Transmission is a powerful and open source bittorrent client that can run in a container. Torrenting is often associated with illegal activity however it can be used for good. For example, a lot of open source projects will offer torrent P2P downloads to relieve stress on their server infrastructure to keep costs lower.

For those of you that care about security and keeping your internet activity anonymous, PIA VPN is a great option to help with that. It allows you to create an encrypted tunnel from your local computer through the internet and out one of PIA’s servers anywhere in the world.

This container by haugene combains the two making for an easy deployment. The nice thing about the way this container is setup, Transmission running is dependent on the PIA tunnel being up and routable.

---

Prerequisites

I will be setting this up on Portainer utilizing Docker containers running on Ubuntu 22.04.1. Here are my setup guide for all of those pieces of software:

• Installing Ubuntu Server 22.04 LTS
• Things to do after installing Ubuntu Server
• Install and Configure Docker, Docker Compose, and Portainer on Ubuntu Server

If you would like to use a folder share for the download storage, you can follow this walk through on how to connect it to the server. I will use this mounted share for storage in my instructions.

• Automatically Mount a Windows Share on a Linux Server

---

Deployment

---
version: '3.8'
services:
    transmission-openvpn:
        image: haugene/transmission-openvpn:dev
        container_name: transmission-openvpn
        environment:
            - TRANSMISSION_WEB_UI=transmission-web-control
            - TRANSMISSION_RPC_AUTHENTICATION_REQUIRED=true
            - TRANSMISSION_RPC_USERNAME={transmission webui username}
            - TRANSMISSION_RPC_PASSWORD={transmission webui password}
            - TRANSMISSION_DOWNLOAD_DIR=/data
            - TRANSMISSION_INCOMPLETE_DIR=/data
            - OPENVPN_PROVIDER=PIA
            - OPENVPN_CONFIG=ca_vancouver
            - OPENVPN_USERNAME={PIA username}
            - OPENVPN_PASSWORD={PIA password}
            - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
            - LOCAL_NETWORK={local network IP subnet}
        volumes:
            - /mnt/torrent/:/data
        ports:
            - {port number}:9091
        cap_add:
            - NET_ADMIN
        logging:
            driver: json-file
            options:
                max-size: 10m
        restart: always

Stuff to change for your deployment:

• Version – This is be determined by the version of Docker you are running on your server. You can find this by entering the command “docker -v”. Here is a link to the Compatibility Matrix.
• Image – You can do “latest” and it will pull the current version. I prefer to look up the actual tag for the current version. This adds a little more management to updating however pinning it to a specific version adds reliability. Here is a link to the Container Tag page.
• TRANSMISSION_WEB_UI – This variable sets a different UI theme. Here is the list of all Alternative UI’s. You can use the one I list for, what I feel, is a much more complete management of the server or if you want a slimed down version, use “kettu”.
• TRANSMISSION_RPC_USERNAME – set this to the username you would like to use to login to the web user interface.
• TRANSMISSION_RPC_PASSWORD – set this to the password you would like to use to login to the web user interface.
• TRANSMISSION_DOWNLOAD_DIR & TRANSMISSION_INCOMPLETE_DIR – If you would like to create seperate folders to hold incomplete downloads vs. finished downloads, you can at them here. (ex. “/data/complete” and “/data/incomplete”).
• OPENVPN_CONFIG – this is you configure which PIA server you want to use as your exit node.
• OPENVPN_USERNAME – set this to the username given to you by Private Internet Access. You can find this on the website under your account information.
• OPENVPN_PASSWORD – set this to the password given to you by Private Internet Access. You can find this on the website under your account information.
• LOCAL_NETWORK – enter the subnet for your internal network. (ex. 192.168.1.0/24)
• Volumes – This mapped folder is where all the downloaded files will be stored. I mentioned in my prerequisits that I use folder share off a file server for storage. Follow that walk through to get that setup prior to deployment.
• Ports – You will want to update this to a port that works well inside your environment. It will be the port that you connect to the web interface of the container.
• Restart – You will want to set this to the way you want docker to handle the restarting of the container. Here is a link to the Restart Policies to choose from. I prefer “always” so if it crashes or the server restarts, it will automatically restart the container.

---

After Deployment

Open your web browser and navigate to “http://{server name or IP}:{port you configured in the stack}”. Login with the username and password you set in the stack for the web UI.

After you deploy the stack, there really isn’t much more configuration you need to do to use the server. The only other thing I personally do is change the total number of active downloads and put a limit on the download/upload speeds in the settings of the web UI.

You can check that traffic is in fact going over the VPN by accessing the Console of the container and executing this command:

curl http://ipinfo.io/ip

It should return an IP address that is different from your home external IP address.