Jump to content
binhex

[Support] binhex - DelugeVPN

4251 posts in this topic Last Reply

Recommended Posts

Dumb question, sorry if its been answered somewhere else.

When using the flag "STRICT_PORT_FORWARD" is there a way for me to get what the Port its using?

Is it using the ones I defined in Deluge itself or is it getting a random port from PIA?

Share this post


Link to post
6 hours ago, strike said:

 

Ah, I see. So I tried unchecking the blocklist plugin, but whenever I restart this docker, it comes back as checked/active. Do you know how I can permanently de-activate the blocklist plugin in my deluge setup?

Share this post


Link to post
Dumb question, sorry if its been answered somewhere else.
When using the flag "STRICT_PORT_FORWARD" is there a way for me to get what the Port its using?
Is it using the ones I defined in Deluge itself or is it getting a random port from PIA?
dynamic port from pia.

Sent from my SM-G935F using Tapatalk

Share this post


Link to post
8 minutes ago, binhex said:

dynamic port from pia.

Sent from my SM-G935F using Tapatalk
 

 

Hey @binhex just checking, should I do anything to the port settings inside Deluge or is it translating things for me already?

Edited by AnnabellaRenee87

Share this post


Link to post
1 hour ago, AnnabellaRenee87 said:
 
Hey [mention=11148]binhex[/mention] just checking, should I do anything to the port settings inside Deluge or is it translating things for me already?

no you don't need to do anything other than ensuring you're connecting to a VPN Endpoint that allows port forwarding all the port forwarding is done for you in code

Sent from my SM-G935F using Tapatalk
 

Edited by binhex
  • Like 1

Share this post


Link to post

So will this container only work if the VPN has port forwarding?
I was using ProtonVPN not to long ago and everything was working fine. I then restarted Unraid and every time I try and connect to the web client, I get the Unable to connect.

I tried redownloading, clearing out all configs and trying it again. Still nothing. I added the *.ovpn file in the correct folder. I get my vpn IP back when I run these commands

docker exec -it binhex-delugevpn /bin/bash
dig +short myip.opendns.com @resolver1.opendns.com


I tried digging through the forum and haven't found anything that worked.

 

 	
Network Type: 	
Privileged: 	
ON
Host Port 1: 	 8112
Container Port: 8112
Host Port 2: 	 58846
Container Port: 58846
Host Port 3: 	 58946
Container Port: 58946
Host Port 4: 	 58946
Container Port: 58946
Host Port 5: 	 8118
Container Port: 8118
Host Path 2: 	 /mnt/cache/torrent-completed/
Container Path: /data

Key 1: 	yes
Container Variable: VPN_ENABLED
Key 2: 	 *
Container Variable: VPN_USER
Key 3: 	 *
Container Variable: VPN_PASS
Key 4: 	custom
Container Variable: VPN_PROV
Key 5: 	 
Container Variable: VPN_OPTIONS
Key 6: 	 yes
Container Variable: STRICT_PORT_FORWARD
Key 7: 	yes
Container Variable: ENABLE_PRIVOXY
Key 8: 	 192.168.90.0/24
Container Variable: LAN_NETWORK
Key 9: 	 209.222.18.222,37.235.1.174,1.1.1.1,8.8.8.8,209.222.18.218,37.235.1.177,1.0.0.1,8.8.4.4
Container Variable: NAME_SERVERS
Key 10: 	yes
Container Variable: DEBUG
Key 11: 	 000
Container Variable: UMASK
Key 12: 	 99
Container Variable: PUID
Key 13: 	 100
Container Variable: PGID
downloading: 	 /mnt/user/torrent-downloading/
Container Path: /downloading
completed: 	 /mnt/user/torrent-completed/
Container Path: /completed
	

 

supervisord.log

Share this post


Link to post
So will this container only work if the VPN has port forwarding?
I was using ProtonVPN not to long ago and everything was working fine. I then restarted Unraid and every time I try and connect to the web client, I get the Unable to connect.

I tried redownloading, clearing out all configs and trying it again. Still nothing. I added the *.ovpn file in the correct folder. I get my vpn IP back when I run these commands
docker exec -it binhex-delugevpn /bin/bash

dig +short myip.opendns.com @resolver1.opendns.com


I tried digging through the forum and haven't found anything that worked.
 

Network Type: 	Privileged: 	ONHost Port 1: 	 8112Container Port: 8112Host Port 2: 	 58846Container Port: 58846Host Port 3: 	 58946Container Port: 58946Host Port 4: 	 58946Container Port: 58946Host Port 5: 	 8118Container Port: 8118Host Path 2: 	 /mnt/cache/torrent-completed/Container Path: /dataKey 1: 	yesContainer Variable: VPN_ENABLEDKey 2: 	 *Container Variable: VPN_USERKey 3: 	 *Container Variable: VPN_PASSKey 4: 	customContainer Variable: VPN_PROVKey 5: 	 Container Variable: VPN_OPTIONSKey 6: 	 yesContainer Variable: STRICT_PORT_FORWARDKey 7: 	yesContainer Variable: ENABLE_PRIVOXYKey 8: 	 192.168.90.0/24Container Variable: LAN_NETWORKKey 9: 	 209.222.18.222,37.235.1.174,1.1.1.1,8.8.8.8,209.222.18.218,37.235.1.177,1.0.0.1,8.8.4.4Container Variable: NAME_SERVERSKey 10: 	yesContainer Variable: DEBUGKey 11: 	 000Container Variable: UMASKKey 12: 	 99Container Variable: PUIDKey 13: 	 100Container Variable: PGIDdownloading: 	 /mnt/user/torrent-downloading/Container Path: /downloadingcompleted: 	 /mnt/user/torrent-completed/Container Path: /completed

 
supervisord.log

I would suspect that remote endpoint you are attempting to connect to doesn't exist any more, that's the problem with specifying an IP address instead of a hostname.

Sent from my SM-G935F using Tapatalk

Share this post


Link to post
11 minutes ago, binhex said:

I would suspect that remote endpoint you are attempting to connect to doesn't exist any more, that's the problem with specifying an IP address instead of a hostname.

Sent from my SM-G935F using Tapatalk
 

 

I didn't realize I was still using one of the .ovpn files with a static IP. I switch to use the name server. Still seems to be doing the same thing. I used the exact same file and was able to connect on my other machine.


I logged into the docker and checked the IP in the docker and it is correctly connecting to the VPN with no leaks. I added my supervisord.log again with the new .ovpn file running

 

supervisord.log

Share this post


Link to post
 
I didn't realize I was still using one of the .ovpn files with a static IP. I switch to use the name server. Still seems to be doing the same thing. I used the exact same file and was able to connect on my other machine.

I logged into the docker and checked the IP in the docker and it is correctly connecting to the VPN with no leaks. I added my supervisord.log again with the new .ovpn file running
 
supervisord.log
That looks much better and is a successful start, did you check to see if you could access the web UI?

Sent from my SM-G935F using Tapatalk

Share this post


Link to post
3 hours ago, binhex said:

That looks much better and is a successful start, did you check to see if you could access the web UI?

Sent from my SM-G935F using Tapatalk
 

Still have the unabled to connect.

I noticed this in the unraid logs.

 

Quote

2018-07-06 20:37:11,825 DEBG 'deluge-script' stdout output:
[info] Deluge started

2018-07-06 20:37:12,239 DEBG 'deluge-script' stdout output:
[debug] VPN incoming port is
[debug] VPN IP is 10.8.8.8
[debug] Deluge incoming port is
[debug] Deluge IP is 10.8.8.8

Where there are no port numbers being displayed. I was wondering if this had anything to do with it.

Share this post


Link to post
On 7/7/2018 at 1:38 AM, unidentifiedme said:

Still have the unabled to connect.

I noticed this in the unraid logs.

 

Where there are no port numbers being displayed. I was wondering if this had anything to do with it.

 

no that is simply telling you it cant assign a incoming port, which it wont be able to do as you arent using PIA, so you need to manually configure that.

 

try the following:-

 

1. turn off any firewalls on the pc you are connecting from.

2. try a different browser

3. try a different pc/tablet/phone

4.check firewall on your router, possibly lan side firewall enabled (pfsense can do this).

Share this post


Link to post

4 days and still no joy, Love the repo binhex. I have been using it with great success, the issue is that i had to make some changes due to a network change. the config and docker file got corrupted no problem i removed it and reinstalled but now i cant access the deluge-web portal unless i kill the deluge-web process running as nobody and restart it (it will then start as root). Here is my file for docker generation:

 

sudo docker run -d \
--cap-add=NET_ADMIN \
--restart=unless-stopped \
-p 8112:8112 \
-p 8118:8118 \
-p 58846:58846 \
-p 58946:58946 \
--name=delugevpn \
-v /srv/dev-disk-by-label-Torrent/Torrent:/downloads \
-v /srv/dev-disk-by-label-Torrent/Torrent:/data \
-v /srv/dev-disk-by-label-Torrent/Docker/delugevpn:/config \
-v /etc/localtime:/etc/localtime:ro \
-e VPN_ENABLED=yes \
-e VPN_USER=-------- \
-e VPN_PASS="----------" \
-e VPN_REMOTE=nl.privateinternetaccess.com \
-e VPN_PORT=1198 \
-e VPN_PROTOCOL=udp \
-e VPN_DEVICE_TYPE=tun \
-e VPN_PROV=pia \
-e STRONG_CERTS=no \
-e STRICT_PORT_FORWARD=yes \
-e ENABLE_PRIVOXY=yes \
-e LAN_NETWORK=192.168.42.0/24 \
-e NAME_SERVERS=209.222.18.222,209.222.18.21,8.8.8.8,8.8.4.4 \
-e DEBUG=false \
-e UMASK=000 \
-e PUID=1000 \
-e PGID=1000 \
binhex/arch-delugevpn

 

Thank you again.

supervisord.log

Edited by H8ing-Life

Share this post


Link to post
8 hours ago, H8ing-Life said:

4 days and still no joy, Love the repo binhex. I have been using it with great success, the issue is that i had to make some changes due to a network change. the config and docker file got corrupted no problem i removed it and reinstalled but now i cant access the deluge-web portal unless i kill the deluge-web process running as nobody and restart it (it will then start as root). Here is my file for docker generation:

 

sudo docker run -d \
--cap-add=NET_ADMIN \
--restart=unless-stopped \
-p 8112:8112 \
-p 8118:8118 \
-p 58846:58846 \
-p 58946:58946 \
--name=delugevpn \
-v /srv/dev-disk-by-label-Torrent/Torrent:/downloads \
-v /srv/dev-disk-by-label-Torrent/Torrent:/data \
-v /srv/dev-disk-by-label-Torrent/Docker/delugevpn:/config \
-v /etc/localtime:/etc/localtime:ro \
-e VPN_ENABLED=yes \
-e VPN_USER=-------- \
-e VPN_PASS="----------" \
-e VPN_REMOTE=nl.privateinternetaccess.com \
-e VPN_PORT=1198 \
-e VPN_PROTOCOL=udp \
-e VPN_DEVICE_TYPE=tun \
-e VPN_PROV=pia \
-e STRONG_CERTS=no \
-e STRICT_PORT_FORWARD=yes \
-e ENABLE_PRIVOXY=yes \
-e LAN_NETWORK=192.168.42.0/24 \
-e NAME_SERVERS=209.222.18.222,209.222.18.21,8.8.8.8,8.8.4.4 \
-e DEBUG=false \
-e UMASK=000 \
-e PUID=1000 \
-e PGID=1000 \
binhex/arch-delugevpn

 

Thank you again.

supervisord.log

 

im not sure what 'network change' you made but i would guess you are now not allowing outbound connections to port 1198 and thus openvpn is unable to connect to the vpn provider, snippet from your log showing the start of openvpn and then failure to connect and subsequent restart:-

2018-07-10 21:59:14,626 DEBG 'start-script' stdout output:
[info] OpenVPN started

2018-07-10 21:59:14,626 DEBG 'start-script' stdout output:
[debug] Waiting for valid IP address from tunnel...

2018-07-10 21:59:14,627 DEBG 'start-script' stdout output:
Tue Jul 10 21:59:14 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2018-07-10 21:59:14,628 DEBG 'start-script' stdout output:
Tue Jul 10 21:59:14 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]46.166.190.225:1198

2018-07-10 21:59:14,628 DEBG 'start-script' stdout output:
Tue Jul 10 21:59:14 2018 UDP link local: (not bound)
Tue Jul 10 21:59:14 2018 UDP link remote: [AF_INET]46.166.190.225:1198

2018-07-10 22:00:14,349 DEBG 'start-script' stdout output:
Tue Jul 10 22:00:14 2018 [UNDEF] Inactivity timeout (--ping-restart), restarting

so take a look at your router, firewall, pfsense box, host etc, back track through what you have changed.

Share this post


Link to post

Hi,

 

Any posts on reverse proxying with nginx and blank screens? Kinda hard to read through 138 pages =/

Been searching google and tried different types of settings, all resulting in a blank page but working title bar..

 

location /deluge {
    proxy_set_header  X-Deluge-Base "/deluge/";
    include /config/nginx/proxy.conf;
    set $upstream_deluge 192.168.3.61;
    proxy_pass http://$upstream_deluge:8112/;

It doenst matter if i use proxy_set_header and not set base in web.conf. If i set base in web.conf i even cant access the normal ui without reverse proxy.

That also gives me a blank page and working title.

Edited by Tuumke

Share this post


Link to post
38 minutes ago, Tuumke said:

Hi,

 

Any posts on reverse proxying with nginx and blank screens? Kinda hard to read through 138 pages =/

Been searching google and tried different types of settings, all resulting in a blank page but working title bar..

 


location /deluge {
    proxy_set_header  X-Deluge-Base "/deluge/";
    include /config/nginx/proxy.conf;
    set $upstream_deluge 192.168.3.61;
    proxy_pass http://$upstream_deluge:8112/;

It doenst matter if i use proxy_set_header and not set base in web.conf. If i set base in web.conf i even cant access the normal ui without reverse proxy.

That also gives me a blank page and working title.

Here is my LE reverse proxy block.

location /deluge {
		proxy_set_header X-Deluge-Base "/deluge/";
		add_header X-Frame-Options SAMEORIGIN;
		include /config/nginx/auth.conf;
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.0.2:8112/;
	}

Since you have your proxy.conf separated out like I do, I can't directly compare all the relevant options. Try adding the add_header directive and see if that makes a difference.

  • Like 1

Share this post


Link to post

@jonathanm

 

root@NAS:/mnt/user/dockers/letsencrypt/nginx# cat proxy.conf
## Version 2018/05/31 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/proxy.conf

client_max_body_size 10m;
client_body_buffer_size 128k;

#Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

# Advanced Proxy Config
send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;

# Basic Proxy Config
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
#proxy_cookie_path / "/; HTTPOnly; Secure"; # enable at your own risk, may break certain apps
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 32 4k;

 

Share this post


Link to post

I don't see anything jumping out at me from your proxy.conf.

 

My web.conf has these lines in it that appear to be relevant, along with the rest of the stuff I'm not going to post here.

"base": "/", 
"https": false, 
  

 

  • Like 1

Share this post


Link to post

@binhex

 

I am using the delugevpn-flexget container which was based on your delugevpn container.

I am however seeing the same issue some people had back in 2016 where VPN was connected but you can only access webGUI from localhost and nowhere else on your network.

The person fixed it by adding masquared rule to iptables and you said you was gonna go see what you can do to fix and stop leaks.

was this fixed? as I am seeing same issue.

any suggestions? 

supervisord.txt

 

edit: I did notice the listen address in core.conf is the tun0 address and not eth0.

this could be the issue?

Edited by nekromantik

Share this post


Link to post

Re ran with debug on

attached log

 

to recap this is cant access web ui from anything other then container itself.

its not networking as I can access privoxy from other containers and LAN which is on same container as deluge so networking is fine unless its the IPtables messing 8112 up.

 

supervisord.txt

Share this post


Link to post

I've been trying to get the delugevpn container up and running on my QNAP NAS, but am having an issue where the VPN connection constantly resets itself, removing and re-adding the tun0 interface.

 

I've attached the full supervisord.log for a ten minute run of a fresh instantiation of the container, but the errors that stick out to me are:

Quote

2018-07-15 20:54:50,310 DEBG 'deluge-script' stderr output:
Unhandled Error
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/deluge/main.py", line 241, in start_daemon
    Daemon(options, args)
  File "/usr/lib/python2.7/site-packages/deluge/core/daemon.py", line 180, in __init__
    reactor.run()
  File "/usr/lib/python2.7/site-packages/twisted/internet/base.py", line 1243, in run
    self.mainLoop()
  File "/usr/lib/python2.7/site-packages/twisted/internet/base.py", line 1252, in mainLoop
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/lib/python2.7/site-packages/twisted/internet/base.py", line 878, in runUntilCurrent
    call.func(*call.args, **call.kw)
  File "/usr/lib/python2.7/site-packages/deluge/core/preferencesmanager.py", line 263, in _on_set_listen_ports
    self.session.listen_on(value[0], value[1], str(self.config["listen_interface"]).strip())
exceptions.RuntimeError: Cannot assign requested address

and

Quote

Sun Jul 15 20:56:15 2018 ERROR: Linux route add command failed: external program exited with error status: 2

 

I created the container with:

Quote

docker run --privileged -d \
    --cap-add=NET_ADMIN \
    -p 8112:8112 \
    -p 8118:8118 \
    -p 58846:58846 \
    -p 58946:58946 \
    --name=delugevpn \
    -v /share/CE_CACHEDEV1_DATA/Download/deluge/data:/data\
    -v /share/CE_CACHEDEV1_DATA/Download/deluge/config:/config\
    -v /share/CE_CACHEDEV1_DATA/Download/deluge/completed:/completed\
    -v /etc/localtime:/etc/localtime:ro \
    -e VPN_ENABLED=yes \
    -e VPN_USER=[REDACTED] \
    -e VPN_PASS=[REDACTED] \
    -e VPN_REMOTE=ca-toronto.privateinternetaccess.com \
    -e VPN_PORT=1198 \
    -e VPN_PROTOCOL=udp \
    -e VPN_DEVICE_TYPE=tun \
    -e VPN_PROV=pia \
    -e STRONG_CERTS=no \
    -e STRICT_PORT_FORWARD=yes \
    -e ENABLE_PRIVOXY=yes \
    -e LAN_NETWORK=10.13.37.0/24 \
    -e NAME_SERVERS=8.8.8.8,8.8.4.4 \
    -e DEBUG=true \
    -e UMASK=000 \
    -e PUID=0 \
    -e PGID=0 \
    binhex/arch-delugevpn 

 

Anything obvious I'm missing?

supervisord.log

Share this post


Link to post
18 hours ago, nekromantik said:

@binhex

 

I am using the delugevpn-flexget container which was based on your delugevpn container.

I am however seeing the same issue some people had back in 2016 where VPN was connected but you can only access webGUI from localhost and nowhere else on your network.

The person fixed it by adding masquared rule to iptables and you said you was gonna go see what you can do to fix and stop leaks.

was this fixed? as I am seeing same issue.

any suggestions? 

supervisord.txt

 

edit: I did notice the listen address in core.conf is the tun0 address and not eth0.

this could be the issue?

 

sorry i wont be able to support any forks from my code there are too many variables, you will need to ask in the delugevpn-flexget support thread.

Share this post


Link to post
3 hours ago, lurkymclurkerton said:

I've been trying to get the delugevpn container up and running on my QNAP NAS, but am having an issue where the VPN connection constantly resets itself, removing and re-adding the tun0 interface.

 

I've attached the full supervisord.log for a ten minute run of a fresh instantiation of the container, but the errors that stick out to me are:

and

 

I created the container with:

 

Anything obvious I'm missing?

supervisord.log

 

The only odd thing ive spotted is that you are defining both the privileged flag and the cap-add flag, you should be using one or the other, try first with privileged and see how you get on, as this is the most permissive of the two.

 

 --privileged -d \
    --cap-add=NET_ADMIN \
...

 

Share this post


Link to post
52 minutes ago, binhex said:

 

The only odd thing ive spotted is that you are defining both the privileged flag and the cap-add flag, you should be using one or the other, try first with privileged and see how you get on, as this is the most permissive of the two.

 


 --privileged -d \
    --cap-add=NET_ADMIN \
...

 

 

Hmm.  No joy with removing either.

Share this post


Link to post

There was a QNAP firmware update, and either the update itself or the rebooting of the NAS fixed the issue.  ¯\_(ツ)_/¯

I'm embarrassed to admit that I didn't previously try turning it off and on again, so that could very well have been the "fix".

 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now