Home Assistant addon : qbittorrent (supports openvpn & smb mounts)

Tags: #<Tag:0x00007fc3f0461c00> #<Tag:0x00007fc3f0461b38>

hi alexbelgium
I’m using your transsmission-NAS addon. Thanks for it. I have the config that you describe, but I receive Permission denied error. please advice. my config and logs are below
In transmision Web-ui I have correct disk size. From windows I have full access to //10.0.0.5/bigpen/

transsmission yaml:

PUID: 1000
PGID: 1000
download_dir: /mnt/bittorrent
incomplete_dir: /mnt/bittorrent/incomplete
networkdisks: //10.0.0.5/bigpen/bittorrent/
cifsusername: zzz
cifspassword: zzz
smbv1: false

transmission nas startup log:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing... 
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing... 
-------------------------------------
          _         ()
         | |  ___   _    __
         | | / __| | |  /  \ 
         | | \__ \ | | | () |
         |_| |___/ |_|  \__/
Brought to you by linuxserver.io
-------------------------------------
To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid:    1000
User gid:    1000
-------------------------------------
[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-config: executing... 
[cont-init.d] 20-config: exited 0.
[cont-init.d] 20-transmission-configuration.sh: executing... 
[cont-init.d] 20-transmission-configuration.sh: exited 0.
[cont-init.d] 50-mounts.sh: executing... 
[09:05:37] INFO: Mounting smb share(s)...
[09:05:41] INFO: ... //10.0.0.5/bigpen/bittorrent successfully mounted to /mnt/bittorrent
[cont-init.d] 50-mounts.sh: exited 0.
[cont-init.d] 99-custom-files: executing... 
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

error message after adding torrent file:

zzz.x265-AAAUHD tr_fdFileCheckout failed for “/mnt/bittorrent/incomplete/zzz.x265-AAAUHD/zzz.x265-AAAUHD.mkv.part”: Permission denied (/home/buildozer/aports/community/transmission/src/transmission-3.00/libtransmission/inout.c:95)

My samba-NAS config:

workgroup: WORKGROUP
username: zzz
password: zzz
interface: ‘’
allow_hosts:

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16
  • ‘fe80::/10’
    moredisks:
  • BIGPEN
    veto_files:
  • .DS_Store
  • Thumbs.db
  • icon?
  • .Trashes
    compatibility_mode: false
    autodiscovery: {}

My samba-NAS startup log

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] automount.sh: executing... 
[09:18:23] INFO: Protection Mode is false
[09:18:23] WARNING: MoreDisk option found!
[09:18:23] INFO: More Disks mounting.. BIGPEN
[09:18:23] INFO: Mount BIGPEN
[09:18:24] INFO: Success!
[cont-init.d] automount.sh: exited 0.
[cont-init.d] mqtt.sh: executing... 
[cont-init.d] mqtt.sh: exited 0.
[cont-init.d] samba.sh: executing... 
[09:18:27] INFO: Hostname: homeassistant
tdbsam_open: Converting version 0.0 database to version 4.0.
tdbsam_convert_backup: updated /var/lib/samba/private/passdb.tdb file.
Added user homeassistant.
[cont-init.d] samba.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[09:18:28] INFO: Starting the AVAHI daemon for homeassistant...
[09:18:28] INFO: Starting the MQTT daemon for disks info...
nmbd version 4.12.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2020
Waiting for daemon ...
daemon_ready: daemon 'nmbd' finished starting up and ready to serve connections
smbd version 4.12.9 started.
Copyright Andrew Tridgell and the Samba Team 1992-2020
INFO: Profiling support unavailable in this build.
daemon_ready: daemon 'smbd' finished starting up and ready to serve connections
[09:18:29] INFO: Sending MQTT autodiscovery...
*****
Samba name server HOMEASSISTANT is now a local master browser for workgroup WORKGROUP on subnet 172.30.32.1
*****
*****
Samba name server HOMEASSISTANT is now a local master browser for workgroup WORKGROUP on subnet 172.17.0.1
*****

Hi @trynqz, thanks for testing the addon!

Your config seems fine, and samba NAS works correctly.

The most probable root cause is that the incomplete folders didn’t exist in the requested path. Could you check? Thanks

/incomplete folder existed.

PUID: 0
PGID: 0

Did the trick. Now it is working. Thanks

1 Like

New feature : ingress addition

Starting from version *ls125-rev2, the addon supports ingress (with or without ssl) in addition to the current WebUI access ! Ingress is set to the VueTorrent view, however the customUI option still allows to select the UI that you want when accessing directly from the ip.

If it asks for a password in ingress just click OK the url is anyway whitelisted as it is local. You can however remove whitelisted url from the addon options if your prefer.

Please star the github repo if this is useful to you!

Thanks for your addon! If I try to mount a samba share, I get the following error:

[cont-init.d] 91-configuration.sh: exited 0.
[cont-init.d] 92-smb_mounts_v1.1: executing... 
[14:30:16] INFO: Mounting smb share(s)...
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
[14:30:17] ERROR: Unable to mount //10.0.0.100/Data/Data to /mnt/Data with username milenco, somepassword
[cont-init.d] 92-smb_mounts_v1.1: exited 0.

I believe this is because the addon isn’t running in unprivileged mode (Protection disabled), but I don’t have the option, as you can see here:

What should I do?

1 Like

Hi, thanks for testing the addon! I had removed the full access tag as it was normally not useful anymore with the new apparmor system…

Could you please try to check the box “smbv1” in the addon option and restart - by default the system tries to mount with smbv2.5

Also, could you please check that it is correctly capital letters for “Data”, that you really have two successive “Data” folders, and that there is no “weird” characters in your password that could mess with the code ?

Could you also check in supervisor log if there is more details?

If this doesn’t work, could you please try to mount if manually in the web terminal addon (that allows running both in priviledged, and in normal mode) with the commands :

mkdir /tmp 
mount -t cifs -o username=USERNAME,password=PASSWORD //10.0.0.100/Data/Data /tmp

This would allow to see if the issue with priviledge mode, or with something other.

And if you have a workgroup,

mount -t cifs -o username=USERNAME,password=PASSWORD,domain=WINDOWSDOMAIN //10.0.0.100/Data/Data /tmp

Thanks!

Thanks for taking time to look into this issue for me! As for the path, I’m pretty sure it’s spelled correctly. This is how it’s mounted on my Macbook:

[email protected] ~ % mount |grep 10.0.0.100
//[email protected]/Data on /Volumes/Data (smbfs, nodev, nosuid, mounted by m.mulder)
[email protected] ~ % ls -l /Volumes/Data/Data 
total 128
[..]
drwx------  1 m.mulder  staff  16384 15 apr 10:04 ~new

Mounting with the samba v1 option gives the same error:

[cont-init.d] 91-configuration.sh: exited 0.
[cont-init.d] 92-smb_mounts_v1.1: executing... 
[22:28:49] INFO: Mounting smb share(s)...
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
[22:28:50] ERROR: Unable to mount //10.0.0.100/Data to /mnt/Data with username milenco, somepassword
[cont-init.d] 92-smb_mounts_v1.1: exited 0.
[cont-init.d] 93-openvpn: executing... 

As for mounting it manually: It doesn’t work from within the addon (I have SSH access to the host and access it directly using docker), I still get a permission denied error. Mounting it on the host obviously works, but the vm doesn’t share the /tmp folder so I can’t get it accessed there.

See the logs:

[email protected]:~# docker exec -it  addon_db21ed7f_qbittorrent /bin/bash
[email protected]:/# mkdir /tmp/data
[email protected]:/# mount -t cifs -o username=milenco,password=somepassword //10.0.0.100/Data/Data /tmp/data
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
[email protected]:/# exit
[email protected]:~# mkdir /tmp/data
[email protected]:~# mount -t cifs -o username=milenco,password=somepassword //10.0.0.100/Data/Data /tmp/data
[email protected]:~# mount|grep 10.0.0.100
//10.0.0.100/Data/Data on /tmp/data type cifs (rw,relatime,vers=default,cache=strict,username=milenco,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
[email protected]:~# docker exec -it  addon_db21ed7f_qbittorrent /bin/bash
[email protected]:/# ls -alF /tmp/data/
total 8
drwxr-xr-x 2 root root 4096 Apr 22 22:30 ./
drwxrwxrwt 1 root root 4096 Apr 22 22:30 ../
[email protected]:/#

I could setup something like that but I rather have it working natively, since I’m currently using the qbittorrent docker container outside Home Assistant/supervisor. I would prefer your plugin to work natively so I can back it up using supervisor and play around with the build in VPN options, which also seems very nice.

Thanks again, hoping you can help!

Edit: I don’t see any supervisor logs for this addon when starting it, just the ‘Starting Docker add-on’-message.

1 Like

It appears VPN also needs the elevated permissions to function properly, I’m getting the following error now when trying to connect to my Private Internet Access account over OpenVPN:

Fri Apr 23 20:30:55 2021 WARNING: file '/etc/openvpn/credentials' is group or others accessible
Fri Apr 23 20:30:55 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep  5 2019
Fri Apr 23 20:30:55 2021 library versions: OpenSSL 1.1.1f  31 Mar 2020, LZO 2.10
Fri Apr 23 20:30:55 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Apr 23 20:30:55 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]212.102.35.92:1198
Fri Apr 23 20:30:55 2021 UDP link local: (not bound)
Fri Apr 23 20:30:55 2021 UDP link remote: [AF_INET]212.102.35.92:1198
Fri Apr 23 20:30:55 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Apr 23 20:30:55 2021 [amsterdam402] Peer Connection Initiated with [AF_INET]212.102.35.92:1198
Fri Apr 23 20:30:57 2021 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
Fri Apr 23 20:30:57 2021 OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3
Fri Apr 23 20:30:57 2021 ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)
Fri Apr 23 20:30:57 2021 Exiting due to fatal error

Initially it wouldn’t start because was complaining about missing (and non-executable) up.sh and down.sh, but after creating these in the container I got the above error.

1 Like

Hi @Milenco, thanks for the very detailed info! I didn’t have time to look at it today but had a few minutes now.

  1. Regarding openvpn

EDIT : working - I tested it with a free openvpn config
To allow it to function, you need to write the name of the openvpn config file in the option (I guess that’s what you did) and the addon will look for this file in “/config/openvpn/YOURFILE.ovpn”.

I created a -dev2 version :

  • added +x to the up.sh file (error that you mentioned - the up.sh is generated if the 93-openvpn script executed correctly during launch)
  • added info / error messages in the 93-openvpn script to write in the log if it executed ok or couldn’t find the config file
  • added apparmor/config options to configure the tun device and allow openvpn to work
  1. Regarding smb failure

I need to investigate further as I don’t use this config. I see two possible ways for you :

  • either you mount the smb share on your host machine in the homeassistant /share or /media folders (I have mounted them both in the addon)
  • or you accept to spend a bit more time troubleshooting it using ssh. The good news is that as you have the same error code with ssh, we can use it to troubleshoot what is happening. I’ve looked a bit on internet and found many people having issues mounting smb shares from a mac.
    – First thing : is your UID/GID set to 0/0 in the addon options? as I see that when mounting on host it appears in the cifs options and I suppose you are root on your mac
    – Second thing : thanks very much for the info on successful mount on the host. Could you try to mount it using the same values, and some variations. And if it works, remove argument per argument until it fails… I’m sorry but this seems the quickest way to troubleshoot… As it could either be an issue with the version of smb, or a permission issue. The first one is the least useful as “default” could hide a lot of smb values… A faster way of find the smb version would be with “smbutil statshares -a
# test full
mount -v -t cifs -o rw,relatime,vers=default,cache=strict,username=milenco,password=PASSWORD,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.0.0.100/Data/Data /tmp/data
# test smbv1
mount -v -t cifs -o rw,relatime,vers=1.0,cache=strict,username=milenco,password=PASSWORD,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.0.0.100/Data/Data /tmp/data
#test smbv3
mount -v -t cifs -o rw,relatime,vers=3.0,cache=strict,username=milenco,password=PASSWORD,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.0.0.100/Data/Data /tmp/data
# test security
mount -v -t cifs -o username=milenco,password=PASSWORD,sec=ntlmv2 //10.0.0.100/Data/Data /tmp/data
# test domain
mount -v -t cifs -o username=milenco,password=PASSWORD,domain=YOURDOMAIN //10.0.0.100/Data/Data /tmp/data

@Milenco

New feature as of version -ls128

Optional openvpn support
You need to add your ovpn config file in the folder /config/openvpn/, then modify 4 addon options. Openvpn creates a Tun network interface. The script configures qbittorrent to use Tun as interface instead as the default (like eth0). Debug messages in the addon log should show if there is an issue with OpenVPN initialization (such as ovpn config file not found)

openvpn_enabled: true/false # openvpn required to start qbittorrent
openvpn_config: For example "config.ovpn" # name of the file located in /config/openvpn. 
openvpn_username: USERNAME
openvpn_password: YOURPASSWORD

Automatic smb version selection
Smbv1 flag depreciated. The script will try all smb versions automatically until it succeeds, then write the correct version in the addon log.
A new option allows to set a cifs domain if needed.

1 Like

Thanks again for your help! I’ve tried your new version and good news, the VPN from Private Internet Access is now working! I had to change the config filename from “pia” to “pia.ovpn” but then it worked.

As for SMB: I have a external drive connected to my Home Assistant host, which is mounted to /mnt/data (and therefor inaccessible by addons). I could mount the drive to /usr/share/hassio/media instead and have it available for all addons but I rather keep it seperated and manually mount it via Samba for those addons that need it (and this is the only one so far).

I’ve tried your different approaches for mounting and this is my full log now:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing... 
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing... 
-------------------------------------
          _         ()
         | |  ___   _    __
         | | / __| | |  /  \
         | | \__ \ | | | () |
         |_| |___/ |_|  \__/
Brought to you by linuxserver.io
-------------------------------------
To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------
User uid:    0
User gid:    0
-------------------------------------
[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing... 
chown: cannot access '/config/data/qBittorrent': No such file or directory
[cont-init.d] 30-config: exited 0.
[cont-init.d] 30-nginx.sh: executing... 
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0
  0     0    0     0    0     0      0      0 --:--:--  0:00:02 --:--:--     0
100   622  100   622    0     0    280      0  0:00:02  0:00:02 --:--:--   280

 43 3321k   43 1444k    0     0   459k      0  0:00:07  0:00:03  0:00:04  459k
100 3321k  100 3321k    0     0   918k      0  0:00:03  0:00:03 --:--:-- 3994k
[cont-init.d] 30-nginx.sh: exited 0.
[cont-init.d] 91-configuration.sh: executing... 
[10:16:33] INFO: Downloads can be found in /mnt/Data
[10:16:33] INFO: Whitelisted subsets will not require a password : localhost,127.0.0.1,172.30.0.0/16,10.0.0.0/16
[10:16:33] INFO: WEBUI username set to admin
[10:16:33] INFO: Default username/password : admin/adminadmin
[10:16:33] INFO: Configuration can be found in /config/qBittorrent
[cont-init.d] 91-configuration.sh: exited 0.
[cont-init.d] 92-smb_mounts_v1.2.sh: executing... 
[10:16:34] INFO: Mounting smb share(s)...
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)
/var/run/s6/etc/cont-init.d/92-smb_mounts_v1.2.sh: line 70: bashio::log.critical: command not found
[cont-init.d] 92-smb_mounts_v1.2.sh: exited 127.
[cont-init.d] 93-openvpn.sh: executing... 
[10:16:34] INFO: Configuring openvpn
[10:16:34] INFO: openvpn correctly set, please modify manually qbittorrent options to select it
sed: -e expression #1, char 66: unknown option to `s'
[cont-init.d] 93-openvpn.sh: exited 1.
[cont-init.d] 99-custom-scripts: executing... 
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-scripts: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Mon Apr 26 10:16:34 2021 WARNING: file '/etc/openvpn/credentials' is group or others accessible
Mon Apr 26 10:16:34 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep  5 2019
Mon Apr 26 10:16:34 2021 library versions: OpenSSL 1.1.1f  31 Mar 2020, LZO 2.10
Mon Apr 26 10:16:34 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Apr 26 10:16:36 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]143.244.41.31:1198
Mon Apr 26 10:16:36 2021 UDP link local: (not bound)
Mon Apr 26 10:16:36 2021 UDP link remote: [AF_INET]143.244.41.31:1198
Mon Apr 26 10:16:36 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Apr 26 10:16:37 2021 [amsterdam420] Peer Connection Initiated with [AF_INET]143.244.41.31:1198
Mon Apr 26 10:16:38 2021 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
Mon Apr 26 10:16:38 2021 OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3
Mon Apr 26 10:16:38 2021 TUN/TAP device tun0 opened
Mon Apr 26 10:16:38 2021 /sbin/ip link set dev tun0 up mtu 1500
Mon Apr 26 10:16:38 2021 /sbin/ip addr add dev tun0 10.30.112.76/24 broadcast 10.30.112.255
Mon Apr 26 10:16:38 2021 /etc/openvpn/up.sh tun0 1500 1553 10.30.112.76 255.255.255.0 init
[10:16:38] INFO: Starting NGinx...

Notice the warning about ‘/etc/openvpn/credentials’ and the ‘sed’ expression that failed about OpenVPN. It still works though. This is the config I use: https://www.privateinternetaccess.com/openvpn/openvpn.zip (I use the Netherlands config).

I believe Samba not mounting is a security measure from Docker which can only be properly circumvented by running the container in privileged mode. I tried to mount the several commands directly from the host (so not in the container), and they all ran succesfully:

[email protected]:/tmp# # test full
[email protected]:/tmp# umount /tmp/data
[email protected]:/tmp# mount -v -t cifs -o rw,relatime,vers=default,cache=strict,username=milenco,password=somepassword,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.0.0.100/Data/Data /tmp/data
mount: //10.0.0.100/Data/Data mounted on /tmp/data.
[email protected]:/tmp# mount|grep /tmp/data|grep 10.0.0.100
//10.0.0.100/Data/Data on /tmp/data type cifs (rw,relatime,vers=default,cache=strict,username=milenco,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
[email protected]:/tmp# # test smbv1
[email protected]:/tmp# umount /tmp/data
[email protected]:/tmp# mount -v -t cifs -o rw,relatime,vers=1.0,cache=strict,username=milenco,password=somepassword,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.0.0.100/Data/Data /tmp/data
mount: //10.0.0.100/Data/Data mounted on /tmp/data.
[email protected]:/tmp# mount|grep /tmp/data|grep 10.0.0.100
//10.0.0.100/Data/Data on /tmp/data type cifs (rw,relatime,vers=1.0,cache=strict,username=milenco,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=131007,echo_interval=60,actimeo=1)
[email protected]:/tmp# #test smbv3
[email protected]:/tmp# umount /tmp/data
[email protected]:/tmp# mount -v -t cifs -o rw,relatime,vers=3.0,cache=strict,username=milenco,password=somepassword,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1 //10.0.0.100/Data/Data /tmp/data
mount: //10.0.0.100/Data/Data mounted on /tmp/data.
[email protected]:/tmp# mount|grep /tmp/data|grep 10.0.0.100
//10.0.0.100/Data/Data on /tmp/data type cifs (rw,relatime,vers=3.0,cache=strict,username=milenco,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
[email protected]:/tmp# # test security
[email protected]:/tmp# umount /tmp/data
[email protected]:/tmp# mount -v -t cifs -o username=milenco,password=somepassword,sec=ntlmv2 //10.0.0.100/Data/Data /tmp/data
mount: //10.0.0.100/Data/Data mounted on /tmp/data.
[email protected]:/tmp# mount|grep /tmp/data|grep 10.0.0.100
//10.0.0.100/Data/Data on /tmp/data type cifs (rw,relatime,vers=default,sec=ntlmv2,cache=strict,username=milenco,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
[email protected]:/tmp# # test domain
[email protected]:/tmp# umount /tmp/data
[email protected]:/tmp# mount -v -t cifs -o username=milenco,password=somepassword,domain=WORKGROUP //10.0.0.100/Data/Data /tmp/data
mount: //10.0.0.100/Data/Data mounted on /tmp/data.
[email protected]:/tmp# mount|grep /tmp/data|grep 10.0.0.100
//10.0.0.100/Data/Data on /tmp/data type cifs (rw,relatime,vers=default,cache=strict,username=milenco,domain=WORKGROUP,uid=0,noforceuid,gid=0,noforcegid,addr=10.0.0.100,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=1048576,wsize=1048576,echo_interval=60,actimeo=1)
1 Like

New feature : openvpn addition

Starting from version *ls129-ov2, the addon supports optional OpenVPN - and this time it works!
Thanks very much to @Milenco for helping troubleshoot and allowing local webUI in tunnelled mode!

To enable it, you need to add your ovpn config file in the folder /config/openvpn/, then modify the 4 addon options below.

openvpn_enabled: true/false # openvpn required to start qbittorrent
openvpn_config: For example “config.ovpn” # name of the file located in /config/openvpn.
openvpn_username: USERNAME
openvpn_password: YOURPASSWORD

1 Like

We (@alexbelgium annd myself) did some troubleshooting together to get both VPN and Samba working properly. VPN now seems to work properly (at least, using Private Internet Access). We had to add some route manually to private networks, so we can still access the WebUI outside of Home Assistant (otherwise it would only work in the sidepanel).

We are still having troubles mounting Samba drives. It could be my setup (I’m using supervised Home Assistant) that gives the permission denied errors, but it could be something with the addon as well. Are there other persons using this addon with Samba without issues? I got it fixed myself by mounting my USB to another folder so the addon has access through HA’s share-folder, but I’d still like to have the issue resolved for others. At least, if there are people with issues using Samba together with this addon…

Many thanks for @alexbelgium for building this addon :+1:

1 Like

New feature : custom DNS setting

Starting from version *ls132, the addon supports optional setting of specific DNS. By default, they are set to 8.8.8.8 (google) and 1.1.1.1 (cloudflare).
Why : The objective is to avoid using the router’s default DNS in case you have enabled a DNS ad-blocker like adguard home or pihole. Although the DNS is only used for the initial connection and not during downloads, I noticed that the high levels of connection increased by 3x the adguard home response time (+ cpu usage).
How : to enable it, don’t change anything (it is by default). If you want to use your own custom DNS, just add the IP address in the option box, separated by commas. If you still want to use the router’s default DNS, just keep it blank.

“DNS_server”: “8.8.8.8,1.1.1.1” # Keep blank to use router’s DNS, or set custom DNS to avoid spamming in case of local DNS ad-remover

Updated feature : smb mount

A script was established with @Milenco (thanks very much!) that tests iteratively until it works many common options for mounting of smb shares (different smb & security protocols, forcing ID…). This should allow eaiser mounting for most people.

1 Like

Just a little problem: I’ve installed Portainer and found that I’ve a LOT of version of Qbittorrent addons images, taking up a lot of space on my SD card. It seems that when upgrading, they’re not uninstalled/Deleted .

1 Like

Thanks, I had the same… 30go of unused images from various addons… However I believe this is an HA issue I’m not sure what can be done from the addon side. The issue is that it is updated very frequently as it is kept aligned with the upstream images and that HA seems to keep a lot of residual images.

The solution is to run “docker image prune - a - f” in the Web terminal addon to remove all those unused images… It is an issue that seems to exist since 2017 Unused containers/images not deleted by hass.io, and regularly highlighted like here a few weeks ago… No space :( - #19 by alexbelgium

If someone has a solution I would be very happy to implement it!

2 Likes

Hey Alex

After enabled OpenVPN at qbittorrent, i cant access WebUI outside of my local network, only inside with IP:PORT . If i disable openvpn i have access at WebUI inside and outside at my local network
And, im not changing any port mapping that i have in my router…!

I received this error at internet browser:
“ERR_TUNNEL_CONNECTION_FAILED”

Can you help me with this? Thank you!

Hi Wilson,

I would need some additional info to help troubleshoot.

The normal behavior is that webUI is only available from within the local network through HA_IP:ADDONPORT/ (as the port is normally not exposed by the router, unless you specify it specifically), but Ingress is available both from internal and external network (in the HA app).

  • Which one is impacted by openVPN addition, the Ingress one ?
  • Could you please provide any messages in your addon log when the issue occur ? (connection failures issues should appear)
  • Have you tried with/without ssl ?
  • Does this occur with all devices / browsers ? I know that some browsers can cause specific issues (microsoft edge prevents ingress working on my computer for some reason, other browsers work)

Thanks

Ok, i will show you with more information:

i have in my router a PORT FORWARDING redirect external port 8081 to local IP_of_HA:8081
in my config yaml i have this (i’ve tried with and without ssl):

  1. when i have OpenVPN Disabled:
  • i can access localy, at browser with IP:8081 or at Ingress HA.
  • and remotly with myddns:8081
  1. when i have OpenVPN Enabled
  • i can acCess localy, at browser with IP:8081 or at Ingress HA.
  • but, I CANT ACCESS remotly with myddns:8081 and i receive an error at browser tell me this: " ERR_TUNNEL_CONNECTION_FAILED

In log, i cant find an error to explain this, but i think is related with tuneling, because i dont have this problem without VPN in last months.

LOG WITHOUT VPN:

LOG WITH VPN:

I hope this additional information can help to troubleshooting.
Thks

1 Like

Actually this is normal behavior… When we implemented openvpn with Milenco, we had to route specific IP to allow bypassing VPN to connect to the webUI. We routed most universally used local networks, but it is not possible to route all external IP…

I see three possibilities here :

  • either using Ingress to access the webUI from external networks (meaning that only the 8123 HA port is exposed, and that qBittorrent is managed from the HA app)
  • that I add an option in the addon so that we can specify some external IP that can access the webUI and bypass the VPN
  • or that I rewrite the VPN to only tunnel qbittorrent and not the webUI. This is not a preferred option as people have reported (like here)that it throttles qbittorrent speeds and decreases torrenting stability…