movieboy Posted February 16, 2015 Share Posted February 16, 2015 This it truly fantastic. Thanks so much! One request. It would be great if there were a setting for the VPN config to have a country selection that allows us to enter our own VPN settings manually in the conf file and does not get overwritten. This way we can use any VPN service. (or move this information to the application directory so it can be overwritten with other settings) Link to comment
Mettbrot Posted February 17, 2015 Share Posted February 17, 2015 Hey binhex! I am amazed to see that you have a teamspeak docker ready but I am curious why you chose arch as a base and not baseimage, how do you overcome the difficulties mentioned on their site? "Does all this apply too if I'm using CentOS inside the container, or another Linux distribution?" Yes. The problem exist in those cases too. Thanks for your time. Link to comment
binhex Posted February 17, 2015 Author Share Posted February 17, 2015 hi mettbrot, the list on their website breaks down to this:- A correct init process Main article: Docker and the PID 1 zombie reaping problem using Supervisor to get around this, supervisor does indeed mamange child processes and will cleanup on exit, not seen any zombie process issues to date. no syslog again Supervisor takes care of this for me, redirecting stout and sterr to a log file, sorted :-) no cron yes, true, but there are potential workaround for this, ive not required the use of cron yet so not looked into this too much. no SSH daemon pah, no thanks, i prefer my dockers to be tight on security, that means no ssh, plus the newer "docker exec" command gives me all the access i need to debug any issues. so yeah, ive had no problems to speak of, the only thing that im desperately wanting from Supervisor is process dependencies, which it currently is lacking, there is a VERY long standing request for this, fingers crossed it will get included soon. have a play with one of the dockers and see what you think Link to comment
binhex Posted February 17, 2015 Author Share Posted February 17, 2015 OK, firstly i apologise, i have made some more changes to delugevpn which means some more changes to your existing docker template (if you have already pulled down delugevpn). im confident this will be the last set of changes that i will make, so going forward you wont have to do this again. So the changes are to make the docker less PIA centric and more open to using other vpn providers (yes im looking at you movieboy :-)), so ive just reworked the environment variables to accommodate this, so the environment variables should now be as follows:- VPN_USER=<vpn username> VPN_PASS=<vpn password> VPN_REMOTE=<vpn remote gateway> VPN_PORT=<vpn remote port> VPN_PROV=<pia|custom> ENABLE_PRIVOXY=<yes|no> Note:- no changes to the ports used or the volumes defined. Alternatively remove delugevpn image and container, click on the "reload info" link in the unraid ui and then click on the "+" icon and reconfigure again (all settings within deluge will be maintained). IMPORTANT:- if you do NOT define PIA_PROV as "pia" then you will need to manually set your incoming port for Deluge, if your VPN provider does have a way of identifying the incoming port for your connection then please detail the name of the provider and the method to get the port number and i might be able to include this in a future release. Link to comment
Mettbrot Posted February 17, 2015 Share Posted February 17, 2015 hi mettbrot, the list on their website breaks down to this:- A correct init process Main article: Docker and the PID 1 zombie reaping problem using Supervisor to get around this, supervisor does indeed mamange child processes and will cleanup on exit, not seen any zombie process issues to date. no syslog again Supervisor takes care of this for me, redirecting stout and sterr to a log file, sorted :-) no cron yes, true, but there are potential workaround for this, ive not required the use of cron yet so not looked into this too much. no SSH daemon pah, no thanks, i prefer my dockers to be tight on security, that means no ssh, plus the newer "docker exec" command gives me all the access i need to debug any issues. so yeah, ive had no problems to speak of, the only thing that im desperately wanting from Supervisor is process dependencies, which it currently is lacking, there is a VERY long standing request for this, fingers crossed it will get included soon. have a play with one of the dockers and see what you think awesome! I'll try it out! Link to comment
movieboy Posted February 17, 2015 Share Posted February 17, 2015 So the changes are to make the docker less PIA centric and more open to using other vpn providers (yes im looking at you movieboy :-)), so ive just reworked the environment variables to accommodate this WOW that was fast! Thanks! Now, about that pony I want... Link to comment
binhex Posted February 18, 2015 Author Share Posted February 18, 2015 So the changes are to make the docker less PIA centric and more open to using other vpn providers (yes im looking at you movieboy :-)), so ive just reworked the environment variables to accommodate this WOW that was fast! Thanks! Now, about that pony I want... LOL, tbh it wasn't just your suggestion that triggered the move to a more generic approach, i am having some bandwidth issues around PIA and thus may be looking at changing provider at some point in the future, possibly AirVPN, as i hear good things about them, we shall see how things shake out, good luck with your fund for that pony Link to comment
CHBMB Posted February 18, 2015 Share Posted February 18, 2015 VPN_USER=<vpn username> VPN_PASS=<vpn password> VPN_REMOTE=<vpn remote gateway> VPN_PORT=<vpn remote port> VPN_PROV=<pia|custom> ENABLE_PRIVOXY=<yes|no> Mind if I ask what ENABLE_PRIVOXY does? Using PIA myself and with the update all is working well, just not sure what that setting does. Once again, thanks for all the work. Link to comment
binhex Posted February 18, 2015 Author Share Posted February 18, 2015 VPN_USER=<vpn username> VPN_PASS=<vpn password> VPN_REMOTE=<vpn remote gateway> VPN_PORT=<vpn remote port> VPN_PROV=<pia|custom> ENABLE_PRIVOXY=<yes|no> Mind if I ask what ENABLE_PRIVOXY does? Using PIA myself and with the update all is working well, just not sure what that setting does. Once again, thanks for all the work. sure!, that setting enables a proxy server within the docker, this can be used for situations where your isp blocks access to certain websites, you simply enable this and then point your application/web browser at <host ip>:8118 (or the port of your choice), this then sends the request down the vpn tunnel and safely circumvents your isp's filtering, neat hu?. if you want to test it then enable it, configure proxy in your web browser and to confirm its working, go to http://whatismyip.com and you should see the ip you have is not originating from your isp but is the ip allocated from your vpn provider. Link to comment
CHBMB Posted February 18, 2015 Share Posted February 18, 2015 VPN_USER=<vpn username> VPN_PASS=<vpn password> VPN_REMOTE=<vpn remote gateway> VPN_PORT=<vpn remote port> VPN_PROV=<pia|custom> ENABLE_PRIVOXY=<yes|no> Mind if I ask what ENABLE_PRIVOXY does? Using PIA myself and with the update all is working well, just not sure what that setting does. Once again, thanks for all the work. sure!, that setting enables a proxy server within the docker, this can be used for situations where your isp blocks access to certain websites, you simply enable this and then point your application/web browser at <host ip>:8118 (or the port of your choice), this then sends the request down the vpn tunnel and safely circumvents your isp's filtering, neat hu?. if you want to test it then enable it, configure it in your web browser and to confirm its working, go to http://whatismyip.com and you should see the ip you have is not originating from your isp but is the ip allocated from your vpn provider. That's an amazing function. So, if I'm correct in my assumptions, I can remove the PIA client from my desktop and if I want to hypothetically speaking access Netflix from a different geographical area I can point my desktop's browser to your proxy and hey presto! If that's correct, then you have just completely removed my need to set up pfsense as a KVM. Link to comment
binhex Posted February 18, 2015 Author Share Posted February 18, 2015 VPN_USER=<vpn username> VPN_PASS=<vpn password> VPN_REMOTE=<vpn remote gateway> VPN_PORT=<vpn remote port> VPN_PROV=<pia|custom> ENABLE_PRIVOXY=<yes|no> Mind if I ask what ENABLE_PRIVOXY does? Using PIA myself and with the update all is working well, just not sure what that setting does. Once again, thanks for all the work. sure!, that setting enables a proxy server within the docker, this can be used for situations where your isp blocks access to certain websites, you simply enable this and then point your application/web browser at <host ip>:8118 (or the port of your choice), this then sends the request down the vpn tunnel and safely circumvents your isp's filtering, neat hu?. if you want to test it then enable it, configure it in your web browser and to confirm its working, go to http://whatismyip.com and you should see the ip you have is not originating from your isp but is the ip allocated from your vpn provider. That's an amazing function. So, if I'm correct in my assumptions, I can remove the PIA client from my desktop and if I want to hypothetically speaking access Netflix from a different geographical area I can point my desktop's browser to your proxy and hey presto! If that's correct, then you have just completely removed my need to set up pfsense as a KVM. correct, as long as netflix uses http/https then you should be good to go. Link to comment
CHBMB Posted February 18, 2015 Share Posted February 18, 2015 So, I know that there have been concerns using proxy servers in place of VPN networks, but as this is being passed through to a VPN on my network, does that mean these conditions don't apply. I'm not much good on networking, so sorry for all the questions. Link to comment
binhex Posted February 18, 2015 Author Share Posted February 18, 2015 So, I know that there have been concerns using proxy servers in place of VPN networks, but as this is being passed through to a VPN on my network, does that mean these conditions don't apply. I'm not much good on networking, so sorry for all the questions. yes, there is no leakage, as all traffic is on your lan, your just passing the request to the proxy server, and this is already connected to a vpn tunnel, so no worries, plus your not torrenting over the proxy server remember, this is ONLY for web requests, deluge is using a vpn tunnel and not a socks4/5 connection. Link to comment
CHBMB Posted February 18, 2015 Share Posted February 18, 2015 So, I know that there have been concerns using proxy servers in place of VPN networks, but as this is being passed through to a VPN on my network, does that mean these conditions don't apply. I'm not much good on networking, so sorry for all the questions. yes, there is no leakage, as all traffic is on your lan, your just passing the request to the proxy server, and this is already connected to a vpn tunnel, so no worries, plus your not torrenting over the proxy server remember, this is ONLY for web requests, deluge is using a vpn tunnel and not a socks4/5 connection. That was the conclusion my addled brain came to, but thanks for explaining it for me. Brilliant work, this networking is some tricky stuff! Link to comment
Furby8704 Posted February 18, 2015 Share Posted February 18, 2015 will you be working on a subsonic container?? Link to comment
binhex Posted February 18, 2015 Author Share Posted February 18, 2015 will you be working on a subsonic container?? im afraid not, no, as im using madsonic instead. Link to comment
Furby8704 Posted February 18, 2015 Share Posted February 18, 2015 im afraid not, no, as im using madsonic instead. Link to comment
HarryRosen Posted February 19, 2015 Share Posted February 19, 2015 Just wondering how I would use the delugeVPN docker with airVPN. there is no username and password. you just download the opvn file and load it up Link to comment
movieboy Posted February 19, 2015 Share Posted February 19, 2015 So the changes are to make the docker less PIA centric and more open to using other vpn providers (yes im looking at you movieboy :-)), so ive just reworked the environment variables to accommodate this, so the environment variables should now be as follows:- VPN_USER=<vpn username> VPN_PASS=<vpn password> VPN_REMOTE=<vpn remote gateway> VPN_PORT=<vpn remote port> VPN_PROV=<pia|custom> ENABLE_PRIVOXY=<yes|no> So, I set the variables, but they are not getting used. My conf files looks like this: client dev tun proto udp remote vpn.provider.com 1111 resolv-retry infinite nobind persist-key persist-tun ca ca.crt tls-client remote vpn.provider.com 1111 auth-user-pass credentials.conf comp-lzo verb 1 reneg-sec 0 crl-verify crl.pem ping 600 ping-restart 1200 Notice that remote is listed twice. also getting an error in the log that username is not set. Link to comment
movieboy Posted February 19, 2015 Share Posted February 19, 2015 OK, my fault. username and pass were using the old variable names. refreshed and recreated the docker app and then i was all good. I was assuming that it would pull the vpn address and port from the variables. I just had to move the my vpn .conf file into place and was good to go. Link to comment
binhex Posted February 19, 2015 Author Share Posted February 19, 2015 OK, my fault. username and pass were using the old variable names. refreshed and recreated the docker app and then i was all good. I was assuming that it would pull the vpn address and port from the variables. I just had to move the my vpn .conf file into place and was good to go. hi movieboy, glad you got it going, and yes it should pull vpn hostname and port from variables, that is my mistake, i forgot to re factor this when i switched over from country name for gateway to hostname and port, so i will change this so it does pick them up. one thing i cant fathom though is the fact you have two remote entries in the openvpn.conf file, that doesnt make sense, as the bash script that is call uses sed to do a regex find and replace, it doesnt insert any lines for the remote section, very odd, i will check it but im fairly sure thats true. Link to comment
binhex Posted February 19, 2015 Author Share Posted February 19, 2015 Just wondering how I would use the delugeVPN docker with airVPN. there is no username and password. you just download the opvn file and load it up im fairly sure airvpn will require a username and password, otherwise i could download the opvn file from airvpn and have myself a free vpn tunnel with no authentication required :-). you sure if you create a tunnel to airvpn using openvpn client that it doesnt then ask you to enter in username and password?. Link to comment
guyonphone Posted February 19, 2015 Share Posted February 19, 2015 Hello Binhex, I just installed your delugevpn, docker, it was super easy to get setup, and is running great! I do have one question though before i feel comfortable using it. Is it fully self contained? Is there anything else I need to do other than passing the variables for my VPN settings in the docker? Is there anywhere to set the pia encryption options? What encryption options are you using? The reason I ask, is that in other vpn + torrent docker discussions people were talking about needing a network bridge setup, etc. Thanks for your work! Link to comment
HarryRosen Posted February 19, 2015 Share Posted February 19, 2015 I just looked at my opvn file and there is no username and password. It think it might use -----BEGIN RSA PRIVATE KEY----- to authenticate. I am not big on VPN. right now I use the openvpn client on unraid and leave my username and password blank Link to comment
binhex Posted February 19, 2015 Author Share Posted February 19, 2015 Hello Binhex, I just installed your delugevpn, docker, it was super easy to get setup, and is running great! I do have one question though before i feel comfortable using it. Is it fully self contained? Is there anything else I need to do other than passing the variables for my VPN settings in the docker? Is there anywhere to set the pia encryption options? What encryption options are you using? The reason I ask, is that in other vpn + torrent docker discussions people were talking about needing a network bridge setup, etc. Thanks for your work! hi guyonaphone, replies as follows:- 1. yes 2. no 3.yes you can change any of the settings for the tunnel by tweaking the openvpn.conf file located in your /config volume, the one used is a stock ovpn file direct from PIA 4. if your talkng about a docker bridge, then its already setup for you in unraid, so you dont need to worry about that :-) ive tried to make it as simple as possible to use this docker, so it should be as simple as providing username and password and setting the remote hostname and port for the tunnel, and optionally enabling privoxy if you want to bypass isp web filtering, thats it :-) Link to comment
Recommended Posts