[Support] binhex - DelugeVPN


Recommended Posts

41 minutes ago, Trexx said:

Since the Docker NW is using a NAT network, I use the docker NAT scope then and not the physical host?

 

it is the physical lan not the docker nat network, im guessing that your subnet mask might be incorrect, is your netmask 255.255.255.0?

 

edit - ahh i also see some crappy options getting pushed from the vpn server. i think maybe this is the source of the issue causing issues then with ip tables, i think im going to have to extend the filtering to remove these options, ugg vpn providers do my head in sometimes.

 

 

Edited by binhex
Link to comment
1 hour ago, binhex said:

 

it is the physical lan not the docker nat network, im guessing that your subnet mask might be incorrect, is your netmask 255.255.255.0?

 

edit - ahh i also see some crappy options getting pushed from the vpn server. i think maybe this is the source of the issue causing issues then with ip tables, i think im going to have to extend the filtering to remove these options, ugg vpn providers do my head in sometimes.

 

 

 

 

My physical lan is the 192.168.0.x / 24 CIDR (255.255.255.0).  The Docker NAT LAN is 10.0.3.0/24 CIDR.

 

It had been working with the 192.x LAN_Network config for a while, so if the VPN provider made some changes, that could be why it broke all the sudden even though I hadn't really touched anything.

 

Link to comment

Apologies if this is not the right forum/thread for this question but I'm not sure where to start.  I did not set a proper 'minimum free space' setting for my Torrents share (I had it set to 10GB) and I guess I started downloading a ~50GB file which of course was placed on a disk that had less than 50GB of free space.  I got a disk utilization alert and figured out the problem and shut down the Deluge docker before it completely filled the disk (<5GB free space remain).  My question is...What are my options here...can the file be moved to another disk and continue downloading?  Do I have to delete the file manually and then restart the download over again?  Is there some other way to handle this?

Link to comment

Hello, I am running into an issue where I can't seem to hit the daemon with a desktop client when the VPN is turned on. 

 

The daemon is set to run on 58846 and I have the following mappings enabled

58846/tcp  192.168.0.240:58846
58846/udp  192.168.0.240:58846
58946/tcp  192.168.0.240:58946
58946/udp  192.168.0.240:58946
8112/tcp  192.168.0.240:8112
8118/tcp  192.168.0.240:8118

 

The web ui of the docker instance is able to hit the daemon no issue, when I try to connect with my desktop client it cannot find the daemon. If I turn the VPN off and try with my desktop client it connects no issues. any thoughts on how to get around this?

Link to comment

Sorry for being a noob but I'm trying to get this container running on arch Linux.

I get the following error:

Error response from daemon: driver failed programming external connectivity on endpoint delugevpn (...): Error starting userland proxy: listen tcp 0.0.0.0:8112: bind: address already in use.

There is nothing running on 8112?

 

Here is the script I'm using to build the container:

docker run -d \
    --cap-add=NET_ADMIN \
    -p 8112:8113 \
    -p 8118:8119 \
    -p 58846:58847 \
    -p 58946:58947 \
    --name=delugevpn \
    -v /mnt/HDD/:/data \
    -v /opt/docker/deluge/config:/config \
    -v /etc/localtime:/etc/localtime:ro \
    -e VPN_ENABLED=yes \
    -e VPN_USER= \
    -e VPN_PASS= \
    -e VPN_PROV=pia \
    -e STRICT_PORT_FORWARD=yes \
    -e ENABLE_PRIVOXY=no \
    -e LAN_NETWORK=192.168.1.0/24 \
    -e NAME_SERVERS=209.222.18.222,37.235.1.174,8.8.8.8,209.222.18.218,37.235.1.177,8.8.4.4 \
    -e DEBUG=false \
    -e UMASK=000 \
    -e PUID=0 \
    -e PGID=0 \
    binhex/arch-delugevpn

 

Edited by iTzturrtlex
Link to comment

Was wondering how I can resolve this error?

 

2017-12-21 12:50:22,624 DEBG 'start-script' stdout output:
Thu Dec 21 12:50:22 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]13.57.140.173:8757
Thu Dec 21 12:50:22 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Dec 21 12:50:22 2017 UDP link local: (not bound)
Thu Dec 21 12:50:22 2017 UDP link remote: [AF_INET]13.57.140.173:8757

2017-12-21 12:50:22,637 DEBG 'start-script' stdout output:
Thu Dec 21 12:50:22 2017 TLS: Initial packet from [AF_INET]13.57.140.173:8757, sid=a3c88086 b13f6cd8

2017-12-21 12:50:22,661 DEBG 'start-script' stdout output:
Thu Dec 21 12:50:22 2017 VERIFY ERROR: depth=1, error=certificate has expired: C=US, ST=California, L=Beverly Hills, O=ACME CORPORATION, OU=Anvil Department, CN=ca-certificate

Thu Dec 21 12:50:22 2017 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

Thu Dec 21 12:50:22 2017 TLS_ERROR: BIO read tls_read_plaintext error

Thu Dec 21 12:50:22 2017 TLS Error: TLS object -> incoming plaintext read error

Thu Dec 21 12:50:22 2017 TLS Error: TLS handshake failed


2017-12-21 12:50:22,661 DEBG 'start-script' stdout output:
Thu Dec 21 12:50:22 2017 SIGHUP[soft,tls-error] received, process restarting


2017-12-21 12:50:22,662 DEBG 'start-script' stdout output:
Thu Dec 21 12:50:22 2017 WARNING: file 'credentials.conf' is group or others accessible

 

Link to comment
9 hours ago, binhex said:

 

looks like either you have an out of date cert on disk, or your vpn provider is a bit crap and doesnt provide valid certificates.

 

Hmmm... that's what I thought but not sure how to update it.  I don't think there's a crt specified in the ovpn file.  I'm running my own VPN on AWS through streisand.  If you have any suggestions, I'd appreciate it.  Thanks!

Link to comment

Sorry, noob to this docker.

 

I can't launch with VPN enabled:

 

My log says " 2017-12-22 11:31:03,562 DEBG 'start-script' stdout output:
[info] Starting OpenVPN...

2017-12-22 11:31:03,721 DEBG 'start-script' stdout output:
Options error: --ca fails with 'ca.rsa.2048.crt': No such file or directory (errno=2)
Options error: --crl-verify fails with 'crl.rsa.2048.pem': No such file or directory (errno=2)

2017-12-22 11:31:03,721 DEBG 'start-script' stdout output:
Fri Dec 22 11:31:03 2017 WARNING: file 'credentials.conf' is group or others accessible
Options error: Please correct these errors.
Use --help for more information.
"

 

But I'm unsure how to do this.

Edited by GeekMajic
Link to comment
1 hour ago, GeekMajic said:

Options error: --ca fails with 'ca.rsa.2048.crt': No such file or directory (errno=2)
Options error: --crl-verify fails with 'crl.rsa.2048.pem': No such file or directory (errno=2)

 

go download those files from your vpn provider and put them in the same folder as the ovpn file.

Link to comment

Hey @binhex!

 

Awesome container, Thanks!

 

I was hoping for some help. Is it possible to enable a browser in the docker container? I have a tracker that I use that requires the client IP and downloader IP to be the same. Since this runs through PIA, its nearly impossible to make that happen unless it comes from same container. Any ideas?

 

LF

Link to comment
On 12/18/2017 at 3:07 PM, binhex said:

 

it is the physical lan not the docker nat network, im guessing that your subnet mask might be incorrect, is your netmask 255.255.255.0?

 

edit - ahh i also see some crappy options getting pushed from the vpn server. i think maybe this is the source of the issue causing issues then with ip tables, i think im going to have to extend the filtering to remove these options, ugg vpn providers do my head in sometimes.

 

 

 

Any luck on adding the extra filtering?

Link to comment
7 hours ago, LFTech said:

Hey @binhex!

 

Awesome container, Thanks!

 

I was hoping for some help. Is it possible to enable a browser in the docker container? I have a tracker that I use that requires the client IP and downloader IP to be the same. Since this runs through PIA, its nearly impossible to make that happen unless it comes from same container. Any ideas?

 

LF

This container includes privoxy, with that you can route your browser through the vpn tunnel. Just enable privoxy in the container settings and point your browser's proxy settings to "unraidIP:8118"

  • Like 1
Link to comment
This container includes privoxy, with that you can route your browser through the vpn tunnel. Just enable privoxy in the container settings and point your browser's proxy settings to "unraidIP:8118"

Thanks. I didn’t even think that. Seems so simple! Appreciate the help. I’ll post how it goes.


Sent from my iPhone using Tapatalk
Link to comment

Hi,

 

Relative n00b here, just setting up Deluge VPN, have installed the docker, and added my VPN providers .opvn file to \\........\appdata\binhex-delugevpn\openvpn

 

it contains the folowing lines:

 

client
dev tun
reneg-sec 0
persist-tun
persist-key
ping 5
ping-exit 30
nobind
comp-lzo adaptive
remote-random
ns-cert-type server
route-metric 1

 

CERT HERE

 

CERT HERE

 

PK HERE

 

remote REMOTE VPN SERVER DN
proto udp

 

(items in bold altered for privacy)

 

When I attempt to start DVPN, the log states " VPN_PORT not found in /config/openvpn/OPVNFILENAME.ovpn

 

I have tried adding "port 443" after the remote line, but this seems to have no effect. Am I missing something really obvious, before I start deep diving into the issue?

 

Thanks,

 

Duggie

Link to comment

Two questions:

 

1. In my Deluge GUI client I get an error notification in the bottom status bar "No incoming connections!", after connecting to the docker deluge daemon running on the same machine. The "test active port"  test for incoming ports in the deluge GUI client settings also results in a yellow exclamation mark, the port here set to 58946. I've opened port 58946 for both TCP and UDP in my router, so is this really an issue, or is it a false indicator?

 

2. How can I make my deluge plugins persistently activated between container launches and shutdowns (I always shut down the container when I'm not using deluge), I use LabelPlus, but every time the container is restarted the plug-in is disabled.

 

Cheers

Link to comment
Two questions:
 
1. In my Deluge GUI client I get an error notification in the bottom status bar "No incoming connections!", after connecting to the docker deluge daemon running on the same machine. The "test active port"  test for incoming ports in the deluge GUI client settings also results in a yellow exclamation mark, the port here set to 58946. I've opened port 58946 for both TCP and UDP in my router, so is this really an issue, or is it a false indicator?
 
2. How can I make my deluge plugins persistently activated between container launches and shutdowns (I always shut down the container when I'm not using deluge), I use LabelPlus, but every time the container is restarted the plug-in is disabled.
 
Cheers
1- the incoming connection port is a setting that comes from your VPN provider. Read their doc to see what range they let though (if any, some don't). Opening ports on your router doesn't help.

2-check the file permissions in your appdata, the deluge config file may be read only

Sent from my SGH-I337M using Tapatalk

Link to comment
On 24/12/2017 at 6:07 PM, Duggie264 said:

Hi,

 

Relative n00b here, just setting up Deluge VPN, have installed the docker, and added my VPN providers .opvn file to \\........\appdata\binhex-delugevpn\openvpn

 

it contains the folowing lines:

 

(...)

 

remote REMOTE VPN SERVER DN
proto udp

 

(items in bold altered for privacy)

 

When I attempt to start DVPN, the log states " VPN_PORT not found in /config/openvpn/OPVNFILENAME.ovpn

 

I have tried adding "port 443" after the remote line, but this seems to have no effect. Am I missing something really obvious, before I start deep diving into the issue?

 

Thanks,

 

Duggie

 

For me in the .ovpn the port is on the remote line:

 

remote whatever.vpnprovider.com 1196 udp

 

Edited by Gog
  • Like 1
Link to comment
8 hours ago, Gog said:

 

For me in the .ovpn the port is on the remote line:

 


remote whatever.vpnprovider.com 1196 udp

 

Thanks, that has got me past that hurdle, although for some reason it sill wants the protocol name on a separate line ¬¬

 

OK, so after a little more work, I was able to get it up and running.

 

1. Had to add username and password within the docker settings itself.

 

From the ovpn config file;

 

2. Remove the "proto udp" line

3. Add " 443 udp" to end of remote line.

4. Change "ns-cert-type server" to "--remote-cert-tls server"  [removes warning of deprecated command from log file]

 

Seems to be good at the moment, so thanks again!

Edited by Duggie264
To state resolution.
  • Like 1
Link to comment
18 hours ago, Gog said:

1- the incoming connection port is a setting that comes from your VPN provider. Read their doc to see what range they let though (if any, some don't). Opening ports on your router doesn't help.

2-check the file permissions in your appdata, the deluge config file may be read only

 

Got the port forwarding working perfectly, thanks for that.

 

The file permissions are still troubling me, I'm checking the files in /config in the container, but all files are read/write enabled except perms.txt and auth.
What file(s) contains the settings from the GUI/webUI (they should be the same, since if I enable a plugin in either one, it immediately show up in the other)?

Link to comment

I'd noticed in @gridrunner updated DelugeVPN video the template had changed a little (no STRICT_PORT_FORWARD option etc) compared to my install which I've had since February.

Instead of guessing what had changed I cleaned house (but retained appdata) and reinstalled.

PIA had updated its OpenVPN pack, so I updated that too.

 

I was quite pleased to see the changes to the docker had boosted performance quite a bit (Up+Down) and seemed to be far better at connecting with peers.

 

Thanks @binhex!

Edited by tjb_altf4
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.