[Support] ich777 - Application Dockers


ich777

Recommended Posts

24 minutes ago, ich777 said:

Not '$user' it have to be in capitals '$USER' and also not 'vncpassword' it has to be 'vncpasswd'.

 

You did it like in the Firefox container? Or like the new method?

The new method is described here:

 

 

If you can't connect anymore I would like to recommend to start over and delete the chrome directory that was created in your appdata directory and also in the first place the whole container, after that pull a fresh copy from the CA App.

yes, whole process strictly follow the new method, I tried to create a new image and redo the su vncpasswd parameter things again. still the same log that the docker falled into a loop, I tried to use the docker terminal and get the error msg "Error response from daemon: Container 7bf0e24102efa03a307e8ef6850ee3cd41afd39050ebb7ec4c6168fa310e31d6 is restarting, wait until the container is running"

Link to comment
3 hours ago, stamina77 said:

yes, whole process strictly follow the new method

Please force an update on the Docker page there was a specific with Chromium that prevented it from starting up, this is now fixed and should work right away, even if your container is now looping the update should fix that. ;)

 

EDIT: And the password works now too with the new method, tested it and fully working.

Link to comment
11 hours ago, ich777 said:

Please force an update on the Docker page there was a specific with Chromium that prevented it from starting up, this is now fixed and should work right away, even if your container is now looping the update should fix that. ;)

 

EDIT: And the password works now too with the new method, tested it and fully working.

now it works perfect with the password, thanks

  • Like 1
Link to comment
Posted (edited)
17 hours ago, ich777 said:

No, why should you, luckyBackup is only a frontend for rsync.

Which files and from where have you put on which machines and in which folder?

 

I think you don't put the right files in the right place, that's the only error. ;)

 

That's because you are doing it from the terminal and you haven't read my message above at least not fully... :D

You have to put the ssh files that luckyBackup created on the other machine and you don't need all the files that you created with this tutorial, luckyBackup creates the files for location A on it's own. ;)

 

Sorry, I got a bit tired yesterday :D

 

I've spent a couple of hours today, trying to figure out what was happening. And guess what?

I had the wrong port set up... 🙄

 So, oops on my side. You see, when I started toying around with this, I hadn't yet had issues with the Unassigned Devices plugin, so I wasn't paying attention too much on things.

Turns out, I had put in the port for my WireGuard setup, instead of an SSH port..

 

Once I got that out of the way, LuckyBackup did seem to be just happy with the SSH Key I generated from the tutorial. I tried restarting LuckyBackup just to double check, and it seems that it's not requesting for a password, and things just work!

 

Now, I'll just have to change the setup of the rest of the profiles to not work through the Unassigned Devices, but rather directly through the SSH

 

Thank you for all the help, I really appreciate it! :)

 

EDIT: Oh, now that I'm here, would you happen to know if there was a way to utilize the "Also Execute" tab within LuckyBackup, to show a GUI notification within Unraid itself, to let me know the result of the backup (once the Cron works again for LB)

Edited by REllU
  • Like 1
Link to comment
1 hour ago, REllU said:

"Also Execute" tab within LuckyBackup, to show a GUI notification within Unraid itself

I never did this but it can be somehow achieved I think.

I have to look into this, please give me some time (actually can take quite a while since I have to look into a few other things first).

 

EDIT: Is a Email notification something you can work with or does it have to be a notification from Unraid?

Link to comment

Hi @ich777 I can't get OpenVPN-Client to work with other containers. I does connect to the VPN provider properly, the tunnel works. Also it uses the VPN provider DNS. I did set the following variables:

 

DNS=true

FIREWALL=true

ROUTE=192.168.0.0/16

ROUTE6= (empty)

VPNPORT=5800

 

Then I took the Musicbrainz Picard container, changed Network to None and added "--net=container:OpenVPN-Client" to Extra Parameters. The VNC UI of this container is on port 5800.

 

If I open the console of the Picard container I cnnot do much troubleshooting as it does not have ping and curl. The routing table is empy. Resolv conf points to my local network's DNS server (it shouldn't?).

 

Needless to say, port 5800 is not answering.


BTW the explanation in the template say one should "add the port" of the connected containers, but it does not say how to do that. I looked at the container's github project and I guessed it would be the VPNPORT(_x) variables, but I am not sure.

 

What am I missing in my config? How do I make it work?

 

Link to comment
7 hours ago, b0m541 said:

Then I took the Musicbrainz Picard container, changed Network to None and added "--net=container:OpenVPN-Client" to Extra Parameters. The VNC UI of this container is on port 5800.

Can you try to add the DNS manually for example from Google manually, you do this by adding: '--dns=8.8.8.8' to the Extra Parameters in the OpenVPN containter, just for troubleshooting reasons.

 

7 hours ago, b0m541 said:

but it does not say how to do that

Do the following in the OpenVPN container:

grafik.thumb.png.80049755b3d62742bb4fc0c2d8e222d9.png

(since you are using the container network from the OpenVPN container in your Picard container you have to add the port to the OpenVPN container since all the port mappings in the Picard container are not working anymore because well you use the OpenVPN containers network and have to forward the ports there)

Link to comment
2 hours ago, ich777 said:

Can you try to add the DNS manually for example from Google manually, you do this by adding: '--dns=8.8.8.8' to the Extra Parameters in the OpenVPN containter, just for troubleshooting reasons.

 

Do the following in the OpenVPN container:

grafik.thumb.png.80049755b3d62742bb4fc0c2d8e222d9.png

(since you are using the container network from the OpenVPN container in your Picard container you have to add the port to the OpenVPN container since all the port mappings in the Picard container are not working anymore because well you use the OpenVPN containers network and have to forward the ports there)

 

Thank you so much, sounds logically if you know the reason.

I have another question and 2 remarks:

 

Question: if a connected container e.g. Picard has a container port number 5800 and an associated host port number 1234, how would I implement this with then OpenVPN-Client container? Would I also put in container port number 5800 and host port number 1234? (You may want to document this in the template)

 

Remark 1: DNS started to work when I added the port. Magically the /etc/resolv.conf in the Picard container now has the VPN Provider's DNS server IP.

 

Remark 2: The ROUTE variable does not seem to be necessary to be able to reach the ports of the connected containers, if we put those ports into the OpenVPN-Client container.

 

 

 

 

Link to comment
30 minutes ago, b0m541 said:

Would I also put in container port number 5800 and host port number 1234? (You may want to document this in the template)

Exactly. ;)

 

30 minutes ago, b0m541 said:

Remark 2: The ROUTE variable does not seem to be necessary to be able to reach the ports of the connected containers, if we put those ports into the OpenVPN-Client container.

You shouldn't need that Variable, all the necessary variables in there by default, I just recommend using a public DNS server in the extra parameters because some VPN's doesn't seem to work properly OOB without a DNS entry.

 

What you can add is this (you have to enable the Advanced View on the template page):

grafik.png.d1e2ab4978ef3673dd0ee9a83224a06e.png

This will prevent any container that is using the OpenVPN Network form connecting to the internet when the VPN connection is lost or not established (Click).

Link to comment
1 minute ago, ich777 said:

What you can add is this (you have to enable the Advanced View on the template page):

grafik.png.d1e2ab4978ef3673dd0ee9a83224a06e.png

This will prevent any container that is using the OpenVPN Network form connecting to the internet when the VPN connection is lost or not established (Click).

 

I have FIREWALL = true, wouldn't that do effectively the same?

  • Like 1
Link to comment

I found another case that needs a solution. I can not only be that a local machine needs to connect to container on the VPN network, it can also be that a container on the VPN network needs to connect to the Internet through the VPN, AND also needs to connect to a local machine or to a container on the same host.

 

How would this be done? Is that what the ROUTE parameter is good for?

 

Link to comment
23 minutes ago, ich777 said:

I think this is the answer or am I wrong: Click

(or do I got your question wrong?)

 

 You point to the -r parameter which is basically the same as the ROUTE variable.

One thing also to consider is that if a container resolves using he VPN provider DNS, it will not be able to resolve internal names and one needs to work with IP addresses, or one needs to put in the own internal resolver as DNS server.

 

 

Link to comment
2 hours ago, b0m541 said:

You point to the -r parameter which is basically the same as the ROUTE variable.

If you scroll a little more down I also point to ROUTE (since the "Configuration" section is both for the docker run start commands and also for the ENVIRONMENT variables)...

 

2 hours ago, b0m541 said:

One thing also to consider is that if a container resolves using he VPN provider DNS, it will not be able to resolve internal names and one needs to work with IP addresses, or one needs to put in the own internal resolver as DNS server.

Exactly but that is what you want to do with a VPN container since you want to encrypt or better speaking route the traffic through this container and not your default Container network.

 

Hope that makes sense.

Link to comment

There seems to be a challenge with containers connected to OpenVPN-Client if they use the same port numbers within the container.

 

Lets assume container A uses container port 8080 and host port 8080

and container B uses container port 8080 and host port 8081

 

How can we tell OpenVPN-Client that 8080 is mapped to 8080 for container A and 8081 is mapped to 8080 for container B. I guess thats no possible and one would need to change the port number in the installation of the container image?

 

Any better ideas to solve this?

 

 

Link to comment
17 minutes ago, b0m541 said:

OpenVPN-Client if they use the same port numbers within the container.

That's not possible.

 

18 minutes ago, b0m541 said:

Lets assume container A uses container port 8080 and host port 8080

and container B uses container port 8080 and host port 8081

What containers are you having issues with?

 

18 minutes ago, b0m541 said:

Any better ideas to solve this?

If it's a container made by me you can always create the Variable 'VNC_PORT' and change it so something like for example 8081 then the port in the container is actually 8081 and not 8080 anymore (I also recommend to create the Variable 'RFB_PORT' and change it to something like 5901 - default is 5900 - so that there are no collisions between the containers).

Keep in mind that if you create this variables you actually have to change the WebGUI port to the container port 8081 and your preferred host port.

 

grafik.png.b7fd4847396c045f4c2413ac7fb20210.png

 

grafik.png.081a306d548a0bb77e8e417659921e78.png

Link to comment
3 minutes ago, ich777 said:

That's not possible.

 

What containers are you having issues with?

 

 

some linuxserver.io containers have 8080 as container port. no problem with that in a general setup, but with the OpenVPN-Client setup you get a collision and there are no VARIABLES to change the port, so you need to delve into the config files.

 

Link to comment
1 minute ago, b0m541 said:

some linuxserver.io containers have 8080 as container port

Mine also have by default these ports but I've actually built that in way before I made a template for OpenVPN-Client because you never know when a user has a special use case where they need to change the port numbers internally. :)

 

2 minutes ago, b0m541 said:

so you need to delve into the config files

Yes exactly, if there are no variables you have to change the port in the configs to actually change the ports inside the container, that's also the case for some containers that I've made: Most of my game server containers, SABNzbd, NZBHydra2,...

 

There is simply no way around that because this is a completely special use case and you also wouldn't be able if you run all applications not in Docker containers and instead on a Dedicated machine, there you also have to change the ports physically in the config files.

 

Hope that makes sense.

Link to comment

Sigh, the linuxserver.io container is even worse, the port is hardcoded in the startup scripts, changing the config file content does not help.....

 

This architectural change is much more painful than I was expecting

Link to comment
2 minutes ago, b0m541 said:

Sigh, the linuxserver.io container is even worse, the port is hardcoded in the startup scripts, changing the config file content does not help.....

May I ask what container this is?

 

2 minutes ago, b0m541 said:

This architectural change is much more painful than I was expecting

There is a solution for every issue. :)

Link to comment
On 5/3/2021 at 5:38 PM, ich777 said:

Not '$user' it have to be in capitals '$USER' and also not 'vncpassword' it has to be 'vncpasswd'.

 

You did it like in the Firefox container? Or like the new method?

The new method is described here:

 

 

If you can't connect anymore I would like to recommend to start over and delete the chrome directory that was created in your appdata directory and also in the first place the whole container, after that pull a fresh copy from the CA App.

Hi,

I've been using 2 of your container within docker on a wireguard network container.

Since the chrome update, only one container can access to internet.

 

I'm using :

NOVNC_PORT (different) on both container (redirect also on my wireguard container).

RFB_PORT (different) on both container

 

Here is throwing error (loop) :

12/05/2021 08:15:47 Using security configuration file /etc/turbovncserver-security.conf
12/05/2021 08:15:47 Enabled security type 'none'
_XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root
12/05/2021 08:15:47 Desktop name 'TurboVNC: b05b8e5d5d3a:99 (chrome)' (b05b8e5d5d3a:99)
12/05/2021 08:15:47 Protocol versions supported: 3.3, 3.7, 3.8, 3.7t, 3.8t
12/05/2021 08:15:47 Listening for VNC connections on TCP port 5903
12/05/2021 08:15:47 Interface 0.0.0.0
12/05/2021 08:15:47 Listening for HTTP connections on TCP port 5899
12/05/2021 08:15:47 URL http://b05b8e5d5d3a:5899
12/05/2021 08:15:47 ListenOnTCPPort: Address already in use
---Starting Fluxbox---
---Starting noVNC server---
WebSocket server settings:
- Listen on :6001
- Flash security policy server
- Web server. Web root: /usr/share/novnc
- No SSL/TLS support (no cert file)
- Backgrounding (daemon)
---Starting noVNC server---
WebSocket server settings:
- Listen on :6001
- Flash security policy server
- Web server. Web root: /usr/share/novnc
- No SSL/TLS support (no cert file)
- Backgrounding (daemon)
---Starting Chrome---
---Starting Chrome---

Looks like both container are using 5899 port for http.

Link to comment
1 hour ago, HpNoTiQ said:

I've been using 2 of your container within docker on a wireguard network container.

Since the chrome update, only one container can access to internet.

Can you please give me a little more context what you've changed exactly in both containers, screenshots would be super nice. :)

 

1 hour ago, HpNoTiQ said:

Looks like both container are using 5899 port for http.

My containers doesn't listen on port 5899 for http connections, they listen on port 8080 by default, that's why I created the variables so that users that want to run multiple containers through one Docker network have no issues. :)

You actually change the http port with the variable 'VNC_PORT'.

 

1 hour ago, HpNoTiQ said:

12/05/2021 08:15:47 Using security configuration file /etc/turbovncserver-security.conf 12/05/2021 08:15:47 Enabled security type 'none' _XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root 12/05/2021 08:15:47 Desktop name 'TurboVNC: b05b8e5d5d3a:99 (chrome)' (b05b8e5d5d3a:99) 12/05/2021 08:15:47 Protocol versions supported: 3.3, 3.7, 3.8, 3.7t, 3.8t 12/05/2021 08:15:47 Listening for VNC connections on TCP port 5903 12/05/2021 08:15:47 Interface 0.0.0.0 12/05/2021 08:15:47 Listening for HTTP connections on TCP port 5899 12/05/2021 08:15:47 URL http://b05b8e5d5d3a:5899 12/05/2021 08:15:47 ListenOnTCPPort: Address already in use

Do you also want to set a password in the Container for the VNC Connection? Have you also created a variable 'TURBOVNC_PARAMS' and left it empty? Otherwise the password won't work.

Link to comment
11 hours ago, ich777 said:

Can you please give me a little more context what you've changed exactly in both containers, screenshots would be super nice. :)

 

My containers doesn't listen on port 5899 for http connections, they listen on port 8080 by default, that's why I created the variables so that users that want to run multiple containers through one Docker network have no issues. :)

You actually change the http port with the variable 'VNC_PORT'.

 

Do you also want to set a password in the Container for the VNC Connection? Have you also created a variable 'TURBOVNC_PARAMS' and left it empty? Otherwise the password won't work.

Here you are :

You already solved my case with NOVNC_PORT at the beginning of april. (

 

I've tried VNC_PORT and NOVNC_PORT Variable.

 

Chrome.jpg

Jdownloader.jpg

Link to comment
11 hours ago, HpNoTiQ said:

You already solved my case with NOVNC_PORT at the beginning of april.

Doh... :D

 

Can it be that there something else is using port 5899?

AS said above nothing in my containers isnusing port 5899.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.