[Support] binhex - SABnzbdVPN


Recommended Posts

On 12/7/2020 at 1:50 AM, kajeagentspi said:

I'm also encountering a similar error. @squishee are you also a new user? 

New to using a VPN but I've used SAB for years. Full disclosure: I moved recently and I'm under a strong suspicion my ISP throttles usenet downloads and I was trying to use a VPN to avoid this. I'm on a gigabit connection and I can't even come close to hitting those speeds (when I used to max out my connection prior to moving on a 600Mbps connection) 

 

So update: I can access the web UI now. I didn't change anything, it just somehow worked. I completed the rest of the steps in DoItMyselfToo's post modifying wg0.conf and I'm getting super slow speeds. They'll start at 35Mb/s and drop down to between 10-18Mb/s. I'm on a gigabit connection as I mentioned above. Any recommendations on how to improve this?

Link to comment
14 minutes ago, squishee said:

New to using a VPN but I've used SAB for years. Full disclosure: I moved recently and I'm under a strong suspicion my ISP throttles usenet downloads and I was trying to use a VPN to avoid this. I'm on a gigabit connection and I can't even come close to hitting those speeds (when I used to max out my connection prior to moving on a 600Mbps connection) 

 

So update: I can access the web UI now. I didn't change anything, it just somehow worked. I completed the rest of the steps in DoItMyselfToo's post modifying wg0.conf and I'm getting super slow speeds. They'll start at 35Mb/s and drop down to between 10-18Mb/s. I'm on a gigabit connection as I mentioned above. Any recommendations on how to improve this?

i notice slow speeds during between 7 am and 5 pm, i think do to work/school from home loads on network.  i think my isp is traffic shaping.  full speeds for me after 10 pm for sure, usually sooner.

 

you could try with/without your vpn enabled to see if that's part of the slow down.  just use ssl connections.

Edited by DoItMyselfToo
Link to comment

I have been using this container for a while without issues. I recently updated the PIA certs to the next gen ones, and have been getting this error(its possible the PIA certs are anecdotal, haven't used this in a while)

 

Traceback (most recent call last):
  File "/usr/lib/sabnzbd/sabnzbd/filesystem.py", line 492, in set_chmod
    os.chmod(path, permissions)
PermissionError: [Errno 1] Operation not permitted: False

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/sabnzbd/sabnzbd/nzbparser.py", line 314, in process_single_nzb
    nzo = nzbstuff.NzbObject(
  File "/usr/lib/sabnzbd/sabnzbd/nzbstuff.py", line 732, in __init__
    set_permissions(work_dir)
  File "/usr/lib/sabnzbd/sabnzbd/filesystem.py", line 528, in set_permissions
    set_chmod(path, umask_file, report)
  File "/usr/lib/sabnzbd/sabnzbd/filesystem.py", line 494, in set_chmod
    lpath = path.lower()
AttributeError: 'bool' object has no attribute 'lower'

Anyone know what's going on here? It looks like maybe a permissions issue, but the directory that the container saves to is set to 777

Link to comment
On 12/9/2020 at 8:48 AM, squishee said:

New to using a VPN but I've used SAB for years. Full disclosure: I moved recently and I'm under a strong suspicion my ISP throttles usenet downloads and I was trying to use a VPN to avoid this. I'm on a gigabit connection and I can't even come close to hitting those speeds (when I used to max out my connection prior to moving on a 600Mbps connection) 

 

So update: I can access the web UI now. I didn't change anything, it just somehow worked. I completed the rest of the steps in DoItMyselfToo's post modifying wg0.conf and I'm getting super slow speeds. They'll start at 35Mb/s and drop down to between 10-18Mb/s. I'm on a gigabit connection as I mentioned above. Any recommendations on how to improve this?

Same It seems like it is an issue on PIA's end.

From my observation it took at most a day for my credentials to work.

Credential propagation issue?

Link to comment
1 hour ago, fc0712 said:

 

Any inputs?

there are pro's and con's for both:-

 

Pro of routing sabnzb through delugevpn (or another vpn enabled container) -  less connections to your vpn provider - most vpn providers only give you a limited number of connections, routing everything through one container means its only a single connection.

 

Con of routing sabnzb through delugevpn (or another vpn enabled container) - single point of failure, if the vpn container you have everything routed through fails then it will affect multiple applications.

 

and vice-verse for if you did NOT route multiple apps through a single container.

 

personally i like the isolation of each application having its own vpn connection, and i have 5 connection limit on my vpn provider (pia) so im fine, but the choice is yours.

 

there are other minor pro's/con's too, but the above are the major two.

Edited by binhex
  • Like 1
Link to comment
3 hours ago, binhex said:

there are pro's and con's for both:-

 

Pro of routing sabnzb through delugevpn (or another vpn enabled container) -  less connections to your vpn provider - most vpn providers only give you a limited number of connections, routing everything through one container means its only a single connection.

 

Con of routing sabnzb through delugevpn (or another vpn enabled container) - single point of failure, if the vpn container you have everything routed through fails then it will affect multiple applications.

 

and vice-verse for if you did NOT route multiple apps through a single container.

 

personally i like the isolation of each application having its own vpn connection, and i have 5 connection limit on my vpn provider (pia) so im fine, but the choice is yours.

 

there are other minor pro's/con's too, but the above are the major two.

Thanks for the thorough reply. 

 

If I want to migrate from linuxservers sabnzbd container to yours with the VPN - Can i simply just point to the existing appdata or would be better to do a fresh setup and do the configurations again?

Link to comment

I've been running this docker for years with mostly no issues however I just noticed recently that I'm getting errors like "Downloading nzb for episode failed" from Sonarr and Radarr and I think I've tracked the issue back to this docker and a possible issue with privoxy not being reachable.

 

Things I've checked:

  1. VPN provider account password is valid and active
  2. I'm not seeing any errors in the debug logs... I'm seeing notifications that everything has started and that the vpn has an ip
  3. I also enabled the "Bypass Proxy for Local Addresses" setting in Sonarr and that didn’t seem to help.
  4. If I turn off the proxy in those apps then everything works fine.

 

The only thing that has changed recently is that I upgraded Radarr and Sonarr to v3 so perhaps some requirements have changed although I can't find anything?

 

Any ideas on how to debug this?

 

Edited by unRaide
Link to comment

Hi im wondering what the following error is shows up every minute. (((((((2020-12-30 15:57:51 TLS: tls_process: killed expiring key)))))) I have nordvpn. Thanks

 

 

(((((((2020-12-30 15:57:51 TLS: tls_process: killed expiring key))))))

2020-12-30 15:57:51,493 DEBG 'start-script' stdout output:
2020-12-30 15:57:51 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA5

2020-12-30 15:57:51,493 DEBG 'start-script' stdout output:
2020-12-30 15:57:51 VERIFY KU OK
2020-12-30 15:57:51 Validating certificate extended key usage
2020-12-30 15:57:51 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2020-12-30 15:57:51 VERIFY EKU OK
2020-12-30 15:57:51 VERIFY OK: depth=0, CN=us6620.nordvpn.com

2020-12-30 15:57:51,743 DEBG 'start-script' stdout output:
2020-12-30 15:57:51 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2020-12-30 15:57:51 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key

2020-12-30 15:57:51,743 DEBG 'start-script' stdout output:
2020-12-30 15:57:51 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA

2020-12-30 16:57:51,002 DEBG 'start-script' stdout output:
((((((2020-12-30 16:57:51 TLS: tls_process: killed expiring key))))))

Link to comment
  • 2 weeks later...

Can this container be upgraded to the beta version(s) of Sabnzbd? One of my indexers gets a lot of cross-posted nzbs that are created by Newsnab and are obfuscated. Supposedly there's a fix for deobfuscation for these posts in the latest beta. I've searched for the term beta in this topic and the forum reports no results. Hopefully I don't have to switch to a different container provider... thanks!

Link to comment
11 hours ago, AgentXXL said:

Can this container be upgraded to the beta version(s) of Sabnzbd?

im afraid i dont do beta's due to my limited amount of time for support, you will have to wait for it to be included in the next release or switch to another image.

  • Thanks 1
Link to comment

I'm not sure if there was an update recently or if something else broke the container, but now if I have VPN enabled, I can no longer access sabnzbd's web ui, nor will Radarr or Sonarr connect to it. My VPN is still current, so I'm not sure what happened. The two warnings I see in the log are:

 

2021-01-14 18:15:43 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.

2021-01-14 18:15:43,002 DEBG 'start-script' stdout output:
2021-01-14 18:15:43 WARNING: file 'credentials.conf' is group or others accessible

 

Any ideas?

Link to comment

Hey all, quick question on PIA servers.  Recently, I noticed a significant decrease in speed with DL using SABNZBDVPN.  I am on 1GB fiber and typically have no issues with non-vpn transfers, but lately SABNZBDVPN seems to have slowed quite a bit.  Any recommendations for a PIA server to use that has had better transfer rates?  I am in the southeast of the US.  

 

Thanks in advance!

Link to comment
On 1/15/2021 at 12:17 AM, thunderclap said:

I'm not sure if there was an update recently or if something else broke the container, but now if I have VPN enabled, I can no longer access sabnzbd's web ui, nor will Radarr or Sonarr connect to it. My VPN is still current, so I'm not sure what happened. The two warnings I see in the log are:

 


2021-01-14 18:15:43 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.

2021-01-14 18:15:43,002 DEBG 'start-script' stdout output:
2021-01-14 18:15:43 WARNING: file 'credentials.conf' is group or others accessible

 

Any ideas?

do this:- https://github.com/binhex/documentation/blob/master/docker/faq/help.md

Link to comment
14 hours ago, thunderclap said:

Log attached. I did remo

 

Log attached. I did remove my VPN login info from the file.

supervisord.log 44 kB · 2 downloads

from your log:-

 

2021-01-19 12:48:49,149 DEBG 'start-script' stdout output:
2021-01-19 12:48:49 [UNDEF] Inactivity timeout (--ping-restart), restarting

2021-01-19 12:48:49,150 DEBG 'start-script' stdout output:
2021-01-19 12:48:49 SIGHUP[soft,ping-restart] received, process restarting

see Q17 here:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

Link to comment
5 hours ago, binhex said:

from your log:-

 


2021-01-19 12:48:49,149 DEBG 'start-script' stdout output:
2021-01-19 12:48:49 [UNDEF] Inactivity timeout (--ping-restart), restarting

2021-01-19 12:48:49,150 DEBG 'start-script' stdout output:
2021-01-19 12:48:49 SIGHUP[soft,ping-restart] received, process restarting

see Q17 here:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

 

Thanks. That's really weird since I have the exact same configuration for your DelugeVPN docker and it works fine. I guess I'll keep playing around with it to see if I can get it working securely again.

Link to comment
Just now, thunderclap said:

 

Thanks. That's really weird since I have the exact same configuration for your DelugeVPN docker and it works fine. I guess I'll keep playing around with it to see if I can get it working securely again.

check the ovpn file, i bet its out of date, thats the usual culprit.

  • Like 1
Link to comment
  • 3 weeks later...

Sonarr is finding episodes and sending them to sab, with the little notification "send to sab" and the little cloud download icon, but sab is not getting the request (or if it is, its not showing up on the download page).  Some shows are working just fine, others seem not to be at all.

 

Nothing has changed, configuration-wise, in years.

 

Any ideas where to start?

Link to comment

Hello,

I set up the sabnzbd docker with PIA and everything is working great so far.

Next I want to add a qbittorrent Docker to my Unraid Server.

My question now is what would be better, use the qbittorrentvpn Docker or use Privoxy on the sabnzbdvpn Docker and route the traffic through there?

Link to comment
1 hour ago, Agamemnon said:

My question now is what would be better, use the qbittorrentvpn Docker or use Privoxy on the sabnzbdvpn Docker and route the traffic through there?

AFAIK, privoxy is web only, so if you want to route torrent traffic through the vpn you will need to either follow the directions to send the whole container through by using the vpn container as the network for the torrent container, or set up the torrent client with its own vpn login.

spaceinvader one has a video on youtube about sending one container through another for exactly what you are talking about.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.