[Support] binhex - rTorrentVPN


Recommended Posts

4 minutes ago, binhex said:

so there is a bit of a chicken and egg situation going on here, because PIA endpoint nl-amsterdam.privacy.network is down we are unable to contact PIA servers to create the initial wireguard config file, and because we cant create the file, users can't then change it to another endpoint. so whilst this is not the best solution in the world, i think the easiest way out of this is to reconfigure the default to be something else other than nl-amsterdam.privacy.network, leave it with me and i will take a look tonight.

 

Ah of course, why didn't I think to check if the endpoint was down.

 

I'm just glad it isn't me, I thought I was missing something super obvious in the setup of the container.

 

I'll keep an eye out for your fix and/or see if the endpoint comes back up.

Link to comment
Posted (edited)
Spoiler

2021-05-19 14:04:27.514993 [info] VPN_ENABLED defined as 'yes'
2021-05-19 14:04:27.539842 [info] VPN_CLIENT defined as 'openvpn'
2021-05-19 14:04:27.565913 [info] VPN_PROV defined as 'custom'
2021-05-19 14:04:27.645024 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/miami.ovpn
2021-05-19 14:04:27.772615 [info] VPN remote server(s) defined as 'us4.vyprvpn.com,'
2021-05-19 14:04:27.793943 [info] VPN remote port(s) defined as '443,'
2021-05-19 14:04:27.816807 [info] VPN remote protcol(s) defined as 'udp,'
2021-05-19 14:04:27.842912 [info] VPN_DEVICE_TYPE defined as 'tun0'
2021-05-19 14:04:27.868754 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2021-05-19 14:04:27.893642 [info] LAN_NETWORK defined as '192.168.1.0/24'
2021-05-19 14:04:27.919599 [info] NAME_SERVERS defined as '209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1'
2021-05-19 14:04:27.943817 [info] VPN_USER defined as '#MyVpnUsername#'
2021-05-19 14:04:27.969881 [info] VPN_PASS defined as '#MyVpnPassword#'
2021-05-19 14:04:27.997153 [info] ENABLE_PRIVOXY defined as 'no'
2021-05-19 14:04:28.028164 [info] VPN_INPUT_PORTS not defined (via -e VPN_INPUT_PORTS), skipping allow for custom incoming ports
2021-05-19 14:04:28.053434 [info] VPN_OUTPUT_PORTS not defined (via -e VPN_OUTPUT_PORTS), skipping allow for custom outgoing ports
2021-05-19 14:04:28.079285 [info] ENABLE_AUTODL_IRSSI defined as 'yes'
2021-05-19 14:04:28.104076 [info] ENABLE_RPC2 defined as 'yes'
2021-05-19 14:04:28.129554 [info] ENABLE_RPC2_AUTH defined as 'yes'
2021-05-19 14:04:28.153787 [info] RPC2_USER defined as 'admin'
2021-05-19 14:04:28.178453 [info] RPC2_PASS defined as '#ThePasswordIEntered#'
2021-05-19 14:04:28.202254 [info] ENABLE_WEBUI_AUTH defined as 'yes'
2021-05-19 14:04:28.228800 [info] WEBUI_USER defined as '#TheUsernameIEntered#'
2021-05-19 14:04:28.251292 [info] WEBUI_PASS defined as '#ThePasswordIEntered#'
2021-05-19 14:04:28.301290 [info] Starting Supervisor...
2021-05-19 14:04:30,360 INFO Included extra file "/etc/supervisor/conf.d/rtorrent.conf" during parsing
2021-05-19 14:04:30,360 INFO Set uid to user 0 succeeded
2021-05-19 14:04:30,363 INFO supervisord started with pid 7
2021-05-19 14:04:31,366 INFO spawned: 'logrotate-script' with pid 212
2021-05-19 14:04:31,367 INFO spawned: 'pyrocore-script' with pid 213
2021-05-19 14:04:31,369 INFO spawned: 'rutorrent-script' with pid 214
2021-05-19 14:04:31,370 INFO spawned: 'shutdown-script' with pid 215
2021-05-19 14:04:31,371 INFO spawned: 'start-script' with pid 216
2021-05-19 14:04:31,372 INFO spawned: 'watchdog-script' with pid 217
2021-05-19 14:04:31,373 INFO reaped unknown pid 8 (exit status 0)
2021-05-19 14:04:31,409 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2021-05-19 14:04:31,409 INFO success: logrotate-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,409 INFO success: pyrocore-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: rutorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: shutdown-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,416 DEBG 'start-script' stdout output:
[warn] Username contains characters which could cause authentication issues, please consider changing this if possible

2021-05-19 14:04:31,430 DEBG 'watchdog-script' stdout output:
[info] rTorrent config file already exists, skipping copy

2021-05-19 14:04:31,478 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.222 to /etc/resolv.conf

2021-05-19 14:04:31,483 DEBG 'start-script' stdout output:
[info] Adding 84.200.69.80 to /etc/resolv.conf

2021-05-19 14:04:31,487 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf

2021-05-19 14:04:31,490 DEBG 'start-script' stdout output:
[info] Adding 1.1.1.1 to /etc/resolv.conf

2021-05-19 14:04:31,494 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.218 to /etc/resolv.conf

2021-05-19 14:04:31,498 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf

2021-05-19 14:04:31,504 DEBG 'start-script' stdout output:
[info] Adding 84.200.70.40 to /etc/resolv.conf

2021-05-19 14:04:31,508 DEBG 'start-script' stdout output:
[info] Adding 1.0.0.1 to /etc/resolv.conf

2021-05-19 14:04:32,259 DEBG 'start-script' stdout output:
[info] Default route for container is 192.168.1.1

2021-05-19 14:04:32,312 DEBG 'start-script' stdout output:
[info] Docker network defined as 192.168.1.0/24

2021-05-19 14:04:32,315 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2021-05-19 14:04:32,317 DEBG 'start-script' stderr output:
RTNETLINK answers: File exists

2021-05-19 14:04:32,317 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2021-05-19 14:04:32,318 DEBG 'start-script' stdout output:
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.118

2021-05-19 14:04:32,318 DEBG 'start-script' stdout output:
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.1.0 dev eth0 table local proto kernel scope link src 192.168.1.118
local 192.168.1.118 dev eth0 table local proto kernel scope host src 192.168.1.118
broadcast 192.168.1.255 dev eth0 table local proto kernel scope link src 192.168.1.118
--------------------

2021-05-19 14:04:32,322 DEBG 'start-script' stdout output:
iptable_mangle 16384 1
ip_tables 28672 3 iptable_filter,iptable_nat,iptable_mangle
x_tables 28672 14 ip6table_filter,xt_conntrack,iptable_filter,xt_tcpudp,xt_addrtype,xt_CHECKSUM,xt_nat,ip6_tables,ipt_REJECT,ip_tables,ip6table_mangle,xt_MASQUERADE,iptable_mangle,xt_mark

2021-05-19 14:04:32,322 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2021-05-19 14:04:32,639 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2021-05-19 14:04:32,640 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A INPUT -s 209.99.109.18/32 -i eth0 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 9443 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A OUTPUT -d 209.99.109.18/32 -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 9443 -j ACCEPT
-A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 5000 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT

2021-05-19 14:04:32,641 DEBG 'start-script' stdout output:
--------------------

2021-05-19 14:04:32,642 DEBG 'start-script' stdout output:
[info] Starting OpenVPN (non daemonised)...

2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.


2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.


2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 WARNING: file 'credentials.conf' is group or others accessible

2021-05-19 14:04:33 OpenVPN 2.5.1 [git:makepkg/f186691b32e68362+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 24 2021
2021-05-19 14:04:33 library versions: OpenSSL 1.1.1j 16 Feb 2021, LZO 2.10

2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-05-19 14:04:33,440 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 TCP/UDP: Preserving recently used remote address: [AF_INET]209.99.109.18:443

2021-05-19 14:04:33,441 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 Socket Buffers: R=[212992->212992] S=[212992->212992]
2021-05-19 14:04:33 UDP link local: (not bound)
2021-05-19 14:04:33 UDP link remote: [AF_INET]209.99.109.18:443

2021-05-19 14:04:33,637 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 TLS: Initial packet from [AF_INET]209.99.109.18:443, sid=ca4ba653 d8017f52

2021-05-19 14:04:34,059 DEBG 'start-script' stdout output:
2021-05-19 14:04:34 VERIFY OK: depth=2, C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=Golden Frog GmbH Root CA, emailAddress=#VpnAdminEmailAddress#

2021-05-19 14:04:34,059 DEBG 'start-script' stdout output:
2021-05-19 14:04:34 VERIFY OK: depth=1, C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=VyprVPN Intermediate CA, emailAddress=#VpnAdminEmailAddress#

2021-05-19 14:04:34,060 DEBG 'start-script' stdout output:
2021-05-19 14:04:34 VERIFY X509NAME OK: C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=us4.vyprvpn.com, emailAddress=#VpnAdminEmailAddress#
2021-05-19 14:04:34 VERIFY OK: depth=0, C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=us4.vyprvpn.com, emailAddress=#VpnAdminEmailAddress#

2021-05-19 14:04:34,071 DEBG fd 11 closed, stopped monitoring <POutputDispatcher at 22615389544160 for <Subprocess at 22615389543488 with name pyrocore-script in state RUNNING> (stdout)>
2021-05-19 14:04:34,071 DEBG fd 15 closed, stopped monitoring <POutputDispatcher at 22615389039008 for <Subprocess at 22615389543488 with name pyrocore-script in state RUNNING> (stderr)>
2021-05-19 14:04:34,071 INFO exited: pyrocore-script (exit status 0; expected)
2021-05-19 14:04:34,071 DEBG received SIGCHLD indicating a child quit
2021-05-19 14:04:35,364 DEBG 'start-script' stdout output:
2021-05-19 14:04:35 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
2021-05-19 14:04:35 [us4.vyprvpn.com] Peer Connection Initiated with [AF_INET]209.99.109.18:443

2021-05-19 14:04:36,549 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 SENT CONTROL [us4.vyprvpn.com]: 'PUSH_REQUEST' (status=1)

2021-05-19 14:04:36,742 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.2.22.1,explicit-exit-notify 5,rcvbuf 524288,route-gateway 10.2.22.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.2.22.184 255.255.255.0,peer-id 2,cipher AES-256-GCM'

2021-05-19 14:04:36,743 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 OPTIONS IMPORT: timers and/or timeouts modified
2021-05-19 14:04:36 OPTIONS IMPORT: explicit notify parm(s) modified
2021-05-19 14:04:36 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2021-05-19 14:04:36 Socket Buffers: R=[212992->1048576] S=[212992->212992]
2021-05-19 14:04:36 OPTIONS IMPORT: --ifconfig/up options modified
2021-05-19 14:04:36 OPTIONS IMPORT: route options modified
2021-05-19 14:04:36 OPTIONS IMPORT: route-related options modified
2021-05-19 14:04:36 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2021-05-19 14:04:36 OPTIONS IMPORT: peer-id set
2021-05-19 14:04:36 OPTIONS IMPORT: adjusting link_mtu to 1625
2021-05-19 14:04:36 OPTIONS IMPORT: data channel crypto options modified
2021-05-19 14:04:36 Data Channel: using negotiated cipher 'AES-256-GCM'
2021-05-19 14:04:36 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-05-19 14:04:36 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-05-19 14:04:36 net_route_v4_best_gw query: dst 0.0.0.0
2021-05-19 14:04:36 net_route_v4_best_gw result: via 192.168.1.1 dev eth0
2021-05-19 14:04:36 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=02:42:c0:a8:01:76
2021-05-19 14:04:36 TUN/TAP device tun0 opened

2021-05-19 14:04:36,743 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 net_iface_mtu_set: mtu 1500 for tun0
2021-05-19 14:04:36 net_iface_up: set tun0 up
2021-05-19 14:04:36 net_addr_v4_add: 10.2.22.184/24 dev tun0
2021-05-19 14:04:36 /root/openvpnup.sh tun0 1500 1553 10.2.22.184 255.255.255.0 init

2021-05-19 14:04:36,746 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 net_route_v4_add: 209.99.109.18/32 via 192.168.1.1 dev [NULL] table 0 metric -1

2021-05-19 14:04:36,746 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 net_route_v4_add: 0.0.0.0/1 via 10.2.22.1 dev [NULL] table 0 metric -1
2021-05-19 14:04:36 net_route_v4_add: 128.0.0.0/1 via 10.2.22.1 dev [NULL] table 0 metric -1
2021-05-19 14:04:36 Initialization Sequence Completed

2021-05-19 14:04:38,980 DEBG 'start-script' stdout output:
[info] Attempting to get external IP using 'http://checkip.amazonaws.com'...

2021-05-19 14:04:39,902 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address #ExternalVpnIpAddress#

2021-05-19 14:04:39,903 DEBG 'start-script' stdout output:
[info] Application does not require port forwarding or VPN provider is != pia, skipping incoming port assignment

2021-05-19 14:04:40,004 DEBG 'watchdog-script' stdout output:
[info] rTorrent listening interface IP 0.0.0.0 and VPN provider IP 10.2.22.184 different, marking for reconfigure

2021-05-19 14:04:40,025 DEBG 'watchdog-script' stdout output:
[info] irssi not running

2021-05-19 14:04:40,029 DEBG 'watchdog-script' stdout output:
[info] rTorrent not running

2021-05-19 14:04:40,032 DEBG 'watchdog-script' stdout output:
[info] Attempting to start irssi...

2021-05-19 14:04:40,044 DEBG 'watchdog-script' stdout output:
Script started, output log file is '/home/nobody/typescript'.

2021-05-19 14:04:40,124 DEBG 'watchdog-script' stdout output:
Script done.

2021-05-19 14:04:40,124 DEBG 'watchdog-script' stdout output:
[info] irssi process started, updating trackers...

2021-05-19 14:04:40,127 DEBG 'watchdog-script' stdout output:
[info] irssi trackers updated

2021-05-19 14:04:40,138 DEBG 'watchdog-script' stdout output:
[info] Removing any rTorrent session lock files left over from the previous run...

2021-05-19 14:04:40,139 DEBG 'watchdog-script' stdout output:
[info] Attempting to start rTorrent...

2021-05-19 14:04:40,140 DEBG 'watchdog-script' stdout output:
Script started, output log file is '/home/nobody/typescript'.

2021-05-19 14:04:40,158 DEBG 'watchdog-script' stdout output:
Script done.

2021-05-19 14:04:40,546 DEBG 'rutorrent-script' stdout output:
[info] rtorrent started, setting up rutorrent...

2021-05-19 14:04:40,546 DEBG 'rutorrent-script' stdout output:
[info] nginx cert files already exists, skipping copy
[info] nginx config file already exists, skipping copy

2021-05-19 14:04:40,568 DEBG 'rutorrent-script' stdout output:
[info] php.ini file already exists, skipping copy

2021-05-19 14:04:40,570 DEBG 'rutorrent-script' stdout output:
[info] rutorrent conf folder already exists, skipping copy

2021-05-19 14:04:40,574 DEBG 'rutorrent-script' stdout output:
"python" => '/usr/bin/python', // Something like /usr/bin/python. If empty, will be found in PATH.

2021-05-19 14:04:40,632 DEBG 'rutorrent-script' stdout output:
[info] Setting PHP timezone to UTC...

2021-05-19 14:04:40,640 DEBG 'rutorrent-script' stdout output:
[info] running rsync to copy rutorrent user plugins to the plugins folder inside the container...

2021-05-19 14:04:40,723 DEBG 'rutorrent-script' stdout output:
[info] rutorrent share folder already exists, skipping copy

2021-05-19 14:04:40,724 DEBG 'rutorrent-script' stdout output:
[info] nginx /rpc2 location enabled

2021-05-19 14:04:40,732 DEBG 'rutorrent-script' stdout output:
[info] Updating password for rpc2 account 'admin'...

2021-05-19 14:04:41,105 DEBG 'rutorrent-script' stderr output:


2021-05-19 14:04:41,105 DEBG 'rutorrent-script' stderr output:
password for user admin

2021-05-19 14:04:41,112 DEBG 'rutorrent-script' stdout output:
[info] Updating password for web ui account '#TheUsernameIEntered#'...

2021-05-19 14:04:41,113 DEBG 'rutorrent-script' stderr output:


2021-05-19 14:04:41,114 DEBG 'rutorrent-script' stderr output:
password for user #TheUsernameIEntered#

2021-05-19 14:04:41,114 DEBG 'rutorrent-script' stdout output:
[info] starting php-fpm...

2021-05-19 14:04:41,171 DEBG 'watchdog-script' stdout output:
[info] rTorrent process started
[info] Waiting for rTorrent process to start listening on port 5000...

2021-05-19 14:04:41,176 DEBG 'watchdog-script' stdout output:
[info] rTorrent process listening on port 5000

2021-05-19 14:04:41,176 DEBG 'watchdog-script' stdout output:
[info] Initialising ruTorrent plugins (checking rTorrent is running)...

2021-05-19 14:04:41,180 DEBG 'watchdog-script' stdout output:
[info] rTorrent running
[info] Initialising ruTorrent plugins (checking nginx is running)...

2021-05-19 14:04:41,668 DEBG 'rutorrent-script' stderr output:
[NOTICE] [pool www] 'user' directive is ignored when FPM is not running as root
[NOTICE] [pool www] 'group' directive is ignored when FPM is not running as root

2021-05-19 14:04:41,671 DEBG 'rutorrent-script' stdout output:
[info] starting nginx...

2021-05-19 14:04:41,863 DEBG 'watchdog-script' stdout output:
[info] nginx running
[info] Initialising ruTorrent plugins...

2021-05-19 14:04:42,410 DEBG 'watchdog-script' stdout output:
[info] ruTorrent plugins initialised

 

I've changed some sensitive information, hope all of them (let me know, please) but I can't access the web interface. Docker is up and running, but I can't access the webui.

Edited by mizifih
hid the code
Link to comment
Posted (edited)
On 5/18/2021 at 10:19 AM, binhex said:

so there is a bit of a chicken and egg situation going on here, because PIA endpoint nl-amsterdam.privacy.network is down we are unable to contact PIA servers to create the initial wireguard config file, and because we cant create the file, users can't then change it to another endpoint. so whilst this is not the best solution in the world, i think the easiest way out of this is to reconfigure the default to be something else other than nl-amsterdam.privacy.network, leave it with me and i will take a look tonight.

 

So OpenVPN also appears to be broken? It seems like no matter what the docker can't resolve any endpoints....

Error: error sending query: Could not send or receive, because of network error

2021-05-20 08:29:47,603 DEBG 'start-script' stdout output:
[debug] Having issues resolving name 'ca-montreal.privacy.network', sleeping before retry...

021-05-20 08:35:19,650 DEBG 'start-script' stdout output:
[debug] Having issues resolving name 'ca-ontario.privacy.network', sleeping before retry...

I have about half a dozen endpoints set up in my openVPN config:

 

client
dev tun
proto udp
remote sweden.privacy.network 1198
remote swiss.privacy.network 1198
remote ca-ontario.privacy.network 1198
remote ca-montreal.privacy.network 1198
remote ca-toronto.privacy.network 1198
remote ca-vancouver.privacy.network 1198
remote de-frankfurt.privacy.network 1198
remote ro.privacy.network 1198
resolv-retry infinite
nobind
persist-key
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

 

What's even odder is I have the PIA windows client and it works fine with these endpoints on my network at home. I also have this same docker container on another server (different network) using these exact same OpenVPN settings and they work fine.

Edited by weirdcrap
Link to comment
5 minutes ago, weirdcrap said:

So OpenVPN also appears to be broken? It seems like no matter what the docker can't resolve any endpoints....


Error: error sending query: Could not send or receive, because of network error

2021-05-20 08:29:47,603 DEBG 'start-script' stdout output:
[debug] Having issues resolving name 'ca-montreal.privacy.network', sleeping before retry...

021-05-20 08:35:19,650 DEBG 'start-script' stdout output:
[debug] Having issues resolving name 'ca-ontario.privacy.network', sleeping before retry...

I have about half a dozen endpoints set up in my openVPN config:

 

remote ca-montreal.privacy.network 1198
remote ca-toronto.privacy.network 1198
remote ca-vancouver.privacy.network 1198
remote de-frankfurt.privacy.network 1198
remote ro.privacy.network 1198
remote sweden.privacy.network 1198
remote swiss.privacy.network 1198

 

What's even odder is I have the PIA windows client and it works fine with these endpoints on my network at home. I also have this same docker container on another server (different network) using these exact same OpenVPN settings and they work fine.

yeah i did have a look at your issue and saw nothing wrong with the netherlands endpoint, so there def is a dns issue of some description going on for you. 

 

what have you got defined for NAME_SERVERS?

Link to comment
1 minute ago, binhex said:

yeah i did have a look at your issue and saw nothing wrong with the netherlands endpoint, so there def is a dns issue of some description going on for you. 

 

what have you got defined for NAME_SERVERS?

The defaults that come with the docker:

 

209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1

 

I do have some rules in PFSense to prevent DNS lookups from getting out directly to the internet (I  want everything to go through unbound so it can be checked/filtered). I'm going to try turning those off and see if that fixes it. 

Link to comment
2 minutes ago, weirdcrap said:

I do have some rules in PFSense to prevent DNS lookups from getting out directly to the internet (I  want everything to go through unbound so it can be checked/filtered). I'm going to try turning those off and see if that fixes it. 

this could be it, as much as i have tightened this container to the max it MUST be able to resolve the endpoint on initial run, after that dns is strictly blocked and no lookups are done for security reasons over the LAN.

Link to comment
Posted (edited)
5 minutes ago, binhex said:

this could be it, as much as i have tightened this container to the max it MUST be able to resolve the endpoint on initial run, after that dns is strictly blocked and no lookups are done for security reasons.

Well I disabled the rules and reloaded the firewall and it still won't resolve...

 

Will I be able to test DNS resolution from within the container if the initial resolution fails?

 

EDIT: Ah wait I missed on, it appears to be working now...

 

let me do some more checking

 

image.thumb.png.5b7d383ab0e83567b3c009265c25298a.png

Edited by weirdcrap
Link to comment
Just now, binhex said:

lets make thing simple, change the NAME_SERVERS to this and see what happens:-

 


1.1.1.1,1.0.0.1

 

I think I found the problem, in addition to the LAN rules there was a NAT rule I had forgotten about. So I guess my setup at home breaks the container because it wants to reach the internet directly and it won't let my firewall play middleman in the DNS lookup?

 

It's unfortunate that I have to disable them as I liked the peace of mind knowing that IOT devices and things with hard coded DNS can't just bypass my filtering.

Link to comment
6 minutes ago, weirdcrap said:

So I guess my setup at home breaks the container because it wants to reach the internet directly and it won't let my firewall play middleman in the DNS lookup?

indeed yes, you COULD specify your internal ip for NAME_SERVERS and that would work to resolve the endpoint, HOWEVER once this has been done strict iptables rules are in place which block all dns lookup over LAN, so name resolution would then fail from then on, thus the requirement to use public name servers (or vpn provider name servers).

Link to comment
Posted (edited)
8 minutes ago, binhex said:

indeed yes, you COULD specify your internal ip for NAME_SERVERS and that would work to resolve the endpoint, HOWEVER once this has been done strict iptables rules are in place which block all dns lookup over LAN, so name resolution would then fail from then on, thus the requirement to use public name servers (or vpn provider name servers).

I'm not quite sure I understand the caveat you are stating after the however.


So if I set my router IP in the name server variable it should allow me to use my firewall rules as I had them. The firewall would take in the DNS query, say I don't know where that is and pass it on up to one of the public servers it is setup to reference, then pass that lookup response back to the docker.

 

Shouldn't it not matter that resolution would fail since resolution is blocked after the initial endpoint lookup as part of the IPTable rules anyway? Or am I grossly misunderstanding how this works?

Edited by weirdcrap
Link to comment
2 minutes ago, weirdcrap said:

Shouldn't it not matter that resolution would fail since resolution is blocked after the initial endpoint lookup as part of the IPTable rules anyway? Or am I grossly misunderstanding how this works?

You still need to do name resolution once the VPN is established, otherwise lookups would fail for peers/seeds/trackers etc, so DNS lookups do still work but ONLY for the VPN tunnel, they are actively blocked for everything else LAN side.

Link to comment
Posted (edited)
On 5/20/2021 at 9:17 AM, binhex said:

You still need to do name resolution once the VPN is established, otherwise lookups would fail for peers/seeds/trackers etc, so DNS lookups do still work but ONLY for the VPN tunnel, they are actively blocked for everything else LAN side.

Ah OK. For now I'll leave the rules disabled.

 

When I've got some time I'll play around with PFSense and see if I can modify the rules to exclude VOID from my DNS redirecting.

 

Thanks for your help with this!

EDIT: I was able to make an alias group for my entire subnet excluding my server and set that as the source for all my firewall rules. Now the container can get straight out to the internet while all other devices must go through pfsense.

Edited by weirdcrap
  • Like 1
Link to comment
21 hours ago, mizifih said:
  Reveal hidden contents



2021-05-19 14:04:27.514993 [info] VPN_ENABLED defined as 'yes'
2021-05-19 14:04:27.539842 [info] VPN_CLIENT defined as 'openvpn'
2021-05-19 14:04:27.565913 [info] VPN_PROV defined as 'custom'
2021-05-19 14:04:27.645024 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/miami.ovpn
2021-05-19 14:04:27.772615 [info] VPN remote server(s) defined as 'us4.vyprvpn.com,'
2021-05-19 14:04:27.793943 [info] VPN remote port(s) defined as '443,'
2021-05-19 14:04:27.816807 [info] VPN remote protcol(s) defined as 'udp,'
2021-05-19 14:04:27.842912 [info] VPN_DEVICE_TYPE defined as 'tun0'
2021-05-19 14:04:27.868754 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2021-05-19 14:04:27.893642 [info] LAN_NETWORK defined as '192.168.1.0/24'
2021-05-19 14:04:27.919599 [info] NAME_SERVERS defined as '209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1'
2021-05-19 14:04:27.943817 [info] VPN_USER defined as '#MyVpnUsername#'
2021-05-19 14:04:27.969881 [info] VPN_PASS defined as '#MyVpnPassword#'
2021-05-19 14:04:27.997153 [info] ENABLE_PRIVOXY defined as 'no'
2021-05-19 14:04:28.028164 [info] VPN_INPUT_PORTS not defined (via -e VPN_INPUT_PORTS), skipping allow for custom incoming ports
2021-05-19 14:04:28.053434 [info] VPN_OUTPUT_PORTS not defined (via -e VPN_OUTPUT_PORTS), skipping allow for custom outgoing ports
2021-05-19 14:04:28.079285 [info] ENABLE_AUTODL_IRSSI defined as 'yes'
2021-05-19 14:04:28.104076 [info] ENABLE_RPC2 defined as 'yes'
2021-05-19 14:04:28.129554 [info] ENABLE_RPC2_AUTH defined as 'yes'
2021-05-19 14:04:28.153787 [info] RPC2_USER defined as 'admin'
2021-05-19 14:04:28.178453 [info] RPC2_PASS defined as '#ThePasswordIEntered#'
2021-05-19 14:04:28.202254 [info] ENABLE_WEBUI_AUTH defined as 'yes'
2021-05-19 14:04:28.228800 [info] WEBUI_USER defined as '#TheUsernameIEntered#'
2021-05-19 14:04:28.251292 [info] WEBUI_PASS defined as '#ThePasswordIEntered#'
2021-05-19 14:04:28.301290 [info] Starting Supervisor...
2021-05-19 14:04:30,360 INFO Included extra file "/etc/supervisor/conf.d/rtorrent.conf" during parsing
2021-05-19 14:04:30,360 INFO Set uid to user 0 succeeded
2021-05-19 14:04:30,363 INFO supervisord started with pid 7
2021-05-19 14:04:31,366 INFO spawned: 'logrotate-script' with pid 212
2021-05-19 14:04:31,367 INFO spawned: 'pyrocore-script' with pid 213
2021-05-19 14:04:31,369 INFO spawned: 'rutorrent-script' with pid 214
2021-05-19 14:04:31,370 INFO spawned: 'shutdown-script' with pid 215
2021-05-19 14:04:31,371 INFO spawned: 'start-script' with pid 216
2021-05-19 14:04:31,372 INFO spawned: 'watchdog-script' with pid 217
2021-05-19 14:04:31,373 INFO reaped unknown pid 8 (exit status 0)
2021-05-19 14:04:31,409 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2021-05-19 14:04:31,409 INFO success: logrotate-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,409 INFO success: pyrocore-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: rutorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: shutdown-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,410 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2021-05-19 14:04:31,416 DEBG 'start-script' stdout output:
[warn] Username contains characters which could cause authentication issues, please consider changing this if possible

2021-05-19 14:04:31,430 DEBG 'watchdog-script' stdout output:
[info] rTorrent config file already exists, skipping copy

2021-05-19 14:04:31,478 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.222 to /etc/resolv.conf

2021-05-19 14:04:31,483 DEBG 'start-script' stdout output:
[info] Adding 84.200.69.80 to /etc/resolv.conf

2021-05-19 14:04:31,487 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.174 to /etc/resolv.conf

2021-05-19 14:04:31,490 DEBG 'start-script' stdout output:
[info] Adding 1.1.1.1 to /etc/resolv.conf

2021-05-19 14:04:31,494 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.218 to /etc/resolv.conf

2021-05-19 14:04:31,498 DEBG 'start-script' stdout output:
[info] Adding 37.235.1.177 to /etc/resolv.conf

2021-05-19 14:04:31,504 DEBG 'start-script' stdout output:
[info] Adding 84.200.70.40 to /etc/resolv.conf

2021-05-19 14:04:31,508 DEBG 'start-script' stdout output:
[info] Adding 1.0.0.1 to /etc/resolv.conf

2021-05-19 14:04:32,259 DEBG 'start-script' stdout output:
[info] Default route for container is 192.168.1.1

2021-05-19 14:04:32,312 DEBG 'start-script' stdout output:
[info] Docker network defined as 192.168.1.0/24

2021-05-19 14:04:32,315 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2021-05-19 14:04:32,317 DEBG 'start-script' stderr output:
RTNETLINK answers: File exists

2021-05-19 14:04:32,317 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2021-05-19 14:04:32,318 DEBG 'start-script' stdout output:
default via 192.168.1.1 dev eth0
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.118

2021-05-19 14:04:32,318 DEBG 'start-script' stdout output:
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.1.0 dev eth0 table local proto kernel scope link src 192.168.1.118
local 192.168.1.118 dev eth0 table local proto kernel scope host src 192.168.1.118
broadcast 192.168.1.255 dev eth0 table local proto kernel scope link src 192.168.1.118
--------------------

2021-05-19 14:04:32,322 DEBG 'start-script' stdout output:
iptable_mangle 16384 1
ip_tables 28672 3 iptable_filter,iptable_nat,iptable_mangle
x_tables 28672 14 ip6table_filter,xt_conntrack,iptable_filter,xt_tcpudp,xt_addrtype,xt_CHECKSUM,xt_nat,ip6_tables,ipt_REJECT,ip_tables,ip6table_mangle,xt_MASQUERADE,iptable_mangle,xt_mark

2021-05-19 14:04:32,322 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2021-05-19 14:04:32,639 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2021-05-19 14:04:32,640 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A INPUT -s 209.99.109.18/32 -i eth0 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 9443 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A OUTPUT -d 209.99.109.18/32 -o eth0 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --sport 9443 -j ACCEPT
-A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 5000 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT

2021-05-19 14:04:32,641 DEBG 'start-script' stdout output:
--------------------

2021-05-19 14:04:32,642 DEBG 'start-script' stdout output:
[info] Starting OpenVPN (non daemonised)...

2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.


2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.


2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 WARNING: file 'credentials.conf' is group or others accessible

2021-05-19 14:04:33 OpenVPN 2.5.1 [git:makepkg/f186691b32e68362+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 24 2021
2021-05-19 14:04:33 library versions: OpenSSL 1.1.1j 16 Feb 2021, LZO 2.10

2021-05-19 14:04:33,439 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2021-05-19 14:04:33,440 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 TCP/UDP: Preserving recently used remote address: [AF_INET]209.99.109.18:443

2021-05-19 14:04:33,441 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 Socket Buffers: R=[212992->212992] S=[212992->212992]
2021-05-19 14:04:33 UDP link local: (not bound)
2021-05-19 14:04:33 UDP link remote: [AF_INET]209.99.109.18:443

2021-05-19 14:04:33,637 DEBG 'start-script' stdout output:
2021-05-19 14:04:33 TLS: Initial packet from [AF_INET]209.99.109.18:443, sid=ca4ba653 d8017f52

2021-05-19 14:04:34,059 DEBG 'start-script' stdout output:
2021-05-19 14:04:34 VERIFY OK: depth=2, C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=Golden Frog GmbH Root CA, emailAddress=#VpnAdminEmailAddress#

2021-05-19 14:04:34,059 DEBG 'start-script' stdout output:
2021-05-19 14:04:34 VERIFY OK: depth=1, C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=VyprVPN Intermediate CA, emailAddress=#VpnAdminEmailAddress#

2021-05-19 14:04:34,060 DEBG 'start-script' stdout output:
2021-05-19 14:04:34 VERIFY X509NAME OK: C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=us4.vyprvpn.com, emailAddress=#VpnAdminEmailAddress#
2021-05-19 14:04:34 VERIFY OK: depth=0, C=CH, ST=Lucerne, L=Meggen, O=Golden Frog GmbH, CN=us4.vyprvpn.com, emailAddress=#VpnAdminEmailAddress#

2021-05-19 14:04:34,071 DEBG fd 11 closed, stopped monitoring <POutputDispatcher at 22615389544160 for <Subprocess at 22615389543488 with name pyrocore-script in state RUNNING> (stdout)>
2021-05-19 14:04:34,071 DEBG fd 15 closed, stopped monitoring <POutputDispatcher at 22615389039008 for <Subprocess at 22615389543488 with name pyrocore-script in state RUNNING> (stderr)>
2021-05-19 14:04:34,071 INFO exited: pyrocore-script (exit status 0; expected)
2021-05-19 14:04:34,071 DEBG received SIGCHLD indicating a child quit
2021-05-19 14:04:35,364 DEBG 'start-script' stdout output:
2021-05-19 14:04:35 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
2021-05-19 14:04:35 [us4.vyprvpn.com] Peer Connection Initiated with [AF_INET]209.99.109.18:443

2021-05-19 14:04:36,549 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 SENT CONTROL [us4.vyprvpn.com]: 'PUSH_REQUEST' (status=1)

2021-05-19 14:04:36,742 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.2.22.1,explicit-exit-notify 5,rcvbuf 524288,route-gateway 10.2.22.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.2.22.184 255.255.255.0,peer-id 2,cipher AES-256-GCM'

2021-05-19 14:04:36,743 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 OPTIONS IMPORT: timers and/or timeouts modified
2021-05-19 14:04:36 OPTIONS IMPORT: explicit notify parm(s) modified
2021-05-19 14:04:36 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2021-05-19 14:04:36 Socket Buffers: R=[212992->1048576] S=[212992->212992]
2021-05-19 14:04:36 OPTIONS IMPORT: --ifconfig/up options modified
2021-05-19 14:04:36 OPTIONS IMPORT: route options modified
2021-05-19 14:04:36 OPTIONS IMPORT: route-related options modified
2021-05-19 14:04:36 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2021-05-19 14:04:36 OPTIONS IMPORT: peer-id set
2021-05-19 14:04:36 OPTIONS IMPORT: adjusting link_mtu to 1625
2021-05-19 14:04:36 OPTIONS IMPORT: data channel crypto options modified
2021-05-19 14:04:36 Data Channel: using negotiated cipher 'AES-256-GCM'
2021-05-19 14:04:36 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-05-19 14:04:36 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-05-19 14:04:36 net_route_v4_best_gw query: dst 0.0.0.0
2021-05-19 14:04:36 net_route_v4_best_gw result: via 192.168.1.1 dev eth0
2021-05-19 14:04:36 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=02:42:c0:a8:01:76
2021-05-19 14:04:36 TUN/TAP device tun0 opened

2021-05-19 14:04:36,743 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 net_iface_mtu_set: mtu 1500 for tun0
2021-05-19 14:04:36 net_iface_up: set tun0 up
2021-05-19 14:04:36 net_addr_v4_add: 10.2.22.184/24 dev tun0
2021-05-19 14:04:36 /root/openvpnup.sh tun0 1500 1553 10.2.22.184 255.255.255.0 init

2021-05-19 14:04:36,746 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 net_route_v4_add: 209.99.109.18/32 via 192.168.1.1 dev [NULL] table 0 metric -1

2021-05-19 14:04:36,746 DEBG 'start-script' stdout output:
2021-05-19 14:04:36 net_route_v4_add: 0.0.0.0/1 via 10.2.22.1 dev [NULL] table 0 metric -1
2021-05-19 14:04:36 net_route_v4_add: 128.0.0.0/1 via 10.2.22.1 dev [NULL] table 0 metric -1
2021-05-19 14:04:36 Initialization Sequence Completed

2021-05-19 14:04:38,980 DEBG 'start-script' stdout output:
[info] Attempting to get external IP using 'http://checkip.amazonaws.com'...

2021-05-19 14:04:39,902 DEBG 'start-script' stdout output:
[info] Successfully retrieved external IP address #ExternalVpnIpAddress#

2021-05-19 14:04:39,903 DEBG 'start-script' stdout output:
[info] Application does not require port forwarding or VPN provider is != pia, skipping incoming port assignment

2021-05-19 14:04:40,004 DEBG 'watchdog-script' stdout output:
[info] rTorrent listening interface IP 0.0.0.0 and VPN provider IP 10.2.22.184 different, marking for reconfigure

2021-05-19 14:04:40,025 DEBG 'watchdog-script' stdout output:
[info] irssi not running

2021-05-19 14:04:40,029 DEBG 'watchdog-script' stdout output:
[info] rTorrent not running

2021-05-19 14:04:40,032 DEBG 'watchdog-script' stdout output:
[info] Attempting to start irssi...

2021-05-19 14:04:40,044 DEBG 'watchdog-script' stdout output:
Script started, output log file is '/home/nobody/typescript'.

2021-05-19 14:04:40,124 DEBG 'watchdog-script' stdout output:
Script done.

2021-05-19 14:04:40,124 DEBG 'watchdog-script' stdout output:
[info] irssi process started, updating trackers...

2021-05-19 14:04:40,127 DEBG 'watchdog-script' stdout output:
[info] irssi trackers updated

2021-05-19 14:04:40,138 DEBG 'watchdog-script' stdout output:
[info] Removing any rTorrent session lock files left over from the previous run...

2021-05-19 14:04:40,139 DEBG 'watchdog-script' stdout output:
[info] Attempting to start rTorrent...

2021-05-19 14:04:40,140 DEBG 'watchdog-script' stdout output:
Script started, output log file is '/home/nobody/typescript'.

2021-05-19 14:04:40,158 DEBG 'watchdog-script' stdout output:
Script done.

2021-05-19 14:04:40,546 DEBG 'rutorrent-script' stdout output:
[info] rtorrent started, setting up rutorrent...

2021-05-19 14:04:40,546 DEBG 'rutorrent-script' stdout output:
[info] nginx cert files already exists, skipping copy
[info] nginx config file already exists, skipping copy

2021-05-19 14:04:40,568 DEBG 'rutorrent-script' stdout output:
[info] php.ini file already exists, skipping copy

2021-05-19 14:04:40,570 DEBG 'rutorrent-script' stdout output:
[info] rutorrent conf folder already exists, skipping copy

2021-05-19 14:04:40,574 DEBG 'rutorrent-script' stdout output:
"python" => '/usr/bin/python', // Something like /usr/bin/python. If empty, will be found in PATH.

2021-05-19 14:04:40,632 DEBG 'rutorrent-script' stdout output:
[info] Setting PHP timezone to UTC...

2021-05-19 14:04:40,640 DEBG 'rutorrent-script' stdout output:
[info] running rsync to copy rutorrent user plugins to the plugins folder inside the container...

2021-05-19 14:04:40,723 DEBG 'rutorrent-script' stdout output:
[info] rutorrent share folder already exists, skipping copy

2021-05-19 14:04:40,724 DEBG 'rutorrent-script' stdout output:
[info] nginx /rpc2 location enabled

2021-05-19 14:04:40,732 DEBG 'rutorrent-script' stdout output:
[info] Updating password for rpc2 account 'admin'...

2021-05-19 14:04:41,105 DEBG 'rutorrent-script' stderr output:


2021-05-19 14:04:41,105 DEBG 'rutorrent-script' stderr output:
password for user admin

2021-05-19 14:04:41,112 DEBG 'rutorrent-script' stdout output:
[info] Updating password for web ui account '#TheUsernameIEntered#'...

2021-05-19 14:04:41,113 DEBG 'rutorrent-script' stderr output:


2021-05-19 14:04:41,114 DEBG 'rutorrent-script' stderr output:
password for user #TheUsernameIEntered#

2021-05-19 14:04:41,114 DEBG 'rutorrent-script' stdout output:
[info] starting php-fpm...

2021-05-19 14:04:41,171 DEBG 'watchdog-script' stdout output:
[info] rTorrent process started
[info] Waiting for rTorrent process to start listening on port 5000...

2021-05-19 14:04:41,176 DEBG 'watchdog-script' stdout output:
[info] rTorrent process listening on port 5000

2021-05-19 14:04:41,176 DEBG 'watchdog-script' stdout output:
[info] Initialising ruTorrent plugins (checking rTorrent is running)...

2021-05-19 14:04:41,180 DEBG 'watchdog-script' stdout output:
[info] rTorrent running
[info] Initialising ruTorrent plugins (checking nginx is running)...

2021-05-19 14:04:41,668 DEBG 'rutorrent-script' stderr output:
[NOTICE] [pool www] 'user' directive is ignored when FPM is not running as root
[NOTICE] [pool www] 'group' directive is ignored when FPM is not running as root

2021-05-19 14:04:41,671 DEBG 'rutorrent-script' stdout output:
[info] starting nginx...

2021-05-19 14:04:41,863 DEBG 'watchdog-script' stdout output:
[info] nginx running
[info] Initialising ruTorrent plugins...

2021-05-19 14:04:42,410 DEBG 'watchdog-script' stdout output:
[info] ruTorrent plugins initialised

 

I've changed some sensitive information, hope all of them (let me know, please) but I can't access the web interface. Docker is up and running, but I can't access the webui.

To all the intelligent and savvy people here: please help!?

 

Hid the log in this previous post. I don't know, looks like it's up and running alright, but I can't access the webui :(

Link to comment
16 minutes ago, mizifih said:

I actually fixed the IP to 192.168.1.118. I didn't touch the NAME_SERVERS option.

you cannot fix the ip to the same range as your lan, either change this to be a different subnet to your lan or switch it back to default bridge.

  • Thanks 1
Link to comment
Posted (edited)
20 minutes ago, binhex said:

you cannot fix the ip to the same range as your lan, either change this to be a different subnet to your lan

Thank you! It worked in bridge mode, so the fixed IP was the problem indeed.

 

There's an alert in the status bar saying "6881: Port is closed".

 

Now.... Can you point me to a direction where I can find info on how to set it to a different subnet? Or all I have to do is create a subnet in unRAID and set it to any IP withing that subnet range? Do I need to add anything to my router? My unRAID server is connected to two networks, can that be a problem?

Edited by mizifih
6881: Port is closed
Link to comment
1 hour ago, cinereus said:

FixProblems says "Suggested to either utilize the binhex rutorrent app or the crazymax/rtorrent-rutorrent app". Neither show up when searching for "rutorrent". How do I find and install these?

You need to search for "rtorrent" or "binhex" as that's part of the application name. rutorrent is the web frontend.

image.png.f0a5ede54bc2639700bec6e5aaefa8fb.png

Link to comment
1 hour ago, weirdcrap said:

You need to search for "rtorrent" or "binhex" as that's part of the application name. rutorrent is the web frontend.

image.png.f0a5ede54bc2639700bec6e5aaefa8fb.png

Thanks. it specifically said rutorrent so that's what I tried.

 

Is there an easy way to import in my torrents to this binhex docker?

Link to comment
Posted (edited)
38 minutes ago, cinereus said:

Nope just searched again and no versions with rutorrent are showing up if you search "rtorrent".

It doesn't show, but binhax has rutorrent, autodl, rss and whatnot.

Edited by mizifih
Typo
Link to comment

 

2 hours ago, cinereus said:

Nope just searched again and no versions with rutorrent are showing up if you search "rtorrent".

are you running an up to date version of UnRAID?

 

It shows up for me on both of my servers:

image.thumb.png.c46c6ea21aee0ff46cbb534a8b356075.png

Link to comment
2 hours ago, weirdcrap said:

 

are you running an up to date version of UnRAID?

 

It shows up for me on both of my servers:

image.thumb.png.c46c6ea21aee0ff46cbb534a8b356075.png

That doesn't mention anything to do with rutorrent? And the crazymax one also isn't showing.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.