[Support] binhex - DelugeVPN

theoperator · September 23, 2016

Hi there! I'm attempting to spin up a DelugeVPN docker container. My Docker host is inside an LXD container, and is already running a handful of other Docker containers.

When I attempt to run DelugeVPN via:

docker run -d \

--cap-add=NET_ADMIN \

-p 8112:8112 \

-p 8118:8118 \

--name=delugevpn \

-v /data/deluge/data:/data \

-v /data/deluge/config:/config \

-v /etc/localtime:/etc/localtime:ro \

-e VPN_ENABLED=yes \

-e VPN_USER=******** \

-e VPN_PASS=********* \

-e VPN_REMOTE=ca.privateinternetaccess.com \

-e VPN_PORT=1198 \

-e VPN_PROTOCOL=udp \

-e VPN_PROV=pia \

-e STRONG_CERTS=no \

-e ENABLE_PRIVOXY=yes \

-e LAN_NETWORK=192.168.0.0/24 \

-e DEBUG=false \

-e PUID=0 \

-e PGID=0 \

binhex/arch-delugevpn

It gets partway through downloading, extracting and completing pull, then gives the following error:

docker: failed to register layer: ApplyLayer exit status 1 stdout: stderr: operation not permitted.

Gog · September 24, 2016

Good evening

A while ago I configured a VM with deluge and VPN. I used ufw to limit traffic to the vpn interface and it works fine for me but it's still maintenance and disk space wo when I noticed this docker last week, I was eager to try.

Without VPN enabled, the webUI works well; with VPN, no webUI. Supervisor logs look OK, no authentication failure but I noticed that this configures the IP tables with tun0 while ibvpn uses tap0. From my limited understanding of IPtables, I think that could prevent traffic from going to/from the vpn but my home subnet is still allowed. Anybody knows?

debug logs:

2016-09-24 01:10:40,700 CRIT Set uid to user 0
2016-09-24 01:10:40,700 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2016-09-24 01:10:40,702 INFO supervisord started with pid 19
2016-09-24 01:10:41,704 INFO spawned: 'start-script' with pid 22
2016-09-24 01:10:41,704 INFO spawned: 'webui-script' with pid 23
2016-09-24 01:10:41,705 INFO spawned: 'deluge-script' with pid 24
2016-09-24 01:10:41,706 INFO spawned: 'privoxy-script' with pid 25
2016-09-24 01:10:41,710 DEBG 'privoxy-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-09-24 01:10:41,710 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-09-24 01:10:41,710 INFO success: webui-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-09-24 01:10:41,710 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-09-24 01:10:41,710 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-09-24 01:10:41,711 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2016-09-24 01:10:41,711 DEBG 'deluge-script' stdout output:
[info] deluge config file already exists, skipping copy

2016-09-24 01:10:41,712 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-09-24 01:10:41,718 DEBG 'start-script' stdout output:
[info] VPN provider defined as custom
[debug] Environment variables defined as follows
BASH=/bin/bash
BASHOPTS=cmdhist:complete_fullquote:extquote:force_fignore:hostcomplete:interactive_comments:progcomp:promptvars:sourcepath
BASH_ALIASES=()
BASH_ARGC=()
BASH_ARGV=()
BASH_CMDS=()

2016-09-24 01:10:41,718 DEBG 'start-script' stdout output:
BASH_LINENO=([0]="0")
BASH_SOURCE=([0]="/root/start.sh")
BASH_VERSINFO=([0]="4" [1]="3" [2]="42" [3]="1" [4]="release" [5]="x86_64-unknown-linux-gnu")
BASH_VERSION='4.3.42(1)-release'
DEBUG=true
DIRSTACK=()
ENABLE_PRIVOXY=no
EUID=0
GROUPS=()
HOME=/home/nobody
HOSTNAME=c56305b6b988
HOSTTYPE=x86_64
HOST_OS=unRAID
IFS=$' \t\n'
LANG=en_GB.UTF-8
LAN_NETWORK=192.168.1.0/24
MACHTYPE=x86_64-unknown-linux-gnu
OPTERR=1
OPTIND=1
OSTYPE=linux-gnu
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PGID=100
PIPESTATUS=([0]="0")
PPID=19
PS4='+ '
PUID=99
PWD=/
SHELL=/bin/bash
SHELLOPTS=braceexpand:hashall:interactive-comments
SHLVL=2
STRONG_CERTS=no
SUPERVISOR_ENABLED=1
SUPERVISOR_GROUP_NAME=start-script
SUPERVISOR_PROCESS_NAME=start-script
TERM=xterm
TZ=America/New_York
UID=0
VPN_CONFIG=/config/openvpn/ua1.ovpn
VPN_ENABLED=yes
VPN_PASS=XXXXXXX
VPN_PORT=1194
VPN_PROTOCOL=tcp
VPN_PROV=custom
VPN_REMOTE=ua1.ibvpn.com
VPN_USER=XXXXXXX
_='[debug] Environment variables defined as follows'
[info] VPN config file (ovpn extension) is located at /config/openvpn/ua1.ovpn

2016-09-24 01:10:41,719 DEBG 'start-script' stdout output:
[info] Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...

2016-09-24 01:10:41,725 DEBG 'start-script' stdout output:
[debug] Contents of ovpn file /config/openvpn/ua1.ovpn as follows...

2016-09-24 01:10:41,726 DEBG 'start-script' stdout output:
auth-user-pass credentials.conf
up 'client.up'
down 'client.down'
link-mtu 1578
dev tap
server-poll-timeout 20
client
nobind
resolv-retry infinite
auth-retry nointeract
persist-key
mute-replay-warnings
comp-lzo
verb 3
mute 20
ns-cert-type server
route-method exe
route-delay 2
script-security 3 system
reneg-sec 0
<ca>
-----BEGIN CERTIFICATE-----
MIIDeDCCAuGgAwIBAgIJAMVKgpjMPUfxMA0GCSqGSIb3DQEBBQUAMIGFMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExFTATBgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMG
A1UEChMMRm9ydC1GdW5zdG9uMRgwFgYDVQQDEw9Gb3J0LUZ1bnN0b24gQ0ExITAf
BgkqhkiG9w0BCQEWEm1lQG15aG9zdC5teWRvbWFpbjAeFw0xMDA3MjExOTU5MzVa
Fw0yMDA3MTgxOTU5MzVaMIGFMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFTAT
BgNVBAcTDFNhbkZyYW5jaXNjbzEVMBMGA1UEChMMRm9ydC1GdW5zdG9uMRgwFgYD
VQQDEw9Gb3J0LUZ1bnN0b24gQ0ExITAfBgkqhkiG9w0BCQEWEm1lQG15aG9zdC5t
eWRvbWFpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAz23m3BXY5Asiw8Dx
T4F6feqsp+pIx6ivftTniyUCbSAxI1J1s1x75DzxmUpIwPu5xavzgPXgZr8FT81X
JGqF9km4AE95iddJawKx0wNgdTo7GximQq9rw0dsQIB5hZZQ9TJwHC3VOnmEic5A
OawKOCybMcRs8saLakZOgh7Xc+UCAwEAAaOB7TCB6jAdBgNVHQ4EFgQUeRhE2N4l
XwL4H1dbjkZ4ou6fj3AwgboGA1UdIwSBsjCBr4AUeRhE2N4lXwL4H1dbjkZ4ou6f
j3ChgYukgYgwgYUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEVMBMGA1UEBxMM
U2FuRnJhbmNpc2NvMRUwEwYDVQQKEwxGb3J0LUZ1bnN0b24xGDAWBgNVBAMTD0Zv
cnQtRnVuc3RvbiBDQTEhMB8GCSqGSIb3DQEJARYSbWVAbXlob3N0Lm15ZG9tYWlu
ggkAxUqCmMw9R/EwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQASt0pl
WzVseQLTNM8Mlgw4ZnGAv/x2xnijmMqrkE+F7pnaOicGpxgCfMKzjZuJu0TNJqF2
fibE7GhMdomD4dLFgIu8Wb5E7iQ1CSBEOGumRhK8qCsDzjr7WXUdhqA6Xvo+ylU6
DMzy0Wn3NNvfGC+qxOgybYCJwDnVPi0CEDSbzQ==
-----END CERTIFICATE-----
</ca>

2016-09-24 01:10:41,726 DEBG 'start-script' stdout output:
[info] VPN provider remote gateway defined as ua1.ibvpn.com
[info] VPN provider remote port defined as 1194
[info] VPN provider remote protocol defined as tcp

2016-09-24 01:10:41,730 DEBG 'start-script' stdout output:
[info] VPN provider username defined as XXXXXXX

2016-09-24 01:10:41,732 DEBG 'start-script' stdout output:
[warn] Username contains characters which could cause authentication issues, please consider changing this if possible

2016-09-24 01:10:41,734 DEBG 'start-script' stdout output:
[info] VPN provider password defined as XXXXXXX

2016-09-24 01:10:41,746 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2016-09-24 01:10:41,750 DEBG 'start-script' stdout output:
[info] Setting permissions recursively on /config/openvpn...

2016-09-24 01:10:41,756 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2016-09-24 01:10:41,756 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2016-09-24 01:10:41,756 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0 
172.17.0.0/16 dev eth0  proto kernel  scope link  src 172.17.0.12 
192.168.1.0/24 via 172.17.0.1 dev eth0 

2016-09-24 01:10:41,757 DEBG 'start-script' stdout output:
--------------------

2016-09-24 01:10:41,758 DEBG 'start-script' stdout output:
[debug] Modules currently loaded for kernel

2016-09-24 01:10:41,759 DEBG 'start-script' stdout output:
Module                  Size  Used by
xt_nat                  1849  16
veth                    4665  0
xt_CHECKSUM             1271  1
iptable_mangle          1592  2
ipt_MASQUERADE          1213  20
nf_nat_masquerade_ipv4     1865  1 ipt_MASQUERADE
iptable_nat             1831  1
nf_nat_ipv4             4327  1 iptable_nat
nf_nat                  9852  3 nf_nat_ipv4,xt_nat,nf_nat_masquerade_ipv4
nf_conntrack_ipv4       5810  3
ipt_REJECT              1457  2
nf_reject_ipv4          2419  1 ipt_REJECT
ebtable_filter          1839  0
ebtables               14232  1 ebtable_filter
iptable_filter          1528  2
ip_tables               9422  3 iptable_filter,iptable_mangle,iptable_nat
vhost_net               8037  0
tun                    16556  2 vhost_net
vhost                  13029  1 vhost_net
macvtap                 9551  1 vhost_net
macvlan                11993  1 macvtap
md_mod                 36275  9
fbcon                  33163  70
bitblit                 4297  1 fbcon
fbcon_rotate            1900  1 bitblit
fbcon_ccw               4678  1 fbcon_rotate
fbcon_ud                4741  1 fbcon_rotate
fbcon_cw                4542  1 fbcon_rotate
softcursor              1277  4 fbcon_cw,fbcon_ud,fbcon_ccw,bitblit
ast                    40712  1
font                    7524  1 fbcon
drm_kms_helper         75196  1 ast
cfbfillrect             3242  1 drm_kms_helper
cfbimgblt               1983  1 drm_kms_helper
cfbcopyarea             2942  1 drm_kms_helper
ttm                    60280  1 ast
drm                   216679  4 ast,ttm,drm_kms_helper
x86_pkg_temp_thermal     4669  0
coretemp                5276  0
kvm_intel             142211  0
agpgart                21186  2 drm,ttm
syscopyarea             2878  1 drm_kms_helper
sysfillrect             3114  1 drm_kms_helper
sysimgblt               1983  1 drm_kms_helper
fb_sys_fops             1314  1 drm_kms_helper
i2c_i801               10759  0
kvm                   268324  1 kvm_intel
ahci                   26003  5
fb                     29432  7 fbcon,fbcon_cw,fbcon_ud,drm_kms_helper,softcursor,fbcon_ccw,bitblit
fbdev                    966  2 fb,fbcon
libahci                19067  1 ahci
mpt3sas               165336  5
igb                   124209  0
ptp                     8988  1 igb
pps_core                5864  1 ptp
i2c_algo_bit            4624  2 ast,igb
sata_mv                23743  1
raid_class              3316  1 mpt3sas
i2c_core               18064  6 ast,drm,igb,i2c_i801,drm_kms_helper,i2c_algo_bit
scsi_transport_sas     21365  1 mpt3sas
ipmi_si                36527  0

2016-09-24 01:10:41,760 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2016-09-24 01:10:41,779 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2016-09-24 01:10:41,779 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1194 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2016-09-24 01:10:41,779 DEBG 'start-script' stdout output:
--------------------

2016-09-24 01:10:41,779 DEBG 'start-script' stdout output:
[info] nameservers

2016-09-24 01:10:41,780 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4

2016-09-24 01:10:41,780 DEBG 'start-script' stdout output:
--------------------
[info] Starting OpenVPN...

2016-09-24 01:10:41,782 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:41 2016 OpenVPN 2.3.11 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on May 12 2016
Sat Sep 24 01:10:41 2016 library versions: OpenSSL 1.0.2h  3 May 2016, LZO 2.09
Sat Sep 24 01:10:41 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-09-24 01:10:41,782 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:41 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2016-09-24 01:10:41,782 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:41 2016 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1502)

2016-09-24 01:10:41,782 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:41 2016 Socket Buffers: R=[87380->87380] S=[65536->65536]

2016-09-24 01:10:41,846 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:41 2016 Attempting to establish TCP connection with [AF_INET]91.231.84.93:1194 [nonblock]

2016-09-24 01:10:42,846 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:42 2016 TCP connection established with [AF_INET]91.231.84.93:1194
Sat Sep 24 01:10:42 2016 TCPv4_CLIENT link local: [undef]
Sat Sep 24 01:10:42 2016 TCPv4_CLIENT link remote: [AF_INET]91.231.84.93:1194

2016-09-24 01:10:43,014 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:43 2016 TLS: Initial packet from [AF_INET]91.231.84.93:1194, sid=6987021e b4fea3ee

2016-09-24 01:10:43,559 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:43 2016 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=Fort-Funston CA, [email protected]

2016-09-24 01:10:43,559 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:43 2016 VERIFY OK: nsCertType=SERVER
Sat Sep 24 01:10:43 2016 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=server, [email protected]

2016-09-24 01:10:44,159 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:44 2016 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1578', remote='link-mtu 1576'
Sat Sep 24 01:10:44 2016 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1534', remote='tun-mtu 1532'

2016-09-24 01:10:44,159 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:44 2016 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Sep 24 01:10:44 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Sep 24 01:10:44 2016 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Sep 24 01:10:44 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Sep 24 01:10:44 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA
Sat Sep 24 01:10:44 2016 [server] Peer Connection Initiated with [AF_INET]91.231.84.93:1194

2016-09-24 01:10:46,681 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:46 2016 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

2016-09-24 01:10:47,055 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:47 2016 PUSH: Received control message: 'PUSH_REPLY,show-net-up,route-gateway 10.10.20.1,ping 10,ping-restart 60,redirect-gateway def1,dhcp-option DNS 1.2.3.4,ifconfig 10.10.20.2 255.255.255.0'
Sat Sep 24 01:10:47 2016 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: show-net-up (2.3.11)
Sat Sep 24 01:10:47 2016 OPTIONS IMPORT: timers and/or timeouts modified
Sat Sep 24 01:10:47 2016 OPTIONS IMPORT: --ifconfig/up options modified
Sat Sep 24 01:10:47 2016 OPTIONS IMPORT: route options modified
Sat Sep 24 01:10:47 2016 OPTIONS IMPORT: route-related options modified
Sat Sep 24 01:10:47 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified

2016-09-24 01:10:47,055 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:47 2016 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:0c
Sat Sep 24 01:10:47 2016 TUN/TAP device tap0 opened
Sat Sep 24 01:10:47 2016 TUN/TAP TX queue length set to 100
Sat Sep 24 01:10:47 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Sep 24 01:10:47 2016 /usr/bin/ip link set dev tap0 up mtu 1502

2016-09-24 01:10:47,056 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:47 2016 /usr/bin/ip addr add dev tap0 10.10.20.2/24 broadcast 10.10.20.255

2016-09-24 01:10:47,056 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:47 2016 client.up tap0 1502 1578 10.10.20.2 255.255.255.0 init

2016-09-24 01:10:49,062 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:49 2016 /usr/bin/ip route add 91.231.84.93/32 via 172.17.0.1

2016-09-24 01:10:49,062 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:49 2016 /usr/bin/ip route add 0.0.0.0/1 via 10.10.20.1

2016-09-24 01:10:49,063 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:49 2016 /usr/bin/ip route add 128.0.0.0/1 via 10.10.20.1

2016-09-24 01:10:49,063 DEBG 'start-script' stdout output:
Sat Sep 24 01:10:49 2016 Initialization Sequence Completed

binhex · September 24, 2016

Hi there! I'm attempting to spin up a DelugeVPN docker container. My Docker host is inside an LXD container, and is already running a handful of other Docker containers.

When I attempt to run DelugeVPN via:

docker run -d \

--cap-add=NET_ADMIN \

-p 8112:8112 \

-p 8118:8118 \

--name=delugevpn \

-v /data/deluge/data:/data \

-v /data/deluge/config:/config \

-v /etc/localtime:/etc/localtime:ro \

-e VPN_ENABLED=yes \

-e VPN_USER=******** \

-e VPN_PASS=********* \

-e VPN_REMOTE=ca.privateinternetaccess.com \

-e VPN_PORT=1198 \

-e VPN_PROTOCOL=udp \

-e VPN_PROV=pia \

-e STRONG_CERTS=no \

-e ENABLE_PRIVOXY=yes \

-e LAN_NETWORK=192.168.0.0/24 \

-e DEBUG=false \

-e PUID=0 \

-e PGID=0 \

binhex/arch-delugevpn

It gets partway through downloading, extracting and completing pull, then gives the following error:

docker: failed to register layer: ApplyLayer exit status 1 stdout: stderr: operation not permitted.

You won't be able to use this docker running in lxd, it requires additional permissions to create the virtual tunnel adapter and I very much doubt running this container inside a container environment will allow this.

Sent from my LG-V500 using Tapatalk

binhex · September 24, 2016

It works when the vpn is off.

Since i'm using pia, would a solution maybe be to download the openvpn files available at pia's homepage and just overwrite those in the appdata folder of delugevpn?

You shouldn't need to do this as it's built into the image, are you by any chance specifying strong_certs as yes?

Sent from my LG-V500 using Tapatalk

binhex · September 24, 2016

Hi Gog, you might be onto something there regards the device name, try opening your ovpn file and changing the dev tap line to be dev tun, then save and restart the container.

Sent from my LG-V500 using Tapatalk

kasper1705 · September 24, 2016

Hi binhex

I'm not specifying strong_certs to yes.

So it is kinda strange it will not work with the vpn on

mr-hexen · September 24, 2016

Here it is

And here is the problem:

[warn] iptable_mangle module not supported, you will not be able to connect to Deluge webui or Privoxy outside of your LAN

To correct, go to the VM's tab, enable VM's and hit apply. Then disable VM's and hit apply. Then restart delugevpn.

Gog · September 24, 2016

Hi Gog, you might be onto something there regards the device name, try opening your ovpn file and changing the dev tap line to be dev tun, then save and restart the container.

I considered trying this but while researching it I found that: https://openvpn.net/index.php/open-source/faq/75-general/305-what-is-the-difference-between-a-tun-device-and-a-tap-device.html

FAQ Community Software

What is the difference between a TUN device and a TAP device?

A TAP device is a virtual ethernet adapter, while a TUN device is a virtual point-to-point IP link.

You cannot mix --dev tun and --dev tap on different ends of the connection. Use one or the other consistently.

Tap is layer 2 and tun is layer 3. I'll try it later today but I'm sceptical.

Where is the iptable config saved in the docker? I could try changing that if the tap->tun change doesn't work.

G

kasper1705 · September 24, 2016

Here it is

And here is the problem:
[warn] iptable_mangle module not supported, you will not be able to connect to Deluge webui or Privoxy outside of your LAN
To correct, go to the VM's tab, enable VM's and hit apply. Then disable VM's and hit apply. Then restart delugevpn.

I don't have VM's activated as my hardware doesn't support Virtual Machines. So I don't have any VM's tab to enable and disable VM's.

It is strange that this failure should have any relation to an activated VM

Gog · September 24, 2016

In the docker, I edited

/root/iptable.sh

/home/nobody/checkip.sh

/home/nobody/getvpnip

where I changed tun to tap and restarted the docker.

VPN connects correctly, tap0 is visible, I can ping to 8.8.8.8 and to my local boxes, webUI works and the torrent download. Gog is a happy camper

Would it be possible to add an environment vadiable like VPN_DEVICE_TYPE, set to tun or tap and use that variable in the scripts?

binhex · September 24, 2016

In the docker, I edited

/root/iptable.sh

/home/nobody/checkip.sh

/home/nobody/getvpnip

where I changed tun to tap and restarted the docker.

VPN connects correctly, tap0 is visible, I can ping to 8.8.8.8 and to my local boxes, webUI works and the torrent download. Gog is a happy camper

Would it be possible to add an environment vadiable like VPN_DEVICE_TYPE, set to tun or tap and use that variable in the scripts?

Good work, and yes that was exactly what I had in mind

Sent from my SM-G900F using Tapatalk

elmn8r · September 25, 2016

I had to dump my docker.img file as part of cleaning up some 6.2 upgrade issues. I've successfully added back all of my Binhex dockers except Deluge. Actually, I think it's starting and running fine, but I can't login to the WebGui. I'm quite sure I'm using the correct password but it tells me it's incorrect. How can I reset the WebGui password?

Sorry for the repeat post, but thought I would do it once in case it got lost in the shuffle. Anyone have an idea how I can disable/reset the WebGui password long enough for me to get it set back properly?

kasper1705 · September 25, 2016

Fixed the problem to get access to Deluge with vpn activated. Well sort of.

I downgraded to unraid 6.1.9, reinstalled delugevpn (with exactly the same settings as with unraid 6.2), startet the webgui with vpn activated and everything works again.

So I think I'm waiting till there is a further update of either delugevpn or unraid 6.2, before i'm going all in again.

DZMM · September 25, 2016

It works when the vpn is off.

Since i'm using pia, would a solution maybe be to download the openvpn files available at pia's homepage and just overwrite those in the appdata folder of delugevpn?

I had exactly the same problem so I hope you find a solution - see my logs posted earlier. I'm just using it with the VPN off at the moment, with the PIA proxy and encryption set to forced.

strike · September 25, 2016

I had to dump my docker.img file as part of cleaning up some 6.2 upgrade issues. I've successfully added back all of my Binhex dockers except Deluge. Actually, I think it's starting and running fine, but I can't login to the WebGui. I'm quite sure I'm using the correct password but it tells me it's incorrect. How can I reset the WebGui password?

Sorry for the repeat post, but thought I would do it once in case it got lost in the shuffle. Anyone have an idea how I can disable/reset the WebGui password long enough for me to get it set back properly?

Have you tried the default password which is "deluge"? If you've changed the password and need to reset it you can always delete the appdata folder and reinstall the container, password should then be set to default. There's probably some config file you can edit to change the password but I've never tried it so don't know which file.

Gog · September 25, 2016

I believe the web ui password is in web.conf. You might want to move your config folder content to a backup location, reinstall the docker, log in with "deluge", stop the docker and restore everything but the web.conf file.

I had to dump my docker.img file as part of cleaning up some 6.2 upgrade issues. I've successfully added back all of my Binhex dockers except Deluge. Actually, I think it's starting and running fine, but I can't login to the WebGui. I'm quite sure I'm using the correct password but it tells me it's incorrect. How can I reset the WebGui password?

Sorry for the repeat post, but thought I would do it once in case it got lost in the shuffle. Anyone have an idea how I can disable/reset the WebGui password long enough for me to get it set back properly?

Have you tried the default password which is "deluge"? If you've changed the password and need to reset it you can always delete the appdata folder and reinstall the container, password should then be set to default. There's probably some config file you can edit to change the password but I've never tried it so don't know which file.

osker246 · September 28, 2016

Hello,

I have been having some issues since I had recently updated both UNRAID and deluge. Initially, I could not get deluge to work with PIA after updating, I changed VPN_PORT to 1198 from 1194 as suggested earlier in the thread. This took care of the problem of not being able to access the webUI of deluge with the VPN on. But after updating I have not been able to connect to deluge with transdrone (android torrent app). After tinkering around for a bit I believe it due deluge no longer opening port 8112 on my router. Although, the port opens perfectly fine with the VPN disabled. I don't understand why this worked before the update, and after updating is ceases to work. I'm no expert when it comes to networking, I'd consider myself to know the basics. So where would I start with solving this issue? Thank you.

binhex · September 28, 2016

Hello,

I have been having some issues since I had recently updated both UNRAID and deluge. Initially, I could not get deluge to work with PIA after updating, I changed VPN_PORT to 1198 from 1194 as suggested earlier in the thread. This took care of the problem of not being able to access the webUI of deluge with the VPN on. But after updating I have not been able to connect to deluge with transdrone (android torrent app). After tinkering around for a bit I believe it due deluge no longer opening port 8112 on my router. Although, the port opens perfectly fine with the VPN disabled. I don't understand why this worked before the update, and after updating is ceases to work. I'm no expert when it comes to networking, I'd consider myself to know the basics. So where would I start with solving this issue? Thank you.

See post #2 in this thread FAQ Q5 this is probably the issue.

Sent from my SM-G900F using Tapatalk

sp00nman · October 1, 2016

Is there any way to adjust the start.sh script to not exit if the VPN remote is defined in the openvpn.ovpn file? i.e. right now it's:

if [[ ! -z "${VPN_REMOTE}" ]]; then

echo "[info] VPN provider remote gateway defined as ${VPN_REMOTE}"

else

echo "[crit] VPN provider remote gateway not defined (via -e VPN_REMOTE), exiting..." && exit 1

fi

Maybe instead, grab variables from these lines in the ovpn file if they exist, for example, excerpt from AirVpn ovpn file:

proto udp

remote america.vpn.airdns.org 443

So something like after the "else"

else

${VPN_REMOTE} = `grep remote ${VPN_CONFIG} | awk '{print $2}'`

${VPN_PORT} = `grep remote ${VPN_CONFIG} | awk '{print $3}'`

${VPN_PROTOCOL} = `grep proto ${VPN_CONFIG} | awk '{print $2}'`

?

Umlautica · October 4, 2016

I'm trying to set up with a custom openvpn.ovpn configuration but find that it keeps being overwritten. From the logs:

   Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...

If I remove these variables then I get the following error instead:

   [crit] VPN provider remote gateway not defined (via -e VPN_REMOTE), exiting...

If I set them to blank it still happens. Any clues as to what's going wrong here?

DZMM · October 4, 2016

I'm having another go at getting this working. If I set the VPN to 'no' I can access the WebUI, but with 'yes' I can't connect and I get the following error:

Tue Oct 4 09:43:49 2016 WARNING: file 'credentials.conf' is group or others accessible

I've seen a few other people post this error, but no solutions have been posted. Can someone help please.

ErrorWarningSystemArrayLogin


usermod: no changes
[info] Env var PUID defined as 99
[info] Env var PGID defined as 100
[info] Permissions already set for /config and /data
[info] Starting Supervisor...
2016-10-04 09:43:48,107 CRIT Set uid to user 0
2016-10-04 09:43:48,107 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2016-10-04 09:43:48,110 INFO supervisord started with pid 29
2016-10-04 09:43:49,112 INFO spawned: 'start-script' with pid 32
2016-10-04 09:43:49,113 INFO spawned: 'webui-script' with pid 33
2016-10-04 09:43:49,113 INFO spawned: 'deluge-script' with pid 34
2016-10-04 09:43:49,114 INFO spawned: 'privoxy-script' with pid 35
2016-10-04 09:43:49,120 DEBG 'privoxy-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 09:43:49,120 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: webui-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 DEBG 'deluge-script' stdout output:
[info] deluge config file already exists, skipping copy

2016-10-04 09:43:49,121 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 09:43:49,122 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2016-10-04 09:43:49,136 DEBG 'start-script' stdout output:
[info] VPN provider defined as pia

2016-10-04 09:43:49,137 DEBG 'start-script' stdout output:
[info] VPN default certs defined, copying to /config/openvpn/...

2016-10-04 09:43:49,140 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn

2016-10-04 09:43:49,142 DEBG 'start-script' stdout output:
[info] Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...

2016-10-04 09:43:49,152 DEBG 'start-script' stdout output:
[info] VPN provider remote gateway defined as nl.privateinternetaccess.com
[info] VPN provider remote port defined as 1198

2016-10-04 09:43:49,152 DEBG 'start-script' stdout output:
[info] VPN provider remote protocol defined as udp

2016-10-04 09:43:49,162 DEBG 'start-script' stdout output:
[info] VPN provider username defined as p6856941

2016-10-04 09:43:49,169 DEBG 'start-script' stdout output:
[info] VPN provider password defined as 83hiq39sE59SxK1lyAW0

2016-10-04 09:43:49,193 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2016-10-04 09:43:49,200 DEBG 'start-script' stdout output:
[info] Setting permissions recursively on /config/openvpn...

2016-10-04 09:43:49,209 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
[info] ip route defined as follows...

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0

2016-10-04 09:43:49,211 DEBG 'start-script' stdout output:
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.2
192.168.1.0/24 via 172.17.0.1 dev eth0

2016-10-04 09:43:49,211 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,214 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2016-10-04 09:43:49,246 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
[info] nameservers

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
[info] Starting OpenVPN...

2016-10-04 09:43:49,257 DEBG 'start-script' stdout output:
Tue Oct 4 09:43:49 2016 OpenVPN 2.3.11 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on May 12 2016
Tue Oct 4 09:43:49 2016 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09
Tue Oct 4 09:43:49 2016 WARNING: file 'credentials.conf' is group or others accessible


2016-10-04 09:43:49,273 DEBG 'start-script' stdout output:
Tue Oct 4 09:43:49 2016 UDPv4 link local: [undef]
Tue Oct 4 09:43:49 2016 UDPv4 link remote: [AF_INET]213.120.234.114:1198

binhex · October 4, 2016

I'm having another go at getting this working. If I set the VPN to 'no' I can access the WebUI, but with 'yes' I can't connect and I get the following error:

Tue Oct 4 09:43:49 2016 WARNING: file 'credentials.conf' is group or others accessible

I've seen a few other people post this error, but no solutions have been posted. Can someone help please.

ErrorWarningSystemArrayLogin


usermod: no changes
[info] Env var PUID defined as 99
[info] Env var PGID defined as 100
[info] Permissions already set for /config and /data
[info] Starting Supervisor...
2016-10-04 09:43:48,107 CRIT Set uid to user 0
2016-10-04 09:43:48,107 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2016-10-04 09:43:48,110 INFO supervisord started with pid 29
2016-10-04 09:43:49,112 INFO spawned: 'start-script' with pid 32
2016-10-04 09:43:49,113 INFO spawned: 'webui-script' with pid 33
2016-10-04 09:43:49,113 INFO spawned: 'deluge-script' with pid 34
2016-10-04 09:43:49,114 INFO spawned: 'privoxy-script' with pid 35
2016-10-04 09:43:49,120 DEBG 'privoxy-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 09:43:49,120 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: webui-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 DEBG 'deluge-script' stdout output:
[info] deluge config file already exists, skipping copy

2016-10-04 09:43:49,121 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 09:43:49,122 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2016-10-04 09:43:49,136 DEBG 'start-script' stdout output:
[info] VPN provider defined as pia

2016-10-04 09:43:49,137 DEBG 'start-script' stdout output:
[info] VPN default certs defined, copying to /config/openvpn/...

2016-10-04 09:43:49,140 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn

2016-10-04 09:43:49,142 DEBG 'start-script' stdout output:
[info] Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...

2016-10-04 09:43:49,152 DEBG 'start-script' stdout output:
[info] VPN provider remote gateway defined as nl.privateinternetaccess.com
[info] VPN provider remote port defined as 1198

2016-10-04 09:43:49,152 DEBG 'start-script' stdout output:
[info] VPN provider remote protocol defined as udp

2016-10-04 09:43:49,162 DEBG 'start-script' stdout output:
[info] VPN provider username defined as p6856941

2016-10-04 09:43:49,169 DEBG 'start-script' stdout output:
[info] VPN provider password defined as 83hiq39sE59SxK1lyAW0

2016-10-04 09:43:49,193 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2016-10-04 09:43:49,200 DEBG 'start-script' stdout output:
[info] Setting permissions recursively on /config/openvpn...

2016-10-04 09:43:49,209 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
[info] ip route defined as follows...

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0

2016-10-04 09:43:49,211 DEBG 'start-script' stdout output:
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.2
192.168.1.0/24 via 172.17.0.1 dev eth0

2016-10-04 09:43:49,211 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,214 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2016-10-04 09:43:49,246 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
[info] nameservers

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
[info] Starting OpenVPN...

2016-10-04 09:43:49,257 DEBG 'start-script' stdout output:
Tue Oct 4 09:43:49 2016 OpenVPN 2.3.11 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on May 12 2016
Tue Oct 4 09:43:49 2016 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09
Tue Oct 4 09:43:49 2016 WARNING: file 'credentials.conf' is group or others accessible


2016-10-04 09:43:49,273 DEBG 'start-script' stdout output:
Tue Oct 4 09:43:49 2016 UDPv4 link local: [undef]
Tue Oct 4 09:43:49 2016 UDPv4 link remote: [AF_INET]213.120.234.114:1198

that is purely a warning, so this is not the issue, please post the entire supervisord.log file (minus username and password), oh and change your vpn provider password, you have just posted it in clear text!.

mr-hexen · October 4, 2016

I'm trying to set up with a custom openvpn.ovpn configuration but find that it keeps being overwritten. From the logs:
   Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...
If I remove these variables then I get the following error instead:
   [crit] VPN provider remote gateway not defined (via -e VPN_REMOTE), exiting...
If I set them to blank it still happens. Any clues as to what's going wrong here?

Do you have the VPN_PROV variable set to 'custom' ?

DZMM · October 4, 2016

I'm having another go at getting this working. If I set the VPN to 'no' I can access the WebUI, but with 'yes' I can't connect and I get the following error:

Tue Oct 4 09:43:49 2016 WARNING: file 'credentials.conf' is group or others accessible

I've seen a few other people post this error, but no solutions have been posted. Can someone help please.

ErrorWarningSystemArrayLogin


usermod: no changes
[info] Env var PUID defined as 99
[info] Env var PGID defined as 100
[info] Permissions already set for /config and /data
[info] Starting Supervisor...
2016-10-04 09:43:48,107 CRIT Set uid to user 0
2016-10-04 09:43:48,107 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2016-10-04 09:43:48,110 INFO supervisord started with pid 29
2016-10-04 09:43:49,112 INFO spawned: 'start-script' with pid 32
2016-10-04 09:43:49,113 INFO spawned: 'webui-script' with pid 33
2016-10-04 09:43:49,113 INFO spawned: 'deluge-script' with pid 34
2016-10-04 09:43:49,114 INFO spawned: 'privoxy-script' with pid 35
2016-10-04 09:43:49,120 DEBG 'privoxy-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 09:43:49,120 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: webui-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 09:43:49,120 DEBG 'deluge-script' stdout output:
[info] deluge config file already exists, skipping copy

2016-10-04 09:43:49,121 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 09:43:49,122 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2016-10-04 09:43:49,136 DEBG 'start-script' stdout output:
[info] VPN provider defined as pia

2016-10-04 09:43:49,137 DEBG 'start-script' stdout output:
[info] VPN default certs defined, copying to /config/openvpn/...

2016-10-04 09:43:49,140 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn

2016-10-04 09:43:49,142 DEBG 'start-script' stdout output:
[info] Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...

2016-10-04 09:43:49,152 DEBG 'start-script' stdout output:
[info] VPN provider remote gateway defined as nl.privateinternetaccess.com
[info] VPN provider remote port defined as 1198

2016-10-04 09:43:49,152 DEBG 'start-script' stdout output:
[info] VPN provider remote protocol defined as udp

2016-10-04 09:43:49,162 DEBG 'start-script' stdout output:
[info] VPN provider username defined as p6856941

2016-10-04 09:43:49,169 DEBG 'start-script' stdout output:
[info] VPN provider password defined as 83hiq39sE59SxK1lyAW0

2016-10-04 09:43:49,193 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2016-10-04 09:43:49,200 DEBG 'start-script' stdout output:
[info] Setting permissions recursively on /config/openvpn...

2016-10-04 09:43:49,209 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
[info] ip route defined as follows...

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,210 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0

2016-10-04 09:43:49,211 DEBG 'start-script' stdout output:
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.2
192.168.1.0/24 via 172.17.0.1 dev eth0

2016-10-04 09:43:49,211 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,214 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2016-10-04 09:43:49,246 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,247 DEBG 'start-script' stdout output:
[info] nameservers

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
--------------------

2016-10-04 09:43:49,248 DEBG 'start-script' stdout output:
[info] Starting OpenVPN...

2016-10-04 09:43:49,257 DEBG 'start-script' stdout output:
Tue Oct 4 09:43:49 2016 OpenVPN 2.3.11 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on May 12 2016
Tue Oct 4 09:43:49 2016 library versions: OpenSSL 1.0.2h 3 May 2016, LZO 2.09
Tue Oct 4 09:43:49 2016 WARNING: file 'credentials.conf' is group or others accessible


2016-10-04 09:43:49,273 DEBG 'start-script' stdout output:
Tue Oct 4 09:43:49 2016 UDPv4 link local: [undef]
Tue Oct 4 09:43:49 2016 UDPv4 link remote: [AF_INET]213.120.234.114:1198

that is purely a warning, so this is not the issue, please post the entire supervisord.log file (minus username and password), oh and change your vpn provider password, you have just posted it in clear text!.

whoops! Thanks for the heads up. Log attached

supervisord.txt

lionizeme · October 4, 2016

Cannot access anything on the webui :'(. Been having trouble with other dockers, but the LinuxServer.io ones seem to work okay. Host OS is CentOS and SELinux = permissive.

Also, any ability to use the thin-client?

[info] Env var PUID  defined as 1000
[info] Env var PGID defined as 1000
[info] Permissions already set for /config and /data
[info] Starting Supervisor...
2016-10-04 18:14:24,110 CRIT Set uid to user 0
2016-10-04 18:14:24,110 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2016-10-04 18:14:24,119 INFO supervisord started with pid 14
2016-10-04 18:14:25,122 INFO spawned: 'start-script' with pid 17
2016-10-04 18:14:25,124 INFO spawned: 'webui-script' with pid 18
2016-10-04 18:14:25,126 INFO spawned: 'deluge-script' with pid 19
2016-10-04 18:14:25,127 INFO spawned: 'privoxy-script' with pid 20
2016-10-04 18:14:25,140 DEBG 'deluge-script' stdout output:
[info] deluge config file already exists, skipping copy

2016-10-04 18:14:25,140 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 18:14:25,140 INFO success: webui-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 18:14:25,140 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 18:14:25,140 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2016-10-04 18:14:25,141 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 18:14:25,142 DEBG 'privoxy-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid

2016-10-04 18:14:25,146 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2016-10-04 18:14:25,166 DEBG 'start-script' stdout output:
[info] VPN provider defined as pia

2016-10-04 18:14:25,168 DEBG 'start-script' stdout output:
[info] VPN strong certs defined, copying to /config/openvpn/...

2016-10-04 18:14:25,174 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn

2016-10-04 18:14:25,178 DEBG 'start-script' stdout output:
[info] Env vars defined via docker -e flags for remote host, port and protocol, writing values to ovpn file...

2016-10-04 18:14:25,196 DEBG 'start-script' stdout output:
[info] VPN provider remote gateway defined as us-newyorkcity.privateinternetaccess.com
[info] VPN provider remote port defined as 1198
[info] VPN provider remote protocol defined as udp

2016-10-04 18:14:25,213 DEBG 'start-script' stdout output:
[info] VPN provider username defined as trump&hillary

2016-10-04 18:14:25,226 DEBG 'start-script' stdout output:
[info] VPN provider password defined as jellofight!

2016-10-04 18:14:25,267 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2016-10-04 18:14:25,279 DEBG 'start-script' stdout output:
[info] Setting permissions recursively on /config/openvpn...

2016-10-04 18:14:25,295 DEBG 'start-script' stdout output:
[info] Adding 10.0.0.0/22 as route via docker eth0

2016-10-04 18:14:25,296 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2016-10-04 18:14:25,297 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0

2016-10-04 18:14:25,298 DEBG 'start-script' stdout output:
10.0.0.0/22 via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0  proto kernel  scope link  src 172.17.0.3

2016-10-04 18:14:25,298 DEBG 'start-script' stdout output:
--------------------

2016-10-04 18:14:25,308 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2016-10-04 18:14:25,393 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2016-10-04 18:14:25,394 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8118 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8118 -j ACCEPT
-A INPUT -s 10.0.0.0/22 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8118 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8118 -j ACCEPT
-A OUTPUT -d 10.0.0.0/22 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

2016-10-04 18:14:25,395 DEBG 'start-script' stdout output:
--------------------

2016-10-04 18:14:25,395 DEBG 'start-script' stdout output:
[info] nameservers

2016-10-04 18:14:25,396 DEBG 'start-script' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4

2016-10-04 18:14:25,397 DEBG 'start-script' stdout output:
--------------------
[info] Starting OpenVPN...

2016-10-04 18:14:25,406 DEBG 'start-script' stdout output:
Tue Oct  4 18:14:25 2016 OpenVPN 2.3.11 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on May 12 2016
Tue Oct  4 18:14:25 2016 library versions: OpenSSL 1.0.2h  3 May 2016, LZO 2.09
Tue Oct  4 18:14:25 2016 WARNING: file 'credentials.conf' is group or others accessible

2016-10-04 18:15:45,494 DEBG 'start-script' stdout output:
Tue Oct  4 18:15:45 2016 RESOLVE: Cannot resolve host address: us-newyorkcity.privateinternetaccess.com: Name or service not known

[Support] binhex - DelugeVPN

Recommended Posts

Link to comment

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Ryanoc3ros

Dad_Rage

binhex

Posted Images

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Link to comment

Join the conversation