I’ve started setting up my media server and was wondering if I should put my docker containers with sonarr and radarr behind my VPN the same as my qbit?

  • retro@infosec.pub
    link
    fedilink
    English
    arrow-up
    19
    ·
    6 months ago

    You can but you don’t need to. All they really do is organise everything. Any requests go through Prowlarr/Jackett which do the API calls then push that to qBit. One could argue you should put Prowlarr behind a VPN as well but it depends on the trackers you have in there.

  • AnAnonymous@lemm.ee
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    7
    ·
    6 months ago

    Why not running behind a VPN 24/7? And swapping server every 2-3 days? Don’t take your OpSec easy…

    When it is about OpSec you should act like a Schizo-Paranoid.

    • borari@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      6
      ·
      6 months ago

      Bro they’re grabbing links from trackers, not even downloading any copyrighted material. They’re not buying mdma on alphabay.

      • CTDummy@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        6 months ago

        Are your arrs buying amphetamines online again? Detox your homelab with these six easy steps.

      • Random Dent@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Yeah I just leave Mullvad on 24/7, and set QBittorrent to only download through the VPN connection and just leave it at that.

      • AnAnonymous@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        2
        ·
        6 months ago

        I prefer to do it in Schizo-Paranoid mode. just for my own security…

        • borari@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          I mean you do you, but there’s always a trade off with these types of things (usually security at the expense of usability), so most people would be better served by taking stock of their activities, the risk caused by those activities, then mitigating that risk to an acceptable level. If acceptable to you is cruising around to mcdonald’s parking lots so you can bounce off their wifi like you’re taking the risk of ordering weight more power to you, but just know that from a risk mitigation perspective you’re implementing controls way out of line with the actual risk. Probably, depending on your local laws etc idk i’m not you.

        • myersguy@lemmy.simpl.website
          link
          fedilink
          English
          arrow-up
          10
          ·
          6 months ago

          That was a rephrasing of the statement, not an answer to the question. He’s asking why it matters. What is the “good measure”?

      • AnAnonymous@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        6 months ago

        It change your public IP, so when you swap server the services you use will see another IP from you, if you swap server constantly supposing someone it’s trying to find out where you are they will have a list of different places and it will make it harder to know where you really are so they will desist using the IP method.

        There is a variety of measures you have to take to be secure, swapping servers it’s just one of them.

    • ExcessShiv@lemmy.dbzer0.comOP
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      6 months ago

      I’m having some difficulties getting both sonarr and radarr working simultaneously behind my VPN because they default to the same port. I’m not very well versed in docker, so I don’t know how to fix the port issue behind the VPN, but I can fix it if they’re just separate from the VPN.

      • ddh@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        6 months ago

        Radarr defaults to 7878 and Sonarr to 8989, no? Are you trying to remotely access them through the VPN?

        • ExcessShiv@lemmy.dbzer0.comOP
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          6 months ago

          I thought so, but I get an error that the port is already used when in try to start sonarr after radarr. I’m only trying to reach them from my local network.

        • ExcessShiv@lemmy.dbzer0.comOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          6 months ago

          i get this error

          it works perfectly fine with the same user and setup as long as i’m not putting it beheind my VPN. I have no other instances of sonarr running.

  • zedricxks@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 months ago

    i have them all connected to my gluetun vpn. prowlar sonarr radar qbit deluge everything under the vpn. maybe overkill but prefer it for the safety even if it adds some latency to them

  • Murkhat@feddit.de
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    6 months ago

    I trust sonarr and radarr to disable telemetry via the options, so I don’t think you have any benefits from putting them behind VPN. All download clients ofc make sense

  • loppwn@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 months ago

    i put mine behind free-proton-vpn via privoxy-vpn… in case my usenet indexers got busted, you never know… its free and costs you only a bit time to set up