[Support] binhex - DelugeVPN


Recommended Posts

Thinking of giving wireguard on PIA a shot to compare the transfer rates.  I have a question about the first step:

 

1. Change Docker parameter from --cap-add=NET_ADMIN to --privileged=true (WireGuard requires privileged permissions).

 

I assume the "--privileged=true" gets added to the extra parameters line in the docker setup?

 

I don't see the line "--cap-add=NET_ADMIN" in there at all.  What am I missing?

 

 

Link to comment
6 minutes ago, elliotiscool said:

Hey Binhex. I'd appreciate some help. Sonarr and Radarr stopped properly connecting to binhex-delugevpn and I tried to fix it without any success. I first suspected it was caused by PIA not allowing Switzerland.ovpn so I downloaded PIA's updated openvpn files. I replaced it with France. I also tried deleting perms.txt. Thanks.

supervisord.log 4.98 MB · 0 downloads


i had this very issue and I had to change port forward to ‘no’ inside the docker. 

Link to comment
21 minutes ago, elliotiscool said:

Hey Binhex. I'd appreciate some help. Sonarr and Radarr stopped properly connecting to binhex-delugevpn and I tried to fix it without any success. I first suspected it was caused by PIA not allowing Switzerland.ovpn so I downloaded PIA's updated openvpn files. I replaced it with France. I also tried deleting perms.txt. Thanks.

supervisord.log 4.98 MB · 1 download

you are using the old pia legacy network, from your log:-

2020-10-16 11:27:36.341444 [info] VPN remote server(s) defined as 'france.privateinternetaccess.com,'

you need to switch to next-gen, see Q19 from the following link:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Link to comment

Hi Binhex, I'm having a bit of difficulty using wireguard (with mullvad). I've managed to get the container working with openvpn by following this post:

But I've had no success when I switch from openvpn to wireguard. So far I've tried the following:

 

  1. Enable privileged, change 'VPN_CLIENT' to 'wireguard', and append extra parameter
    --sysctl="net.ipv4.conf.all.src_valid_mark=1"

     

  2. Generate and copy my wireguard configuration file to /wireguard/, which I rename to 'wg0.conf' (although I doubt that matters). I implemented some of the suggestions you made in earlier posts, so my conf file looks something like

    [Interface]
    PrivateKey = <private key>
    Address = x.x.x.x/32,xxxx:xxxx:xxxx:xxxx::x:xxxx/128
    
    [Peer]
    PublicKey = <public key>
    AllowedIPs = 0.0.0.0/0
    Endpoint = y.y.y.y:zzzzz

Since I'm using wireguard, I shouldn't need the openvpn files. However, if I remove the files in /openvpn/, the container almost immediately fails:

2020-10-20 21:49:51.578271 [crit] No OpenVPN config file located in /config/openvpn/ (ovpn extension), please download from your VPN provider and then restart this container, exiting...

If I include the openvpn config files, the container starts successfully. However,  I can easily verify (by using https://ipleak.net/ and setting the wireguard/openvpn configs to different regions) that the container is just using openvpn, not wireguard. 

 

Is there something else I can do to force the container to use wireguard instead?

Link to comment
4 hours ago, radiation.syrup said:

If I include the openvpn config files, the container starts successfully. However,  I can easily verify (by using https://ipleak.net/ and setting the wireguard/openvpn configs to different regions) that the container is just using openvpn, not wireguard. 

i would suspect you havent defined VPN_CLIENT correctly, see this post:-

https://forums.unraid.net/topic/75539-support-binhex-qbittorrentvpn/?do=findComment&comment=902637

 

Link to comment

imminent removal of support for pia legacy network coming guys - i dont think anybody will be crying into their vindaloo here, as its been mostly broken (thanks pia! \s) for some time, but thought it worth a heads up on this.

Edited by binhex
Link to comment
20 minutes ago, binhex said:

imminent removal of support for pia legacy network coming guys - i dont think anybody will be crying into their vindaloo here, as its been mostly broken (thanks pia! \s) for some time, but thought it worth a heads up on this.

Yes, some locations have already been taken down.  I use L2TP on my router so that I can selectively route traffic through the VPN - the location I was using, Chicago, has gone down today.

I have switched to us-east which still seems to be operating .... but for how long?

 

It looks like I will have to subscribe to two different VPN providers - one which supports port forwarding and one which supports L2TP.  PIA have never supported L2TP/IPsec, so at least I have the option of finding a provider which offers that - such as ExpressVPN.

Link to comment
11 minutes ago, binhex said:

not possible to use this guide? - i know you arent using windows but hopefully enough info to get it going:- https://www.privateinternetaccess.com/pages/client-support/windows8.1-l2tp

I have never managed to achieve an encrypted connection - it always reverts to bare L2TP.  PIA support aren't interested in resolving the issue.

Express, on the other hand, happily negotiates IPsec.

 

The PIA guide contains this sentence:

"If you need encryption, please use the Private Internet Application or OpenVPN protocol with our service."

suggesting that they are aware that IPsec doesn't work on an L2TP connection.

Link to comment
4 hours ago, binhex said:

i would suspect you havent defined VPN_CLIENT correctly, see this post:-

https://forums.unraid.net/topic/75539-support-binhex-qbittorrentvpn/?do=findComment&comment=902637

 

Thanks for getting back to me so soon! Unfortunately, that doesn't seem to be the issue. I have the key (not name) set to 'VPN_CLIENT' and the value set to 'wireguard', but the container still fails with the same error. image.png.4b41f1628b5e7c7165fb9c23353328eb.png

 

2020-10-21 06:47:01.678693 [info] System information Linux xxxx 4.19.107-Unraid #1 SMP Thu Mar 5 13:55:57 PST 2020 x86_64 GNU/Linux
2020-10-21 06:47:01.696537 [info] PUID defined as '99'
2020-10-21 06:47:01.715871 [info] PGID defined as '100'
2020-10-21 06:47:02.009384 [info] UMASK defined as '000'
2020-10-21 06:47:02.026586 [info] Permissions already set for volume mappings
2020-10-21 06:47:02.046493 [info] DELUGE_DAEMON_LOG_LEVEL defined as 'info'
2020-10-21 06:47:02.009384 [info] UMASK defined as '000'
2020-10-21 06:47:02.026586 [info] Permissions already set for volume mappings
2020-10-21 06:47:02.046493 [info] DELUGE_DAEMON_LOG_LEVEL defined as 'info'
2020-10-21 06:47:02.064229 [info] DELUGE_WEB_LOG_LEVEL defined as 'info'
2020-10-21 06:47:02.082173 [info] VPN_ENABLED defined as 'yes'
2020-10-21 06:47:02.104528 [crit] No OpenVPN config file located in /config/openvpn/ (ovpn extension), please download from your VPN provider and then restart this container, exiting...

 

Edited by radiation.syrup
Add full log, add image
Link to comment
19 minutes ago, radiation.syrup said:

Thanks for getting back to me so soon! Unfortunately, that doesn't seem to be the issue. I have the key (not name) set to 'VPN_CLIENT' and the value set to 'wireguard', but the container still fails with the same error.

then i can only assume you are not running the latest image, what is set for 'repository' for the container?.

Link to comment
Just now, radiation.syrup said:

The repository is 


binhex/arch-delugevpn:1.3.15_18_ge050905b2-1-04

 

yep thats the problem, you are using a tagged version, you need to drop the tag (the colon and everything after it) in order to download the latest image, this will of course mean you will move onto deluge 2.x

Link to comment
1 minute ago, binhex said:

yep thats the problem, you are using a tagged version, you need to drop the tag (the colon and everything after it) in order to download the latest image, this will of course mean you will move onto deluge 2.x

Ah ha, of course! Yes, I switched back to Deluge 1.3.15 for compatibility reasons. I'll give the new version ago. Thanks!

Edited by radiation.syrup
Link to comment
On 10/17/2020 at 1:47 PM, 3NBR said:

Trying to get this to work on a Synology NAS. Working no problem with OpenVPN but no joy with Wireguard. I am a newb, can anyone suggest what I'm doing wrong?

docker-compose.txt 1.02 kB · 4 downloads supervisord.log 11.37 kB · 3 downloads

Wireguard is new to me, so I'm just guessing based upon 1 hour of research; it looks like our linux kernel is too old. I'm at version 3.10 with DSM 6.2. Also, Synology doesn't provide official wireguard support while unraid does.

 

I'm going to be honest here, Synology makes awesome all-in-one products with long-term support but I'm hitting the wall of possibilities. Time to move away and use my Synology unit as backup unit.

Link to comment
22 minutes ago, BakedPizza said:

Wireguard is new to me, so I'm just guessing based upon 1 hour of research; it looks like our linux kernel is too old. I'm at version 3.10 with DSM 6.2. Also, Synology doesn't provide official wireguard support while unraid does.

 

I'm going to be honest here, Synology makes awesome all-in-one products with long-term support but I'm hitting the wall of possibilities. Time to move away and use my Synology unit as backup unit.

if your kernel is older than 5.6.x then yep you are out of luck and will have to stick to openvpn - or join the dark side and use unraid 🙂

  • Haha 1
Link to comment
40 minutes ago, binhex said:

if your kernel is older than 5.6.x then yep you are out of luck and will have to stick to openvpn - or join the dark side and use unraid 🙂

Oh, I will, eventually. 😄

 

Something else; my legacy PIA config connects just fine but whenever I try to use the next-gen PIA config it's stuck at this step:

Quote

[warn] Unable to successfully download PIA json to generate token from URL 'https://10.0.0.1/authv3/generateToken'
[info] 1 retries left
[info] Retrying in 10 secs...

Attached my log. I'm currently on 2.0.4.dev38_g23a48dd01-2-12. Am I doing something wrong, did I encounter a bug or is PIA messing with me?

 

 

supervisord.log

Link to comment

Since PIA moved over to the next gen stuff and broke my previous install, I've been unable to connect.  I tried moving over to wireguard, but I just get this repeating:

2020-10-21 23:35:26,774 DEBG 'start-script' stderr output:
parse error: Invalid numeric literal at line 4, column 0

2020-10-21 23:35:27,612 DEBG 'start-script' stdout output:
[warn] Unable to successfully download PIA json to generate token from URL 'https://89.187.174.129/authv3/generateToken'
[info] Retrying in 10 secs...

I've downloaded and copied over the latest config files from PIA, I've followed the steps in the github for moving to wireguard, I've checked, and rechecked, and generated fresh credentials, not using wireguard I just keep getting AUTH FAILED over and over on every server, tried with port forwarding off, same thing.  Is PIA broken or is there something wrong with my config?  I've wiped and reinstalled delugevpn after upgrading didn't work, everything I do, I get the same errors, no changes...

 

Edited by worldspawn
Link to comment
16 hours ago, BakedPizza said:

Something else; my legacy PIA config connects just fine but whenever I try to use the next-gen PIA config it's stuck at this step:

Quote

[warn] Unable to successfully download PIA json to generate token from URL 'https://10.0.0.1/authv3/generateToken'
[info] 1 retries left
[info] Retrying in 10 secs...

ive seen a couple of people report this but i have been unable to replicate so unsure as to the cause, you could try another endpoint and see if that helps.

Link to comment
18 hours ago, BakedPizza said:

Wireguard is new to me, so I'm just guessing based upon 1 hour of research; it looks like our linux kernel is too old. I'm at version 3.10 with DSM 6.2. Also, Synology doesn't provide official wireguard support while unraid does.

 

I'm going to be honest here, Synology makes awesome all-in-one products with long-term support but I'm hitting the wall of possibilities. Time to move away and use my Synology unit as backup unit.

What Synology device do you have? Im curious to this as I've looked up the kernel for Synology products and I can't find a straight answer online. It seems that DSM is heavily modified to the point where they don't announce what kernels they use anymore?

Edited by superkrups20056
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.