• NewOldGuard [he/him, comrade/them]@hexbear.net
    link
    fedilink
    English
    arrow-up
    5
    ·
    9 hours ago

    Qbittorrent with gluetun routing traffic to Mullvad. Content added to qb via the *arr suite. All downloads go to my ZFS pool on the same server, then I use Jellyfin for viewing media and syncthing to move books to my tablet. All the services are running in docker containers on a fedora server host, which I’ve hardened for security. I don’t expose anything to the network, all access is through tailscale

    • Xianshi
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      5 hours ago

      Similar except for a few minor details. I have jackett in the stack too. I have wireguard instead of tailscale. Debian on the host. No zfs, just a bunch of disks. The whole torrent stack is on the vpn so metadata requests don’t go out via my ip. I limit the vpn countries to non 14 eyes countries. I change the vpn country every time the vpn container comes up. I use vuetorrent as the qbittorrent webui.

    • LunchMoneyThief@links.hackliberty.orgOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 hours ago

      I meant to, but was rudely interrupted by a skeleton swordsman this morning.

      My client is configured to reject all non-encrypted peer connections. It sacrifices some potential seeds but is worth the added defense in depth if ever my VPN fails catastrophically. Openvpn client to an obscure VPN service. All media gets passed through clamAV before being accessed.

      While on the hunt for treasure, my browser is configured to send DNS traffic over Tor. All web pages only get to load HTML and images, and they (torrent sites) remain perfectly functional without anything else. DDG search with the old tricks ‘1080p’, ‘full’, ‘HEVC’, ‘x264/x265’, ‘ep0_/se0_’, ‘.mkv’ and so on.

      I rotate my treasure chests between ships.