From b4422d381d0b6836c39d19e7dab657eb21909921 Mon Sep 17 00:00:00 2001
From: Mike Wilson <contact@mjwilson.org>
Date: Thu, 16 Feb 2023 16:57:29 -0500
Subject: [PATCH] Set up port forwarding with gluetun and qBittorrent

---
 ansible/main.yml                                     |  1 +
 ansible/roles/docker-compose/tasks/main.yml          |  4 ----
 ansible/roles/gluetun/templates/docker-compose.yml   |  5 +++--
 ansible/roles/gluetun/vars/main.yml                  | 12 ++++++------
 .../roles/qbittorrent/templates/docker-compose.yml   |  5 +++--
 ansible/roles/traefik/tasks/main.yml                 |  8 ++++++++
 6 files changed, 21 insertions(+), 14 deletions(-)

diff --git a/ansible/main.yml b/ansible/main.yml
index 4fd4028..a28e986 100644
--- a/ansible/main.yml
+++ b/ansible/main.yml
@@ -6,6 +6,7 @@
   roles:
     - pve-docker
     - docker-compose
+    - gluetun
     - traefik
     - prowlarr
     - sonarr
diff --git a/ansible/roles/docker-compose/tasks/main.yml b/ansible/roles/docker-compose/tasks/main.yml
index 1c2b194..972c513 100644
--- a/ansible/roles/docker-compose/tasks/main.yml
+++ b/ansible/roles/docker-compose/tasks/main.yml
@@ -23,7 +23,3 @@
     name: docker-compose
     state: present
   become: true
-
-- name: Create Traefik docker network
-  community.docker.docker_network:
-    name: traefik
diff --git a/ansible/roles/gluetun/templates/docker-compose.yml b/ansible/roles/gluetun/templates/docker-compose.yml
index 7912dff..f555cc8 100644
--- a/ansible/roles/gluetun/templates/docker-compose.yml
+++ b/ansible/roles/gluetun/templates/docker-compose.yml
@@ -21,8 +21,9 @@ services:
       VPN_TYPE: wireguard
       VPN_SERVICE_PROVIDER: mullvad
       WIREGUARD_PRIVATE_KEY: "{{ wireguard_private_key }}"
-      WIREGUARD_ADDRESSES: 10.65.71.171/32
-      SERVER_CITIES: Ashburn VA
+      WIREGUARD_ADDRESSES: "10.65.208.63/32"
+      FIREWALL_VPN_INPUT_PORTS: 61383
+      SERVER_CITIES: "Chicago IL"
       DOT: "off"
       DNS_ADRESS: 10.64.0.1
       TZ: "{{ timezone }}"
diff --git a/ansible/roles/gluetun/vars/main.yml b/ansible/roles/gluetun/vars/main.yml
index ff6fdf9..76fc10b 100644
--- a/ansible/roles/gluetun/vars/main.yml
+++ b/ansible/roles/gluetun/vars/main.yml
@@ -1,8 +1,8 @@
 wireguard_private_key: !vault |
   $ANSIBLE_VAULT;1.1;AES256
-  62616131323464616463333937343464626530313632376239316433666139383333653561363761
-  3738643265356437636233326364373832353263653961380a646362353962383939626430383831
-  37333138616635643961303164356137653461333964386163306237323031656164656430373138
-  3964636266646266390a336133633931336662663831643134303935363730616365373139613631
-  64306332313632303935633661313137663366353130656437343336383136623335613961373033
-  3031646661323438333261353634623863616330306365663133
+  65383135373732636133653063333264383865326430333138616332623265323439626461343334
+  6234313462303563623861386234626237633436306233330a633334366166323166666661623039
+  63323935383961663266393038636333633134643263633939653537663232643137653566343630
+  6664613634356336320a626561313062393862353535653864306233353033613065323963613664
+  66646333313761633230366466663636376566616338663866623463643339356466616166616635
+  3164626266653965343230613764303564653061313262656334
diff --git a/ansible/roles/qbittorrent/templates/docker-compose.yml b/ansible/roles/qbittorrent/templates/docker-compose.yml
index 8bc94d0..dd65517 100644
--- a/ansible/roles/qbittorrent/templates/docker-compose.yml
+++ b/ansible/roles/qbittorrent/templates/docker-compose.yml
@@ -9,12 +9,12 @@ services:
     container_name: "{{ role_name }}"
     image: lscr.io/linuxserver/qbittorrent:libtorrentv1
     restart: unless-stopped
-    networks:
-      - traefik
+    network_mode: "container:gluetun"
     environment:
       - "PUID={{ service_user.uid }}"
       - "PGID={{ media_gid }}"
       - "TZ={{ timezone }}"
+      - DOCKER_MODS=arafatamim/linuxserver-io-mod-vuetorrent
     volumes:
       - "{{ data_dir }}/{{ role_name }}:/config"
       - "{{ media_storage_mnt }}/data/torrents:/downloads"
@@ -22,3 +22,4 @@ services:
       traefik.enable: true
       traefik.http.routers.{{ role_name }}.rule: "Host(`{{ role_name }}.local.{{ personal_domain }}`)"
       traefik.http.routers.{{ role_name }}.middlewares: lan-whitelist@file
+      traefik.http.services.qbittorrent.loadbalancer.server.port: 8080
diff --git a/ansible/roles/traefik/tasks/main.yml b/ansible/roles/traefik/tasks/main.yml
index a8d81e3..08b84aa 100644
--- a/ansible/roles/traefik/tasks/main.yml
+++ b/ansible/roles/traefik/tasks/main.yml
@@ -19,6 +19,14 @@
     validate: docker-compose -f %s config
   become: true
 
+- name: Create config directory
+  file:
+    path: "{{ data_dir }}/traefik"
+    state: directory
+    owner: "{{ docker_user }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
 - name: Install config
   template:
     src: traefik.yml