - CMA_SMTP_USERNAME=${CMA_SMTP_USERNAME:-""}
# - CMA_SMTP_ENCODED_PASSWORD=${CMA_SMTP_ENCODED_PASSWORD:-""}
# - CMA_SMTP_TO_EMAILS=${CMA_SMTP_TO_EMAILS:-""}
# - CMA_ENABLE_GOTIFY_NOTIFICATION=${CMA_ENABLE_GOTIFY_NOTIFICATION:-""}
# - CMA_GOTIFY_URL=${CMA_GOTIFY_URL:-""}
# - CMA_GOTIFY_ENCODED_APP_TOKEN=${CMA_GOTIFY_ENCODED_APP_TOKEN:-""}
# - CMA_ENABLE_TELEGRAM_NOTIFICATION=${CMA_ENABLE_TELEGRAM_NOTIFICATION:-""}
# - CMA_TELEGRAM_ENCODED_BOT_TOKEN=${CMA_TELEGRAM_ENCODED_BOT_TOKEN:-""}
# - CMA_TELEGRAM_CHAT_ID=${CMA_TELEGRAM_CHAT_ID:-""}
# - CMA_MONITOR_RADARR=${CMA_MONITOR_RADARR:-""}
# - CMA_RADARR_URL=${CMA_RADARR_URL:-""}
# - CMA_RADARR_ENCODED_API_KEY=${CMA_RADARR_ENCODED_API_KEY:-""}
# - CMA_RADARR_ENABLE_NOTIFICATION=${CMA_RADARR_ENABLE_NOTIFICATION:-""}
volumes:
torrent-downloads:
radarr-config:
sonarr-config:
prowlarr-config:
jellyfin-config:
qbittorrent-config:
jellyseerr-config:
recommendarr-data:
# cleanmyarr-config:
networks:
mynetwork:
external: true
#RADARR_STATIC_CONTAINER_IP=172.2.0.101 SONARR_STATIC_CONTAINER_IP=172.20.0.102 docker compose --profile vpn up -d
@qdm12 is more or less the only maintainer of this project and works on it in his free time. Please:
- do not ask for updates, be patient
- :+1: the issue to show your support instead of commenting @qdm12 usually checks issues at least once a week, if this is a new urgent bug, revert to an older tagged container image
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This comment helped me. https://github.com/qdm12/gluetun/issues/2735#issuecomment-2810693146
Much simpler. Check out the qbittorrent settings (so the actual GUI settings) under advanced. You should find the 2 options there: network interface: tun0 Optional IP address to bind to: all ipv4
Will check out. I asked on reddit a bit more and found out that there is an issue with Docker update. For now, it is working properly on Linux
Thanks @CodeKJ !
@deepblue597 did you figure it out since then? It does look like the port forwards correctly (HTTP request sent, awaiting response... 200 OK), it might be just qbittorrent not behaving right?
I actually had the same issue, personally resolved it by doing
wget --header="Content-Type: application/x-www-form-urlencoded" --post-data="json={"listen_port":{{PORTS}}}" -O- --retry-connrefused http://127.0.0.1:50003/api/v2/app/setPreferences 2>&1
instead, for some reason it needed the Content-Type being set. And qbittorrent was returning the same OK response in both cases. This is a qbittorrent issue though nothing to do with gluetun.
