[Support] binhex - SABnzbdVPN


Recommended Posts

Ok, thanks for looking into this.  I was hoping to move some of the work your awesome containers in unraid are doing outside my home internet connection.  Would what they are marketing as a root servers work any better.  I really like that your containers have vpn included so I can choose which tools use vpn and which don't.

Link to comment
1 minute ago, jjdunkel said:

Ok, thanks for looking into this.  I was hoping to move some of the work your awesome containers in unraid are doing outside my home internet connection.  Would what they are marketing as a root servers work any better.  I really like that your containers have vpn included so I can choose which tools use vpn and which don't.

 

what you need in essence is the exact same setup as home LAN or work LAN, you need a host that has a private network and has a route out to the internet, im not sure what exactly a "root server" is, im assuming they mean a server you can connect to as user "root" by that, but im only guessing, that won't help you though.

  • Like 1
Link to comment

In an attempt to still get this to work on the VPS server, I decided to try creating an OpenVpn connection to the server so that in theory I was addressing the WebUIs locally.  I got the VPN up and running and I was able to access the WebUIs through the tunnel, but out of curiosity I tried again with the external IP of the server and the WebUIs worked that way too.  I decided to go through the VPN install instructions to see what routing changes were made in the process and I just confirmed that the following instruction allowed the connection to work:

IP Masquerading
IP Masquerading is not available on BuyVM, however you can work around this limitation with the following command:

iptables -t nat -A POSTROUTING ! -o <tun|ppp>+ -j SNAT --to-source YOURVPSIP
Use tun for openvpn and ppp for PPTPd.

I can now access the WebUIs through the VPN or through the external IP.  What I don't know enough about however is if this effects how SabnzbdVpn and DelugeVpn lock the other traffic to always going through the VPN.  Is there anything that you would suggest testing?  Would you be willing to help me see if it's still secure?  I just don't know enough about routing to feel secure in what I did.  Frankly I would have felt better about my solution if it worked through the VPN but not with the external IP, but if we can figure out that it is still secure I guess this may allow more people to use these awesome containers on fairly cheap VPS servers to get files into cloud storage.

 

Thanks!

Link to comment
18 hours ago, jjdunkel said:

In an attempt to still get this to work on the VPS server, I decided to try creating an OpenVpn connection to the server so that in theory I was addressing the WebUIs locally.  I got the VPN up and running and I was able to access the WebUIs through the tunnel, but out of curiosity I tried again with the external IP of the server and the WebUIs worked that way too.  I decided to go through the VPN install instructions to see what routing changes were made in the process and I just confirmed that the following instruction allowed the connection to work:


IP Masquerading
IP Masquerading is not available on BuyVM, however you can work around this limitation with the following command:

iptables -t nat -A POSTROUTING ! -o <tun|ppp>+ -j SNAT --to-source YOURVPSIP
Use tun for openvpn and ppp for PPTPd.

I can now access the WebUIs through the VPN or through the external IP.  What I don't know enough about however is if this effects how SabnzbdVpn and DelugeVpn lock the other traffic to always going through the VPN.  Is there anything that you would suggest testing?  Would you be willing to help me see if it's still secure?  I just don't know enough about routing to feel secure in what I did.  Frankly I would have felt better about my solution if it worked through the VPN but not with the external IP, but if we can figure out that it is still secure I guess this may allow more people to use these awesome containers on fairly cheap VPS servers to get files into cloud storage.

 

Thanks!

 

instead of the above, try setting LAN_NETWORK to <your static ip for your vps>/32 what this in effect does is gives you a lan network consisting of one host ip, in your case your public ip, if this doesn't work then im afraid for now i don't currently have time to work on it so you will have to figure it out yourself.

Link to comment
  • 2 weeks later...

Hey all

 

Been using your containers for quite some time and have been playing around with the new IP feature in 6.4.

 

I can't seems to update SABVPN to use a set ip. The docker resets with the new settings but the webui is not accessible but pinging the address gives a reply.

 

On another note and if you wish me to post in the correct section please let me know.

 

If i move the sonarr docker to its own ip address the docker seems to function as in i can get to the webui except it can no longer access the download clients or the privoxy port in the SAB docker. This is when the SAB docker is running in bridge mode.

 

I bet there is something simple i a missing, i would be glad if you could help. Let me know if you need any log files and where to find them if you do. 

 

Thanks

Link to comment
  • 1 month later...

Just curious.... I have rutorrentVPN setup and running and now want to push ahead with this. I have the linuxserver version running at present. For obvious reasons I want to migrate to this version. Is there any conflict using this and rutorrentVPN at the same time? I only ask because of the issues I had migrating from delugeVPN to rutorrentVPN. I couldnt have both running at the same time. Cheers

Link to comment
1 hour ago, tazire said:

Just curious.... I have rutorrentVPN setup and running and now want to push ahead with this. I have the linuxserver version running at present. For obvious reasons I want to migrate to this version. Is there any conflict using this and rutorrentVPN at the same time? I only ask because of the issues I had migrating from delugeVPN to rutorrentVPN. I couldnt have both running at the same time. Cheers

you can run any of my vpn docker images at the same time, the only trick to keep in mind is that you must watch out for port conflicts, privoxy uses the same port for all of the vpn images, and thus you will get a conflict on port 8118 on the host side, so ensure this port is changed on the host side to prevent this.

  • Upvote 1
Link to comment
35 minutes ago, binhex said:

you can run any of my vpn docker images at the same time, the only trick to keep in mind is that you must watch out for port conflicts, privoxy uses the same port for all of the vpn images, and thus you will get a conflict on port 8118 on the host side, so ensure this port is changed on the host side to prevent this.

That and while services like PIA will let you running more than one instance (even from the same device), they usually don't let you run multiple instances to the same server i.e. each instance needs to connect to a different server.

Link to comment
47 minutes ago, tjb_altf4 said:

That and while services like PIA will let you running more than one instance (even from the same device), they usually don't let you run multiple instances to the same server i.e. each instance needs to connect to a different server.

That has not been my experience with PIA specifically. Which service did you see that on?

Link to comment
7 minutes ago, jonathanm said:

That has not been my experience with PIA specifically. Which service did you see that on?

 

me neither, im pretty sure i have in the past had both delugevpn and rtorrentvpn connecting to the same endpoint from the same ip.....unless pia has changed things?

Link to comment

SABnzbd has been running fine for years.  Today, I noticed an error in Sonarr that SAB wasn't responsive (or something), and unRAID notified me of many updates, so I just updated all dockers (Deluge, SABnzbd, mariadb, Nextcloud) and once finished, i tried to start SAB, but it just will not start.  here is the log from the 3 times I tried after updating.

 

Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/

2018-04-17 10:36:05.187484 [info] Host is running unRAID
2018-04-17 10:36:05.214652 [info] System information Linux 7452edd79e01 4.14.33-unRAID #1 SMP PREEMPT Sun Apr 8 09:14:46 PDT 2018 x86_64 GNU/Linux
2018-04-17 10:36:05.245612 [warn] PUID not defined (via -e PUID), defaulting to '99'
2018-04-17 10:36:05.292649 [warn] PGID not defined (via -e PGID), defaulting to '100'
2018-04-17 10:36:05.333527 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
2018-04-17 10:36:05.363287 [info] Permissions already set for volume mappings
2018-04-17 10:36:05.402040 [info] VPN_ENABLED defined as 'yes'
2018-04-17 10:36:05.437123 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn
dos2unix: converting file /config/openvpn/openvpn.ovpn to Unix format...
Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/

2018-04-17 10:36:23.369998 [info] Host is running unRAID
2018-04-17 10:36:23.394661 [info] System information Linux 7452edd79e01 4.14.33-unRAID #1 SMP PREEMPT Sun Apr 8 09:14:46 PDT 2018 x86_64 GNU/Linux
2018-04-17 10:36:23.420571 [warn] PUID not defined (via -e PUID), defaulting to '99'
2018-04-17 10:36:23.448664 [warn] PGID not defined (via -e PGID), defaulting to '100'
2018-04-17 10:36:23.483373 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
2018-04-17 10:36:23.509744 [info] Permissions already set for volume mappings
2018-04-17 10:36:23.543138 [info] VPN_ENABLED defined as 'yes'
2018-04-17 10:36:23.575686 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn
dos2unix: converting file /config/openvpn/openvpn.ovpn to Unix format...
Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/

2018-04-17 10:37:34.220132 [info] Host is running unRAID
2018-04-17 10:37:34.248672 [info] System information Linux 7452edd79e01 4.14.33-unRAID #1 SMP PREEMPT Sun Apr 8 09:14:46 PDT 2018 x86_64 GNU/Linux
2018-04-17 10:37:34.277363 [warn] PUID not defined (via -e PUID), defaulting to '99'
2018-04-17 10:37:34.307355 [warn] PGID not defined (via -e PGID), defaulting to '100'
2018-04-17 10:37:34.338576 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
2018-04-17 10:37:34.364294 [info] Permissions already set for volume mappings
2018-04-17 10:37:34.400206 [info] VPN_ENABLED defined as 'yes'
2018-04-17 10:37:34.433560 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn
dos2unix: converting file /config/openvpn/openvpn.ovpn to Unix format...

I guess i can uninstall and reinstall, but thought I should report what I experienced.

Link to comment
3 minutes ago, JustinChase said:

SABnzbd has been running fine for years.  Today, I noticed an error in Sonarr that SAB wasn't responsive (or something), and unRAID notified me of many updates, so I just updated all dockers (Deluge, SABnzbd, mariadb, Nextcloud) and once finished, i tried to start SAB, but it just will not start.  here is the log from the 3 times I tried after updating.

 


Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/

2018-04-17 10:36:05.187484 [info] Host is running unRAID
2018-04-17 10:36:05.214652 [info] System information Linux 7452edd79e01 4.14.33-unRAID #1 SMP PREEMPT Sun Apr 8 09:14:46 PDT 2018 x86_64 GNU/Linux
2018-04-17 10:36:05.245612 [warn] PUID not defined (via -e PUID), defaulting to '99'
2018-04-17 10:36:05.292649 [warn] PGID not defined (via -e PGID), defaulting to '100'
2018-04-17 10:36:05.333527 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
2018-04-17 10:36:05.363287 [info] Permissions already set for volume mappings
2018-04-17 10:36:05.402040 [info] VPN_ENABLED defined as 'yes'
2018-04-17 10:36:05.437123 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn
dos2unix: converting file /config/openvpn/openvpn.ovpn to Unix format...
Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/

2018-04-17 10:36:23.369998 [info] Host is running unRAID
2018-04-17 10:36:23.394661 [info] System information Linux 7452edd79e01 4.14.33-unRAID #1 SMP PREEMPT Sun Apr 8 09:14:46 PDT 2018 x86_64 GNU/Linux
2018-04-17 10:36:23.420571 [warn] PUID not defined (via -e PUID), defaulting to '99'
2018-04-17 10:36:23.448664 [warn] PGID not defined (via -e PGID), defaulting to '100'
2018-04-17 10:36:23.483373 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
2018-04-17 10:36:23.509744 [info] Permissions already set for volume mappings
2018-04-17 10:36:23.543138 [info] VPN_ENABLED defined as 'yes'
2018-04-17 10:36:23.575686 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn
dos2unix: converting file /config/openvpn/openvpn.ovpn to Unix format...
Created by...
___. .__ .__
\_ |__ |__| ____ | |__ ____ ___ ___
| __ \| |/ \| | \_/ __ \\ \/ /
| \_\ \ | | \ Y \ ___/ > <
|___ /__|___| /___| /\___ >__/\_ \
\/ \/ \/ \/ \/
https://hub.docker.com/u/binhex/

2018-04-17 10:37:34.220132 [info] Host is running unRAID
2018-04-17 10:37:34.248672 [info] System information Linux 7452edd79e01 4.14.33-unRAID #1 SMP PREEMPT Sun Apr 8 09:14:46 PDT 2018 x86_64 GNU/Linux
2018-04-17 10:37:34.277363 [warn] PUID not defined (via -e PUID), defaulting to '99'
2018-04-17 10:37:34.307355 [warn] PGID not defined (via -e PGID), defaulting to '100'
2018-04-17 10:37:34.338576 [warn] UMASK not defined (via -e UMASK), defaulting to '000'
2018-04-17 10:37:34.364294 [info] Permissions already set for volume mappings
2018-04-17 10:37:34.400206 [info] VPN_ENABLED defined as 'yes'
2018-04-17 10:37:34.433560 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn
dos2unix: converting file /config/openvpn/openvpn.ovpn to Unix format...

I guess i can uninstall and reinstall, but thought I should report what I experienced.

 

hmm ive seen this once before, it was a missing remote line from ovpn file, can you paste the contents of the file /config/openvpn/openvpn.ovpn here

Link to comment
On 4/17/2018 at 10:46 AM, binhex said:

 

hmm ive seen this once before, it was a missing remote line from ovpn file, can you paste the contents of the file /config/openvpn/openvpn.ovpn here

I can't find a /config/openvpn/openvpn.ovpn anywhere, but I found

 

/mnt/cache/appdata/sabnabdvpn/openvpn.ovpn

 

It is a blank file.

 

will a log of any sort help?

Link to comment
17 hours ago, JustinChase said:

/mnt/cache/appdata/sabnabdvpn/openvpn.ovpn

 

It is a blank file.

 

if the file is blank then this is your issue, re-download this zip from the url below, extract it to /config/openvpn/ (volume mapping to host for /config) and then delete all the ovpn files that you dont want to use leaving just one ovpn file and the certs then restart the container.

 

https://www.privateinternetaccess.com/openvpn/openvpn.zip

Link to comment
 
if the file is blank then this is your issue, re-download this zip from the url below, extract it to /config/openvpn/ (volume mapping to host for /config) and then delete all the ovpn files that you dont want to use leaving just one ovpn file and the certs then restart the container.
 
https://www.privateinternetaccess.com/openvpn/openvpn.zip
I'll do all that now, and I'm sure it will work.

the question becomes, how did it go away? it's worked fine for years, and I don't recall making any changes related to Dockers in a long time.

was it done differently long ago and now things have changed, or is this just one of those weird things that happen in life.

Sent from my HTC6545LVW using Tapatalk

Link to comment
1 hour ago, JustinChase said:

the question becomes, how did it go away?

 

corruption on cache disk, user error, non ecc memory glitch, as far as i know it wasn't due to a coding issue on my side, but its possible a bug slipped in at one point so it could of been me also, i wouldn't loose sleep over it :-), tbh those ovpn files can (and probably will) change over time in any case as the vpn provider changes things, so its not going to be set it and forget it.

Link to comment
On 4/19/2018 at 4:25 AM, binhex said:

 

if the file is blank then this is your issue, re-download this zip from the url below, extract it to /config/openvpn/ (volume mapping to host for /config) and then delete all the ovpn files that you dont want to use leaving just one ovpn file and the certs then restart the container.

 

https://www.privateinternetaccess.com/openvpn/openvpn.zip

 

That didn't quite work, I ended up deleting all SAB containers, and any templates CA had saved, and then installed from scratch.  This created a new folder structure, and this new structure had a folder called openvpn located at /mnt/cache/appdata/binhex-sabnzbdvpn/openvpn  (not /config/openvpn/ and it was blank.  I downloaded the file you linked and unzipped everything into this new folder.  Now, SAB will start.  I've lost all my settings, obviously, but at least it seems to be working.

 

Perhaps in the future, if one selects pia as the provider, you can download the necessary files and put them in place automatically?

 

Also, I have absolutely NO IDEA why my setup just died one day for no apparent reason, I certainly did not delete any openvpn files,  oh well.  It seems it's fixed now/again.

 

Thanks

 

PS  Sadly, it's not actually working.  It seems to start now (green arrow, not red square icon), but it doesn't actually let me get to the GUI, so I can't actually use it.  It's a fresh, brand new install.

 

Is it supposed to just work, or do I need to re-read the OP and re-learn how to do this?  I don't remember it being this complicated before.

 

log shows this error...

 

Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: auth-user-pass (2.4.5)

 

that doesn't seem to be the vpn password; I just confirmed it's right.  so, I'm not sure what's going on.

 

thanks again for the help, and sorry to be a pita

Edited by JustinChase
more info
Link to comment
19 minutes ago, JustinChase said:

/mnt/cache/appdata/binhex-sabnzbdvpn/openvpn  (not /config/openvpn/ and it was blank

 

i always reference /config because its impossible for me to know where you are mapping /config to on the host side, sure i can guess but its easier to just say /config/openvpn/, you get where im coming from, but what i really mean is put the ovpn files in <whatever you have mapped /config to on the host side>/openvpn/.

 

21 minutes ago, JustinChase said:

Perhaps in the future, if one selects pia as the provider, you can download the necessary files and put them in place automatically?

 

i used to do this, but due to the ovpn files changing (and thus requiring a rebuild of the image) i decided the best course of action is to get the user to provide these files.

 

22 minutes ago, JustinChase said:

Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: auth-user-pass (2.4.5)

 

this sounds like a misconfiguration, have a read here first under the heading "newbie vpn guide":-

 

https://lime-technology.com/topic/44108-support-binhex-general/

 

if you still cant figure it out then perform the following:-

 

https://lime-technology.com/topic/44108-support-binhex-general/?do=findComment&comment=435831

 

Link to comment
48 minutes ago, binhex said:

this sounds like a misconfiguration, have a read here first under the heading "newbie vpn guide":-

 

https://lime-technology.com/topic/44108-support-binhex-general/

 

if you still cant figure it out then perform the following:-

 

https://lime-technology.com/topic/44108-support-binhex-general/?do=findComment&comment=435831

 

yes, it does, but what is " auth-user-pass (2.4.5) " referring to?  What do I need to change?  I don't have any weird characters in my user name or password for PIA, and like I said, it was all working fine for years until a couple days ago.

 

I've installed with the default settings, only adding my endpoint, user name and password; but that doesn't work.  If it set vpn enabled to no, it works, so it's to do with that, but I have the correct user name, correct password, and I believe, the correct endpoint. (i've tried montreal and toronto, both fail).

 

This feels like an setup/installation problem.  I've kept pretty much all defaults, so I would expect it to pretty much work right out of the box.

 

Please let me know if you want me to run a debug for you, but it seems the error code above ought to point to something without all that.

Link to comment
1 minute ago, JustinChase said:

yes, it does, but what is " auth-user-pass (2.4.5) " referring to?

 

that coming from openvpn not from my code, what do you have defined for the value for env var VPN_OPTIONS because it should be empty (guessing here, need to see the log, see my second link in previous post).

 

3 minutes ago, JustinChase said:

I've kept pretty much all defaults, so I would expect it to pretty much work right out of the box.

 

there are dozens if not hundreds of vpn providers, you cannot have an out of the box experience with something like this, and tbh 99% of issues are misconfiguration, wrong lan_network, wrong password, no ovpn config file etc, but i need to see that log to tell you whats going on.

Link to comment
11 minutes ago, binhex said:

 

that coming from openvpn not from my code, what do you have defined for the value for env var VPN_OPTIONS because it should be empty (guessing here, need to see the log, see my second link in previous post).

 

 

there are dozens if not hundreds of vpn providers, you cannot have an out of the box experience with something like this, and tbh 99% of issues are misconfiguration, wrong lan_network, wrong password, no ovpn config file etc, but i need to see that log to tell you whats going on.

I suspect it's mis-configuration in this case, but I also blame the setup for not offering what's needed.

 

I put the PIA server i the VPN_OPTIONS box, because I didn't (and still don't) see any place to put the PIA server.

 

I'll re-read this entire thread when I get back later, and figure out what variable I need to add to get it working. (it would be nice if that variable was there by default, and the options variable wasn't)

 

Thanks again.

 

PS, I wasn't trying to say you should have it just magically work for any/all providers, and options, but maybe a 'just works' with PIA, since it's the easiest to configure, and offers port forwarding out of the box (with a pre-selected known working forwarding endpoint server) and/or pop up a warning if all required fields aren't filled out, or if the options is filled, but likely not necessary).

 

Again, not your job to make it too easy, just some ideas I have after fighting what seems like a very unnecessary fight against my server.

Link to comment
1 minute ago, JustinChase said:

(and still don't) see any place to put the PIA server.

 

you control the server you want to connect to by placing the correct ovpn file in the /config/openvpn/ folder, if you want to switch server then you delete (or rename) the current ovpn file and put the new one in its place.

 

4 minutes ago, JustinChase said:

it would be nice if that variable was there by default,

 

they are, which variable do you mean?, keep in mind that unraid templates do NOT dynamically update (actually they can do if enabled but most people dont do this) and thus the template you are probably looking at is old and out of date.

 

6 minutes ago, JustinChase said:

and the options variable wasn't)

 

this was specifically asked for by somebody who wanted to pass some very specific openvpn cli options, which i see no problems with.

 

8 minutes ago, JustinChase said:

but maybe a 'just works' with PIA

 

its as close as i can get with this, i used to include the pia config files and then pia screwed me over and completely changed them causing loads of support for me, so im not going back to that.

 

9 minutes ago, JustinChase said:

Again, not your job to make it too easy

 

believe it or not, i DO want to make it too easy, in its current form its as easy as i can get it, i will be enhancing the template with additional comments to try and guide people a bit more.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.