NAS-newbie Posted May 30, 2023 Share Posted May 30, 2023 Trying to make the Gluetun UnRAID container to work with wireguard on winscribe VPN. The configuration I downloaded from winscribe looks like this: [Interface] PrivateKey = REDACTED Address = 100.119.95.165/32 DNS = 10.255.255.3 [Peer] PublicKey = REDACTED AllowedIPs = 0.0.0.0/0, ::/0 Endpoint = arn-159-wg.whiskergalaxy.com:65142 PresharedKey = REDACTED and the resulting docker parameters after my configuration looks like this: docker run -d --name='GluetunVPN' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e HOST_HOSTNAME="REDACTED" -e HOST_CONTAINERNAME="GluetunVPN" -e 'TZ'='CET' -e 'VPN_SERVICE_PROVIDER'='windscribe' -e 'VPN_TYPE'='wireguard' -e 'VPN_INTERFACE'='tun0' -e 'OPENVPN_PROTOCOL'='udp' -e 'OPENVPN_VERSION'='2.5' -e 'OPENVPN_VERBOSITY'='1' -e 'OPENVPN_PROCESS_USER'='no' -e 'OPENVPN_IPV6'='off' -e 'WIREGUARD_IMPLEMENTATION'='auto' -e 'WIREGUARD_PRIVATE_KEY'='REDACTED' -e 'WIREGUARD_PRESHARED_KEY'='REDACTED' -e 'WIREGUARD_ADDRESSES'='100.119.95.165/32' -e 'SERVER_REGIONS'='' -e 'SERVER_COUNTRIES'='' -e 'SERVER_CITIES'='' -e 'SERVER_NAMES'='' -e 'SERVER_HOSTNAMES'='' -e 'FIREWALL'='on' -e 'FIREWALL_VPN_INPUT_PORTS'='' -e 'FIREWALL_INPUT_PORTS'='' -e 'FIREWALL_OUTBOUND_SUBNETS'='' -e 'FIREWALL_DEBUG'='off' -e 'LOG_LEVEL'='info' -e 'DOT'='on' -e 'DOT_PROVIDERS'='cloudflare' -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112' -e 'DOT_VERBOSITY'='1' -e 'DOT_VERBOSITY_DETAILS'='0' -e 'DOT_VALIDATION_LOGLEVEL'='0' -e 'DOT_CACHING'='on' -e 'DOT_IPV6'='off' -e 'BLOCK_MALICIOUS'='on' -e 'BLOCK_SURVEILLANCE'='off' -e 'BLOCK_ADS'='off' -e 'UNBLOCK'='' -e 'DNS_UPDATE_PERIOD'='24h' -e 'DNS_ADDRESS'='10.255.255.3' -e 'DNS_KEEP_NAMESERVER'='on' -e 'HTTPPROXY'='on' -e 'HTTPPROXY_LOG'='off' -e 'HTTPPROXY_STEALTH'='off' -e 'SHADOWSOCKS'='off' -e 'SHADOWSOCKS_LOG'='off' -e ':8388'=':8388' -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305' -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999' -e 'HEALTH_TARGET_ADDRESS'='github.com:443' -e 'HEALTH_VPN_DURATION_INITIAL'='6s' -e 'HEALTH_VPN_DURATION_ADDITION'='5s' -e 'UPDATER_PERIOD'='0' -e 'PUBLICIP_FILE'='/gluetun/ip' -e 'PUBLICIP_PERIOD'='12h' -e 'VERSION_INFORMATION'='on' -e 'HTTP_CONTROL_SERVER_LOG'='on' -e 'PUID'='1000' -e 'PGID'='1000' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.webui='http://[IP]:[PORT:8000]' -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png' -p '8888:8888/tcp' -p '8000:8000/tcp' -v '/mnt/user/appdata/gluetun':'/gluetun':'rw' --cap-add=NET_ADMIN --restart always 'qmcgaw/gluetun' I get the following in my logs: 023-05-30T18:35:28+02:00 WARN [dns over tls] cannot update files: Get "https://www.internic.net/domain/named.root": context deadline exceeded (Client.Timeout exceeded while awaiting headers) 2023-05-30T18:35:28+02:00 INFO [dns over tls] attempting restart in 40s 2023-05-30T18:35:39+02:00 INFO [healthcheck] program has been unhealthy for 26s: restarting VPN (see https://github.com/qdm12/gluetun/wiki/Healthcheck) 2023-05-30T18:35:39+02:00 INFO [vpn] stopping 2023-05-30T18:35:39+02:00 INFO [vpn] starting and the HTTP proxy does does not work on port 8888 as I expected it to. I had expected to put in the endpoint arn-159-wg.whiskergalaxy.com:65142 somewhere but perhaps not needed? What else may be wrong.... Quote Link to comment
biggiesize Posted May 30, 2023 Author Share Posted May 30, 2023 2 hours ago, NAS-newbie said: Trying to make the Gluetun UnRAID container to work with wireguard on winscribe VPN. The configuration I downloaded from winscribe looks like this: [Interface] PrivateKey = REDACTED Address = 100.119.95.165/32 DNS = 10.255.255.3 [Peer] PublicKey = REDACTED AllowedIPs = 0.0.0.0/0, ::/0 Endpoint = arn-159-wg.whiskergalaxy.com:65142 PresharedKey = REDACTED and the resulting docker parameters after my configuration looks like this: docker run -d --name='GluetunVPN' --net='bridge' -e TZ="Europe/Berlin" -e HOST_OS="Unraid" -e HOST_HOSTNAME="REDACTED" -e HOST_CONTAINERNAME="GluetunVPN" -e 'TZ'='CET' -e 'VPN_SERVICE_PROVIDER'='windscribe' -e 'VPN_TYPE'='wireguard' -e 'VPN_INTERFACE'='tun0' -e 'OPENVPN_PROTOCOL'='udp' -e 'OPENVPN_VERSION'='2.5' -e 'OPENVPN_VERBOSITY'='1' -e 'OPENVPN_PROCESS_USER'='no' -e 'OPENVPN_IPV6'='off' -e 'WIREGUARD_IMPLEMENTATION'='auto' -e 'WIREGUARD_PRIVATE_KEY'='REDACTED' -e 'WIREGUARD_PRESHARED_KEY'='REDACTED' -e 'WIREGUARD_ADDRESSES'='100.119.95.165/32' -e 'SERVER_REGIONS'='' -e 'SERVER_COUNTRIES'='' -e 'SERVER_CITIES'='' -e 'SERVER_NAMES'='' -e 'SERVER_HOSTNAMES'='' -e 'FIREWALL'='on' -e 'FIREWALL_VPN_INPUT_PORTS'='' -e 'FIREWALL_INPUT_PORTS'='' -e 'FIREWALL_OUTBOUND_SUBNETS'='' -e 'FIREWALL_DEBUG'='off' -e 'LOG_LEVEL'='info' -e 'DOT'='on' -e 'DOT_PROVIDERS'='cloudflare' -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112' -e 'DOT_VERBOSITY'='1' -e 'DOT_VERBOSITY_DETAILS'='0' -e 'DOT_VALIDATION_LOGLEVEL'='0' -e 'DOT_CACHING'='on' -e 'DOT_IPV6'='off' -e 'BLOCK_MALICIOUS'='on' -e 'BLOCK_SURVEILLANCE'='off' -e 'BLOCK_ADS'='off' -e 'UNBLOCK'='' -e 'DNS_UPDATE_PERIOD'='24h' -e 'DNS_ADDRESS'='10.255.255.3' -e 'DNS_KEEP_NAMESERVER'='on' -e 'HTTPPROXY'='on' -e 'HTTPPROXY_LOG'='off' -e 'HTTPPROXY_STEALTH'='off' -e 'SHADOWSOCKS'='off' -e 'SHADOWSOCKS_LOG'='off' -e ':8388'=':8388' -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305' -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999' -e 'HEALTH_TARGET_ADDRESS'='github.com:443' -e 'HEALTH_VPN_DURATION_INITIAL'='6s' -e 'HEALTH_VPN_DURATION_ADDITION'='5s' -e 'UPDATER_PERIOD'='0' -e 'PUBLICIP_FILE'='/gluetun/ip' -e 'PUBLICIP_PERIOD'='12h' -e 'VERSION_INFORMATION'='on' -e 'HTTP_CONTROL_SERVER_LOG'='on' -e 'PUID'='1000' -e 'PGID'='1000' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.webui='http://[IP]:[PORT:8000]' -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png' -p '8888:8888/tcp' -p '8000:8000/tcp' -v '/mnt/user/appdata/gluetun':'/gluetun':'rw' --cap-add=NET_ADMIN --restart always 'qmcgaw/gluetun' I get the following in my logs: 023-05-30T18:35:28+02:00 WARN [dns over tls] cannot update files: Get "https://www.internic.net/domain/named.root": context deadline exceeded (Client.Timeout exceeded while awaiting headers) 2023-05-30T18:35:28+02:00 INFO [dns over tls] attempting restart in 40s 2023-05-30T18:35:39+02:00 INFO [healthcheck] program has been unhealthy for 26s: restarting VPN (see https://github.com/qdm12/gluetun/wiki/Healthcheck) 2023-05-30T18:35:39+02:00 INFO [vpn] stopping 2023-05-30T18:35:39+02:00 INFO [vpn] starting and the HTTP proxy does does not work on port 8888 as I expected it to. I had expected to put in the endpoint arn-159-wg.whiskergalaxy.com:65142 somewhere but perhaps not needed? What else may be wrong.... Question before I start digging into the docker run you shared. Are you using docker run commands or are you using the template from CA? Quote Link to comment
NAS-newbie Posted May 31, 2023 Share Posted May 31, 2023 (edited) I am using the template but have deleted all "optional fields" with empty values related to OpenVPN to make the template more manageable (OpenVPN username and password must be deleted as I got an error message leaving them blank so assumed this was ok) as I only care for wireguard but maybe some of them must be passed empty values? I have double checked that I pasted in the "redacted" keys right so is fairly sure they are ok. Compared to some examples I have seen I am considering if any of the SERVER_XXXX are needed? When I tried filling some of them in the container did not even start so not sure of the syntax/allowed values in that case.... Edited May 31, 2023 by NAS-newbie Quote Link to comment
NAS-newbie Posted June 1, 2023 Share Posted June 1, 2023 On 5/30/2023 at 9:42 PM, biggiesize said: Question before I start digging into the docker run you shared. Are you using docker run commands or are you using the template from CA? Are any of the SERVER_XXXX parameters mandatory? Quote Link to comment
biggiesize Posted June 1, 2023 Author Share Posted June 1, 2023 9 hours ago, NAS-newbie said: Are any of the SERVER_XXXX parameters mandatory? Sorry, work has been taking up most of my available time lately. For Windscribe, the SERVER_XXXX variables are recommended but are not mandatory. If none of the variables are included or if they are all empty then Gluetun will choose a server randomly from ALL of the servers it is aware of. Quote Link to comment
NAS-newbie Posted June 4, 2023 Share Posted June 4, 2023 On 6/1/2023 at 5:14 PM, biggiesize said: Sorry, work has been taking up most of my available time lately. For Windscribe, the SERVER_XXXX variables are recommended but are not mandatory. If none of the variables are included or if they are all empty then Gluetun will choose a server randomly from ALL of the servers it is aware of. Redid the whole configuration one more time with new credentials and everything and now it works - not sure what I did wrong last time to be honest... Quote Link to comment
M8trix Posted June 10, 2023 Share Posted June 10, 2023 (edited) I am having an issue on GluetunVPN with Port Forwarding being recognized on Qbit. I am using PIA with the Toronto Servers (From my understanding PIA’s Canada Servers do forward). I have confirmed that I am able to connect to the internet through the VPN. My unraid setup is below. The 8080 tcp is for Qbit to route through the Docker. Qbit’s port in the UI is 52000. What am I doing wrong? Any assistance is appreciated. docker run -d --name='GluetunVPN' --net='dockernet' -e TZ="America/New_York" -e HOST_OS="Unraid" -e HOST_HOSTNAME="Zion" -e HOST_CONTAINERNAME="GluetunVPN" -e 'TZ'='America/New_York' -e 'VPN_SERVICE_PROVIDER'='private internet access' -e 'VPN_TYPE'='openvpn' -e 'VPN_INTERFACE'='tun0' -e 'VPN_ENDPOINT_PORT'='' -e 'VPN_ENDPOINT_IP'='' -e 'OPENVPN_PROTOCOL'='udp' -e 'OPENVPN_USER'=XXXXXX -e 'OPENVPN_PASSWORD'=XXXXXXX -e 'OPENVPN_VERSION'='2.5' -e 'OPENVPN_VERBOSITY'='1' -e 'OPENVPN_FLAGS'='' -e 'OPENVPN_CIPHERS'='' -e 'OPENVPN_AUTH'='' -e 'OPENVPN_PROCESS_USER'='no' -e 'OPENVPN_IPV6'='off' -e 'OPENVPN_CUSTOM_CONFIG'='' -e 'WIREGUARD_IMPLEMENTATION'='auto' -e 'WIREGUARD_PRIVATE_KEY'='' -e 'WIREGUARD_PRESHARED_KEY'='' -e 'WIREGUARD_PUBLIC_KEY'='' -e 'WIREGUARD_ADDRESSES'='' -e 'SERVER_REGIONS'='CA Toronto' -e 'SERVER_COUNTRIES'='' -e 'SERVER_CITIES'='' -e 'SERVER_NAMES'='' -e 'SERVER_HOSTNAMES'='' -e 'FIREWALL'='on' -e 'FIREWALL_VPN_INPUT_PORTS'='52000' -e 'FIREWALL_INPUT_PORTS'='' -e 'FIREWALL_OUTBOUND_SUBNETS'='' -e 'FIREWALL_DEBUG'='off' -e 'LOG_LEVEL'='info' -e 'DOT'='on' -e 'DOT_PROVIDERS'='quad9' -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112' -e 'DOT_VERBOSITY'='1' -e 'DOT_VERBOSITY_DETAILS'='0' -e 'DOT_VALIDATION_LOGLEVEL'='0' -e 'DOT_CACHING'='on' -e 'DOT_IPV6'='off' -e 'BLOCK_MALICIOUS'='on' -e 'BLOCK_SURVEILLANCE'='on' -e 'BLOCK_ADS'='off' -e 'UNBLOCK'='' -e 'DNS_UPDATE_PERIOD'='24h' -e 'DNS_ADDRESS'='' -e 'DNS_KEEP_NAMESERVER'='on' -e 'HTTPPROXY'='on' -e 'HTTPPROXY_LOG'='off' -e 'HTTPPROXY_USER'='' -e 'HTTPPROXY_PASSWORD'='' -e 'HTTPPROXY_STEALTH'='off' -e 'SHADOWSOCKS'='on' -e 'SHADOWSOCKS_LOG'='off' -e ':8388'='8388' -e 'SHADOWSOCKS_PASSWORD'='' -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305' -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999' -e 'HEALTH_TARGET_ADDRESS'='github.com:443' -e 'HEALTH_VPN_DURATION_INITIAL'='6s' -e 'HEALTH_VPN_DURATION_ADDITION'='5s' -e 'UPDATER_PERIOD'='0' -e 'PUBLICIP_FILE'='/gluetun/ip' -e 'PUBLICIP_PERIOD'='12h' -e 'VERSION_INFORMATION'='on' -e 'HTTP_CONTROL_SERVER_LOG'='on' -e 'PUID'='1000' -e 'PGID'='1000' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.webui='http://[IP]:[PORT:8000]' -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png' -p '8888:8888/tcp' -p '8080:8080/tcp' -p '8000:8000/tcp' -v '/mnt/cache_nvme/appdata/gluetun/':'/gluetun':'rw' --cap-add=NET_ADMIN --restart always 'qmcgaw/gluetun' Edited June 10, 2023 by Kevin McTague Quote Link to comment
biggiesize Posted June 10, 2023 Author Share Posted June 10, 2023 44 minutes ago, Kevin McTague said: I am having an issue on GluetunVPN with Port Forwarding being recognized on Qbit. I am using PIA with the Toronto Servers (From my understanding PIA’s Canada Servers do forward). I have confirmed that I am able to connect to the internet through the VPN. My unraid setup is below. The 8080 tcp is for Qbit to route through the Docker. Qbit’s port in the UI is 52000. What am I doing wrong? Any assistance is appreciated. docker run -d --name='GluetunVPN' --net='dockernet' -e TZ="America/New_York" -e HOST_OS="Unraid" -e HOST_HOSTNAME="Zion" -e HOST_CONTAINERNAME="GluetunVPN" -e 'TZ'='America/New_York' -e 'VPN_SERVICE_PROVIDER'='private internet access' -e 'VPN_TYPE'='openvpn' -e 'VPN_INTERFACE'='tun0' -e 'VPN_ENDPOINT_PORT'='' -e 'VPN_ENDPOINT_IP'='' -e 'OPENVPN_PROTOCOL'='udp' -e 'OPENVPN_USER'=XXXXXX -e 'OPENVPN_PASSWORD'=XXXXXXX -e 'OPENVPN_VERSION'='2.5' -e 'OPENVPN_VERBOSITY'='1' -e 'OPENVPN_FLAGS'='' -e 'OPENVPN_CIPHERS'='' -e 'OPENVPN_AUTH'='' -e 'OPENVPN_PROCESS_USER'='no' -e 'OPENVPN_IPV6'='off' -e 'OPENVPN_CUSTOM_CONFIG'='' -e 'WIREGUARD_IMPLEMENTATION'='auto' -e 'WIREGUARD_PRIVATE_KEY'='' -e 'WIREGUARD_PRESHARED_KEY'='' -e 'WIREGUARD_PUBLIC_KEY'='' -e 'WIREGUARD_ADDRESSES'='' -e 'SERVER_REGIONS'='CA Toronto' -e 'SERVER_COUNTRIES'='' -e 'SERVER_CITIES'='' -e 'SERVER_NAMES'='' -e 'SERVER_HOSTNAMES'='' -e 'FIREWALL'='on' -e 'FIREWALL_VPN_INPUT_PORTS'='52000' -e 'FIREWALL_INPUT_PORTS'='' -e 'FIREWALL_OUTBOUND_SUBNETS'='' -e 'FIREWALL_DEBUG'='off' -e 'LOG_LEVEL'='info' -e 'DOT'='on' -e 'DOT_PROVIDERS'='quad9' -e 'DOT_PRIVATE_ADDRESS'='127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,169.254.0.0/16,::1/128,fc00::/7,fe80::/10,::ffff:7f00:1/104,::ffff:a00:0/104,::ffff:a9fe:0/112,::ffff:ac10:0/108,::ffff:c0a8:0/112' -e 'DOT_VERBOSITY'='1' -e 'DOT_VERBOSITY_DETAILS'='0' -e 'DOT_VALIDATION_LOGLEVEL'='0' -e 'DOT_CACHING'='on' -e 'DOT_IPV6'='off' -e 'BLOCK_MALICIOUS'='on' -e 'BLOCK_SURVEILLANCE'='on' -e 'BLOCK_ADS'='off' -e 'UNBLOCK'='' -e 'DNS_UPDATE_PERIOD'='24h' -e 'DNS_ADDRESS'='' -e 'DNS_KEEP_NAMESERVER'='on' -e 'HTTPPROXY'='on' -e 'HTTPPROXY_LOG'='off' -e 'HTTPPROXY_USER'='' -e 'HTTPPROXY_PASSWORD'='' -e 'HTTPPROXY_STEALTH'='off' -e 'SHADOWSOCKS'='on' -e 'SHADOWSOCKS_LOG'='off' -e ':8388'='8388' -e 'SHADOWSOCKS_PASSWORD'='' -e 'SHADOWSOCKS_CIPHER'='chacha20-ietf-poly1305' -e 'HEALTH_SERVER_ADDRESS'='127.0.0.1:9999' -e 'HEALTH_TARGET_ADDRESS'='github.com:443' -e 'HEALTH_VPN_DURATION_INITIAL'='6s' -e 'HEALTH_VPN_DURATION_ADDITION'='5s' -e 'UPDATER_PERIOD'='0' -e 'PUBLICIP_FILE'='/gluetun/ip' -e 'PUBLICIP_PERIOD'='12h' -e 'VERSION_INFORMATION'='on' -e 'HTTP_CONTROL_SERVER_LOG'='on' -e 'PUID'='1000' -e 'PGID'='1000' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.webui='http://[IP]:[PORT:8000]' -l net.unraid.docker.icon='https://raw.githubusercontent.com/qdm12/gluetun/master/doc/logo_256.png' -p '8888:8888/tcp' -p '8080:8080/tcp' -p '8000:8000/tcp' -v '/mnt/cache_nvme/appdata/gluetun/':'/gluetun':'rw' --cap-add=NET_ADMIN --restart always 'qmcgaw/gluetun' I personally do not use port forwarding but the developer has an excellent Wiki. Port forwarding for PIA should be documented here: https://github.com/qdm12/gluetun/wiki/Private-internet-access 1 Quote Link to comment
chrismuc Posted June 13, 2023 Share Posted June 13, 2023 Hey there, I've been failing to route any container (preferably hotio/qbittorrent) through gluetun vpn. I just keep getting funny error messages when I try to start the qbittorrent container after deleting port mappings and changing the network to container:gluetun. Also some docker network adapter seems to be doing funny things. Can please someone try to help? Thank you in advance! I've created a docker network named "container:gluetun". The gluetun container is named "gluetun". I've manually changed the gluetun web UI port to 8001, as 8000 is occupied already. Now this is what happens: gluetun starts, but I can't access logs (window opens and quickly closes again). When I try to start qbittorrent, I'm getting this error: When I edit the qbittorrent template, I can see the docker run command and getting this error message about gluetun container being in the process of restarting: And when I check the Unraid system log, there's something funny going on with the docker network: This is my gluetun config: and this is my qbittorrent template: Quote Link to comment
biggiesize Posted June 13, 2023 Author Share Posted June 13, 2023 3 hours ago, chrismuc said: Hey there, I've been failing to route any container (preferably hotio/qbittorrent) through gluetun vpn. I just keep getting funny error messages when I try to start the qbittorrent container after deleting port mappings and changing the network to container:gluetun. Also some docker network adapter seems to be doing funny things. Can please someone try to help? Thank you in advance! A few insights: If the logs window for gluetun keeps cycling it means that the container is constantly restarting. The container defaults to restart always. This is for privacy and security reasons. If gluetun is either stopped or restarting then the containers that use gluetun for network connection all become unavailable. The usual cause for gluetun constantly restarting is a bad config or bad credentials. If you turn on advanced view (toggle in the upper right corner) when editing gluetun, you can remove the always restart flag from the extra parameters field for troubleshooting. This should be added back once troubleshooting is complete. What I noticed just from glancing at your config: VPN_ENDPOINT_PORT - Make sure this is the correct port you need to use with Wireguard Firewall should always be on unless you are troubleshooting something being blocked FIREWALL_INPUT_PORTS - This needs to be a comma separated list of the port numbers you need to access outside the VPN tunnel. No need to specify TCP or UDP. e.g. 8080,6881 The same ports in FIREWALL_INPUT_PORTS need to be added to FIREWALL_VPN_INPUT_PORTS. This is due to the way docker networking works. FIREWALL_OUTBOUND_SUBNETS - This need to be your local network IP range in CIDR format e.g. 192.168.1.0/16 Quote Link to comment
csmstyle Posted June 26, 2023 Share Posted June 26, 2023 On 5/26/2023 at 1:19 PM, biggiesize said: You will need to remove the port variable from qBittorrent, add it to Gluetun, and also add the port number to FIREWALL_VPN_INPUT_PORTS and FIREWALL_INPUT_PORTS. Can you clarify what you mean by this? Do I blank out the webui port from qbit settings WebUI prior to changing its networking over to gluetun or do I remove the WEBUI reference during the container install? Can I just hit edit and remove any reference of WebUI for the container config in Unraid? For some reason all I get is connection refused when trying to open the WebUI once Qbit is routed thru gluetun. I am certain I've followed all the advice about adding ports in the gluetun configuration plus adding my subnet in CIDR format. Quote Link to comment
biggiesize Posted June 26, 2023 Author Share Posted June 26, 2023 2 hours ago, csmstyle said: Can you clarify what you mean by this? Do I blank out the webui port from qbit settings WebUI prior to changing its networking over to gluetun or do I remove the WEBUI reference during the container install? Can I just hit edit and remove any reference of WebUI for the container config in Unraid? For some reason all I get is connection refused when trying to open the WebUI once Qbit is routed thru gluetun. I am certain I've followed all the advice about adding ports in the gluetun configuration plus adding my subnet in CIDR format. You do not need to remove the port configuration inside the qbittorrent application. Just edit the container and remove the ports there. Stop the qbittorrent container. Then add the ports to gluetun. Then once gluetun is running and healthy start qbittorrent. Quote Link to comment
impalerware Posted June 28, 2023 Share Posted June 28, 2023 Did the ddns-updater template disappear? Doesn't show up when searching anymore. Quote Link to comment
biggiesize Posted June 28, 2023 Author Share Posted June 28, 2023 3 hours ago, impalerware said: Did the ddns-updater template disappear? Doesn't show up when searching anymore. Looks like I accidently introduced some bad XML in the last update. I just pushed an update that hopefully brings it back. Quote Link to comment
Froberg Posted July 1, 2023 Share Posted July 1, 2023 Asking here if anyone's actually using it.. Genea was Updated on Mar 23, 2022 last.. doesn't exactly inspire confidence. The issue tracker doesn't appear to be getting responses. Abandonware, or? Quote Link to comment
doctortt Posted July 9, 2023 Share Posted July 9, 2023 (edited) The health check in Gluetun is so annoying. I keep on getting unhealthy constantly. I looked up on Github and tried several things. None of them work and my log keeps on flip flopping between unhealthy and healthy. I use openvpn within Gluetun. With that, Im thinking if I should just ditch Gluetun and use openvpn docker instead to make things more simple. The docker template on Community Application comes with so many variables; can someone please tell me which variables I can just remove them from the template? Edited July 9, 2023 by doctortt Quote Link to comment
biggiesize Posted July 10, 2023 Author Share Posted July 10, 2023 21 hours ago, doctortt said: The docker template on Community Application comes with so many variables; can someone please tell me which variables I can just remove them from the template? All of the health check variables are optional but what is included in the template are the application defaults. Most of the variables that are considered optional have OPTIONAL: in the variable description. Quote Link to comment
doctortt Posted July 18, 2023 Share Posted July 18, 2023 On 7/10/2023 at 10:10 AM, biggiesize said: All of the health check variables are optional but what is included in the template are the application defaults. Most of the variables that are considered optional have OPTIONAL: in the variable description. I deleted all those optional health check components in the docker template, but when I started the Gluetun docker, those health settings came back. See screenshot please. Quote Link to comment
biggiesize Posted July 18, 2023 Author Share Posted July 18, 2023 22 minutes ago, doctortt said: I deleted all those optional health check components in the docker template, but when I started the Gluetun docker, those health settings came back. See screenshot please. Correct, because that is what Gluetun defaults to. Can you post the entire log? It obfuscates all important details. I would like to rule out some other config issue. Quote Link to comment
doctortt Posted July 18, 2023 Share Posted July 18, 2023 (edited) 14 hours ago, biggiesize said: Correct, because that is what Gluetun defaults to. Can you post the entire log? It obfuscates all important details. I would like to rule out some other config issue. I will post the logs later. How do I get rid of those health check? They seem unnecessary to me and I thought removing the OPTIONAL components in the docker template would get rid of the health check, but that's not the case. I just feel that Gluetun overall over-complicates things. VPN should just be light weight - no reason to default many unnecessary components. Edited July 18, 2023 by doctortt Quote Link to comment
doctortt Posted July 20, 2023 Share Posted July 20, 2023 (edited) On 7/18/2023 at 1:24 AM, biggiesize said: Correct, because that is what Gluetun defaults to. Can you post the entire log? It obfuscates all important details. I would like to rule out some other config issue. See log full log below. I really don't want any OPTIONAL components to be loaded. If they were called OPTIONAL, no reasons they should be loaded by default even if they were not specified in the docker template. I keep on getting those healthy and unhealthy status in log, and it's very annoying. If that's the case, I might just go ahead to use the openvpn docker directly - something simple and straight forward. ``` ├── OpenVPN version: 2.5 | ├── User: [set] | ├── Password: [set] | ├── Ciphers: [aes-128-cbc] | ├── Auth: sha256 | ├── Network interface: tun0 | ├── Run OpenVPN as: no | └── Verbosity level: 1 ├── DNS settings: | ├── DNS server address to use: 127.0.0.1 | ├── Keep existing nameserver(s): no | └── DNS over TLS settings: | ├── Enabled: yes | ├── Update period: every 24h0m0s | ├── Unbound settings: | | ├── Authoritative servers: | | | └── cloudflare | | ├── Caching: yes | | ├── IPv6: no | | ├── Verbosity level: 1 | | ├── Verbosity details level: 0 | | ├── Validation log level: 0 | | ├── System user: root | | └── Allowed networks: | | ├── 0.0.0.0/0 | | └── ::/0 | └── DNS filtering settings: | ├── Block malicious: yes | ├── Block ads: no | ├── Block surveillance: no | └── Blocked IP networks: | ├── 127.0.0.1/8 | ├── 10.0.0.0/8 | ├── 172.16.0.0/12 | ├── 192.168.0.0/16 | ├── 169.254.0.0/16 | ├── ::1/128 | ├── fc00::/7 | ├── fe80::/10 | ├── ::ffff:127.0.0.1/104 | ├── ::ffff:10.0.0.0/104 | ├── ::ffff:169.254.0.0/112 | ├── ::ffff:172.16.0.0/108 | └── ::ffff:192.168.0.0/112 ├── Firewall settings: | ├── Enabled: yes | └── Outbound subnets: | └── 192.168.1.0/24 ├── Log settings: | └── Log level: INFO ├── Health settings: | ├── Server listening address: 127.0.0.1:9999 | ├── Target address: cloudflare.com:443 | ├── Duration to wait after success: 5s | ├── Read header timeout: 100ms | ├── Read timeout: 500ms | └── VPN wait durations: | ├── Initial duration: 6s | └── Additional duration: 5s ├── Shadowsocks server settings: | └── Enabled: no ├── HTTP proxy settings: | └── Enabled: no ├── Control server settings: | ├── Listening address: :8000 | └── Logging: yes ├── OS Alpine settings: | ├── Process UID: 1000 | ├── Process GID: 1000 | └── Timezone: america/new_york ├── Public IP settings: | ├── Fetching: every 12h0m0s | └── IP file path: /tmp/gluetun/ip └── Version settings: └── Enabled: yes ``` Edited July 20, 2023 by doctortt Quote Link to comment
biggiesize Posted July 20, 2023 Author Share Posted July 20, 2023 1 hour ago, doctortt said: See log full log below. I really don't want any OPTIONAL components to be loaded. If they were called OPTIONAL, no reasons they should be loaded by default even if they were not specified in the docker template. I keep on getting those healthy and unhealthy status in log, and it's very annoying. If that's the case, I might just go ahead to use the openvpn docker directly - something simple and straight forward. There is nothing that stands out as an obvious misconfiguration. The logs showing an I/O timeout will eventually occur to most users. It happening every 6 seconds generally shows when the server you're connecting to is invalid or the IP doesn't match anymore or that the server crashed. That scenario depends on how you are determining which servers to connect to. Are you specifying a single server only, a region, etc. The health check component is not optional and can not be disabled, only the variables are optional. This is by design as it leverages the docker health check. I would suggest looking into the extensive Wiki (here is the specific page on the healthcheck) or opening an issue with the dev. https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md Quote Link to comment
tmor2 Posted August 13, 2023 Share Posted August 13, 2023 Docker won't start, installation works. The only thing I changed after installing is time zone and webui port (incl. advanced option "WebUI=http://[IP]:[PORT:8899]") Error in logs says: "2023-08-12T23:57:43-04:00 ERROR cannot write configuration to file: open /updater/data/config.json: permission denied" What is solution? Quote Link to comment
biggiesize Posted August 13, 2023 Author Share Posted August 13, 2023 2 hours ago, tmor2 said: Docker won't start, installation works. The only thing I changed after installing is time zone and webui port (incl. advanced option "WebUI=http://[IP]:[PORT:8899]") Error in logs says: "2023-08-12T23:57:43-04:00 ERROR cannot write configuration to file: open /updater/data/config.json: permission denied" What is solution? Did you follow the instructions when creating the config.json file and change the owner and permissions? Quote Link to comment
davidudl Posted August 15, 2023 Share Posted August 15, 2023 Hello, i get some weird behaviour regarding port mappings with docker containers which are routed through Gluetun (see picture). The containers routed through Gluetun show port mappings of other containers which are NOT routed through Gluetun. In this case port 3306 is a MariaDB container and the other ones are from Jellyfin. It seems every time i restart the containers, they show other mappings. Everything seems to be working fine regardless, but why does this happen? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.