-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
199 lines (164 loc) · 8.19 KB
/
.env.example
File metadata and controls
199 lines (164 loc) · 8.19 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
# ============================================================================
# TORRENT VPN STACK CONFIGURATION
# ============================================================================
# Copy this file to .env and fill in your values
# DO NOT commit .env to version control (it contains secrets)
# ============================================================================
# ----------------------------------------------------------------------------
# VPN PROVIDER CONFIGURATION
# ----------------------------------------------------------------------------
# REQUIRED: Choose your VPN provider
# Supported providers: https://github.com/qdm12/gluetun-wiki/tree/main/setup/providers
# Common options: mullvad, nordvpn, protonvpn, surfshark, expressvpn, privateinternetaccess, etc.
# For custom/unsupported providers: use "custom" (see examples/providers/custom.env.example)
VPN_SERVICE_PROVIDER=mullvad
# REQUIRED: VPN Protocol (wireguard recommended for speed and modern encryption)
VPN_TYPE=wireguard
# ----------------------------------------------------------------------------
# WIREGUARD CONFIGURATION (if VPN_TYPE=wireguard)
# ----------------------------------------------------------------------------
# REQUIRED: Get these from your VPN provider's configuration generator
# For Mullvad: https://mullvad.net/en/account/wireguard-config
# For ProtonVPN: Account → Downloads → WireGuard configuration
# For NordVPN: Get from NordVPN dashboard (manual setup)
# REQUIRED: Your WireGuard private key
WIREGUARD_PRIVATE_KEY=your_private_key_here
# REQUIRED: Your WireGuard IP address (usually IPv4/32, e.g., 10.2.0.2/32)
WIREGUARD_ADDRESSES=10.2.0.2/32
# Optional: Public key of the VPN server (leave empty to auto-detect)
WIREGUARD_PUBLIC_KEY=
# Optional: Preshared key (if your provider requires it)
WIREGUARD_PRESHARED_KEY=
# Optional: Specific VPN server endpoint IP
# NOTE: Leave empty for built-in providers (auto-detected)
# Required for VPN_SERVICE_PROVIDER=custom
WIREGUARD_ENDPOINT_IP=
# Optional: WireGuard endpoint port
# NOTE: Leave empty for built-in providers (auto-detected)
# Required for VPN_SERVICE_PROVIDER=custom (usually 51820)
WIREGUARD_ENDPOINT_PORT=
# ----------------------------------------------------------------------------
# OPENVPN CONFIGURATION (if VPN_TYPE=openvpn)
# ----------------------------------------------------------------------------
# REQUIRED (for OpenVPN): Your VPN username
OPENVPN_USER=
# REQUIRED (for OpenVPN): Your VPN password
OPENVPN_PASSWORD=
# ----------------------------------------------------------------------------
# VPN SERVER SELECTION
# ----------------------------------------------------------------------------
# Optional: Choose specific server location(s)
# Leave empty to use provider defaults
# Examples:
# SERVER_COUNTRIES=Netherlands,Sweden
# SERVER_CITIES=Amsterdam,Stockholm
# SERVER_HOSTNAMES=nl1-wireguard,se3-wireguard
SERVER_COUNTRIES=
SERVER_CITIES=
SERVER_HOSTNAMES=
# ----------------------------------------------------------------------------
# PORT FORWARDING (Advanced)
# ----------------------------------------------------------------------------
# Enable if your VPN provider supports port forwarding
# Supported providers: https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/vpn-port-forwarding.md
# Note: Not all providers support this (ProtonVPN, PIA support it; Mullvad discontinued July 2023)
VPN_PORT_FORWARDING=off
# Port forwarding provider-specific settings
# For most providers, leave empty to auto-detect
# For ProtonVPN: set to 'protonvpn'
VPN_PORT_FORWARDING_PROVIDER=
# Port sync interval in seconds (how often to check for port changes)
# Default: 300 seconds (5 minutes)
# Lower values = more frequent checks, higher CPU usage
PORT_SYNC_INTERVAL=300
# ----------------------------------------------------------------------------
# QBITTORRENT CONFIGURATION
# ----------------------------------------------------------------------------
# Web UI port (accessible at http://localhost:QBITTORRENT_WEBUI_PORT)
QBITTORRENT_WEBUI_PORT=8080
# Default qBittorrent username (can be changed in Web UI)
QBITTORRENT_USER=admin
# IMPORTANT: Set a strong password for Web UI access
# Default password is "adminadmin" - CHANGE THIS!
QBITTORRENT_PASS=your_strong_password_here
# Torrent connection port (TCP/UDP)
# This will be automatically synced if VPN port forwarding is enabled
QBITTORRENT_PORT=6881
# ----------------------------------------------------------------------------
# FILE SYSTEM CONFIGURATION
# ----------------------------------------------------------------------------
# REQUIRED: Local path for downloads (will be created if doesn't exist)
# IMPORTANT: Use absolute paths - tilde (~) expansion may fail in Docker!
# Examples:
# macOS: /Users/yourusername/Downloads/torrents
# Linux: /home/yourusername/Downloads/torrents
# Windows: C:/Users/yourusername/Downloads/torrents
DOWNLOADS_PATH=/Users/yourusername/Downloads/torrents
# User ID and Group ID for file permissions
# Run `id -u` and `id -g` on your Mac to get these values
# Default: 1000 (common on Linux, may differ on macOS)
PUID=1000
PGID=1000
# ----------------------------------------------------------------------------
# NETWORK CONFIGURATION
# ----------------------------------------------------------------------------
# REQUIRED: Your local network subnet for LAN access
# Find this with: ipconfig getifaddr en0 (macOS) or ip route (Linux)
# Common values:
# 192.168.1.0/24 (most home routers)
# 192.168.0.0/24
# 10.0.0.0/24 (some routers)
LOCAL_SUBNET=192.168.1.0/24
# Gluetun control server port (for health checks and port info)
GLUETUN_CONTROL_PORT=8000
# ----------------------------------------------------------------------------
# MONITORING (Optional)
# ----------------------------------------------------------------------------
# Enable monitoring stack with: docker compose --profile monitoring up -d
# Provides Prometheus metrics collection and Grafana dashboards
# Grafana web UI credentials
# IMPORTANT: Change default password for production use
GRAFANA_ADMIN_USER=admin
GRAFANA_ADMIN_PASSWORD=admin
# Monitoring service ports
PROMETHEUS_PORT=9090 # Prometheus web UI
GRAFANA_PORT=3000 # Grafana web UI
CADVISOR_PORT=8081 # cAdvisor metrics (container resource monitoring)
# ----------------------------------------------------------------------------
# BACKUP CONFIGURATION (Optional)
# ----------------------------------------------------------------------------
# Automated backups protect your configuration from data loss
# See docs/backups.md for complete guide
# Backup directory (where backup archives are stored)
BACKUP_DIR=~/backups/torrent-vpn-stack
# Backup retention (number of days to keep old backups)
BACKUP_RETENTION_DAYS=7
# Volumes to backup (comma-separated: qbittorrent,gluetun,prometheus,grafana)
# Recommended: qbittorrent,gluetun (monitoring data can be excluded to save space)
BACKUP_VOLUMES=qbittorrent,gluetun
# Backup scheduling (for macOS launchd automation)
# Hour in 24-hour format (0-23). Default: 3 for 3 AM
BACKUP_SCHEDULE_HOUR=3
# ----------------------------------------------------------------------------
# SYSTEM CONFIGURATION
# ----------------------------------------------------------------------------
# Timezone (affects log timestamps and schedules)
# Find yours: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=America/Los_Angeles
# Logging level (debug, info, warning, error)
# Use 'debug' for troubleshooting, 'info' for normal operation
LOG_LEVEL=info
# ============================================================================
# SETUP INSTRUCTIONS
# ============================================================================
# 1. Copy this file: cp .env.example .env
# 2. Edit .env with your VPN credentials and preferences
# 3. Get VPN credentials from your provider's dashboard
# 4. Set DOWNLOADS_PATH to where you want files saved
# 5. Find your LOCAL_SUBNET: ip route | grep default (Linux) or netstat -nr | grep default (macOS)
# 6. Run: docker-compose up -d
# 7. Access qBittorrent at http://localhost:8080 (or your QBITTORRENT_WEBUI_PORT)
# 8. Run verification: ./scripts/verify-vpn.sh
#
# For detailed setup, see README.md
# ============================================================================