I’ve started setting up my media server and was wondering if I should put my docker containers with sonarr and radarr behind my VPN the same as my qbit?
You can but you don’t need to. All they really do is organise everything. Any requests go through Prowlarr/Jackett which do the API calls then push that to qBit. One could argue you should put Prowlarr behind a VPN as well but it depends on the trackers you have in there.
Why not running behind a VPN 24/7? And swapping server every 2-3 days? Don’t take your OpSec easy…
When it is about OpSec you should act like a Schizo-Paranoid.
Bro they’re grabbing links from trackers, not even downloading any copyrighted material. They’re not buying mdma on alphabay.
Are your arrs buying amphetamines online again? Detox your homelab with these six easy steps.
Online drug stores hate this one neat trick
Yeah I just leave Mullvad on 24/7, and set QBittorrent to only download through the VPN connection and just leave it at that.
I prefer to do it in Schizo-Paranoid mode. just for my own security…
I mean you do you, but there’s always a trade off with these types of things (usually security at the expense of usability), so most people would be better served by taking stock of their activities, the risk caused by those activities, then mitigating that risk to an acceptable level. If acceptable to you is cruising around to mcdonald’s parking lots so you can bounce off their wifi like you’re taking the risk of ordering weight more power to you, but just know that from a risk mitigation perspective you’re implementing controls way out of line with the actual risk. Probably, depending on your local laws etc idk i’m not you.
What would swapping servers achieve?
Changing the VPN server, just for good measure
That was a rephrasing of the statement, not an answer to the question. He’s asking why it matters. What is the “good measure”?
It change your public IP, so when you swap server the services you use will see another IP from you, if you swap server constantly supposing someone it’s trying to find out where you are they will have a list of different places and it will make it harder to know where you really are so they will desist using the IP method.
There is a variety of measures you have to take to be secure, swapping servers it’s just one of them.
I trust sonarr and radarr to disable telemetry via the options, so I don’t think you have any benefits from putting them behind VPN. All download clients ofc make sense
Why not?
I’m having some difficulties getting both sonarr and radarr working simultaneously behind my VPN because they default to the same port. I’m not very well versed in docker, so I don’t know how to fix the port issue behind the VPN, but I can fix it if they’re just separate from the VPN.
Radarr defaults to 7878 and Sonarr to 8989, no? Are you trying to remotely access them through the VPN?
I thought so, but I get an error that the port is already used when in try to start sonarr after radarr. I’m only trying to reach them from my local network.
i get this error
it works perfectly fine with the same user and setup as long as i’m not putting it beheind my VPN. I have no other instances of sonarr running.
Looks like Sonarr may be configured to use 7878 and not its default. Where is your local VPN endpoint? Docker? A router?
Docker using gluetun.
I haven’t set it to use 7878, it should be using the default.
Try setting it explicitly to be sure, and make sure you’ve mapped the port in gluetun.
deleted by creator
i have them all connected to my gluetun vpn. prowlar sonarr radar qbit deluge everything under the vpn. maybe overkill but prefer it for the safety even if it adds some latency to them
i put mine behind free-proton-vpn via privoxy-vpn… in case my usenet indexers got busted, you never know… its free and costs you only a bit time to set up
I have everything that scrapes for stuff or downloads stuff behind a VPN. jackett/prowlarr qbittorrent, etc…