[Support] binhex - SABnzbdVPN


Recommended Posts

On 2/9/2023 at 2:59 AM, binhex said:

 

its nothing to do with sabnzbd, openvpn has deprecated some of the options a while ago, it has now ended the deprecation and will now return an error if the option exists in your openvpn config file.

 

not sure if you have the EXACT same issue as there was a ton of options removed, but for you @Sanborn look at your openvpn config file for 'keysize' and remove that line, it looks to be on line 20 i think.

I was having the same issue and this fixed it for me. THANKS!

Link to comment
I have a similar problem since the last update.
 
Do I just delete line 13?
What does ncp-disable means?
1056365004_Bildschirmfoto2023-02-12um14_10_08.thumb.png.989ebac3788f168ab9660846a3879ba7.png
Yes

ncp-disable was mainly a debug option that allowed disabling ncp if there were problem with dynamic cipher negotiation. With the current status of NCP, this option is no longer necessary.

Sent from my 22021211RG using Tapatalk


  • Like 1
Link to comment

Edit: I was able to get sonarr and radarr to work using HTTPS by disabling certificate validation for local addresses AND creating username/password in sabnzbdvpn (that was the part I was missing)

 

I'm currently unable to disable HTTPS. When I try to disable it from the webUI (uncheck box in general > enable HTTPS) and save, it restarts the container but it just re-enables itself on restart. If I manually disable it in sabnzbd.ini (enable_https = 0) the webUI becomes unreachable, no errors, just not able to connect. I've tried removing and reinstalling sabnzbdvpn and using the unRAID fix docker permissions tool. I'd leave HTTPS on if I could figure out how to get sonarr and radarr working with it. Not sure where else to look.

 

Edited by iceperson
Link to comment
  • 2 weeks later...

Is there a recommended process to determine why speed degradation is occurring?  I'm using PIA and as best I can tell port forwarding is working.  I had Sab running on windows previously with the same vpn and server and was averaging north of 60MB/s. Now it seems like its 10-20MB/s and I'm not sure where the issue is.  

Link to comment
Disregard please.  Problem rectified switching from OpenVPN to Wireguard. 
Great, btw port forwarding is not used by Usenet clients so you can ignore that, it has no influence on speed unlike torrents.

Sent from my 22021211RG using Tapatalk

Link to comment

I just switched from using openvpn to wireguard. That is working fine. Problem is I can't access the sabnzbdvpn webgui remotely when I'm connected to my unraid vpn that also uses wireguard. I am able to access the sabnzbdvpn webgui from my local network.

 

I assume it's a route issue but I'm not sure what. My unraid vpn peer is set to remote access to lan. Is there a subnet from the container I need to add to the allowed range in the unraid vpn settings?

Link to comment
On 2/23/2023 at 11:49 AM, Tnoriel said:

Hi.

I use docker with PIA VPN but for a the last 2 weeks I constantly get this error.2070658307_Screenshot2023-02-23173353.thumb.png.4efe61f57abdad7af13d5b486432ae65.png

 

I don't have a keysize line in my config and I tried other PIA servers.

 

Is there anything I can do?

 

supervisord.log 37.63 kB · 3 downloads

I have been seeing this for weeks also.  I currently use wireguard, but originally set this up prior to wireguard existing.  Are there any 'stale' settings I need to change/remove, or is this something I can edit to rectify?

 

I've also been seeing most of my nzb files failing rather quickly saying # articles were missing.

 

one example...


Name
House of the Dragon S01E03 Second of His Name 2160p HMAX WEB-DL DDP5 1 Atmos DV HDR H 265-CRFW mkv-xpost
Completed
18 minutes ago
Status
Failed
Size
0 B
Category
Default
Path
/downloads/SABnzbd/House.of.the.Dragon.S01E03.Second.of.His.Name.2160p.HMAX.WEB-DL.DDP5.1.Atmos.DV.HDR.H.265-CRFW.mkv-xpost
Source
House.of.the.Dragon.S01E03.Second.of.His.Name.2160p.HMAX.WEB-DL.DDP5.1.Atmos.DV.HDR.H.265-CRFW.mkv-xpost.nzb
Download
9 articles were missing
Servers
NEWS.USENETSERVER.COM=0 B

 

Link to comment
21 minutes ago, lviperz said:

I just switched from using openvpn to wireguard. That is working fine. Problem is I can't access the sabnzbdvpn webgui remotely when I'm connected to my unraid vpn that also uses wireguard. I am able to access the sabnzbdvpn webgui from my local network.

 

I assume it's a route issue but I'm not sure what. My unraid vpn peer is set to remote access to lan. Is there a subnet from the container I need to add to the allowed range in the unraid vpn settings?

asked numerous times so i wrote it up as a FAQ, see Q30:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Link to comment
  • 2 weeks later...

First off thanks for all your great work!

 

I setup the container and everything works however my reverse proxy adds a significant amount of latency around 10+ seconds for both my personal PC (used for testing) and *arr dockers. This makes using the reverse proxy rather unresponsive and irritating. I'm using PIA and have tried OVPN and Wireguard both with different servers. If I disable the VPN everything is really responsive. Using the PIA connection on my PC via their client adds also little latency.

 

Any idea what might be causing this problem? Thanks in advance

 

supervisord.log

Link to comment
  • 2 months later...

never mind. only needed to change the host port and not the container port. 

 

 

Hello @binhex

 

chimp with a keyboard again and you guessed it, new docker, same(ish) problem.

 

i cant use 8080 and thought after our last adventure I was modifying ports like a boss, alas, on this container, despite me changing ports the log says listening on 8080 and i cant hit the webgui... any faq on this topic?

Edited by klippertyk
solved it myself.
Link to comment
13 hours ago, klippertyk said:

never mind. only needed to change the host port and not the container port. 

 

 

Hello @binhex

 

chimp with a keyboard again and you guessed it, new docker, same(ish) problem.

 

i cant use 8080 and thought after our last adventure I was modifying ports like a boss, alas, on this container, despite me changing ports the log says listening on 8080 and i cant hit the webgui... any faq on this topic?

OK so qbittorrent is a special case, for that docker image you need to specify the WEBUI_PORT and re-create the port you want, this is all due to enhanced security built into qBittorrent (CSRF protection).

For all other docker images i produce you do NOT change the container port, you simply change the host port side, which you can do through the unraid web ui without the need to re-create the port, for example say you wanted to access SABnbd on port 1234, you would change it to the following, note the host port number and note the container port is greyed out to prevent you from changing it (what we want):-
image.thumb.png.efa4c15d6b31233520ee52704b5a666f.png

Link to comment
On 6/1/2023 at 12:01 PM, binhex said:

OK so qbittorrent is a special case, for that docker image you need to specify the WEBUI_PORT and re-create the port you want, this is all due to enhanced security built into qBittorrent (CSRF protection).

For all other docker images i produce you do NOT change the container port, you simply change the host port side, which you can do through the unraid web ui without the need to re-create the port, for example say you wanted to access SABnbd on port 1234, you would change it to the following, note the host port number and note the container port is greyed out to prevent you from changing it (what we want):-
image.thumb.png.efa4c15d6b31233520ee52704b5a666f.png

Thank you binhex. appreciate your time.

Link to comment

Hi all, I have made some nice changes to the core code used for all the VPN docker images I produce, details as follows:-

  • Randomly rotate between multiple remote endpoints (openvpn only) on disconnection - Less possbility of getting stuck on a defunct endpoint
  • Manual round-robin implementation of IP addresses for endpoints - On disconnection all endpoint IP's are rotated in /etc/hosts, reducing the possibility of getting stuck on a defunct server on the endpoint.

I also have a final piece of work around this (not done yet), which is to refresh IP addresses for endpoints on each disconnect/reconnect cycle, further reducing the possibility of getting stuck on defunct servers.
 

In short the work above should help keep the connection maintained for longer periods of time (hopefully months!) without the requirement to restart the container.
 

The work was non-trivial and it is possible I have introduced some bugs (extensively tested) so please keep an eye out of for unexpected issues as I roll out the this change (currently rolled out to SABnzbdVPN and PrivoxyVPN), if you see a new image released then it will include the new functionality.

  • Like 2
Link to comment
5 hours ago, binhex said:

Hi all, I have made some nice changes to the core code used for all the VPN docker images I produce, details as follows:-

  • Randomly rotate between multiple remote endpoints (openvpn only) on disconnection - Less possbility of getting stuck on a defunct endpoint
  • Manual round-robin implementation of IP addresses for endpoints - On disconnection all endpoint IP's are rotated in /etc/hosts, reducing the possibility of getting stuck on a defunct server on the endpoint.

I also have a final piece of work around this (not done yet), which is to refresh IP addresses for endpoints on each disconnect/reconnect cycle, further reducing the possibility of getting stuck on defunct servers.
 

In short the work above should help keep the connection maintained for longer periods of time (hopefully months!) without the requirement to restart the container.
 

The work was non-trivial and it is possible I have introduced some bugs (extensively tested) so please keep an eye out of for unexpected issues as I roll out the this change (currently rolled out to SABnzbdVPN and PrivoxyVPN), if you see a new image released then it will include the new functionality.

 

We appreciate all the hard work and effort you put into your containers!

  • Like 1
Link to comment

Having some trouble setting this up. 

 

I have connected to mullvad (openvpn) and can pull an RSS feed from api.nzbgeek.info, but when it goes to actually download the nzb, I get the error "Cannot connect to server https://api.nzbgeek.info/ [Server name does not resolve]" even though sab does pull the RSS feed from that site. Running binhex-SABnzbdVPN on unRAID which also has binhex-delugevpn so I believe that the mullvad vpn is working.

 

From the console, I can resolve and ping both google.com and api.nzbgeek.info. Where am I missing something?

Link to comment

Hello,

I used this docker image since several month on synology without any issue.

But since several days, my container arch-sabnzbdvpn didn't work any more.

I use openvpn with privado VPN, Container is managed by docker-compose in portainer.

 

2023-06-23 14:03:27 Initialization Sequence Completed

2023-06-23 14:19:21,499 DEBG 'watchdog-script' stdout output:
[info] DNS failure, creating file '/tmp/dnsfailure' to indicate failure...

 

Inside the container:

 

ping fra-001.vpn.privado.io
PING fra-001.vpn.privado.io (91.148.232.10) 56(84) bytes of data.
64 bytes from fra-001.vpn.privado.io (91.148.232.10): icmp_seq=1 ttl=53 time=13.8 ms
64 bytes from fra-001.vpn.privado.io (91.148.232.10): icmp_seq=2 ttl=53 time=16.3 ms

 

[root@4d82410dacab config]# nslookup fra-001.vpn.privado.io
;; communications error to 84.200.69.80#53: timed out
;; communications error to 84.200.69.80#53: timed out

 

 

Thanks for you help 🙂

Link to comment
1 hour ago, Bluetesteur said:

Hello,

I used this docker image since several month on synology without any issue.

But since several days, my container arch-sabnzbdvpn didn't work any more.

I use openvpn with privado VPN, Container is managed by docker-compose in portainer.

 

2023-06-23 14:03:27 Initialization Sequence Completed

2023-06-23 14:19:21,499 DEBG 'watchdog-script' stdout output:
[info] DNS failure, creating file '/tmp/dnsfailure' to indicate failure...

 

Inside the container:

 

ping fra-001.vpn.privado.io
PING fra-001.vpn.privado.io (91.148.232.10) 56(84) bytes of data.
64 bytes from fra-001.vpn.privado.io (91.148.232.10): icmp_seq=1 ttl=53 time=13.8 ms
64 bytes from fra-001.vpn.privado.io (91.148.232.10): icmp_seq=2 ttl=53 time=16.3 ms

 

[root@4d82410dacab config]# nslookup fra-001.vpn.privado.io
;; communications error to 84.200.69.80#53: timed out
;; communications error to 84.200.69.80#53: timed out

 

 

Thanks for you help 🙂

what is the value for NAME_SERVERS?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.