binhex Posted June 12 Author Share Posted June 12 11 minutes ago, rikdegraaff said: I forwarded it through my binhex-qBittorrentVPN container, and when opening local url 192.168.x.x:5900/6080, or cloudflare url it gives me now the following error: The connection has timed out. In the log now the warning: 2024-06-12 15:26:48,276 DEBG 'start' stdout output: [12/06/24 15:26:48] You need to specify a username and password before connecting… 2024-06-12 15:33:58,760 DEBG 'start' stderr output: Wed Jun 12 15:33:58 2024 Connections: accepted: 172.17.0.1::46436 2024-06-12 15:33:58,788 DEBG 'start' stderr output: VNCSConnST: closing 172.17.0.1::46436: reading version failed: not an RFB client? EncodeManager: Framebuffer updates: 0 EncodeManager: Total: 0 rects, 0 pixels EncodeManager: 0 B (1:-nan ratio) Connections: closed: 172.17.0.1::46436 ComparingUpdateTracker: 0 pixels in / 0 pixels out ComparingUpdateTracker: (1:-nan ratio) 2024-06-12 15:33:59,281 DEBG 'start' stderr output: Wed Jun 12 15:33:59 2024 Connections: accepted: 172.17.0.1::46442 2024-06-12 15:33:59,317 DEBG 'start' stderr output: VNCSConnST: closing 172.17.0.1::46442: reading version failed: not an RFB client? EncodeManager: Framebuffer updates: 0 EncodeManager: Total: 0 rects, 0 pixels EncodeManager: 0 B (1:-nan ratio) Connections: 2024-06-12 15:33:59,317 DEBG 'start' stderr output: closed: 172.17.0.1::46442 ComparingUpdateTracker: 0 pixels in / 0 pixels out ComparingUpdateTracker: (1:-nan ratio) Check you have followed all steps to network share, Please see Q24 from the following link:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md also for now i would advise ignore cloudflare, get it working locally. Quote Link to comment
rikdegraaff Posted June 12 Share Posted June 12 (edited) 53 minutes ago, binhex said: Check you have followed all steps to network share, Please see Q24 from the following link:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md also for now i would advise ignore cloudflare, get it working locally. The folders and ports exist only on the VPN container. I followed all the steps in your link Q24. But that didn't help at all. Here an overview of those dockers. EDIT: I have removed the cloudflare options, so it is only accessible from inside the home network. And I've edited LAN_NETWORK to the right ip address, now it gives me "RFB 003.008" in plain text. Edited June 12 by rikdegraaff See EDIT Quote Link to comment
rikdegraaff Posted June 12 Share Posted June 12 It is working now. Updated the CNAME record on Cloudflare and its working now locally and on the WWW. Thanks for all the effort and support, @binhex!!! 1 Quote Link to comment
JonathanM Posted June 12 Share Posted June 12 10 hours ago, binhex said: In a word, no, instead network sharing is where I'm trying to go with any future docker images, maintaining VPN enabled docker images is hard work so i would prefer to keep the workload as light as possible and leverage existing VPN connectivity instead, as mentioned above I am working on a solution to read in the incoming port from a VPN enabled docker container, the tricky part is reconfiguring Nicotine+ when the port changes. So in the eventual future, do you see independent VPN and application containers as the norm? Not to get too far ahead of you, but I'd love to see the possibility of multiple VPN endpoint containers, each able to support multiple of your application containers. For example, VPN1 with a PIA port forwarded connection, torrent and other file sharing containers pointed there, VPN2, a PIA or whatever, with various downloader apps assigned there. Some downloader apps get upset with out of area connections, it would be nice to easily set up 2 tunnels, one foreign, one local. Quote Link to comment
binhex Posted June 13 Author Share Posted June 13 12 hours ago, JonathanM said: So in the eventual future, do you see independent VPN and application containers as the norm? Not to get too far ahead of you, but I'd love to see the possibility of multiple VPN endpoint containers, each able to support multiple of your application containers. So if i had my time again i would produce one image similar if not the same to privoxyvpn, then document the crap out of it on how to connect any other container to it, it would mean smaller image sizes in that way (no need to bake in vpn clients to multiple images) and less complexity for me (single vpn image to deal with), but we are where we are, if I deprecated the use of delugevpn, sabnzbdvpn and qbittorrentvpn i think i would have a riot on my hands :-), so i will maintain them for the foreseeable. 12 hours ago, JonathanM said: For example, VPN1 with a PIA port forwarded connection, torrent and other file sharing containers pointed there, VPN2, a PIA or whatever, with various downloader apps assigned there. Some downloader apps get upset with out of area connections, it would be nice to easily set up 2 tunnels, one foreign, one local. Yeah i don't know if what you are suggesting is running multiple tunnels in a single container, or the idea of having multiple containers each connecting to a different vpn endpoint, the latter is a lot easier to code than the former, in my 'if i had my time again' model i would suggest multiple privoxyvpn (or whatever name) containers, each going to a different locations, that would be the most logical approach in my opinion, and of course would not consume much additional space, only config differences. Quote Link to comment
JonathanM Posted June 13 Share Posted June 13 2 hours ago, binhex said: multiple containers each connecting to a different vpn endpoint This. 2 hours ago, binhex said: if I deprecated the use of delugevpn, sabnzbdvpn and qbittorrentvpn i think i would have a riot on my hands :-), so i will maintain them for the foreseeable. Agree. Maybe your current effort to allow multiple containers access to the forwarded port will be usable with other containers besides this one? Unfortunately I'm not enough of a network guru to know if this is feasible, but how about redirecting the changeable vpn port forward to a static port inside your container network? Quote Link to comment
binhex Posted June 14 Author Share Posted June 14 21 hours ago, JonathanM said: Maybe your current effort to allow multiple containers access to the forwarded port will be usable with other containers besides this one? Absolutely!, it should be applicable to any other container. 21 hours ago, JonathanM said: Unfortunately I'm not enough of a network guru to know if this is feasible, but how about redirecting the changeable vpn port forward to a static port inside your container network? that sounds like an interesting idea but i don't know if that is possible, in the meantime i am going for a more low level option and that is simply to share the assigned vpn port via a docker volume (not bind mount) as i store the assigned vpn port in a file. As mentioned the really tricky part is to reconfigure the application to use the port and also monitor it for changes, if it changes then reconfigure, and for Nicotine+ this looks like i have two options:- 1. disconnect and reconnect to re-read port change from config file 2. restart nicotine+ to force re-read of config file As you can see neither option are ideal. Quote Link to comment
JonathanM Posted June 14 Share Posted June 14 3 hours ago, binhex said: 1. disconnect and reconnect to re-read port change from config file This looks like the correct option to me, mainly because if the port changes, it's likely that the network is "down" anyway until the application reconnects. While you are playing with all this, I have a current scenario that you may be able to take into consideration. I run a couple downloaders through delugevpn, but when the vpn container restarts or is updated, the downloaders are unable to connect out until I restart them afterwards. I'm unsure whether that's a consequence of how docker networking works, or simply the change in IP not being detected properly. I know restarting and / or updating the master container is much different than it simply detecting a port change, but it's a scenario that would help automation if it were covered. 3 hours ago, binhex said: it should be applicable to any other container. With that in mind, do you have a method you are looking at to blindly reconnect when needed? Maybe the master vpn container could have variables defined with dependent container names to blindly restart when the connection changes? Can a container manipulate another container like that? Or would there need to be a "helper" script running on the host to monitor and restart things? Quote Link to comment
binhex Posted June 14 Author Share Posted June 14 1 hour ago, JonathanM said: While you are playing with all this, I have a current scenario that you may be able to take into consideration. I run a couple downloaders through delugevpn, but when the vpn container restarts or is updated, the downloaders are unable to connect out until I restart them afterwards. I'm unsure whether that's a consequence of how docker networking works, or simply the change in IP not being detected properly. this is a known issue, and @ich777 came up with a clever idea of using a socket instead, this then permits the vpn contaner to be restarted and for the container sharing the vpn network to reconnect without issue, its on my to-do list to look at. 5 hours ago, binhex said: if it changes then reconfigure, and for Nicotine+ this looks like i have two options:- 1. disconnect and reconnect to re-read port change from config file 2. restart nicotine+ to force re-read of config file ive come up with a neat solution for this by setting up a statically assigned port forward inside of the container, this then forwards to the dynamic port, the beauty of this is that i dont then need to reconfigure the application as the application is configured to use the static port, if the port changes the port forward is altered without the need for the application to be reconfigured, cool hu!, tested it out earlier and it works!, so with that cracked it is now possible to configure ANY application to use the incoming port, even when the port is dynamically assigned (such as pia and protonvpn). Quote Link to comment
JonathanM Posted June 14 Share Posted June 14 6 minutes ago, binhex said: it is now possible to configure ANY application to use the incoming port, even when the port is dynamically assigned That will work for some applications, but based on a brief search I don't think that will work with torrents. From what I read torrent clients embed the port they see in the traffic for returns, so if that port is remapped it won't connect. Hopefully there is some way around that. Quote Link to comment
binhex Posted June 14 Author Share Posted June 14 1 hour ago, JonathanM said: That will work for some applications, but based on a brief search I don't think that will work with torrents. From what I read torrent clients embed the port they see in the traffic for returns, so if that port is remapped it won't connect. Hopefully there is some way around that. How would this be different to doing a traditional port forward on your router, that works right? got any links to articles that state it won't work?. Quote Link to comment
binhex Posted June 14 Author Share Posted June 14 Hmm so in my very unscientific experiment i switched from incoming port to port forwarded port and yes i did see a decrease in connected seeds and peers, so i think you are correct, but that doesn't stop the use of this for non torrent clients, so i think its still a worthy addition, thanks for bringing that to my attention. Quote Link to comment
ich777 Posted June 14 Share Posted June 14 2 hours ago, binhex said: this is a known issue, and @ich777 came up with a clever idea of using a socket instead, this then permits the vpn contaner to be restarted and for the container sharing the vpn network to reconnect without issue, its on my to-do list to look at. It seems to work pretty well from what I heard from another user and I just posted a tutorial on how to add a script for Linuxserver based containers to make them also restart (maybe something like this is possible in your containers too?) : On my system it works flawlessly with my OpenVPN-Client container (tested with PIA and hide.me) in combination with Radarr, Sonarr, Lidarr, jDownloader2, SABnzbd,... and even with TVHeadend from Linuxserver with the script. Sorry for hijacking this thread... My method has some edge cases but it works pretty well how it's currently set up. I hope you can look into this sometime... would be awesome if your containers also support this "feature"... Quote Link to comment
gunyu Posted August 2 Share Posted August 2 Hi, i would like to ask if you have plan to implement conts for unicode language natively within the docker container. I am having issue where Asian languages are not displayed properly and the solution i found to custom add languages into the container is not very elegant. Quote Link to comment
icarus69 Posted August 13 Share Posted August 13 Hi there @binhex, I have an issue that I'd appreciate some support with. I just tried accessing the container as normal using the WebUI, with the URL http://192.168.0.229:6082/vnc.html?resize=remote&host=192.168.0.229&port=6082&autoconnect=1 I have never had an issue using this until today, and as far as I'm aware nothing has changed about my setup. Despite my password 100% being "password", now when I try entering that into the login page I get this error: "New connection has been rejected with reason: Authentication failure: No password configured for VNC Auth" I have tried resetting the password in the Docker container settings, but this has not helped. Here's my config: docker run -d --name='binhex-nicotineplus' --net='bridge' --pids-limit 2048 --privileged=true -e TZ="Europe/London" -e HOST_OS="Unraid" -e HOST_HOSTNAME="NAS" -e HOST_CONTAINERNAME="binhex-nicotineplus" -e 'VNC_PASSWORD'='password' -e 'WEBPAGE_TITLE'='Nicotine+' -e 'ENABLE_STARTUP_SCRIPTS'='no' -e 'PUID'='99' -e 'PGID'='100' -e 'UMASK'='000' -l net.unraid.docker.managed=dockerman -l net.unraid.docker.webui='http://[IP]:[PORT:6080]/vnc.html?resize=remote&host=[IP]&port=[PORT:6080]&autoconnect=1' -l net.unraid.docker.icon='https://raw.githubusercontent.com/binhex/docker-templates/master/binhex/images/nicotineplus-icon.png' -p '5902:5900/tcp' -p '6082:6080/tcp' -v '/mnt/zfs/appdata/binhex-nicotineplus':'/config':'rw' -v '/mnt/user/Music/Soulseek/Soulseek Downloads/':'/data':'rw' -v '/mnt/user/Music/Soulseek/Soulseek Share/':'/media':'rw' -v 'binhex-shared':'/shared':'rw' 'binhex/arch-nicotineplus' ab7db1119a7cb1a6f2e6ca893df520eebc0e82d31d374e6c7369c53aa09d0d30 The command finished successfully! nas-diagnostics-20240813-1104.zip Quote Link to comment
binhex Posted August 13 Author Share Posted August 13 14 minutes ago, icarus69 said: Despite my password 100% being "password", now when I try entering that into the login page I get this error: "New connection has been rejected with reason: Authentication failure: No password configured for VNC Auth" OK so i have put in a fix for the authentication as the path to the generated password file has changed and thus for me (and others) authentication was failing, you weirdly seem to have the opposite problem!, so are you saying authentication was working for you up until the latest build?. Quote Link to comment
icarus69 Posted August 13 Share Posted August 13 1 minute ago, binhex said: OK so i have put in a fix for the authentication as the path to the generated password file has changed and thus for me (and others) authentication was failing, you weirdly seem to have the opposite problem!, so are you saying authentication was working for you up until the latest build?. To be honest, I'm not entirely sure when I updated the container. I have an auto-updater running on a lot of my containers, including this one, so it gets updated pretty much whenever there is a new build. All I know is that it was working fine last week. Quote Link to comment
binhex Posted August 13 Author Share Posted August 13 4 minutes ago, icarus69 said: To be honest, I'm not entirely sure when I updated the container. I have an auto-updater running on a lot of my containers, including this one, so it gets updated pretty much whenever there is a new build. All I know is that it was working fine last week. ok can you attach /config/supervisord.log, that will at least confirm the version you are using. Quote Link to comment
icarus69 Posted August 13 Share Posted August 13 Just now, binhex said: ok can you attach /config/supervisord.log, that will at least confirm the version you are using. supervisord.log Quote Link to comment
binhex Posted August 13 Author Share Posted August 13 17 minutes ago, icarus69 said: supervisord.log 757.47 kB · 1 download ok yep you are running the newly built image with the password fix (although break for you), hmm, so do you have a generated password file in the following location:- /config/nicotineplus/home/.config/tigervnc/passwd if not then it could be permissions related, let me know before we proceed any further. Quote Link to comment
icarus69 Posted August 13 Share Posted August 13 3 minutes ago, binhex said: ok yep you are running the newly built image with the password fix (although break for you), hmm, so do you have a generated password file in the following location:- /config/nicotineplus/home/.config/tigervnc/passwd if not then it could be permissions related, let me know before we proceed any further. Interestingly I can't see a /tigervnc folder in the location you specified: There is this however: Quote Link to comment
binhex Posted August 13 Author Share Posted August 13 40 minutes ago, icarus69 said: Interestingly I can't see a /tigervnc folder in the location you specified: There is this however: ok i have added in some additional code to ensure the path exists and to hard set the path for the password file, please can you pull down latest (force update). Quote Link to comment
icarus69 Posted August 13 Share Posted August 13 37 minutes ago, binhex said: ok i have added in some additional code to ensure the path exists and to hard set the path for the password file, please can you pull down latest (force update). Ah awesome, that worked! Thanks a lot Quote Link to comment
leftHanded Posted August 26 Share Posted August 26 On 6/9/2024 at 2:22 PM, binhex said: Glad you got it sorted, i am also sharing networking with privoxyvpn for Nicotine+, its working a treat!, im currently coming up with a ingenious plan to share the assigned incoming port so i can then configure Nicotine+ to use it. I'm running your privoxy VPN, how did you get nic+ to run behind it? Quote Link to comment
binhex Posted August 26 Author Share Posted August 26 12 hours ago, leftHanded said: I'm running your privoxy VPN, how did you get nic+ to run behind it? Please see Q24 from the following link:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.