[Support] binhex - rTorrentVPN


Recommended Posts

Noticed some issues when I restarted my docker, log shows it was unable to curl the PIA server list as the first fail, otherwises sits in a loop. 

 

thoughts?  

 

2020-10-19 19:43:59.180700 [info] System information Linux f108de28b7a0 5.8.13-Unraid #1 SMP Wed Oct 7 01:03:59 CDT 2020 x86_64 GNU/Linux
2020-10-19 19:43:59.209830 [info] OS_ARCH defined as 'x86-64'
2020-10-19 19:43:59.239983 [info] PUID defined as '99'
2020-10-19 19:43:59.275972 [info] PGID defined as '100'
2020-10-19 19:43:59.324722 [info] UMASK defined as '000'
2020-10-19 19:43:59.354076 [info] Permissions already set for volume mappings
2020-10-19 19:43:59.383596 [info] Deleting files in /tmp (non recursive)...
2020-10-19 19:43:59.418391 [info] VPN_ENABLED defined as 'yes'
2020-10-19 19:43:59.451083 [warn] VPN_CLIENT not defined (via -e VPN_CLIENT), defaulting to 'openvpn'
2020-10-19 19:43:59.481398 [info] VPN_PROV defined as 'pia'
2020-10-19 19:45:18.691599 [warn] PIA VPN server info JSON cannot be downloaded from URL 'https://serverlist.piaservers.net/vpninfo/servers/v4' exit code from curl is '1'
2020-10-19 19:45:18.724749 [info] OpenVPN config file (ovpn extension) is located at /config/openvpn/CA Ontario.ovpn
2020-10-19 19:45:18.785739 [info] VPN remote server(s) defined as 'ca-ontario.privateinternetaccess.com,'
2020-10-19 19:45:18.809211 [info] VPN remote port(s) defined as '1198,'
2020-10-19 19:45:18.832702 [info] VPN remote protcol(s) defined as 'udp,'
2020-10-19 19:45:18.863195 [info] VPN_DEVICE_TYPE defined as 'tun0'
2020-10-19 19:45:18.891742 [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)
2020-10-19 19:45:18.922066 [info] LAN_NETWORK defined as '192.168.1.0/24'
2020-10-19 19:45:18.950525 [info] NAME_SERVERS defined as '209.222.18.222,209.222.18.218'
2020-10-19 19:45:18.979009 [info] VPN_USER defined as 'pXXXXXXXX'
2020-10-19 19:45:19.007621 [info] VPN_PASS defined as 'XXXXXXXXX'
2020-10-19 19:45:19.038522 [info] STRICT_PORT_FORWARD defined as 'yes'
2020-10-19 19:45:19.067998 [info] ENABLE_PRIVOXY defined as 'yes'
2020-10-19 19:45:19.097357 [info] ADDITIONAL_PORTS not defined (via -e ADDITIONAL_PORTS), skipping allow for custom incoming ports
2020-10-19 19:45:19.127136 [info] ENABLE_AUTODL_IRSSI defined as 'no'
2020-10-19 19:45:19.155728 [info] ENABLE_RPC2 defined as 'yes'
2020-10-19 19:45:19.185254 [info] ENABLE_RPC2_AUTH defined as 'yes'
2020-10-19 19:45:19.212703 [info] RPC2_USER defined as 'admin'
2020-10-19 19:45:19.240507 [info] RPC2_PASS defined as 'XXXXXXXX'
2020-10-19 19:45:19.272897 [info] ENABLE_WEBUI_AUTH defined as 'yes'
2020-10-19 19:45:19.303551 [info] WEBUI_USER defined as 'admin'
2020-10-19 19:45:19.333847 [info] WEBUI_PASS defined as 'XXXXXXXX'
2020-10-19 19:45:19.362149 [info] Starting Supervisor...
2020-10-19 19:45:19,505 INFO Included extra file "/etc/supervisor/conf.d/rtorrent.conf" during parsing
2020-10-19 19:45:19,505 INFO Set uid to user 0 succeeded
2020-10-19 19:45:19,507 INFO supervisord started with pid 6
2020-10-19 19:45:20,510 INFO spawned: 'logrotate-script' with pid 204
2020-10-19 19:45:20,512 INFO spawned: 'pyrocore-script' with pid 205
2020-10-19 19:45:20,513 INFO spawned: 'rutorrent-script' with pid 206
2020-10-19 19:45:20,514 INFO spawned: 'start-script' with pid 207
2020-10-19 19:45:20,515 INFO spawned: 'watchdog-script' with pid 208
2020-10-19 19:45:20,516 INFO reaped unknown pid 7 (exit status 0)
2020-10-19 19:45:20,522 DEBG 'watchdog-script' stdout output:
[info] rTorrent config file already exists, skipping copy

2020-10-19 19:45:20,522 INFO success: logrotate-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2020-10-19 19:45:20,522 INFO success: pyrocore-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2020-10-19 19:45:20,522 INFO success: rutorrent-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2020-10-19 19:45:20,522 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2020-10-19 19:45:20,522 INFO success: watchdog-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2020-10-19 19:45:20,522 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN

2020-10-19 19:45:20,561 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.222 to /etc/resolv.conf

2020-10-19 19:45:20,564 DEBG 'start-script' stdout output:
[info] Adding 209.222.18.218 to /etc/resolv.conf

2020-10-19 19:45:20,608 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1

2020-10-19 19:45:20,622 DEBG 'start-script' stdout output:
[info] Docker network defined as 172.17.0.0/16

2020-10-19 19:45:20,626 DEBG 'start-script' stdout output:
[info] Adding 192.168.1.0/24 as route via docker eth0

2020-10-19 19:45:20,627 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------

2020-10-19 19:45:20,627 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.4
192.168.1.0/24 via 172.17.0.1 dev eth0

2020-10-19 19:45:20,628 DEBG 'start-script' stdout output:
--------------------

2020-10-19 19:45:20,630 DEBG 'start-script' stdout output:
iptable_mangle 16384 2
ip_tables 28672 6 iptable_filter,iptable_raw,iptable_nat,iptable_mangle

2020-10-19 19:45:20,630 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables

2020-10-19 19:45:20,672 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------

2020-10-19 19:45:20,674 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT DROP
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 172.17.0.0/16 -i eth0 -p tcp -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9080 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 9443 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 9443 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 5000 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 192.168.1.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT

2020-10-19 19:45:20,674 DEBG 'start-script' stdout output:
--------------------

2020-10-19 19:45:20,675 DEBG 'start-script' stdout output:
[info] Starting OpenVPN (non daemonised)...

2020-10-19 19:45:20,680 DEBG 'start-script' stdout output:
Mon Oct 19 19:45:20 2020 WARNING: file 'credentials.conf' is group or others accessible

Mon Oct 19 19:45:20 2020 OpenVPN 2.4.9 [git:makepkg/9b0dafca6c50b8bb+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Mon Oct 19 19:45:20 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

2020-10-19 19:45:20,680 DEBG 'start-script' stdout output:
Mon Oct 19 19:45:20 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts

2020-10-19 19:45:20,681 DEBG 'start-script' stdout output:
Mon Oct 19 19:45:20 2020 CRL: loaded 1 CRLs from file [[INLINE]]

2020-10-19 19:45:20,682 DEBG 'start-script' stdout output:
Mon Oct 19 19:45:20 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]184.75.208.114:1198
Mon Oct 19 19:45:20 2020 UDP link local: (not bound)
Mon Oct 19 19:45:20 2020 UDP link remote: [AF_INET]184.75.208.114:1198

2020-10-19 19:45:20,685 DEBG fd 11 closed, stopped monitoring <POutputDispatcher at 23449394272768 for <Subprocess at 23449394272096 with name pyrocore-script in state RUNNING> (stdout)>
2020-10-19 19:45:20,685 DEBG fd 15 closed, stopped monitoring <POutputDispatcher at 23449394365344 for <Subprocess at 23449394272096 with name pyrocore-script in state RUNNING> (stderr)>
2020-10-19 19:45:20,685 INFO exited: pyrocore-script (exit status 0; expected)
2020-10-19 19:45:20,685 DEBG received SIGCHLD indicating a child quit
2020-10-19 19:46:20,714 DEBG 'start-script' stdout output:
Mon Oct 19 19:46:20 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting

2020-10-19 19:46:20,714 DEBG 'start-script' stdout output:
Mon Oct 19 19:46:20 2020 SIGHUP[soft,ping-restart] received, process restarting
Mon Oct 19 19:46:20 2020 WARNING: file 'credentials.conf' is group or others accessible

 

Edited by dewlite
Link to comment

Having an issue where I can internally on my local network access rutorrent, but my external network I cannot access rutorrent anymore via the DNS I had setup.

 

The issue started happening once I upgraded my config to use wireguard. The wireguard works for rutorrent perfectly and can be accessed like I said via LAN clients. But it broke the ability to access the docker container remotely.

 

I tried rolling back the config to use the old openvpn config, and it works again fine, but the second I go to use the new wireguard config, it breaks the external networks ability to access. Even when accessing via the external DNS method on a local machine on the network, it does not work, but the second i revert the config back to openvpn config, it works.

 

The only change really in the docker config I see is the addition of:

--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
    --privileged=true \

 

and removal of:

--cap-add=NET_ADMIN \

 

could it be the iptables that the container uses needs updating? Does the valid_mark sysctl rule cause external source requests to drop?

 

thoughts?

 

full config:

docker run -d \
    --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
    --privileged=true \
    -p 8118:8118 \
    -p 9443:9443 \
    --name=torrentvpn \
    -v /docker/torrentvpn/data:/data \
    -v /docker/torrentvpn/config:/config \
    -v /mnt/pool:/pool \
    -v /etc/localtime:/etc/localtime:ro \
    -e VPN_ENABLED=yes \
    -e VPN_USER= \
    -e VPN_PASS= \
    -e VPN_PROV=pia \
    -e VPN_CLIENT=wireguard \
    -e STRICT_PORT_FORWARD=yes \
    -e ENABLE_PRIVOXY=yes \
    -e ENABLE_AUTODL_IRSSI=yes \
    -e ENABLE_RPC2=yes \
    -e ENABLE_RPC2_AUTH=yes \
    -e ENABLE_WEBUI_AUTH=yes \
    -e RPC2_USER= \
    -e RPC2_PASS= \
    -e WEBUI_USER= \
    -e WEBUI_PASS= \
    -e LAN_NETWORK=192.168.0.0/24 \
    -e NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1 \
    -e DEBUG=false \
    -e PHP_TZ=UTC \
    -e UMASK=000 \
    -e PUID=0 \
    -e PGID=0 \
    binhex/arch-rtorrentvpn

 

Edited by phi0x
Link to comment

Hi,

 

Ive tried searching for where tracker files for autodl-irssi  are located in the appdata dir, but unable to locate it.

 

Can someone point me in the right direction

 

Solution found:

 

Go into Console of docker

 

Edited by SDEN
  • Like 1
Link to comment

I am trying to use rtorrentvpn with a custom openvpn server and I can get the container running and connecting to torrents, but then after about a minute it disconnects from all peers/trackers, waits about a minute again before reconnecting.  I'm not seeing anything about errors in the logs, but I AM seeing that it's trying to "get external IP with name server 'ns1.google.com'" even though I have NAME_SERVERS set to 1.1.1.1,1.0.0.1 which seems weird to me?  I have "dhcp-option DNS 1.1.1.1" for my openvpn config as well, so I'm not sure where something is deciding to use google nameservers?

 

The only other suspicious thing I'm seeing is "[server] Inactivity timeout (--ping-restart), restarting" but I'm not sure what kind of timeout that is or what to do about it?  The openvpn server and config file work fine with other containers using a different torrent client.

Link to comment
On 10/26/2020 at 6:59 AM, learningunraid said:

Hello, I am trying to install Binhex-rTorrentVPN. But, I am not able to run it.

 

Error from Log:

crtoj9X.png

 

Docker:

Bv6CWzt.png

 

I use unassigned drive - SSD for the app-data. Please help me. Thanks.

 

Have you set an RPC2_PASS variable?  If you're using RPC2_AUTH you need to set a password for it

Link to comment

Everything for me seems to work A-OK, except this error as the docker launches, which doesn't seem to affect the launch of rtorrent, rutorrent, openvpn, or privoxy:

 

rtorrent    | 2020-10-25 16:48:05,276 DEBG fd 11 closed, stopped monitoring <POutputDispatcher at 139659360098528 for <Subprocess at 139659360097856 with name pyrocore-script in state RUNNING> (stdout)>
rtorrent    | 2020-10-25 16:48:05,276 DEBG fd 15 closed, stopped monitoring <POutputDispatcher at 139659360219776 for <Subprocess at 139659360097856 with name pyrocore-script in state RUNNING> (stderr)>
rtorrent    | 2020-10-25 16:48:05,277 INFO exited: pyrocore-script (exit status 0; expected)
rtorrent    | 2020-10-25 16:48:05,277 DEBG received SIGCHLD indicating a child quit
rtorrent    | 2020-10-25 16:48:05,311 DEBG 'start-script' stdout output:
rtorrent    | [info] Default route for container is 172.20.0.1

 

Is there anywhere I should start at trying to figure it out?

 

FYI, in case anyone was wondering, the docker-compose code:

services:
  rtorrent:
    image: binhex/arch-rtorrentvpn
    container_name: rtorrent
    volumes:
      - /mnt/citadel-library:/data
      - /container-data/rtorrent:/config
    environment:
      - PUID=99
      - PGID=100
      - TZ=America/Chicago
      - VPN_ENABLED=yes
      - VPN_USER=xxxxxxxx
      - VPN_PASS=YYYYYYYYYYYYY
      - VPN_PROV=pia
      - VPN_CLIENT=openvpn
      - STRICT_PORT_FORWARD=no
      - ENABLE_PRIVOXY=yes
      - ENABLE_AUTODL_IRSSI=yes
      - ENABLE_RPC2=yes
      - ENABLE_RPC2_AUTH=yes
      - ENABLE_WEBUI_AUTH=yes
      - RPC2_USER=admin
      - RPC2_PASS=xYxYxYxYxYxY
      - WEBUI_USER=admin
      - WEBUI_PASS=xYxYxYxYxYxY
      - LAN_NETWORK=192.168.1.0/24
      - DEBUG=false
      - PHP_TZ=UTC
      - UMASK=000
    cap_add:
      - NET_ADMIN
    ports:
      - "9080:9080"
      - "9443:9443"
      - "8118:8118"
    restart: unless-stopped

 

Edited by mooky
adding docker-compose.yaml
Link to comment

My entire rTorrent has stopped working for some reason whilst downloading a large 1.6TB torrent.

 

My first drive filled up and most of my docker images crash when that happens. So I turned off all containers and moved files to the next drive.

Figured there would be no problems so I restarted the container.

 

Now I get this in the log.

 

2020-10-30 06:23:05,894 DEBG 'rutorrent-script' stderr output:
[NOTICE] [pool www] 'user' directive is ignored when FPM is not running as root
[NOTICE] [pool www] 'group' directive is ignored when FPM is not running as root

2020-10-30 06:23:05,903 DEBG 'rutorrent-script' stdout output:
[info] starting nginx...

2020-10-30 06:23:16,542 DEBG 'watchdog-script' stdout output:
[warn] Wait for rTorrent process to start aborted, too many retries

2020-10-30 06:23:16,543 DEBG 'watchdog-script' stdout output:
[warn] Failed to start rTorrent, skipping initialisation of ruTorrent Plugins...

2020-10-30 06:33:23,916 DEBG 'watchdog-script' stdout output:
[info] rTorrent listening interface IP 0.0.0.0 and VPN provider IP 10.14.0.3 different, marking for reconfigure

2020-10-30 06:33:24,772 DEBG 'watchdog-script' stdout output:
0

2020-10-30 06:33:25,099 DEBG 'watchdog-script' stderr output:
INFO: Bad data packets written to '/tmp/xmlrpc2scgi-99.xml'

2020-10-30 06:33:25,100 DEBG 'watchdog-script' stdout output:
ERROR While calling network.local_address.set('', '216.239.32.10\n216.239.34.10\n216.239.36.10\n216.239.38.10'): <Fault -503: 'Could not set local address: Name or service not known.'>

I've even rebooted my server. It was running for 415 days without issues and I must have updated this container maybe 3 or 4 times during that time because I like to update only after a good period of time.

Edited by plantsandbinary
Link to comment
On 10/22/2020 at 3:22 PM, phi0x said:

Having an issue where I can internally on my local network access rutorrent, but my external network I cannot access rutorrent anymore via the DNS I had setup.

 

The issue started happening once I upgraded my config to use wireguard. The wireguard works for rutorrent perfectly and can be accessed like I said via LAN clients. But it broke the ability to access the docker container remotely.

 

I tried rolling back the config to use the old openvpn config, and it works again fine, but the second I go to use the new wireguard config, it breaks the external networks ability to access. Even when accessing via the external DNS method on a local machine on the network, it does not work, but the second i revert the config back to openvpn config, it works.

 

The only change really in the docker config I see is the addition of:

--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
    --privileged=true \

 

and removal of:

--cap-add=NET_ADMIN \

 

could it be the iptables that the container uses needs updating? Does the valid_mark sysctl rule cause external source requests to drop?

 

thoughts?

 

full config:


docker run -d \
    --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
    --privileged=true \
    -p 8118:8118 \
    -p 9443:9443 \
    --name=torrentvpn \
    -v /docker/torrentvpn/data:/data \
    -v /docker/torrentvpn/config:/config \
    -v /mnt/pool:/pool \
    -v /etc/localtime:/etc/localtime:ro \
    -e VPN_ENABLED=yes \
    -e VPN_USER= \
    -e VPN_PASS= \
    -e VPN_PROV=pia \
    -e VPN_CLIENT=wireguard \
    -e STRICT_PORT_FORWARD=yes \
    -e ENABLE_PRIVOXY=yes \
    -e ENABLE_AUTODL_IRSSI=yes \
    -e ENABLE_RPC2=yes \
    -e ENABLE_RPC2_AUTH=yes \
    -e ENABLE_WEBUI_AUTH=yes \
    -e RPC2_USER= \
    -e RPC2_PASS= \
    -e WEBUI_USER= \
    -e WEBUI_PASS= \
    -e LAN_NETWORK=192.168.0.0/24 \
    -e NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1 \
    -e DEBUG=false \
    -e PHP_TZ=UTC \
    -e UMASK=000 \
    -e PUID=0 \
    -e PGID=0 \
    binhex/arch-rtorrentvpn

 

Anyone else having this issue with wireguard enabled?

Link to comment
On 10/2/2020 at 8:56 PM, Cat_Seeder said:

No comments about security, but it's certainly fast, and so far it has been stable. Thanks @binhex, sending another beer your way.

By the way, did the autodl-rssi + recent version of php issue got sorted?

Kind regards,

Apparently not... amazing.. why does this container even include the damn thing if it causes rutorrent stop functioning suddenly?

Link to comment

I received the message in the log to switch to PIA's next-gen network:

VPN configuration file '/config/openvpn/openvpn.ovpn' 'remote' line is referencing PIA legacy network which is now shutdown, see Q19. from the following link on how to switch to PIA 'next-gen':- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md exiting script...

I downloaded the next-gen ovpn config file from the link in the FAQ. I used the same credentials.conf as my previous settings but replaced everything else. This my ovpn file:

client
dev tun
proto udp
remote de-berlin.privacy.network 1198
resolv-retry infinite
nobind
persist-key
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt

disable-occ

For some reasons, I am unable to connect and I keep getting AUTH_FAILED error in a loop which freezes the Unraid webui.

DEBG 'start-script' stdout output:
AUTH: Received control message: AUTH_FAILED

DEBG 'start-script' stdout output:
SIGTERM[soft,auth-failure] received, process exiting

Has anyone encountered this problem?

Edited by Katherine
Link to comment

If your log file ends with:

/config/nginx/security/rpc2_pass: No such file or directory

 

The fix is to create a Variable using + Add another Path, Port, Variable, Label or Device

 

Key: RPC2_PASS Value: (your password)

 

And make sure you fill in a password for K 16: Container Variable: WEBUI_PASS

Edited by RichardU
Link to comment
On 11/3/2020 at 12:26 PM, Katherine said:

I received the message in the log to switch to PIA's next-gen network:


VPN configuration file '/config/openvpn/openvpn.ovpn' 'remote' line is referencing PIA legacy network which is now shutdown, see Q19. from the following link on how to switch to PIA 'next-gen':- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md exiting script...

I downloaded the next-gen ovpn config file from the link in the FAQ. I used the same credentials.conf as my previous settings but replaced everything else. This my ovpn file:


client
dev tun
proto udp
remote de-berlin.privacy.network 1198
resolv-retry infinite
nobind
persist-key
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt

disable-occ

For some reasons, I am unable to connect and I keep getting AUTH_FAILED error in a loop which freezes the Unraid webui.


DEBG 'start-script' stdout output:
AUTH: Received control message: AUTH_FAILED

DEBG 'start-script' stdout output:
SIGTERM[soft,auth-failure] received, process exiting

Has anyone encountered this problem?

I've been having this problem for what feels like weeks now. No matter what I do I cannot get it to auth. But when I went back to the old-gen network, everything worked fine. Here's what I've tried:

  • downloaded many versions of the NextGen.zip with all the ovpn files in it
  • tried many different .ovpn files in the .zip
  • generating a new password from the PIA site and updating the docker parameters
  • modding the .ovpn to remove the built in CA and CRL and use the files
  • modding the .ovpn file to specifically include "credentials.conf" nest to "auth-user-pass"
  • deleted the perms.txt file and restarted
  • completely cleared out the containers' volume on the drive and started again

I could really use some advice on what I'm doing wrong. Why is the nextgen network rejecting my credentials?

Here's the .ovpn file:

client
dev tun
proto udp
remote ca-toronto.privacy.network 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
reneg-sec 0
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt

disable-occ

Here's my docker-compose:

  torrent:
    cap_add:
      - NET_ADMIN
    image: "binhex/arch-rtorrentvpn:latest"
    container_name: "torrent"
    hostname: "torrent"
    restart: "always"
    network_mode: "bridge"
    ports: 
      - <ports>

    volumes:
      - <volumes>

    environment:
      - VPN_ENABLED=yes
      - VPN_USER=<user>
      - VPN_PASS=<password>
      - VPN_PROV=pia
      - STRICT_PORT_FORWARD=yes
      - ENABLE_PRIVOXY=yes
      - ENABLE_AUTODL_IRSSI=yes
      - ENABLE_RPC2=yes
      - ENABLE_RPC2_AUTH=yes
      - ENABLE_WEBUI_AUTH=no
      - RPC2_USER=<password>
      - RPC2_PASS=<password>
      - LAN_NETWORK=192.168.1.0/24
      - NAME_SERVERS=1.1.1.1,1.0.0.1
      - PHP_TZ=<timezone>
      - TZ=<timezone>

Any help would be really appreciated.

Link to comment
1 hour ago, Zeee said:

I've been having this problem for what feels like weeks now. No matter what I do I cannot get it to auth. But when I went back to the old-gen network, everything worked fine. Here's what I've tried:

  • downloaded many versions of the NextGen.zip with all the ovpn files in it
  • tried many different .ovpn files in the .zip
  • generating a new password from the PIA site and updating the docker parameters
  • modding the .ovpn to remove the built in CA and CRL and use the files
  • modding the .ovpn file to specifically include "credentials.conf" nest to "auth-user-pass"
  • deleted the perms.txt file and restarted
  • completely cleared out the containers' volume on the drive and started again

I could really use some advice on what I'm doing wrong. Why is the nextgen network rejecting my credentials?

Here's the .ovpn file:


client
dev tun
proto udp
remote ca-toronto.privacy.network 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass credentials.conf
compress
verb 1
reneg-sec 0
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt

disable-occ

Here's my docker-compose:


  torrent:
    cap_add:
      - NET_ADMIN
    image: "binhex/arch-rtorrentvpn:latest"
    container_name: "torrent"
    hostname: "torrent"
    restart: "always"
    network_mode: "bridge"
    ports: 
      - <ports>

    volumes:
      - <volumes>

    environment:
      - VPN_ENABLED=yes
      - VPN_USER=<user>
      - VPN_PASS=<password>
      - VPN_PROV=pia
      - STRICT_PORT_FORWARD=yes
      - ENABLE_PRIVOXY=yes
      - ENABLE_AUTODL_IRSSI=yes
      - ENABLE_RPC2=yes
      - ENABLE_RPC2_AUTH=yes
      - ENABLE_WEBUI_AUTH=no
      - RPC2_USER=<password>
      - RPC2_PASS=<password>
      - LAN_NETWORK=192.168.1.0/24
      - NAME_SERVERS=1.1.1.1,1.0.0.1
      - PHP_TZ=<timezone>
      - TZ=<timezone>

Any help would be really appreciated.

I was using the "PPTP/L2TP/SOCKS" username and password which starts with an x--------.

With the next-gen network, PIA wants everyone to use their login username and password which start with p--------. Once I switched credentials, I was able to authenticate right away.

Link to comment
19 hours ago, binhex said:

 

18 hours ago, Katherine said:

I was using the "PPTP/L2TP/SOCKS" username and password which starts with an x--------.

With the next-gen network, PIA wants everyone to use their login username and password which start with p--------. Once I switched credentials, I was able to authenticate right away.

Well, damn. I feel like a right idiot. Thank you both! Got it working.

 

I'll go and hang my head in shame over there -----> somewhere...

  • Haha 1
Link to comment
  • 2 weeks later...

Hi all

 

Thanks for a great project...I've been putting off this post for ages but I'm getting very frustrated. I have for a long time had issues with the VPN connection dropping out. I use AirVPN and when I restart the docker, I can see the VPN session opening up, and the port Check on rutorrent is Green, everything is good.

 

Then after an unspecified amount of time, the port checker goes Yellow and my connection drops. The only way to fix it is to restart the docker. Is there some kind of keepalive setting I can use? or tweak?

 

At the moment my workaround is a User Script that restarts the container every hour...not ideal.

 

Logs attached.

 

EDIT: Have moved all settings and everything over to Qbittorrent which seems to be much more stable for now. Would still like to get this resolved in case the same thing happens with Qbittorrent?

 

supervisord.log

Edited by Mooks
Link to comment

Hi all,

 

I recently realized that my rtorrent-VPN docker was not working and upon looking at the logs it says: 

 

Quote

No OpenVPN config file located in /config/openvpn/ (ovpn extension), please download from your VPN provider and then restart this container, exiting...

 

I have checked the folder and it contains the .crt, .pem and .ovpn files that I put in there when I set up the docker originally. I have since replaced them with updated files from pia, but it is still coming up with that error. Not sure what is causing this issue and not sure where to go from here.

 

Any help would be greatly appreciated,

 

Cheers, Chuffs

Link to comment
1 hour ago, chuffs97 said:

Hi all,

 

I recently realized that my rtorrent-VPN docker was not working and upon looking at the logs it says: 

 

 

I have checked the folder and it contains the .crt, .pem and .ovpn files that I put in there when I set up the docker originally. I have since replaced them with updated files from pia, but it is still coming up with that error. Not sure what is causing this issue and not sure where to go from here.

 

Any help would be greatly appreciated,

 

Cheers, Chuffs

go to unraid web ui/docker tab/ left click icon and select edit, click on 'show more settings' this should then show you the host path set for /config, make a note and then check where you are putting files is actually where /config is set to, if it looks correct then drop to unraid cli and issue the command:-

ls -al <host path shown for /config>

and paste the output here.

Link to comment
1 hour ago, binhex said:

go to unraid web ui/docker tab/ left click icon and select edit, click on 'show more settings' this should then show you the host path set for /config, make a note and then check where you are putting files is actually where /config is set to, if it looks correct then drop to unraid cli and issue the command:-


ls -al <host path shown for /config>

and paste the output here.

Thanks, I've figured out where it went wrong. It was mapped to a specific disk instead of the /user/appdata. Changing that over appears to fix that issue.. BUT.. was then getting the RPC2_PASS error detailed further up the page, following that fix looks like everything is running smoothly.

 

Thanks for your help :)

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.