[NEW]Tom Spark News — Privacy-first RSS reader with ML recommendations. Free. No account.[ENTER]

DIY Raspberry Pi Torrent & Media Server with VPN

Required Hardware For optimal performance, you'll need: - Raspberry Pi 4 Model B (8GB RAM recommended) - 32GB+ microSD card (Samsung EVO/PRO or SanDisk Extreme) - External HDD/SSD for media storage (4TB+ recommended) - Official Raspberry Pi power sup...

October 13, 2025•5 min read

Required Hardware

For optimal performance, you'll need: - Raspberry Pi 4 Model B (8GB RAM recommended) - 32GB+ microSD card (Samsung EVO/PRO or SanDisk Extreme) - External HDD/SSD for media storage (4TB+ recommended) - Official Raspberry Pi power supply (3.0A) - ICE Tower CPU Cooler or FLIRC case for cooling - Ethernet cable for reliable network connection Total cost: $150-200 depending on storage capacity

Initial Setup & OS Installation

Installing Raspberry Pi OS

1. Download the Raspberry Pi Imager from https://www.raspberrypi.org/software/ 2. Insert microSD card and launch Imager 3. Choose "Raspberry Pi OS Lite (64-bit)" for headless server setup 4. Click Advanced Options (gear icon) and: - Set hostname (e.g., mediaserver) - Enable SSH - Configure WiFi (if needed) - Set username/password - Set locale settings

First Boot & Basic Configuration

```bash sudo apt update && sudo apt upgrade -y sudo apt install -y \ git curl wget htop \ unzip unrar-free \ python3-pip \ ufw fail2ban \ ntfs-3g exfat-fuse sudo timedatectl set-timezone YOUR_TIMEZONE sudo apt install -y lm-sensors sudo sensors-detect --auto ```

Storage Setup

External Drive Configuration

```bash lsblk sudo mkdir /mnt/media sudo blkid sudo nano /etc/fstab UUID=YOUR-UUID-HERE /mnt/media ext4 defaults,auto,nofail 0 0 sudo mount -a sudo chown -R pi:pi /mnt/media sudo chmod -R 775 /mnt/media ```

VPN Setup & Kill Switch

We'll use WireGuard for its performance and simplicity. ```bash sudo apt install -y wireguard sudo nano /etc/wireguard/wg0.conf [Interface] PrivateKey = YOUR_PRIVATE_KEY Address = YOUR_VPN_IP/32 DNS = 1.1.1.1 [Peer] PublicKey = SERVER_PUBLIC_KEY Endpoint = vpn.example.com:51820 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 25 sudo systemctl enable wg-quick@wg0 sudo systemctl start wg-quick@wg0 sudo nano /etc/sysctl.conf net.ipv4.ip_forward = 0 net.ipv6.conf.all.forwarding = 0 sudo nano /etc/iptables-rules *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -i wg0 -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -o wg0 -j ACCEPT -A OUTPUT -p udp -m udp --dport 51820 -j ACCEPT COMMIT sudo nano /etc/systemd/system/iptables-restore.service [Unit] Description=Restore iptables rules After=network.target [Service] Type=oneshot ExecStart=/sbin/iptables-restore /etc/iptables-rules RemainAfterExit=yes [Install] WantedBy=multi-user.target sudo systemctl enable iptables-restore ```

Transmission Setup

```bash sudo apt install -y transmission-daemon sudo systemctl stop transmission-daemon sudo nano /etc/transmission-daemon/settings.json { "download-dir": "/mnt/media/downloads", "incomplete-dir": "/mnt/media/downloads/incomplete", "incomplete-dir-enabled": true, "rpc-username": "YOUR_USERNAME", "rpc-password": "YOUR_PASSWORD", "rpc-whitelist": "127.0.0.1,192.168.1.*", "rpc-whitelist-enabled": true, "bind-address-ipv4": "0.0.0.0", "peer-port": 51413, "encryption": 2, "umask": 2, "download-queue-enabled": true, "download-queue-size": 5, "ratio-limit": 2, "ratio-limit-enabled": true } sudo mkdir -p /mnt/media/downloads/incomplete sudo chown -R debian-transmission:debian-transmission /mnt/media/downloads sudo nano /etc/systemd/system/transmission-daemon.service.d/override.conf [Service] Environment="BIND_ADDRESS_IPV4=YOUR_VPN_IP" sudo systemctl daemon-reload sudo systemctl start transmission-daemon ```

Plex Media Server Installation

```bash echo deb https://downloads.plex.tv/repo/deb public main | sudo tee /etc/apt/sources.list.d/plexmediaserver.list curl https://downloads.plex.tv/plex-keys/PlexSign.key | sudo apt-key add - sudo apt update sudo apt install plexmediaserver sudo usermod -aG pi plex sudo chown -R plex:plex /mnt/media sudo nano /etc/ufw/applications.d/plexmediaserver [plexmediaserver] title=Plex Media Server description=Plex Media Server ports=32400/tcp|3005/tcp|5353/udp|8324/tcp|32410:32414/udp sudo ufw allow plexmediaserver ```

Jellyfin Alternative

```bash curl https://repo.jellyfin.org/debian/jellyfin_team.gpg.key | sudo apt-key add - echo "deb [arch=$( dpkg --print-architecture )] https://repo.jellyfin.org/debian $( lsb_release -c -s ) main" | sudo tee /etc/apt/sources.list.d/jellyfin.list sudo apt update sudo apt install jellyfin sudo systemctl enable jellyfin sudo systemctl start jellyfin sudo usermod -aG pi jellyfin sudo chown -R jellyfin:jellyfin /mnt/media ```

Automated Torrent Management

We'll use Flexget for RSS automation: ```bash pip3 install flexget mkdir -p ~/.config/flexget nano ~/.config/flexget/config.yml tasks: tv-shows: rss: https://example.com/tv-shows.rss accept_all: yes transmission: host: localhost port: 9091 username: YOUR_USERNAME password: YOUR_PASSWORD path: /mnt/media/downloads/tv sudo nano /etc/systemd/system/flexget.service [Unit] Description=Flexget Daemon After=network.target [Service] Type=simple User=pi Group=pi ExecStart=/usr/local/bin/flexget daemon start ExecStop=/usr/local/bin/flexget daemon stop ExecReload=/usr/local/bin/flexget daemon reload [Install] WantedBy=multi-user.target sudo systemctl enable flexget sudo systemctl start flexget ```

Monitoring & Maintenance

```bash sudo apt install -y prometheus node-exporter grafana nano ~/monitor.sh #!/bin/bash cpu_temp=$(vcgencmd measure_temp | cut -d= -f2 | cut -d"'" -f1) load_avg=$(uptime | awk -F'load average:' '{ print $2 }') disk_usage=$(df -h /mnt/media | tail -1 | awk '{print $5}') echo "CPU Temperature: ${cpu_temp}°C" echo "Load Average: ${load_avg}" echo "Disk Usage: ${disk_usage}" chmod +x ~/monitor.sh crontab -e */5 * * * * ~/monitor.sh >> /var/log/system-stats.log ```

Security Hardening

```bash sudo nano /etc/ssh/sshd_config Port 2222 PermitRootLogin no PasswordAuthentication no MaxAuthTries 3 LoginGraceTime 60 ssh-keygen -t ed25519 -C "mediaserver" ssh-copy-id -i ~/.ssh/id_ed25519.pub pi@mediaserver sudo ufw default deny incoming sudo ufw default allow outgoing sudo ufw allow 2222/tcp sudo ufw enable sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local sudo nano /etc/fail2ban/jail.local [DEFAULT] bantime = 1h findtime = 10m maxretry = 3 [sshd] enabled = true port = 2222 filter = sshd logpath = /var/log/auth.log maxretry = 3 ```

Remote Access Setup

For secure remote access, we'll use Nginx as a reverse proxy: ```bash sudo apt install -y nginx certbot python3-certbot-nginx sudo nano /etc/nginx/sites-available/mediaserver server { listen 443 ssl; server_name mediaserver.example.com; ssl_certificate /etc/letsencrypt/live/mediaserver.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mediaserver.example.com/privkey.pem; location /transmission/ { proxy_pass http://127.0.0.1:9091/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } location /plex/ { proxy_pass http://127.0.0.1:32400/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } } sudo ln -s /etc/nginx/sites-available/mediaserver /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx sudo certbot --nginx -d mediaserver.example.com ```

Troubleshooting Common Issues

1. VPN Connection Drops ```bash sudo wg show sudo systemctl status wg-quick@wg0 sudo systemctl restart wg-quick@wg0 ``` 2. Transmission Not Starting ```bash sudo journalctl -u transmission-daemon -n 50 sudo chown -R debian-transmission:debian-transmission /mnt/media/downloads ``` 3. Plex Media Not Scanning ```bash sudo journalctl -u plexmediaserver -n 100 sudo chown -R plex:plex /mnt/media sudo systemctl restart plexmediaserver ``` 4. High CPU Temperature ```bash vcgencmd measure_temp echo "conservative" | sudo tee /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor ``` This guide provides a solid foundation for a Raspberry Pi media server. Remember to: - Regularly backup configuration files - Monitor system resources and temperatures - Keep software updated - Check logs for potential issues - Test VPN kill switch periodically The setup can be further customized with additional services like Sonarr, Radarr, or Jackett for enhanced media management.

🎯 REAL VPN RANKINGS - NO BS

⚡ONLY community-driven rating system on internet

⚡100% factual reviews - No paid placements

⚡ZERO bias - Community votes decide rankings

⚡EXCLUSIVE discounts negotiated for our audience!

SEE COMMUNITY RANKINGS →

Join 50,000+ users who found their perfect VPN through real reviews

DIY Raspberry Pi Torrent & Media Server with VPN

October 13, 2025•5 min read

Required Hardware

Initial Setup & OS Installation

Installing Raspberry Pi OS

First Boot & Basic Configuration

Storage Setup

External Drive Configuration

VPN Setup & Kill Switch

Transmission Setup

Plex Media Server Installation

Jellyfin Alternative

Automated Torrent Management

Monitoring & Maintenance

Security Hardening

Remote Access Setup

Troubleshooting Common Issues

🎯 REAL VPN RANKINGS - NO BS

⚡ONLY community-driven rating system on internet

⚡100% factual reviews - No paid placements

⚡ZERO bias - Community votes decide rankings

⚡EXCLUSIVE discounts negotiated for our audience!

SEE COMMUNITY RANKINGS →

Join 50,000+ users who found their perfect VPN through real reviews

Comments (0)

Please sign in to leave a comment