بسم الله الرحمن الرحيم
Abstract
Tutorial on how to setup and configure a Bit Torrent Transmission Client in an iocage jail on FreeNAS 11.1.
Assumptions and Prerequisites
- OS: FreeNAS 11.1-U6
- FreeNAS Host: fn
- FreeNAS Network Interface: igb0
- FreeNAS IP: 10.0.0.2
- FreeNAS Subnet Mask: 24
- Jail Container: iocage
- iocage Version: 1.0 Alpha
- Jail Release: 11.1-RELEASE
- Jail Name: transmission
- Jail Network Interface: vnet0
- Jail Network Config: DHCP
- Jail Default Route: 10.0.0.1
- IP Version: IPv4
- Bridge Network Interface: bridge0
- DNS 1: 10.0.0.1
- Domain: example.com
- ZPool Volume: tank
- Dataset: /mnt/tank/torrents
- Setup iocage Jail
Instructions
1. Create an iocage Jail with VNET configured by DHCP
iocage create -n "[Name]" -r [Release] vnet="on" bpf="yes" dhcp="on" allow_raw_sockets="1" boot="on" interfaces="vnet[N]:bridge[N]" resolver="search [DOMAIN];domain [DOMAIN];nameserver [DNS1 IP]
root@fn:~ # iocage create -n "transmission" -r 11.1-RELEASE defaultrouter="10.0.0.1" vnet="on" bpf="yes" dhcp="on" allow_raw_sockets="1" boot="on" interfaces="vnet0:bridge0" host_hostname="transmission" resolver="search example.com;domain example.com;nameserver 10.0.0.1"
2. Create Dataset and then mount inside the Jail
Create a user (eg:mujahid) as member of the media (gid:8675309) group that will have group access to the 'torrents' dataset on FreeNAS.
Create a dataset 'torrents' on the FreeNAS volume as type 'Windows'.
Create a torrent watch directory(watch_dir) for transmission within the 'torrents' dataset. When any torrent file is copied into this directory, transmission will read the file and add to its queue for downloading. This is optional if you don't need to create a torrent watch directory.
root@fn:~ # mkdir -p /mnt/tank/torrents/watch_dir
Create a torrent downloads directory(downloads) for transmission within the 'torrents' dataset. This is the directory transmission will use to save the downloaded files.
root@fn:~ # mkdir -p /mnt/tank/torrents/downloads
Set dataset 'torrents' user owner as 'mujahid(uid:1000)' and group owner as 'media(gid:8675309)'. And set these permissions recursively.
Create a windows share for the 'torrents' dataset on FreeNAS, So the FreeNAS user 'mujahid' can access the 'downloads' directory contents.
Mount the dataset '/mnt/tank/torrents/downloads' on FreeNAS into "Transmission" jail with read/write access.
root@fn:~ # iocage fstab -a transmission /mnt/tank/torrents/downloads /mnt/downloads nullfs rw 0 0
Mount dataset '/mnt/tank/torrents/watch_dir' on FreeNAS into transmission jail with read/write access.
root@fn:~ # iocage fstab -a transmission /mnt/tank/torrents/watch_dir /mnt/watch_dir nullfs rw 0 0
3. Install and Configure Transmission client in iocage jail
Login/Console into the transmission jail
root@fn:~ # iocage console transmission
Install the transmission package
root@transmission:~ # pkg install transmission-daemon
Create group 'media' with gid:8675309 in the transmission jail. Make sure the gid is the same as the gid on the FreeNAS host for the 'media' group. Then add the 'transmission' user to the 'media' group on the transmission jail as a member. This will make sure transmission has group read/write permissions to the 'torrents' dataset on the FreeNAS. Note: The group 'media' on the FreeNAS and the transmission jail should have the same gid(8675309), otherwise the permissions won't work properly.
Create group 'media' with gid:8675309
root@transmission:~ # pw groupadd -n media -g 8675309
Add user 'transmission' to group 'media'
root@transmission:~ # pw groupmod media -m transmission
Enable transmission to start on boot
root@transmission:~ # sysrc transmission_enable="YES"
Set the transmission auto file permissions and ownership check to 'No'. Because, when the transmission service starts, it resets the user and group ownership of the FreeNAS dataset 'torrents' to the default jail user and group "root:wheel", which we don't want because the user won't be able to access the downloads share directory contents.
root@transmission:~ # sysrc transmission_chown="NO"
Set the download directory for transmission
root@transmission:~ # sysrc transmission_download_dir="/mnt/downloads"
Set the torrents watch directory for transmission.
root@transmission:~ # sysrc transmission_download_dir="/mnt/watch_dir"
Start and then stop the transmission service to create a '/usr/local/etc/transmission/home/settings.json' file with default settings.
root@transmission:~ # service transmission start && service transmission stop
Edit the 'settings.json' file to change the transmission configurations with the following settings
root@transmission:~ # ee /usr/local/etc/transmission/home/settings.json
{
"port-forwarding-enabled": false,
.......
"rpc-whitelist": "127.0.0.1, 10.0.0.*", # Only for internal network clients to access
.......
"speed-limit-up-enabled": true,
.......
"trash-original-torrent-files": false, # Do not save torrent files
"umask": 2, # Make downloads directory group read writable
.......
"watch-dir": "/mnt/watch_dir", # Watch directory for *.torrent files
"watch-dir-enabled": true # Watch directory enabled
}
Start transmission service
root@transmission:~ # service transmission start
Go to http://[IP]:9091/transmission/web to check if the transmission web-gui is accessible.
Helpful Commands
Remove user from group
root@transmission:~ # pw groupmod media -d transmission
Show Group members
root@transmission:~ # pw groupshow media
watch/monitor a log file in real-time up to 30 lines
root@transmission:~ # tail -f -n 30/var/log/messages
4 comments:
Thanks for the post, it's good stuff. Have you thought about updating it with info for installing and configuring openvpn inside of the jail so torrent traffic is routed through the tunnel?
Yes. Its the next post over.
https://mujahidjaleel.blogspot.com/2018/10/how-to-setup-openvpn-client-in-iocage.html
This guide can use on freenas 11.2? It same step?
Thanks
Hello. I am having trouble editing the settings.json. Do you know another place they might be? The one you have in your instructions is a non-existent file.
Post a Comment