[Support] binhex - DelugeVPN


Recommended Posts

2 hours ago, mkyb14 said:

think that's everything. 

supervisord.log

Screen Shot 2017-10-29 at 9.43.27 AM.png

 

Your AV software on your mac has decided the ovpn file was a virus (go figure) ive seen this is several times now, infact its even in the FAQ its that common. so you need to firstly reconfigure your av to stop it trying to quarantine ovpn files, once you;ve done that then delete the old one and replace it with a re-downloded ovpn file from your vpn provider.

 

Link to comment
Is there a way to make it so that deluge will only work/run if it is connected to the VPN. So it will start/stop depending on the connection to the VPN. Thanks!
It already does that automatically, it won't stop deluge but it will not leak IP when the tunnel is down

Sent from my SM-G935F using Tapatalk

Link to comment
4 hours ago, binhex said:

 

Your AV software on your mac has decided the ovpn file was a virus (go figure) ive seen this is several times now, infact its even in the FAQ its that common. so you need to firstly reconfigure your av to stop it trying to quarantine ovpn files, once you;ve done that then delete the old one and replace it with a re-downloded ovpn file from your vpn provider.

 

I don't have any, that's what's funny.  unless apple has built something in, I'm gonna have to google this.  it worked before.  let me blow the container away and try this again.

Link to comment

Brand new install, running in to an issue where the container won't start, and the logs are saying:

 

Quote

2017-10-29 16:48:36.055366 [crit] No OpenVPN config file located in /config/openvpn/ (ovpn extension), please download from your VPN provider and then restart this container, exiting...

 

I'm using PIA, and it's set to PIA. I've changed almost nothing from the default config other than my data directory and name/pass. I also added VPN_REMOTE as per the docs. 

 

I've deleted the container and tried again x3, including making sure my config directory pointed somewhere new in case that was at issue. 

 

I found on PIA they have a zip with all their .opvn files. I added them to the /config/openvpn folder and it managed to get past that error, however I noticed in the logs that it was failing while trying to hit PIA's ip:

 

Quote

2017-10-29 17:02:51,553 DEBG 'start-script' stdout output:
[info] Attempting to curl http://{PIA's auth IP?}:2000/?client_id={client ID}...

2017-10-29 17:02:51,751 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 12 retries left
[info] Retrying in 10 secs...

2017-10-29 17:02:51,998 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address {one of PIA's VPN IPs}

2017-10-29 17:03:01,950 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 11 retries left
[info] Retrying in 10 secs...

2017-10-29 17:03:12,153 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 10 retries left
[info] Retrying in 10 secs...

2017-10-29 17:03:22,361 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 9 retries left
[info] Retrying in 10 secs...

2017-10-29 17:03:32,578 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 8 retries left
[info] Retrying in 10 secs...

2017-10-29 17:03:42,786 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 7 retries left
[info] Retrying in 10 secs...

2017-10-29 17:03:53,017 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 6 retries left
[info] Retrying in 10 secs...

2017-10-29 17:04:03,221 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 5 retries left
[info] Retrying in 10 secs...

2017-10-29 17:04:13,431 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 4 retries left
[info] Retrying in 10 secs...

2017-10-29 17:04:23,641 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 3 retries left
[info] Retrying in 10 secs...

2017-10-29 17:04:33,878 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 2 retries left
[info] Retrying in 10 secs...

2017-10-29 17:04:44,083 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 1 retries left
[info] Retrying in 10 secs...

2017-10-29 17:04:54,287 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx, exausted retries exiting script...

2017-10-29 17:04:54,289 DEBG 'start-script' stdout output:
[warn] PIA endpoint 'brazil.privateinternetaccess.com' doesn't support port forwarding, DL/UL speeds will be slow
[info] Please consider switching to an endpoint that does support port forwarding, shown below:-
[info] ca-toronto.privateinternetaccess.com (CA Toronto)
[info] ca.privateinternetaccess.com (CA Montreal)
[info] nl.privateinternetaccess.com (Netherlands)
[info] swiss.privateinternetaccess.com (Switzerland)
[info] sweden.privateinternetaccess.com (Sweden)
[info] france.privateinternetaccess.com (France)
[info] ro.privateinternetaccess.com (Romania)
[info] israel.privateinternetaccess.com (Israel)

2017-10-29 17:04:54,740 DEBG 'deluge-script' stdout output:
[info] Attempting to start Deluge...
 

 

Deluge started, but I just want to make sure everything is correct, since further up in the logs I saw:

 

Quote

2017-10-29 17:02:46.490240 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/Brazil.ovpn
dos2unix: converting file /config/openvpn/Brazil.ovpn to Unix format...

 

which is not what I set VPN_REMOTE to (I set to swiss.privateinternetaccess.com). 

 

So summing up: it looks like it connected, but it loaded the Brazil opvn file, then seemed to not be able to connect to PIA's auth, and ignored the config I had set for what server to use. The fact that all these things went wrong but it connected has me worried that it's not actually behind a VPN. 

Link to comment
4 hours ago, binhex said:

It already does that automatically, it won't stop deluge but it will not leak IP when the tunnel is down

Sent from my SM-G935F using Tapatalk
 

Oh perfect! So does it notify you when the VPN is down? If I add another torrent while it is down will it automatically start the VPN again? Thanks :)

Link to comment
9 hours ago, puncho said:
Oh perfect! So does it notify you when the VPN is down? If I add another torrent while it is down will it automatically start the VPN again? Thanks

The VPN tunnel connection will be automatically reconnected on drop, there is nothing you need to do, there is no notification no, but as it auto reconnects there really isn't any need to, deluge also will be auto restarted if the process dies, if you want to test it then just power cycle your router, give it 10 mins and you will see everything comes back online with zero ip leakage.
 

Edited by binhex
Link to comment
10 hours ago, mkyb14 said:

I don't have any, that's what's funny.  unless apple has built something in, I'm gonna have to google this.  it worked before.  let me blow the container away and try this again.

 

it looks like its built into os x:-

Apple computers running OS X do have a default security program called XProtect built in.

blowing away everything will fix it until XProtect finds your ovpn file and craps all over it again, you need to fix this otherwise you will get hit again.

Link to comment
10 hours ago, Sparta said:

I also added VPN_REMOTE as per the docs. 

 

which docs are these?, that env var is no longer needed/used, its all done via parsing of the ovpn file 

 

10 hours ago, Sparta said:

I added them to the /config/openvpn folder and it managed to get past that error, however I noticed in the logs that it was failing while trying to hit PIA's ip:

 

the reason you are getting this message repeated is because STRICT_PORT_FORWARD is set to 'yes' and the endpoint you are connecting to does not support port forwarding, as can be seen here:-

[warn] PIA endpoint 'brazil.privateinternetaccess.com' doesn't support port forwarding, DL/UL speeds will be slow
[info] Please consider switching to an endpoint that does support port forwarding, shown below:-
[info] ca-toronto.privateinternetaccess.com (CA Toronto)
[info] ca.privateinternetaccess.com (CA Montreal)
[info] nl.privateinternetaccess.com (Netherlands)
[info] swiss.privateinternetaccess.com (Switzerland)
[info] sweden.privateinternetaccess.com (Sweden)
[info] france.privateinternetaccess.com (France)
[info] ro.privateinternetaccess.com (Romania)
[info] israel.privateinternetaccess.com (Israel)

so you need to connect to one of the above, or set STRICT_PORT_FORWARDING to 'no'.

 

10 hours ago, Sparta said:

which is not what I set VPN_REMOTE to (I set to swiss.privateinternetaccess.com). 

 

so the reason its not connecting to the endpoint you selected is firstly that it doesnt use VPN_REMOTE any more, instead it reads the endpoint from the ovpn file, and secondly its picking brazil because you have dumped multiple ovpn files in there, it will pick the first one it finds and use that, so delete all ovpn files apart from the one you want.

Link to comment
On 10/26/2017 at 7:29 PM, MowMdown said:

 

delete "credentials.conf" from 


/mnt/user/appdata/binhex-delugevpn/openvpn/

and then edit the container again with your new passwd

Turns out, my pw had a $ in it, and that seems to have been the problem.  Once I removed special characters, it all worked again.

 

Perhaps a warning message can be displayed if the special character issue can't be fixed (allowed).

 

Anyway, I'm working again.

Link to comment
1 minute ago, JustinChase said:

Perhaps a warning message can be displayed if the special character issue can't be fixed (allowed).

 

thats exactly what is shown in the log :-), check your supervisord.log file there will be a warning about your password containing special chars (or there should be) 

Link to comment
4 hours ago, binhex said:

 

it looks like its built into os x:-


Apple computers running OS X do have a default security program called XProtect built in.

blowing away everything will fix it until XProtect finds your ovpn file and craps all over it again, you need to fix this otherwise you will get hit again.

So what I don't get in all this, is how apple is involved if I'm immediately moving this file to unraid, and it works once start a fresh docker.  Apple shouldn't even be involved at that point since it's on a completely different system.

 

It's working now, see what happens with a few start and stops.

Link to comment
3 minutes ago, mkyb14 said:

moving this file to unraid

if you open the ovpn file to edit it or view it using your mac then your apple is involved at this point, as the XProtect app will then scan it, decide its a virus and quarantine it, as long as you dont go near that ovpn file with your mac then yeah you will be fine, but if you accidently forget and try to open/edit the ovpn file or even copy and paste it from your mac to unraid then you may encounter the issue again, trust me its def your mac.

Edited by binhex
Link to comment

ok, I'll not mess with it.  

 

On a side note, files are not moving once completed by sonarr with Deluge.  Any insights as to why it would be happening?  Sonarr and sabnzbd, works.  Made sure to label it with the plugin...

 

But any downloads done from sonar to deluge stay in the /data/downloads folder.

 

 

 

Link to comment
6 hours ago, mkyb14 said:

ok, I'll not mess with it.  

 

On a side note, files are not moving once completed by sonarr with Deluge.  Any insights as to why it would be happening?  Sonarr and sabnzbd, works.  Made sure to label it with the plugin...

 

But any downloads done from sonar to deluge stay in the /data/downloads folder.

 

 

 

 

ok so back to the original problem :-), so looking at your screenshots i can still see a mismatch between volume mappings, this is the issue:-

 

so lets look at all your download/metadata docker containers and how they are configured:-
 

delugevpn volume mapping:- /data maps to /mnt/cache/appdata/Downloads/

sonarr volume mapping:- /downloads maps to /mnt/cache/appdata/Downloads/

radarr volume mapping:- /downloads maps to /mnt/user/Downloads/

sabnzbd volume mapping:- /downloads maps to /mnt/cache/appdata/Downloads/

jackett volume mapping:- /downloads maps to /mnt/user/Downloads/

 

all values above in red are wrong, they ALL need to have the exact same volume mapping for the container side and the host side, now that can be /downloads or /data but it has to be consistent across ALL of your docker containers, the same deal with the host volume mapping, it can be /mnt/cache/appdata/Downloads/ or /mnt/user/Downloads/ but it HAS to be the same across all docker containers, e.g.:-

 

delugevpn volume mapping:- /data maps to /mnt/cache/appdata/Downloads/

sonarr volume mapping:- /data maps to /mnt/cache/appdata/Downloads/

radarr volume mapping:- /data maps to /mnt/cache/appdata/Downloads/

sabnzbd volume mapping:- /data maps to /mnt/cache/appdata/Downloads/

jackett volume mapping:- /data maps to /mnt/cache/appdata/Downloads/

 

^ CORRECT

 

another working alternative:-

 

delugevpn volume mapping:- /downloads maps to /mnt/user/Downloads/

sonarr volume mapping:- /downloads maps to /mnt/user/Downloads/

radarr volume mapping:- /downloads maps to /mnt/user/Downloads/

sabnzbd volume mapping:- /downloads maps to /mnt/user/Downloads/

jackett volume mapping:- /downloads maps to /mnt/user/Downloads/

 

^ CORRECT

 

you then configure the applications to use the same path, e.g. configure deluge to put completed downloads in /data/completed  (or /downloads/completed your choice) do the same for your other apps that do post processing, e.g. sonarr would be set to post process files in /data/completed

 

p.s. the reason "sonarr and sabnzbd works" is because the volume mappings are consistent for those two containers, albeit different to the others :-).

 

Edited by binhex
  • Like 2
Link to comment

@binhex I tend to use the /media mapping so in terms of sonarr and radarr, is it really as simple as changing the default /download mapping to /media? Or is there other stuff that needs to be updated once I switch from the default /download mapping? I'm sorry I'm not well versed in either sonarr and radarr.

 

On a side note, is there any difference to using /mnt/cache/appdata/Downloads/ as oppose to /mnt/user/appdata/Downloads/?

Link to comment
1 minute ago, Katherine said:

I tend to use the /media mapping so in terms of sonarr and radarr, is it really as simple as changing the default /download mapping to /media?

 

/media is a separate volume mapping used to point at your existing media (normally on your array) i would advise keeping /media seperate to where you download files to.

 

6 minutes ago, Katherine said:

is there any difference to using /mnt/cache/appdata/Downloads/ as oppose to /mnt/user/appdata/Downloads/

 

yes, /mnt/cache/appdata/Downloads/ is downloading to the cache drive share, whereas /mnt/user/appdata/Downloads/ is downloading to the FUSE user share, i always recommend the cache drive share as there are ongoing issues with docker and fuse.

  • Like 1
Link to comment
On 23/10/2017 at 7:19 PM, death.hilarious said:

 

Try IPMagnet instead. It's open-source, so you can even run it on your own server if you want.

 

http://ipmagnet.services.cbcdn.com/

 

This has been bugging me for a while so I'll let the paranoid in me speak out

 

If you use this, make sure to *only* visit http://ipmagnet.services.cbcdn.com/ through your VPN.

 

There is only going to be one person checking that webpage with your specific hash and that's you.  If someone sniffs that traffic, they will get all your IPs

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.