Merijeek
-
Posts
129 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by Merijeek
-
-
12 minutes ago, ich777 said:
Only the ones that you route through the VPN container are necessary to restart.
Good point. In that case it'd be Jackett, all the Arrs, and Qbittorrent.
-
26 minutes ago, ich777 said:
if you are using my *arr containers then it is pretty simple.
Not using yours, though not for any particular reason. I'm sure there's a difference between, say, your Sonarr and linuxserer's, but I never put too much thought into it.
Looks like I've got these of yours:
ich777/sonarr
ich777/radarr
ich777/openvpn-client
ich777/lidarrAnd a bunch that aren't:
ghcr.io/mealie-recipes/mealie
linuxserver/jackett
binhex/arch-readarr
lscr.io/linuxserver/duckdns
binhex/arch-readarr
netdata/netdata
lscr.io/linuxserver/calibre
lscr.io/linuxserver/bazarr
binhex/arch-overseerr
binhex/arch-jellyfin
binhex/arch-plexpass
binhex/arch-prowlarr
hotio/overseerr
binhex/arch-readarr
ghcr.io/advplyr/audiobookshelf
ghcr.io/ajnart/homarr
gotson/komga
binhex/arch-readarr
deasmi/unraid-tailscale
jlesage/jdownloader-2
jlesage/dupeguru
jlesage/nginx-proxy-manager
cr.hotio.dev/hotio/qbittorrent
jaymoulin/jdownloader
tzahi12345/youtubedl-materialHonestly, I have zero issues switching them over. I can't imagine they'd be that difficult. If it'd help.
-
2 hours ago, ich777 said:
Funny story, I just implemented a ping check yesterday so the container auto restarts when the connection is lost and I even implemented something that I call Connected Containers so that if the VPN container is restarted for whatever reason, compatible containers with Connected Containers will restart too.
Awesome, I've added the variables and did the update. My main ones I'm using are basically Qbitorrent and most of the *arr suite.
I don't know how quickly they freak if they lose access to download client or indexer. I'm betting 5 minutes can get past them if needed.
I'll let this run and see what I can see as far as if this gets me past my issue or not. Thanks for the help. If you need the actual container names off github let me know and I can list them. I'm HOPING that I won't need to worry about bouncing the other containers if this guy notices and responds quickly enough.
Whatever happens, thanks for all your effort on this. It's appreciated.
-
Hi everyone, especially @ich777!
Been loving the docker-openvpn-client container. However, I've got one small problem I'm hoping I can get some help with. I've got it setup connecting to PIA and everything works fine. Most of the time.
But, what I've got going on is that it will, spontaneously, lose connection. And then it's done. And everything that routes through it is also done. And because some of the things that route through it all rely on each other, I need to manually tell them all to check in with each other to get them up and working correctly again.
Thing is...I've got no idea why this is happening. There's probably a way to get better logging out of the container that has a bigger buffer, but I don't know how to do that. No syslogs in the path that this docker uses that I can see.
I just come back to something like this:
' 2024-04-11 07:33:27 RESOLVE: Cannot resolve host address: ca-vancouver.privacy.network:1197 (Temporary failure in name resolution) 2024-04-11 07:33:27 Could not determine IPv4/IPv6 protocol 2024-04-11 07:33:27 SIGUSR1[soft,Could not determine IPv4/IPv6 protocol] received, process restarting 2024-04-11 07:38:37 RESOLVE: Cannot resolve host address: ca-vancouver.privacy.network:1197 (Temporary failure in name resolution) 2024-04-11 07:38:47 RESOLVE: Cannot resolve host address: ca-vancouver.privacy.network:1197 (Temporary failure in name resolution) 2024-04-11 07:38:47 Could not determine IPv4/IPv6 protocol (and it goes on like this to fill the buffer)A restart of the container ALWAYS fixes this. It could be, though I'm not 100% sure, that the process restarting bit is from my adding "-inactive 3600 --ping 10 --ping-exit 60" to the container as an attempt to paper over this problem. But, it hasn't helped.
Hoping someone can suggest a solution here, because as a solution for what I want to do, this container is fantastic, but having it fail for no reason (that I can find) ever 5 or 10 days is really annoying.
-
...are, unsurprisingly, causing a port conflict.
So, when I create them (specifically, Readarr) I'm doing one at default 8787 and on at 18787. Should be fine. I'm routing them through an OpenVPN container, but I don't see that as the issue. Mostly because when I start my Readarr at 18787 I'm getting:
Quote2023-10-18 09:11:56,988 DEBG 'readarr' stdout output:
[Fatal] ConsoleApp: Failed to bind to address http://[::]:8787: address already in use. This can happen if another instance of Readarr is already running another application is using the same port (default: 8787) or the user has insufficient permissionsThe only reference I can find to a port 8787 in the Docker setup for this container is this:
So I edit that, to make it an 18787.
But I still end up with the same complaint in the log:
I've absolutely got another instance of Readarr running, but it shouldn't be on that same port. I've even gone so far as to remove the WebUI value and change it to 18787.
Can anyone offer a suggestion as to how to get around this problem?
-
OK, so to be clear, the misunderstanding here is that the delays are strictly there for containers that auto start when the disk array itself is started?
-
OK, I don't restart the array all THAT often.
I was basing my complaint on my stopping all containers and then hitting the 'start all' button. Is that...incorrect?
-
Version 6.12.4.
Like many people, I need some containers to wait for others before starting up to avoid issues. So I put them in order, and I did some delays. My understanding is that they'd boot top-down, and delay when they hit a delay.
But as you can see from my delays and uptimes, that definitely isn't happening. Can someone explain what I'm doing wrong here?
-
Awesome, that did it. Thanks a bunch.
-
1
-
-
@ich777 - One more question on the OpenVPN container.
I'd like to be able to have one of my Docker containers that get network via the OVPN container to be able to access something on my local 192.168.1.0/24 subnet.
It looks like that isn't possible. Can you suggest a setting that might allow that?
-
3 hours ago, sonic6 said:
@Merijeek the forwarded Ports are still Missing in your ovpn-client Container.
Yeah, that was just a shot from before I did it. They're there and I can reach the containers behind it.
-
2
-
-
Here's some shots of my advanced QBT setup:
As you can see, not much to it.
However, I did add the FIREWALL variable to the OpenVPN container and so far I seem to be showing good:
So...I'll throw a few more things in there and check back and see what I can see.
-
1
-
-
1 hour ago, ich777 said:
I think you are doing something differently because I asked a second user and he also had no issues at all.
Why? This is pretty easy if you follow the steps from the description.
I don't know. I appear to have broken it via all the experimenting I was going.
As far as me doing something differently, anything is possible, but I don't know how. So this is from scratch
Completely basic setup:
Quotedocker run
-d
--name='OpenVPN-Client'
--net='bridge'
-e TZ="America/Los_Angeles"
-e HOST_OS="Unraid"
-e HOST_HOSTNAME="UnRAID"
-e HOST_CONTAINERNAME="OpenVPN-Client"
-l net.unraid.docker.managed=dockerman
-l net.unraid.docker.icon='https://raw.githubusercontent.com/ich777/docker-templates/master/ich777/images/openvpn-client.png'
-v '/mnt/user/dockerprod/openvpn-client':'/vpn':'rw'
-v '/mnt/user':'/unraid':'rw'
--device='/dev/net/tun'
--cap-add=NET_ADMIN
--dns=8.8.8.8
--sysctl net.ipv6.conf.all.disable_ipv6=1 'ich777/openvpn-client'3e6f00443e5eb78367d475fc7c85ac77abce767e3cec71323b901fe137c34c64
The command finished successfully!Created an OVPN file over at PIA, then put it and creds in the right spot:
And it looks like it's up after a restart:
My QBT and OVPN containers can both ping the outside world via DNS.
I've got this happy and good and completely legal torrent that finished a few minutes ago:
And I go and visit this site: https://ipleak.net/ and choose the "Torrent Address Detection" button, and then grab the magnet link and pop it into QBT:
And when I go back to ipleak, I see:
The top one being the VPN address, the bottom one being my own public IP.
....so then he goes ahead and does the same thing. Shuts down all dockers and changes the ovpn.vpn and auth.vpn files to the Privado versions.
OVPN file is Privado's: ams-001.default (renamed, of course)
Connected:
Go back to IPLeak, grab a new magnet and put it into QBT:
...and poof, pretty much instantly
Finally, lacking any better ideas, I change the DNS that the OVPN container is using.
....and boom, same as above.
Meanwhile, on my extra Windows machine running the PIA client, I go through the same tests, and only my PIA VPN IP ever shows up in the ipleak site.
I'm not saying I'm not possibly doing something wrong here, but I don't see how I can be.
-
11 hours ago, ich777 said:
Is it possible for you to create a free account on privado.io and try it with their .ovpn files and see if it's the same?
Privado supports free accounts to AFAIK.
As you can see above, I did.
However, while doing all my screwing around, I can't even route through the OVPN container. Just not sure it's worth the effort. I've been trying to get everything off a windows box by shifting all this stuff to docker containers on the Unraid server. But it's turning out to be quite the headache.
I'll start over one more time with the Privado setup through this container and see what we see.
-
Well, that's not great. Any thoughts? Or maybe just something not great with PIA?
I grabbed a Privado accound, and am seeing the same thing:
QuoteYour IP:
104.255.228.132 [United States of America, AS397423 Tier.Net Technologies LLC]You use 1 DNS server:
85.12.32.49 [Netherlands, AS34305 Base IP B.V.]Conclusion:
DNS may be leaking.
root@662e7bc91623:/# rm dnsleaktest.sh~
rm: cannot remove 'dnsleaktest.sh~': No such file or directory
root@662e7bc91623:/# rm dnsleaktest.sh
root@662e7bc91623:/#
root@662e7bc91623:/#I swapped to a Netherlands server and I get the same thing more or less
QuoteYour IP:
91.148.224.13 [Netherlands, AS34343 Eweka Internet Services B.V.]You use 1 DNS server:
85.12.32.49 [Netherlands, AS34305 Base IP B.V.]Conclusion:
DNS may be leaking.I'm even using the Privado VN DNS and getting that.
-
OK well, some progress!
Quoteroot@b43d57320d68:/# cd /tmp
root@b43d57320d68:/tmp# curl -s https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh -o dnsleaktest.sh
root@b43d57320d68:/tmp# chmod +x dnsleaktest.sh
./dnsleaktest.sh
Your IP:
181.214.153.146 [Canada, AS174 Cogent Communications]You use 1 DNS server:
162.158.145.99 [Canada, AS13335 CloudFlare Inc.]Conclusion:
DNS may be leaking.
root@b43d57320d68:/tmp# rm dnsleaktest.sh
root@b43d57320d68:/tmp#Note: The above was actually from the OpenVPN container itself.
I had to add some packages to get it working from another container, but finally got there:
Quoteroot@b43d57320d68:/tmp# curl -s https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh -o dnsleaktest.sh
root@b43d57320d68:/tmp# chmod +x dnsleaktest.sh
./dnsleaktest.sh
Your IP:
181.214.153.146 [Canada, AS174 Cogent Communications]You use 1 DNS server:
162.158.145.99 [Canada, AS13335 CloudFlare Inc.]Conclusion:
DNS may be leaking. -
So then I tried this:
Quoteroot@b43d57320d68:/# curl https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh > dnsleaktest.sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3273 100 3273 0 0 38815 0 --:--:-- --:--:-- --:--:-- 38964
root@b43d57320d68:/# sh dnsleaktest.sh
dnsleaktest.sh: line 109: syntax error: unexpected redirectionWith line 109 being the:
" done <<< "$result_txt""
-
And tried it without the -
Quoteroot@b43d57320d68:/# curl https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh | sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3273 100 3273 0 0 40282 0 --:--:-- --:--:-- --:--:-- 40407
sh: syntax error: unexpected redirection -
7 minutes ago, ich777 said:
This should do the trick:
curl https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh | sh -
You'd think but nope, swing and a miss:
Quoteroot@b43d57320d68:/# curl https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh | sh -
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3273 100 3273 0 0 15413 0 --:--:-- --:--:-- --:--:-- 15438
sh: syntax error: unexpected redirection -
26 minutes ago, ich777 said:
Oh sorry, you actually have to execute the script too.
I‘m currently on the go and have not seen that.
Well, this is where me being totally useless in Docker and mostly useless in Linux comes in.
So...I'll just watch to hear from you when you're back.
-
6 minutes ago, ich777 said:
I esited my post above. Please run the command from all connected VPN containers.
Yeah, I haven't worked out a way to do things from inside a container. I'm getting this when I run your command:
root@b43d57320d68:/# curl https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh -o dnsleaktest.sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 3273 100 3273 0 0 38042 0 --:--:-- --:--:-- --:--:-- 38505
The output file isn't interesting from what I can tell:
Quoteroot@b43d57320d68:/# cat dnsleaktest.sh
#!/usr/bin/env bash
#usage: ./dnsleaktest.sh [-i interface_ip|interface_name]
#example: ./dnsleaktest.sh -i eth1
# ./dnsleaktest.sh -i 10.0.0.2RED='\033[0;31m'
BOLD='\033[1m'
NC='\033[0m'
api_domain='bash.ws'
error_code=1getopts "i:" opt
interface=$OPTARGfunction echo_bold {
echo -e "${BOLD}${1}${NC}"
}if [ -z "$interface" ]; then
curl_interface=""
ping_interface=""
else
curl_interface="--interface ${interface}"
ping_interface="-I ${interface}"
echo_bold "Interface: ${interface}"
echo ""
fifunction increment_error_code {
error_code=$((error_code + 1))
}function echo_error {
(>&2 echo -e "${RED}${1}${NC}")
}function require_command {
command -v $1 > /dev/null
if [ $? -ne 0 ]; then
echo_error "Please, install \"$1\""
exit $error_code
fi
increment_error_code
}function check_internet_connection {
curl --silent --head ${curl_interface} --request GET "https://${api_domain}" | grep "200 OK" > /dev/null
if [ $? -ne 0 ]; then
echo_error "No internet connection."
exit $error_code
fi
increment_error_code
}require_command curl
require_command ping
check_internet_connectionif command -v jq &> /dev/null; then
jq_exists=1
else
jq_exists=0
fiif hash shuf 2>/dev/null; then
id=$(shuf -i 1000000-9999999 -n 1)
else
id=$(jot -w %i -r 1 1000000 9999999)
fifor i in $(seq 1 10); do
ping -c 1 ${ping_interface} "${i}.${id}.${api_domain}" > /dev/null 2>&1
donefunction print_servers {
if (( $jq_exists )); then
echo ${result_json} | \
jq --monochrome-output \
--raw-output \
".[] | select(.type == \"${1}\") | \"\(.ip)\(if .country_name != \"\" and .country_name != false then \" [\(.country_name)\(if .asn != \"\" and .asn != false then \" \(.asn)\" else \"\" end)]\" else \"\" end)\""else
while IFS= read -r line; do
if [[ "$line" != *${1} ]]; then
continue
fiip=$(echo $line | cut -d'|' -f 1)
code=$(echo $line | cut -d'|' -f 2)
country=$(echo $line | cut -d'|' -f 3)
asn=$(echo $line | cut -d'|' -f 4)if [ -z "${ip// }" ]; then
continue
fiif [ -z "${country// }" ]; then
echo "$ip"
else
if [ -z "${asn// }" ]; then
echo "$ip [$country]"
else
echo "$ip [$country, $asn]"
fi
fi
done <<< "$result_txt"fi
}
if (( $jq_exists )); then
result_json=$(curl ${curl_interface} --silent "https://${api_domain}/dnsleak/test/${id}?json")
else
result_txt=$(curl ${curl_interface} --silent "https://${api_domain}/dnsleak/test/${id}?txt")
fidns_count=$(print_servers "dns" | wc -l)
echo_bold "Your IP:"
print_servers "ip"echo ""
if [ ${dns_count} -eq "0" ];then
echo_bold "No DNS servers found"
else
if [ ${dns_count} -eq "1" ];then
echo_bold "You use ${dns_count} DNS server:"
else
echo_bold "You use ${dns_count} DNS servers:"
fi
print_servers "dns"
fiecho ""
echo_bold "Conclusion:"
print_servers "conclusion"exit 0root@b43d57320d68:/#
-
8 minutes ago, ich777 said:
Have you disabled IPv6 for this container? With IPv6 it is possible that it leaks your IP.
May I ask how this thing is working to detect your real IP? Do you create a link on your local PC or do you download something from your local PC that you put then into your downloader (btw do you use a VPN too to create the link/file that tests your VPN in the container)?
I had the same settings as our guy above, so there was this: --sysctl net.ipv6.conf.all.disable_ipv6=1
Which I would ASSUME kills IPv6. But I know nothing about the internal workings of docker containers, so if there's something else I should be setting, let me know and I'll be happy to give it a try.
As far as how it works to detect it, I....
1. Go to the site https://ipleak.net/ from my Windows PC (which is running the PIA VPN client)
2. Click the Torrent Address detection: Activate button that creates a custom .magnet link for me to download
3. I go to the QB web IP and paste the magnet link into the UI
Then their page shows something like this:
But in my case, it was actually showing two things - the above VPN IP and my own Comcast IP.
-
On 8/23/2023 at 7:45 AM, ich777 said:
Please try to use the version from @binhex which has a VPN built in and see if it's the same.
For what it's worth, I'm experiencing exactly the same thing.
Trying Binhex and routing it via this container now to see what I can see.
-
I try to be good, but man 336 is a lot of pages.
I've resurrected a saved config (as I'd stopped using this particular docker for a while) and on install I'm getting this in a loop.
2021-04-08 15:38:31,292 DEBG 'start-script' stdout output:
[warn] Unable to successfully download PIA json payload from URL 'https://10.5.112.1:19999/getSignature' using token '(token hidden)'I'm sure there's a simple solution here, but I can't seem to find it.
[Support] ich777 - Application Dockers
in Docker Containers
Posted
...just as an FYI, I haven't actually implemented the connected containers thing yet.
However, since the PREVIOUS update you suggested, I haven't had to forcibly update the OpenVPN container (or manually get the Arrs to recheck their indexers and downloaders).
So thanks for the help, and if I do have problems again I'll hit up the connected containers bit.