activ Posted November 29, 2016 Author Share Posted November 29, 2016 Don't use it myself, but should be easy enough to configure. Just be aware that the whitelist in transmission needs to include the interal IP range used by docker inside the containers aswel. Quote Link to comment
TheWatcher Posted November 29, 2016 Share Posted November 29, 2016 OK in the config file of transmission I've set a rpc username,password, and enable authentication . When I save and exit, I come back the password is a hash? I suppose that is correct? Searching in terminal using docker inspect couchpotato, in the network setting it shows an ip of 172.17.0.4, I'm not sure what this is but adding it to the whitest in Transmission file doesn't allow Couchpotato to connect. Any ideas? Edit: The default whitelist ip is 192.168.x.x which is the ip for my unraid setup. Thanks Quote Link to comment
activ Posted November 30, 2016 Author Share Posted November 30, 2016 afaik the rpc password is the same used to log into the web interface. I whitelisted both 192.168.x.x and 172.17.x.x Quote Link to comment
jedimstr Posted December 12, 2016 Share Posted December 12, 2016 I'm having an issue with getting any peers to connect. I can connect to WebUI fine and Tracker connections seem fine. The checkMyTorrentIp test torrent works fine as well showing a different IP than my ISP. But any torrent with known seeders is always showing 0 peers. Same torrents on my old non VPN Linuxserver.io based transmission container (not active at the same time of course) shows peer connections and downloads. I know with the vpn connection I don't have to worry about the port I forward for the other transmission container, but I tried setting it anyway. Still same 0 peers. Since the checkMyTorrentIp connects with an expected IP response and the Tracker connections seem fine, I'm assuming the VPN connection is working. Any ideas? Quote Link to comment
JonathanM Posted December 12, 2016 Share Posted December 12, 2016 I'm having an issue with getting any peers to connect. I can connect to WebUI fine and Tracker connections seem fine. The checkMyTorrentIp test torrent works fine as well showing a different IP than my ISP. But any torrent with known seeders is always showing 0 peers. Same torrents on my old non VPN Linuxserver.io based transmission container (not active at the same time of course) shows peer connections and downloads. I know with the vpn connection I don't have to worry about the port I forward for the other transmission container, but I tried setting it anyway. Still same 0 peers. Since the checkMyTorrentIp connects with an expected IP response and the Tracker connections seem fine, I'm assuming the VPN connection is working. Any ideas? Does your VPN service have incoming ports enabled? I know with PIA, only certain endpoints have open ports for incoming connections. Even some pay VPN's don't allow incoming. Quote Link to comment
jedimstr Posted December 12, 2016 Share Posted December 12, 2016 Does your VPN service have incoming ports enabled? I know with PIA, only certain endpoints have open ports for incoming connections. Even some pay VPN's don't allow incoming. I am using PIA, specifically the NY node. I'll have to see if it allows incoming. Are there any PIA endpoints with incoming connections in the US... or at least reasonably close? I tried the PIA network speedtest on Germany and Netherlands and it was super slow compared to my primary connection nodes. Quote Link to comment
JonathanM Posted December 12, 2016 Share Posted December 12, 2016 Does your VPN service have incoming ports enabled? I know with PIA, only certain endpoints have open ports for incoming connections. Even some pay VPN's don't allow incoming. I am using PIA, specifically the NY node. I'll have to see if it allows incoming. Are there any PIA endpoints with incoming connections in the US... or at least reasonably close? I tried the PIA network speedtest on Germany and Netherlands and it was super slow compared to my primary connection nodes. No USA based PIA endpoints allow incoming. I'm talking out of my rear at this point, but I assumed that was for legal reasons, specifically RIAA MPAA etc. Quote Link to comment
a_n_d_y Posted December 12, 2016 Share Posted December 12, 2016 Yeah none of the US ones will work. I use Toronto Canada and its fast for me. Quote Link to comment
jedimstr Posted December 12, 2016 Share Posted December 12, 2016 Yeah none of the US ones will work. I use Toronto Canada and its fast for me. That one works for me too!!! Thanks All! Now to go download some Linux ISOs. Quote Link to comment
DazedAndConfused Posted January 24, 2017 Share Posted January 24, 2017 Does this container not attempt to reconnect to the VPN once it realizes the connection is down? Just came home to find that it was completely offline and never tried to reconnect. Quote Link to comment
activ Posted January 24, 2017 Author Share Posted January 24, 2017 I have the same issue, it doesn't seem to reconnect. The docker uses OpenVPN cli to connect, and I guess that doesn't automatically reconnect. I've been meaning to research options to trigger a reconnect automatically, but haven't found the time. If you have a proposed change in the docker to fix if let me know and I'll paste it in. Quote Link to comment
DazedAndConfused Posted January 25, 2017 Share Posted January 25, 2017 Perhaps Binhex can help you? He has 3 Dockers that connect to VPN, have killswitch, and will continue trying to connect. Im using his rtorrentvpn docker in conjunction with transmission. Quote Link to comment
binhex Posted January 25, 2017 Share Posted January 25, 2017 Perhaps Binhex can help you? He has 3 Dockers that connect to VPN, have killswitch, and will continue trying to connect. Im using his rtorrentvpn docker in conjunction with transmission. hi activ!, glad to see your still keeping this docker going :-). it might be worth you taking a look as DazedAndConfused mentioned, at my rtorrentvpn docker, this has my latest code changes in, it does include auto reconnection, auto restart if openvpn process dies and auto restart and reconfiguration (of port and ip) if the downloader process dies. you could take this docker and then re-insert your code changes for transmission to get you up to date. Quote Link to comment
activ Posted January 25, 2017 Author Share Posted January 25, 2017 Thanks for the tip, I'll have a look at implementing your changes when I have some time. Quote Link to comment
activ Posted January 28, 2017 Author Share Posted January 28, 2017 @Binhex: I've been digging into your updates docker to make a new version of my own. Am I right is thinking that you check processes, ports and IP addresses, but not the actual connection or tunnel interface? Quote Link to comment
markj24 Posted January 28, 2017 Share Posted January 28, 2017 Hi Activ I've been using your docker now for quite some time with no trouble. i just upgraded and it doesn't work now. is there something i need to change or setup different with this upgrade? Quote Link to comment
binhex Posted January 28, 2017 Share Posted January 28, 2017 @Binhex: I've been digging into your updates docker to make a new version of my own. Am I right is thinking that you check processes, ports and IP addresses, but not the actual connection or tunnel interface? the tunnel is monitored by the built in parameter "--keepalive 10 60", basically its a built in feature that will auto restart the tunnel if it goes down. as a side note - as you have now picked up my changes you will also need to do the same for the intermediate docker image arch-openvpn.as there are some changes to that too, im assuming you have your own copy of this as well?. Quote Link to comment
activ Posted January 29, 2017 Author Share Posted January 29, 2017 Hi Activ I've been using your docker now for quite some time with no trouble. i just upgraded and it doesn't work now. is there something i need to change or setup different with this upgrade? There was a bad version up for a while yesterday, just grab the current version and it should work again. Sorry Quote Link to comment
activ Posted January 29, 2017 Author Share Posted January 29, 2017 The missing mangle support is not your issue, it should still work without. Do you have a more complete log? Quote Link to comment
activ Posted January 29, 2017 Author Share Posted January 29, 2017 Okay guys and girls, I hope I got the kinks out enough to now share the new version. The new version is based on the latest scripting by Binhex and it has auto reconnect etc. It does however also need more info passed into the container, so make sure you add the right variables. More info here: https://github.com/activ/arch-transmissionvpn Example: docker run -d \ --cap-add=NET_ADMIN \ -p 9091:9091 \ -p 8118:8118 \ --name=<container name> \ -v <path for data files>:/data \ -v <path for config files>:/config \ -v /etc/localtime:/etc/localtime:ro \ -e VPN_ENABLED=<yes|no> \ -e VPN_USER=<vpn username> \ -e VPN_PASS=<vpn password> \ -e VPN_REMOTE=<vpn remote gateway> \ -e VPN_PORT=<vpn remote port> \ -e VPN_PROTOCOL=<vpn remote protocol> \ -e VPN_DEVICE_TYPE=<tun|tap> \ -e VPN_PROV=<pia|airvpn|custom> \ -e STRONG_CERTS=<yes|no> \ -e ENABLE_PRIVOXY=<yes|no> \ -e LAN_NETWORK=<lan ipv4 network>/<cidr notation> \ -e NAME_SERVERS=<name server ip(s)> \ -e WHITELIST= <example 192.168.*.*> \ -e DEBUG=<true|false> \ -e PHP_TZ=<php timezone> \ -e PUID=<uid for user> \ -e PGID=<gid for user> \ activ/arch-transmissionvpn Quote Link to comment
activ Posted January 29, 2017 Author Share Posted January 29, 2017 I think the real reason you cannot access the web interface is that transmission is not started. I'm not even sure the vpn in actually connecting. Which version are you on? Is it the one form yesterday or from before? Did you just update unraid and it stopped working or did you also update the container? At the moment there are two versions available: Version 1.0 - The version that has been up for the last few months Latest - The version I updated today with new scripting from Binhex for disconnect handling and such. Quote Link to comment
activ Posted January 29, 2017 Author Share Posted January 29, 2017 That makes it a bit tricky, I don't have an Unraid machine to test on anymore. Since it's broken anyway you could try removing it and doing a clean install from scratch. Quote Link to comment
nexusmaniac Posted January 29, 2017 Share Posted January 29, 2017 Neither 1.0 or latest work on unRAID 6.3 rc9. The version you uploaded yday did work for me (I just had to add the extra config options) The logs seem normal: ErrorWarningSystemArrayLogin usermod: no changes [info] Env var PUID defined as 99 [info] Env var PGID defined as 100 [info] Permissions already set for /config [info] Starting Supervisor... 2017-01-29 11:41:40,184 CRIT Set uid to user 0 2017-01-29 11:41:40,184 INFO Included extra file "/etc/supervisor/conf.d/transmission.conf" during parsing 2017-01-29 11:41:40,187 INFO supervisord started with pid 15 2017-01-29 11:41:41,189 INFO spawned: 'checkproc-script' with pid 18 2017-01-29 11:41:41,191 INFO spawned: 'start-script' with pid 19 2017-01-29 11:41:41,192 INFO spawned: 'transmission-script' with pid 20 2017-01-29 11:41:41,194 INFO spawned: 'privoxy-script' with pid 21 2017-01-29 11:41:41,199 DEBG 'start-script' stdout output: [info] VPN is enabled, beginning configuration of VPN 2017-01-29 11:41:41,199 INFO success: checkproc-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs) 2017-01-29 11:41:41,199 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs) 2017-01-29 11:41:41,199 INFO success: transmission-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs) 2017-01-29 11:41:41,199 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs) 2017-01-29 11:41:41,201 DEBG 'transmission-script' stdout output: [info] VPN is enabled, checking VPN tunnel local ip is valid 2017-01-29 11:41:41,202 DEBG 'privoxy-script' stdout output: [info] Privoxy set to disabled 2017-01-29 11:41:41,202 DEBG fd 24 closed, stopped monitoring <POutputDispatcher at 47749247123608 for <Subprocess at 47749247226944 with name privoxy-script in state RUNNING> (stderr)> 2017-01-29 11:41:41,202 DEBG fd 20 closed, stopped monitoring <POutputDispatcher at 47749247125336 for <Subprocess at 47749247226944 with name privoxy-script in state RUNNING> (stdout)> 2017-01-29 11:41:41,202 INFO exited: privoxy-script (exit status 0; expected) 2017-01-29 11:41:41,202 DEBG received SIGCLD indicating a child quit 2017-01-29 11:41:41,207 DEBG 'start-script' stdout output: [info] VPN default certs defined, copying to /config/openvpn/... 2017-01-29 11:41:41,209 DEBG 'start-script' stdout output: [info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn 2017-01-29 11:41:41,211 DEBG 'start-script' stdout output: [warn] VPN provider remote port incorrect, overriding to 1198 2017-01-29 11:41:41,249 DEBG 'start-script' stdout output: [info] Default route for container is 172.17.0.1 2017-01-29 11:41:41,251 DEBG 'start-script' stdout output: [info] Adding 192.168.0.0/24 as route via docker eth0 2017-01-29 11:41:41,252 DEBG 'start-script' stdout output: [info] ip route defined as follows... -------------------- 2017-01-29 11:41:41,253 DEBG 'start-script' stdout output: default via 172.17.0.1 dev eth0 172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.2 192.168.0.0/24 via 172.17.0.1 dev eth0 2017-01-29 11:41:41,253 DEBG 'start-script' stdout output: -------------------- 2017-01-29 11:41:41,256 DEBG 'start-script' stdout output: [info] iptable_mangle support detected, adding fwmark for tables 2017-01-29 11:41:41,284 DEBG 'start-script' stdout output: [info] iptables defined as follows... -------------------- 2017-01-29 11:41:41,285 DEBG 'start-script' stdout output: -P INPUT DROP -P FORWARD ACCEPT -P OUTPUT DROP -A INPUT -i tun0 -j ACCEPT -A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT -A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 9091 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --sport 9091 -j ACCEPT -A INPUT -p udp -m udp --sport 53 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT -A INPUT -i lo -j ACCEPT -A OUTPUT -o tun0 -j ACCEPT -A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --dport 9091 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --sport 9091 -j ACCEPT -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT -A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A OUTPUT -o lo -j ACCEPT 2017-01-29 11:41:41,285 DEBG 'start-script' stdout output: -------------------- 2017-01-29 11:41:41,285 DEBG 'start-script' stdout output: [info] Starting OpenVPN... 2017-01-29 11:41:41,299 DEBG 'start-script' stdout output: [info] OpenVPN started But I cannot connect the the webUI Quote Link to comment
activ Posted January 29, 2017 Author Share Posted January 29, 2017 Could you post your settings? (user and password excluded of course) Quote Link to comment
nexusmaniac Posted January 29, 2017 Share Posted January 29, 2017 Could you post your settings? (user and password excluded of course) root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="Transmission" --net="bridge" --privileged="true" -e TZ="Europe/London" -e HOST_OS="unRAID" -e "VPN_ENABLED"="yes" -e "VPN_USER"="BLANK" -e "VPN_PASS"="BLANK" -e "VPN_REMOTE"="nl.privateinternetaccess.com" -e "VPN_PORT"="1194" -e "VPN_PROTOCOL"="udp" -e "VPN_PROV"="pia" -e "ENABLE_PRIVOXY"="no" -e "LAN_NETWORK"="192.168.0.0/24" -e "WHITELIST"="*.*.*.*" -e "DEBUG"="false" -e "PUID"="99" -e "PGID"="100" -e "VPN_DEVICE_TYPE"="tun" -e "STRONG_CERTS"="no" -e "PHP_TZ"="Europe/London" -e "NAME_SERVERS"="192.168.0.254" -p 9091:9091/tcp -p 8118:8118/tcp -v "/mnt/user/Media/Transmission/":"/data":rw -v "/etc/localtime":"/etc/localtime":ro -v "/mnt/cache/appdata/transmission/":"/config":rw activ/arch-transmissionvpn Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.