[Support] binhex - DelugeVPN


Recommended Posts

8 hours ago, wgstarks said:

it's the proxy and I can't see a way to have one browser use it but not another.

 

That will depend on what OS (linux, mac, windows) your using and/or the browser your using, some browsers using the OS proxy setting, some use the built in proxy setting for that particular browser. 

 

So just to be clear, Privoxy is completely optional, if you want to torrent securely then you do NOT need to use privoxy, privoxy is primarily used for two things, to get past any site blocking done by the ISP, and secondly to allow you to get past any geo blocking for certain sites, there is also the side effect of better security and potential for blocking of adverts etc (privoxy can do this for you) but thats the main use case. 

 

I personally dont really use Privoxy much, but you can take a look at the privoxy configuration file and potentially put in some exclusions in there, its located in /config/privoxy/

Link to comment
20 minutes ago, tjb_altf4 said:

Does Privoxy traffic actually go through the VPN tunnel?

 

Absolutely yes, wouldn't be much use if it didnt :-)

 

20 minutes ago, tjb_altf4 said:

Do you see any merit in building a standalone VPN+Privoxy docker

 

Not really, its included already in Deluge, SABnzbd, and rTorrent, having it as a separate thing would have the following pro's/con's:-

 

Pro - it would mean potentially less disk space consumed, as Privoxy could be removed from all VPN Docker images, and if you run more than one you of course currently have duplicate copies of Privoxy - keep in mind though we are talking around 20MB disk space consumed, thats it so its a small Pro.

 

Con - You would need to have a VPN provider that allows multiple connections, as opposed to running say Deluge and Privoxy together via a single connection.

 

Con - I would need to support it and do all the work to remove Privoxy from the existing images which may/would cause disruption.

 

So in conclusion its not going to happen.

  • Upvote 1
Link to comment
1 hour ago, binhex said:

 

 

I personally dont really use Privoxy much, but you can take a look at the privoxy configuration file and potentially put in some exclusions in there, its located in /config/privoxy/

Thanks. If I'm understanding correctly, I can add an exclusions file into config/privoxy, restart the docker and whitelist the unRAID server?

 

The privoxy user manual showed that this must be compiled with the installation but their instructions aren't really docker specific. Or else I totally misunderstood what I was reading.:D

Link to comment
37 minutes ago, wgstarks said:

Thanks. If I'm understanding correctly, I can add an exclusions file into config/privoxy, restart the docker and whitelist the unRAID server?

 

As they say in the Carlsberg advert....probably :-) i haven't done much config tweaking with Privoxy so you're going to have to try it and see.

Link to comment
4 hours ago, wgstarks said:

Thanks. If I'm understanding correctly, I can add an exclusions file into config/privoxy, restart the docker and whitelist the unRAID server?

 

Use the user.action file to whitelist your server. Don't use the trust file to whitelist. If you do you'll blacklist everything as only the things you whitelist will work.

Link to comment

It was just a blocked banner right? Than IIRC you can add somthing like this:

 

{-block-as-image}
http://192.168.1.1

Where the IP has to be changed to your serverip ofc. If you encounter more images that are blocked on on sistes you can use the same syntax. You can whitelist a specific site or the whole domain. If you use somthing like sickrage/sonarr/radarr/cp you might want to whitelist thetvdb also.

 

Just add 

.thetvdb.com

to the list and you should be good to go. You can just put it in the end of the file. You might also want to write a comment for your future self so you know what it's for. 

Edited by strike
Link to comment
3 minutes ago, strike said:

Just add 


.thetvdb.com

to the list and you should be good to go. You can just put it in the end of the file. You might also want to write a comment for your future self so you know what it's for. 

Thanks. So I'm guessing that I could also use this


#whitelist for unraid

http://<IP>

https://<IP>

to whitelist the server?

Link to comment

This container has been working great for me with PIA for downloading, but for some reason once downloading is complete and I try to seed I get an error that says "cannot assign requested address". Any ideas how I can fix this? I'm mostly downloading from private trackers. 

Edited by zandrsn
Link to comment

First off, thanks a bunch for maintaining and actively supporting all of your dockers binhex. I use several of them and they've been very helpful in creating my home network.


I am having a seasonal issue where my internet connection likes to drop for 90-120s at a time based on certain weather conditions. I've been fighting with my ISP about this for years, unfortunately I haven't made a lot of progress on that front.


My problem is that as far as I can tell, this container doesn't seem to notice these disconnects, and afterwards it plugs along with no internet access until I manually restart it. Because the outages are generally short and sporadic, if I'm not streaming remote video or actively browsing the web, I'm not likely to notice and my torrents will sit idle for a couple hours until I do.


On the plus side, I'm glad to know your iptables rules are effective!


Attached is a supervisord.log with a clean start and stop that spans a timeframe where an outage occurred. When the container started it had internet access and was working fine. My modem rebooted itself somewhere around 11:48-49 in the logs, and was back online around 11:51. I ran the container until 12:06 and deluge never regained connectivity.

frightful.log.zip

Link to comment
On 21/06/2017 at 2:46 AM, sundogak said:

@Catsk

 

To install on a Synology DS you cannot use the command line (or at least I have never got to work on an image).  You want to enter in the parameters via the Docker GUI the first time you launch the container.  You can then save your settings so you don't have to redo when you update the container.  

 

  1. In the General Settings you want to make sure you check the box "Execute Container Using Higher Privilege"  .  Do this last or it has a habit of unchecking.  It will give a warning when you do.
  2. Enter in the parameters via the GUI: Volume, Port Settings, and Environment.  Nothing goes in the "Links" section.  
  3. Because of an issue with Synology on current firmware (talked about in this thread but don't have the link) you need to also setup a Task to run as "root" on "Bootup" with the commands shown in the screen shot (Run Commands).  Otherwise the docker will not launch correctly.  
  4. Once you have everything running well, export out your configuration through the GUI and save to disk somewhere for when you need to download a new version/upgrade.  That way, you simply delete the Container and Image, redownload new Image and before you launch you Import in settings for Container.  This will work as long as you use the same basic image each time (i.e., "Latest").  That way you only have to do the GUI deal one time (which is a pain).  

I have this running on Synology with no major issues. You do have to watch any patches that come out for Synology since sometimes it breaks things but other than some weird aspects for the way Synology did things, you can get most any Docker image working easily with version of above.

Capture2.PNG

Capture3.PNG

Capture4.PNG

Capture5.PNG

Capture.PNG

Hi Sundo,

Thanks you for your tuto, but doesn't work for me.
When I try to launch the container, I have the error message

Start container Deluge failed: rpc error: code = 2 desc = "oci runtime error: could not synchronise with container process: not a directory"



But, when I execute this command with sudo : 

docker run -d --cap-add=NET_ADMIN -p 8112:8112 -p 8118:8118 -p 58846:58846 -p 58946:58946 --name=Delugevpn -v /volume1/docker/deluge/data:/data -v /volume1/docker/deluge/config:/config -v /etc/localtime:/etc/localtime:ro -e VPN_ENABLED=yes -e VPN_USER=myusername -e VPN_PASS=mypass -e VPN_REMOTE=nl.privateinternetaccess.com -e VPN_PORT=1198 -e VPN_PROTOCOL=udp -e VPN_DEVICE_TYPE=tun -e VPN_PROV=pia -e STRONG_CERTS=no -e ENABLE_PRIVOXY=yes -e LAN_NETWORK=192.168.31.0/24 -e NAME_SERVERS=8.8.8.8,8.8.4.4 -e DEBUG=false -e UMASK=000 -e PUID=0 -e PGID=0 binhex/arch-delugevpn 

 

The container was created successfully, and works fine . It's not serious, but it's too bad I can't create container with the sync GUI :/

 

Edit : To create the container with the Syno GUI, do not add the localtime folder. Without this folder, container working fine.
But, I must re-edit the port setting because are on "Auto". I have enter the correct port and it's ok :)

 

 

Edited by Catsk
new information
Link to comment
On 6/29/2017 at 5:44 PM, The Lizard King said:

@binhex

 

Like everyone here I'm dead in the water, no ui available. Read through the last few pages but I'm not seeing a direct answer to my situation. My setting have been the same for a year with no issues. I use cyberghost vpn, NL servers. I restarted the container and grabbed what looks like a massive update, still no dice.

 

Please let me know where to start. Thanks

 

 

I also ran into a problem where the webgui stopped working after the recent update, and I was also using CyberGhost. Nuked the docker container/image and reconfigured using my original credentials -- no improvement. The only thing that worked for me was revoking my CyberGhost credentials, generating new credentials, using those credentials in the docker setup and then manually copying over the contents of the OpenVPN configuration folder from CyberGhost to Docker's openvpn config folder.

Link to comment
On 2017-6-2 at 0:46 PM, roland said:

Hi @binhex

 

my VPN provider released an updated certificate and I just tried to update it here.

The openvpn protocol is TCP-CLIENT 

But when I define this in the VPN_PROTOCOL variable the iptables command does not like it.


iptables v1.6.1: unknown protocol "tcp-client" specified

When I change it to TCP the openvpn command complains:


[debug] OpenVPN command line '/usr/bin/openvpn --cd /config/openvpn --config /config/openvpn/swissvpn.ovpn --daemon --dev tun0 --remote connect.swissvpn.net 1194  --proto tcp --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV custom --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart --auth-user-pass credentials.conf --log-append /config/supervisord.log'
Options error: --proto tcp is ambiguous in this context.  Please specify --proto tcp-server or --proto tcp-client
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.4

I have now hardcoded the tcp-client value in your openvpn.sh script and defined VPN_PROTOCOL = tcp and that works.

The same variable needs to have two different values at different points in the scripts.


# define common command lne parameters for openvpn
openvpn_cli="/usr/bin/openvpn --cd /config/openvpn --config ${VPN_CONFIG} --daemon --dev ${VPN_DEVICE_TYPE}0 --remote ${VPN_REMOTE} ${VPN_PORT} --proto tcp-client --reneg-sec 0 --mute-replay-warnings --auth-nocache --keepalive 10 60 --setenv VPN_PROV ${VPN_PROV} --script-security 2 --up /root/openvpnup.sh --up-delay --up-restart"

But obviously that is not a permanent solution.

Any chance you could look into this sometime?

 

EDIT: if it helps, the provider is SWISSVPN.net

 

teensy–weensy little delay on getting this done, but we got there in the end :-), all done, please test with latest image, works for me, yay.

Link to comment
14 hours ago, Trylo said:

My docker image was filling up so I was removing each container to check which one is the problem. Unfortunately after installing again Deluge it doesn't turn on, so there is a VPN connection problem. Can you help me troubleshoot it? I've attached supervisord.log

 

Thank you in advance!

supervisord.log

 

you got some wierd config settings goin on there:-

 

017-07-11 21:17:23.967033 [info] VPN_PROV defined as 'pia'
2017-07-11 21:17:24.015569 [info] VPN_REMOTE defined as '4-cz.cg-dialup.net'

that is most def not a PIA endpoint, are you using PIA as your provider?

Link to comment
37 minutes ago, binhex said:

 

you got some wierd config settings goin on there:-

 


017-07-11 21:17:23.967033 [info] VPN_PROV defined as 'pia'
2017-07-11 21:17:24.015569 [info] VPN_REMOTE defined as '4-cz.cg-dialup.net'

that is most def not a PIA endpoint, are you using PIA as your provider?

 

I noticed that and changed to custom.

supervisord.log

Link to comment
35 minutes ago, Trylo said:

 

I noticed that and changed to custom.

supervisord.log

 

yes because you had it set to PIA it will of overwritten your ovpn config file and certs with the PIA one, please delete everything in /config/openvpn/ and put your custom providers files there instead then restart. also make sure you have DEBUG set to 'true' to help debug any further issues.

Link to comment
33 minutes ago, binhex said:

 

yes because you had it set to PIA it will of overwritten your ovpn config file and certs with the PIA one, please delete everything in /config/openvpn/ and put your custom providers files there instead then restart. also make sure you have DEBUG set to 'true' to help debug any further issues.

 

I replaced files and turned on debugging. Still now connection.

supervisord.log

Link to comment
14 minutes ago, Trylo said:

 

I replaced files and turned on debugging. Still now connection.

supervisord.log

 

check your port number, i some how doubt its 1198 (used by PIA), and as you are defining at this it will write this value to the ovpn file, so look at the source ovpn file from your provider, what is the number on the 'remote......' line?.

  • Upvote 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.