Jump to content

turboturtle

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

 Content Type 

Posts posted by turboturtle

    [Support] binhex - SABnzbdVPN

    in Docker Containers

    Posted

    I did a bit more digging, and I found that this was due to a missing masquerade rule for the containers. Only found that out after the explicit "allow port 53" rules didn't get _any_ packet matches in pfsense. Not sure how that got lost, but adding it back immediately got everything working normally again.

     

    Thanks for the help! :)

    [Support] binhex - SABnzbdVPN

    in Docker Containers

    Posted

    1 minute ago, binhex said:

    what are the values for key NAME_SERVERS ?

    Most recently, I've not been setting that env var and it gets populated as

     

    Quote

    2020-03-10 08:21:03,699 DEBG 'start-script' stdout output:
    [debug] Show name servers defined for container

    2020-03-10 08:21:03,699 DEBG 'start-script' stdout output:
    nameserver 209.222.18.222
    nameserver 84.200.69.80
    nameserver 37.235.1.174
    nameserver 1.1.1.1
    nameserver 209.222.18.218
    nameserver 37.235.1.177
    nameserver 84.200.70.40
    nameserver 1.0.0.1
     

     

    If I try using NAME_SERVERS=8.8.8.8,8.8.4.4 as a test, there is no change in behavior.

    [Support] binhex - SABnzbdVPN

    in Docker Containers

    Posted

    Followed Q16, no change. Router/host firewall is not blocking, updated the config files, tried a different port, and tried using an IP instead of hostname.

     

    Still hangs here:

     

    Quote

    2020-03-10 08:21:03,699 DEBG 'start-script' stdout output:
    [debug] Show name resolution for VPN endpoint 45.12.220.201
     

     

    and then gives the "Error: error sending query: Could not send or receive, because of network error" error before repeating the inactivity timeout message.

     

    I am confident my ISP is not blocking as I am able to connect to the VPN on the host, just not in the container.

    [Support] binhex - SABnzbdVPN

    in Docker Containers

    Posted

    Did a bit more digging, and trying a few other VPN servers. I'm now getting this:

     

    Quote

    [...]

    2020-03-09 21:55:36,320 DEBG 'start-script' stdout output:
    [info] Adding 84.200.70.40 to /etc/resolv.conf

    2020-03-09 21:55:36,322 DEBG 'start-script' stdout output:
    [info] Adding 1.0.0.1 to /etc/resolv.conf

    2020-03-09 21:57:36,444 DEBG 'start-script' stderr output:
    Error: error sending query: Could not send or receive, because of network error

     

    It looks like this is some kind of DNS failure within the container, but I can't replicate it on the host. DNS is working peachy host-side. I even did a static mapping of the VPN server to a resolvable IP and the drill lookups still hang/fail. 

    [Support] binhex - SABnzbdVPN

    in Docker Containers

    Posted

    I've had this issue on and off with the sabnzbdvpn image for a while now, and just recently I've been unable to workaround it anymore.

     

    The issue is twofold.

    First, starting the image does not start sabnzbd for me. As in, there is not even an attempt to start it in the logs:

     

    Quote

    Created by...
    ___.   .__       .__                   
    \_ |__ |__| ____ |  |__   ____ ___  ___
     | __ \|  |/    \|  |  \_/ __ \\  \/  /
     | \_\ \  |   |  \   Y  \  ___/ >    < 
     |___  /__|___|  /___|  /\___  >__/\_ \
         \/        \/     \/     \/      \/
      https://hub.docker.com/u/binhex/

    2020-03-09 16:55:12.438333 [info] System information Linux d20aedc3a755 4.18.0-80.1.2.el8_0.elrepo.bug919.x86_64 #1 SMP Sun Jun 23 20:34:00 EDT 2019 x86_64 GNU/Linux
    2020-03-09 16:55:12.459283 [info] PUID defined as '0'
    2020-03-09 16:55:12.504111 [info] PGID defined as '0'
    2020-03-09 16:55:12.541059 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
    2020-03-09 16:55:12.561656 [info] Permissions already set for volume mappings
    2020-03-09 16:55:12.586230 [info] VPN_ENABLED defined as 'yes'
    2020-03-09 16:55:12.609366 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/Netherlands.ovpn
    2020-03-09 16:55:12.646670 [info] VPN remote line defined as 'remote 46.166.188.237 1198'
    2020-03-09 16:55:12.667158 [info] VPN_REMOTE defined as '46.166.188.237'
    2020-03-09 16:55:12.687831 [info] VPN_PORT defined as '1198'
    2020-03-09 16:55:12.711332 [info] VPN_PROTOCOL defined as 'udp'
    2020-03-09 16:55:12.732108 [info] VPN_DEVICE_TYPE defined as 'tun0'
    2020-03-09 16:55:12.752721 [info] VPN_PROV defined as 'pia'
    2020-03-09 16:55:12.773570 [info] LAN_NETWORK defined as '192.168.6.0/24'
    2020-03-09 16:55:12.795165 [info] ADDITIONAL_PORTS not defined (via -e ADDITIONAL_PORTS), skipping allow for custom incoming ports
    2020-03-09 16:55:12.816912 [info] NAME_SERVERS defined as '8.8.8.8'
    2020-03-09 16:55:12.838691 [info] VPN_USER defined as '#####'
    2020-03-09 16:55:12.859768 [info] VPN_PASS defined as '#####'
    2020-03-09 16:55:12.880995 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
    2020-03-09 16:55:12.901465 [info] ENABLE_PRIVOXY defined as 'yes'
    2020-03-09 16:55:14.365729 [info] Starting Supervisor...
    2020-03-09 16:55:14,486 INFO Included extra file "/etc/supervisor/conf.d/sabnzbdvpn.conf" during parsing
    2020-03-09 16:55:14,486 INFO Set uid to user 0 succeeded
    2020-03-09 16:55:14,488 INFO supervisord started with pid 7
    2020-03-09 16:55:15,490 INFO spawned: 'start-script' with pid 150
    2020-03-09 16:55:15,490 INFO spawned: 'watchdog-script' with pid 151
    2020-03-09 16:55:15,491 INFO reaped unknown pid 8
    2020-03-09 16:55:15,494 DEBG 'start-script' stdout output:
    [info] VPN is enabled, beginning configuration of VPN

    2020-03-09 16:55:15,494 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
    2020-03-09 16:55:15,494 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
    2020-03-09 16:55:15,573 DEBG 'start-script' stdout output:
    [info] Default route for container is 10.88.0.1

    2020-03-09 16:55:15,575 DEBG 'start-script' stdout output:
    [info] Adding 8.8.8.8 to /etc/resolv.conf

    2020-03-09 16:55:15,577 DEBG 'start-script' stdout output:
    46.166.188.237

    2020-03-09 16:55:15,586 DEBG 'start-script' stdout output:
    [info] Attempting to load iptable_mangle module...

    2020-03-09 16:55:15,587 DEBG 'start-script' stderr output:
    modprobe: FATAL: Module iptable_mangle not found in directory /lib/modules/4.18.0-80.1.2.el8_0.elrepo.bug919.x86_64

    2020-03-09 16:55:15,587 DEBG 'start-script' stdout output:
    [warn] Unable to load iptable_mangle module using modprobe, trying insmod...

    2020-03-09 16:55:15,588 DEBG 'start-script' stderr output:
    insmod: ERROR: could not load module /lib/modules/iptable_mangle.ko: No such file or directory

    2020-03-09 16:55:15,588 DEBG 'start-script' stdout output:
    [warn] Unable to load iptable_mangle module, you will not be able to connect to the applications Web UI or Privoxy outside of your LAN
    [info] unRAID/Ubuntu users: Please attempt to load the module by executing the following on your host: '/sbin/modprobe iptable_mangle'
    [info] Synology users: Please attempt to load the module by executing the following on your host: 'insmod /lib/modules/iptable_mangle.ko'

    2020-03-09 16:55:15,601 DEBG 'start-script' stdout output:
    [info] Docker network defined as    10.88.0.0/16

    2020-03-09 16:55:15,608 DEBG 'start-script' stdout output:
    [info] Adding 192.168.6.0/24 as route via docker eth0

    2020-03-09 16:55:15,609 DEBG 'start-script' stdout output:
    [info] ip route defined as follows...

    2020-03-09 16:55:15,609 DEBG 'start-script' stdout output:
    --------------------

    2020-03-09 16:55:15,610 DEBG 'start-script' stdout output:
    default via 10.88.0.1 dev eth0 
    10.88.0.0/16 dev eth0 proto kernel scope link src 10.88.0.74 
    192.168.6.0/24 via 10.88.0.1 dev eth0 

    2020-03-09 16:55:15,610 DEBG 'start-script' stdout output:
    --------------------

    2020-03-09 16:55:15,639 DEBG 'start-script' stdout output:
    [info] iptables defined as follows...
    --------------------

    2020-03-09 16:55:15,641 DEBG 'start-script' stdout output:
    -P INPUT DROP
    -P FORWARD DROP
    -P OUTPUT DROP
    -A INPUT -s 10.88.0.0/16 -d 10.88.0.0/16 -j ACCEPT
    -A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
    -A INPUT -i eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
    -A INPUT -i eth0 -p tcp -m tcp --sport 8080 -j ACCEPT
    -A INPUT -i eth0 -p tcp -m tcp --dport 8090 -j ACCEPT
    -A INPUT -i eth0 -p tcp -m tcp --sport 8090 -j ACCEPT
    -A INPUT -s 192.168.6.0/24 -d 10.88.0.0/16 -i eth0 -p tcp -j ACCEPT
    -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A INPUT -i tun0 -j ACCEPT
    -A OUTPUT -s 10.88.0.0/16 -d 10.88.0.0/16 -j ACCEPT
    -A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
    -A OUTPUT -o eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
    -A OUTPUT -o eth0 -p tcp -m tcp --sport 8080 -j ACCEPT
    -A OUTPUT -o eth0 -p tcp -m tcp --dport 8090 -j ACCEPT
    -A OUTPUT -o eth0 -p tcp -m tcp --sport 8090 -j ACCEPT
    -A OUTPUT -s 10.88.0.0/16 -d 192.168.6.0/24 -o eth0 -p tcp -j ACCEPT
    -A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
    -A OUTPUT -o lo -j ACCEPT
    -A OUTPUT -o tun0 -j ACCEPT

    2020-03-09 16:55:15,642 DEBG 'start-script' stdout output:
    --------------------

    2020-03-09 16:55:15,642 DEBG 'start-script' stdout output:
    [info] Starting OpenVPN...

    2020-03-09 16:55:15,647 DEBG 'start-script' stdout output:
    Mon Mar  9 16:55:15 2020 WARNING: file 'credentials.conf' is group or others accessible
    Mon Mar  9 16:55:15 2020 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019

    2020-03-09 16:55:15,647 DEBG 'start-script' stdout output:
    Mon Mar  9 16:55:15 2020 library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.10

    2020-03-09 16:55:15,647 DEBG 'start-script' stdout output:
    [info] OpenVPN started

    2020-03-09 16:55:15,647 DEBG 'start-script' stdout output:
    Mon Mar  9 16:55:15 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

    2020-03-09 16:55:15,648 DEBG 'start-script' stdout output:
    Mon Mar  9 16:55:15 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.188.237:1198

    2020-03-09 16:55:15,648 DEBG 'start-script' stdout output:
    Mon Mar  9 16:55:15 2020 UDP link local: (not bound)
    Mon Mar  9 16:55:15 2020 UDP link remote: [AF_INET]46.166.188.237:1198

    2020-03-09 16:56:15,630 DEBG 'start-script' stdout output:
    Mon Mar  9 16:56:15 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting

    2020-03-09 16:56:15,630 DEBG 'start-script' stdout output:
    Mon Mar  9 16:56:15 2020 SIGHUP[soft,ping-restart] received, process restarting

    2020-03-09 16:56:15,630 DEBG 'start-script' stdout output:
    Mon Mar  9 16:56:15 2020 WARNING: file 'credentials.conf' is group or others accessible
    Mon Mar  9 16:56:15 2020 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
    Mon Mar  9 16:56:15 2020 library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.10

    2020-03-09 16:56:20,630 DEBG 'start-script' stdout output:
    Mon Mar  9 16:56:20 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

    2020-03-09 16:56:20,630 DEBG 'start-script' stdout output:
    Mon Mar  9 16:56:20 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.188.237:1198

    2020-03-09 16:56:20,631 DEBG 'start-script' stdout output:
    Mon Mar  9 16:56:20 2020 UDP link local: (not bound)
    Mon Mar  9 16:56:20 2020 UDP link remote: [AF_INET]46.166.188.237:1198

    2020-03-09 16:57:20,761 DEBG 'start-script' stdout output:
    Mon Mar  9 16:57:20 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting

    2020-03-09 16:57:20,761 DEBG 'start-script' stdout output:
    Mon Mar  9 16:57:20 2020 SIGHUP[soft,ping-restart] received, process restarting
    Mon Mar  9 16:57:20 2020 WARNING: file 'credentials.conf' is group or others accessible
    Mon Mar  9 16:57:20 2020 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
    Mon Mar  9 16:57:20 2020 library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.10

    2020-03-09 16:57:25,761 DEBG 'start-script' stdout output:
    Mon Mar  9 16:57:25 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

    2020-03-09 16:57:25,761 DEBG 'start-script' stdout output:
    Mon Mar  9 16:57:25 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.188.237:1198

    2020-03-09 16:57:25,761 DEBG 'start-script' stdout output:
    Mon Mar  9 16:57:25 2020 UDP link local: (not bound)
    Mon Mar  9 16:57:25 2020 UDP link remote: [AF_INET]46.166.188.237:1198

    2020-03-09 16:58:25,369 DEBG 'start-script' stdout output:
    Mon Mar  9 16:58:25 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting

    2020-03-09 16:58:25,370 DEBG 'start-script' stdout output:
    Mon Mar  9 16:58:25 2020 SIGHUP[soft,ping-restart] received, process restarting

    2020-03-09 16:58:25,370 DEBG 'start-script' stdout output:
    Mon Mar  9 16:58:25 2020 WARNING: file 'credentials.conf' is group or others accessible

    2020-03-09 16:58:25,370 DEBG 'start-script' stdout output:
    Mon Mar  9 16:58:25 2020 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
    Mon Mar  9 16:58:25 2020 library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.10

    2020-03-09 16:58:30,370 DEBG 'start-script' stdout output:
    Mon Mar  9 16:58:30 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

    2020-03-09 16:58:30,370 DEBG 'start-script' stdout output:
    Mon Mar  9 16:58:30 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.188.237:1198

    2020-03-09 16:58:30,370 DEBG 'start-script' stdout output:
    Mon Mar  9 16:58:30 2020 UDP link local: (not bound)
    Mon Mar  9 16:58:30 2020 UDP link remote: [AF_INET]46.166.188.237:1198

    2020-03-09 16:59:31,010 DEBG 'start-script' stdout output:
    Mon Mar  9 16:59:31 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting

    2020-03-09 16:59:31,010 DEBG 'start-script' stdout output:
    Mon Mar  9 16:59:31 2020 SIGHUP[soft,ping-restart] received, process restarting
    Mon Mar  9 16:59:31 2020 WARNING: file 'credentials.conf' is group or others accessible
    Mon Mar  9 16:59:31 2020 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
    Mon Mar  9 16:59:31 2020 library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.10

    2020-03-09 16:59:36,011 DEBG 'start-script' stdout output:
    Mon Mar  9 16:59:36 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

    2020-03-09 16:59:36,011 DEBG 'start-script' stdout output:
    Mon Mar  9 16:59:36 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.188.237:1198

    2020-03-09 16:59:36,011 DEBG 'start-script' stdout output:
    Mon Mar  9 16:59:36 2020 UDP link local: (not bound)
    Mon Mar  9 16:59:36 2020 UDP link remote: [AF_INET]46.166.188.237:1198

    2020-03-09 17:00:36,688 DEBG 'start-script' stdout output:
    Mon Mar  9 17:00:36 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting

    2020-03-09 17:00:36,688 DEBG 'start-script' stdout output:
    Mon Mar  9 17:00:36 2020 SIGHUP[soft,ping-restart] received, process restarting

    2020-03-09 17:00:36,688 DEBG 'start-script' stdout output:
    Mon Mar  9 17:00:36 2020 WARNING: file 'credentials.conf' is group or others accessible

    2020-03-09 17:00:36,688 DEBG 'start-script' stdout output:
    Mon Mar  9 17:00:36 2020 OpenVPN 2.4.7 [git:makepkg/2b8aec62d5db2c17+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 19 2019
    Mon Mar  9 17:00:36 2020 library versions: OpenSSL 1.1.1c  28 May 2019, LZO 2.10

    2020-03-09 17:00:41,688 DEBG 'start-script' stdout output:
    Mon Mar  9 17:00:41 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

    2020-03-09 17:00:41,689 DEBG 'start-script' stdout output:
    Mon Mar  9 17:00:41 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.188.237:1198

    2020-03-09 17:00:41,689 DEBG 'start-script' stdout output:
    Mon Mar  9 17:00:41 2020 UDP link local: (not bound)
    Mon Mar  9 17:00:41 2020 UDP link remote: [AF_INET]46.166.188.237:1198
     

     

    And it will just sit there, forever, cycling on the inactivity timeout. I can manually start the sabnzbd process by exec'ing into the container and running '/opt/sabnzbd/SABnzbd.py -f /config/sabnzbd.ini'. This launches sab and I can access the webUI.

    However, now I have a second problem - as of today, when trying to relaunch the container and start sab manually again, while sab launches it now reports it has no public IPv4 address. I am able to ping external addresses via IP address, but not using an FQDN.

    [Support] binhex - SABnzbd

    in Docker Containers

    Posted

    On 11/8/2019 at 4:19 PM, turboturtle said:

    There is no activity after that, no matter how long I wait.

     

    I was able to exec into the container and manually start sabnzbd without issue. I also confirmed the VPN is properly functioning as exec'ing a curl against whatismyip.akamai.com shows the expected VPN address.

     

    So it seems that, for one reason or another, nothing is launching sabnzbd when the container starts, even though the VPN setup is successful.

    [Support] binhex - SABnzbd

    in Docker Containers

    Posted

    I recently did a server rebuild, and I'm trying to re-deploy the sabnzbdvpn container, however it appears to hang during the VPN setup. According to logs output, it is always hanging here:

     

    ------8<-----------

    2019-11-08 16:12:38,866 DEBG 'start-script' stdout output:
    [info] Application does not require external IP address, skipping external IP address detection
    ------8<-----------

     

    There is no activity after that, no matter how long I wait. I'm passing VPN_PROV=pia and VPN_REMOTE=swiss.privateinternetaccess.com along with the standard set of env vars. 

×
×
  • Create New...