[Support] binhex - DelugeVPN


Recommended Posts

Hi there,

So last night - my docker container wouldn't startup - i checked the log and saw a message about my PIA endpoint not working b/c it's been phased out ... so I visited this PIA page and downloaded "OPENVPN CONFIGURATION FILES (DEFAULT)". I put the CA-Toronto end point on my server and relaunched delugeVPN. The container will start but I am unable to access it via gui. I looked at the log and here is the latest error:

 

2020-11-06 01:59:06,469 DEBG 'start-script' stdout output:
2020-11-06 01:59:06 DEPRECATED OPTION: --cipher set to 'aes-128-cbc' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'aes-128-cbc' to --data-ciphers or change --cipher 'aes-128-cbc' to --data-ciphers-fallback 'aes-128-cbc' to silence this warning.

2020-11-06 01:59:06,469 DEBG 'start-script' stdout output:
2020-11-06 01:59:06 WARNING: file 'credentials.conf' is group or others accessible
2020-11-06 01:59:06 OpenVPN 2.5.0 [git:makepkg/a73072d8f780e888+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Oct 27 2020

How would i go about fixing this?

Link to comment
2 hours ago, helpermonkey said:

Hi there,

So last night - my docker container wouldn't startup - i checked the log and saw a message about my PIA endpoint not working b/c it's been phased out ... so I visited this PIA page and downloaded "OPENVPN CONFIGURATION FILES (DEFAULT)". I put the CA-Toronto end point on my server and relaunched delugeVPN. The container will start but I am unable to access it via gui. I looked at the log and here is the latest error:

 


2020-11-06 01:59:06,469 DEBG 'start-script' stdout output:
2020-11-06 01:59:06 DEPRECATED OPTION: --cipher set to 'aes-128-cbc' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'aes-128-cbc' to --data-ciphers or change --cipher 'aes-128-cbc' to --data-ciphers-fallback 'aes-128-cbc' to silence this warning.

2020-11-06 01:59:06,469 DEBG 'start-script' stdout output:
2020-11-06 01:59:06 WARNING: file 'credentials.conf' is group or others accessible
2020-11-06 01:59:06 OpenVPN 2.5.0 [git:makepkg/a73072d8f780e888+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Oct 27 2020

How would i go about fixing this?

Q22:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Link to comment
3 hours ago, Kishin said:

Hello, does anyone has a script to move files between disks ?

I would like to download to my cache then move them to the array where i can continue to seed / hardlink for plex.

 

Thanks.

In my setup I rely on the nightly mover to move my downloads from the cache to the array.  This occurs every day at 04:00.

 

2020-11-06 07_30_03-Atlas_Share.png

Link to comment
4 hours ago, Kishin said:

Hello, does anyone has a script to move files between disks ?

I would like to download to my cache then move them to the array where i can continue to seed / hardlink for plex.

I download to a cache-only share, then allow deluge to move the files to another share, automatically, on download completion.  No extra script needed.

 

Check out deluge 'Preferences' -> 'Downloads', "Move completed to:"

Link to comment

[FIXED]

When I try to connect to Deluge from Sonnar, I receive the following error:  "Unknown exception: The operation has timed out.: 'http://10.69.55.110:8112/json'

 

I can login to deluge fine using the IP address (10.69.55.110:8112).   However the json file does not seem to exist.   This has been working for a while and I've used bin hex projects for a majority of my Unraid media server.    I'm unsure if this is something I've broken, but I've not made a change on my system in months.    

 

Turning off the VPN component of this container does allow other containers to connect, but that doesn't provide me what I need for reasons.

 

Any suggestions or advice?
[FIXED]
------

After a lot of goole foo, found another thread on reddit that described this issue and it was a firewall issue on a Synology nas.  Seemed my Mikrotik router considered looking up Json an invalid connection.  I excluded my local lan subnet and all is well now.  Not sure why this is... but I'll leave this here incase someone else runs across it. 

Edited by djgizmo
Link to comment
2 hours ago, binhex said:

remove that line, you can only have one cipher line and that one is not correct.

thank you for your help.  this helped me as well.

 

For reference for anyone else.  Deluge VPN would not start for me.  This is due to a recent PIA change on their end. 

 

Go to: https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Look at question 19 and 22 and make the changes.

 

Link to comment

I can't seem to get around this error...

2020-11-06 12:26:17,597 DEBG 'start-script' stdout output:
[info] Port forwarding is enabled
[info] Checking endpoint 'ca-toronto.privacy.network' is port forward enabled...

2020-11-06 12:26:17,604 DEBG 'start-script' stdout output:
[info] Attempting to curl https://www.privateinternetaccess.com/vpninfo/servers?version=82...

2020-11-06 12:26:18,184 DEBG 'start-script' stdout output:
[info] Curl successful for https://www.privateinternetaccess.com/vpninfo/servers?version=82, response code 200

2020-11-06 12:26:18,309 DEBG 'start-script' stdout output:
[warn] PIA endpoint 'ca-toronto.privacy.network' is not in the list of endpoints that support port forwarding, DL/UL speeds maybe slow
[info] Please consider switching to one of the endpoints shown below

2020-11-06 12:26:18,311 DEBG 'start-script' stdout output:
[info] List of PIA endpoints that support port forwarding:-

2020-11-06 12:26:18,312 DEBG 'start-script' stdout output:
[info] ca-toronto.privateinternetaccess.com
[info] ca-montreal.privateinternetaccess.com
[info] ca-vancouver.privateinternetaccess.com
[info] de-berlin.privateinternetaccess.com
[info] de-frankfurt.privateinternetaccess.com
[info] france.privateinternetaccess.com
[info] czech.privateinternetaccess.com
[info] spain.privateinternetaccess.com
[info] ro.privateinternetaccess.com
[info] israel.privateinternetaccess.com
[info] Attempting to get dynamically assigned port...

2020-11-06 12:26:18,346 DEBG 'start-script' stdout output:
[info] Attempting to curl http://209.222.18.222:2000/?client_id=a619b6295e9df7efdf53872765677526286e6f49586fb964d0d6989b4f2ebd6c...

2020-11-06 12:26:18,420 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 12 retries left
[info] Retrying in 10 secs...

I have been through the faq and have done the following:

Updated the container, downloaded the next gen files from PIA, changed my password to alphanumeric only, and tried multiple sites (Montreal, Toronto, Berlin, Frankfurt, Romania, France).

 

The only change that seems to help is to set STRICT_PORT_FORWARD to no. Is that a potential risk to do that or is it more for performance?

 

Could curl exit code 7 be related to name servers? Mine are set to:

209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1

 

I appreciate any advice, I'm nearing my wit's end.

Link to comment
4 hours ago, binhex said:

remove that line, you can only have one cipher line and that one is not correct.

Thanks - so i gave that a twirl and i'm still getting some errors ... here is the log file on pastebin

 

here is the .ovpn file minus the cert and the X509 portion....

client
dev tun
proto udp
remote ca-toronto.privacy.network 1198
resolv-retry infinite
nobind
persist-key
cipher aes-256-gcm
ncp-disable
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
<crl-verify>

 

Link to comment
6 minutes ago, helpermonkey said:

Thanks - so i gave that a twirl and i'm still getting some errors ... here is the log file on pastebin

 

here is the .ovpn file minus the cert and the X509 portion....


client
dev tun
proto udp
remote ca-toronto.privacy.network 1198
resolv-retry infinite
nobind
persist-key
cipher aes-256-gcm
ncp-disable
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
<crl-verify>

 

You're using the username/password generated for SOCKS connections.  Use the username and password you sign into the PIA website with. The generated u/p used to work before they switched to nextgen, now you have to use your actual u/p

Link to comment
1 hour ago, chesh said:

You're using the username/password generated for SOCKS connections.  Use the username and password you sign into the PIA website with. The generated u/p used to work before they switched to nextgen, now you have to use your actual u/p

so how would i do that? in my credentials.conf file - the first line is my userid for PIA and the second line is my password that i login to the website with.

Link to comment
4 minutes ago, DontWorryScro said:

Does binhex/arch-delugevpn:2.0.3-2-01 support all this next gen, updated servers stuff?  My current experience would suggest no.  But maybe I'm just misconfigured somewhere.  Ive been through the FAQ up and down, though.

No. You will have to install one of the most recent 2.0.4 builds. Might as well just install the latest build.

Link to comment
55 minutes ago, wgstarks said:

No. You will have to install one of the most recent 2.0.4 builds. Might as well just install the latest build.

ok can anyone chime in on a specific 2.0.4 build that plays nice with the most amount of private trackers without getting you banned/blocked/timedout?

Give me your favorite tag!  TIA

 

Edit: tho i guess the real issue is they're all dev versions.  No stable version.  So I'm up a creek.

Edited by DontWorryScro
Link to comment
1 hour ago, DontWorryScro said:

Edit: tho i guess the real issue is they're all dev versions.  No stable version.  So I'm up a creek.

Edited 11 minutes ago by DontWorryScro

Binhex-qbittorrentvpn has worked great for me. The switch was fairly painless if you want to go that route. You will need to re-add all your torrents so you need to be sure you have the torrent files (and maybe backup copies 🤞).

 

Edit: you’re welcome to pm me if you need details.

Edited by wgstarks
Link to comment
9 minutes ago, Malaki said:

I'm running 2.0.4.dev38_g23a48dd01-2-15. I'm using latest for the repo.

You could try the recommended NS's and see what happens-

209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1

 

Edited by wgstarks
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.