[Support] ich777 - Application Dockers

[ich777]

8 hours ago, Cicatrix said:

Jdownloader gibes me the following Error after unraid-update. Any Suggestions?

Simply click OK this should solve your issue.

[czech12]

Hi,

 

I'm using Zabbix Server and would like to setup VMware Monitoring.  I found this Zabbix integration on their site.

 

https://www.zabbix.com/documentation/6.0/en/manual/vm_monitoring

 

I was able to start a couple VMCollectors by adding a docker variable, but the Zabbix article says that Zabbix Server needs to be compiled "with the --with-libxml2 and --with-libcurl compilation options".  I configured the host in Zabbix anyway, but it says "Received response has no valid XML data".  I am able to validate pulling XML data from my ESX server though by browsing https://my_server/sdk/vim.wsdl.

 

I'm not familiar with Docker enough to know if these are flags that I can add on my own if I edit the image, or if it's the image itself I'm pulling down.

 

Are you able to offer any assistance?  Thanks for your support of the community!

[ich777]

37 minutes ago, czech12 said:

I was able to start a couple VMCollectors by adding a docker variable, but the Zabbix article says that Zabbix Server needs to be compiled "with the --with-libxml2 and --with-libcurl compilation options".  I configured the host in Zabbix anyway, but it says "Received response has no valid XML data".  I am able to validate pulling XML data from my ESX server though by browsing https://my_server/sdk/vim.wsdl.

I'm only the template  maintainer for Unraid, the container that you find in the CA App is the official one and should be compiled with libxml2.

 

It seems like that the issue is somewhere else because it says that it doesn't received a valid XML data, as far as I understand this, this means that it can read XML but the response that it received is not valid.

 

I would recommend that you create an issue here: Click

[czech12]

15 hours ago, ich777 said:

I'm only the template  maintainer for Unraid, the container that you find in the CA App is the official one and should be compiled with libxml2.

 

It seems like that the issue is somewhere else because it says that it doesn't received a valid XML data, as far as I understand this, this means that it can read XML but the response that it received is not valid.

 

I would recommend that you create an issue here: Click

 

Thanks for the quick reply and for confirming libxml2.  I noticed I had a typo in my esx host URL.  It's still not working, now I'm getting unknown hypervisor uuid and unknown virtual machine uuid.  This seems like a different issue I'll start looking into.

 

I decided to use telegraf to pull ESX stats and that seems to be working well, so this is less of a problem now.  I am using Zabbix extensively though for SNMP and ICMP monitoring and it works great!

[Cicatrix]

On 5/31/2022 at 6:47 AM, ich777 said:

Simply click OK this should solve your issue.

Finally I had some time. Pressing OK didn't work, but the workaround with deleting the *.jar-files and tmp- and update-folder worked great.

[b0m541]

I switched from the russian OpenVPN-client container to ich777's OpenVPN-client and I get errors.

 

I have /vnpn/vpnp.ovpn and /vpn/vpn.auth.

 

Extra Parameters: --cap-add=NET_ADMIN --sysctl net.ipv6.conf.all.disable_ipv6=0 --log-opt max-size=50M

 

I use the following variables:

 

 

I get the following output:

 

---Checking for optional scripts---
---No optional script found, continuing---
---Taking ownership of data...---
---Starting...---
The use of ROUTE or -r may no longer be needed, try it without!
The use of ROUTE or -r may no longer be needed, try it without!
The use of ROUTE or -r may no longer be needed, try it without!
The use of ROUTE or -r may no longer be needed, try it without!
The use of ROUTE or -r may no longer be needed, try it without!
The use of ROUTE6 or -R may no longer be needed, try it without!!
The use of ROUTE or -r may no longer be needed, try it without!
Error: ipv4: FIB table does not exist.
Dump terminated
+ exec sg vpn -c 'openvpn --cd /vpn --config /vpn/vpn.ovpn --script-security 2 --up /etc/openvpn/up.sh --down /etc/openvpn/down.sh --auth-user-pass /vpn/vpn.auth '
Options error: --up script fails with '/etc/openvpn/up.sh': No such file or directory (errno=2)
Options error: Please correct this error.
Use --help for more information.

 

What is wrong?

 

 

[ich777]

12 minutes ago, b0m541 said:

What is wrong?

I would recommend that you set up to container from scratch, usually you don't have to use any variables whatsoever.

However I would strongly recommend to not use ROUTE and instead create the ports that you want to access from your LAN through the container in the template from OpenVPN-Client.

 

EDIT: Also if you don't want to use the Firewall then please delete the entry FIREWALL from your template.

[b0m541]

Thank you for the quick response. I did install from scratch. That did not work out of the box, so I created the variables I previously used. I will create the ports when the container actually works and created a connection.

I installed now again from scratch and it complains that it cannot resolve the vpn endpoint dns name. Let me see, this is why I removed the --dns, because that server is -of course- blocked by my firewall, as every other external dns server. From a security perspective one wants to use the local ns while openvpn establishes the tunnel, and afterwards the ns of the tunnel provider. is that possible with this container?

 

When I use my own local ns with --dns the container does establish the tunnel but dns resolution does not work.

 

troubleshooting is hampered by crucial tools not being installed in openvpn-client (eg nslookup, ping, tcpdump).

 

So I used a second container that is connected via the openvpn-client network.

 

its actually difficult to do anything when dns is not working..

 

 

 

 

 

 

Edited June 3, 2022 by b0m541

[ich777]

17 minutes ago, b0m541 said:

I install from scratch again and it complains that it cannot resolve the vpn endpoint dns name.

Try to use —dns=8.8.8.8 in Extra Parameters

[b0m541]

3 minutes ago, ich777 said:

Try to use —dns=8.8.8.8 in Extra Parameters

no, cannot work for me, see above.

my firewall enforces that in my network only my nameservers are used.

Edited June 3, 2022 by b0m541

[ich777]

1 minute ago, b0m541 said:

no, cannot work for me, see above.

Then simply don‘t use a domain name in the configuration file and use the IP instead…

[ich777]

22 minutes ago, b0m541 said:

troubleshooting is hampered by crucial tools not being installed in openvpn-client (eg nslookup, ping, tcpdump).

Why not install them?

apt-get update

apt-get install WHATEVERYOUNEED

[b0m541]

will try this, but the idea of using a dns name there is that there are actually several IPs for the tunnel endpoint

 

[b0m541]

Just now, ich777 said:

Why not install them?

apt-get update

apt-get install WHATEVERYOUNEED

 

good look without dns

[ich777]

Just now, b0m541 said:

good look without dns

Why not try it for testing purpouses to add a DNS to the extra parameters or download and install the packages manually in the container.
 

Otherwise I would recommend that you search for another container, maybe @binhex has a vaible container for you.

He made a lot of very usefull and good containers…

[b0m541]

nope, he always packages an app with vpn, thats not what I need. routing through the container network is the right approach. There is one other container OpenVPN-AIO-Client-Torless by testdasi.

 

Still trying this one and not getting dns to work. Using IPs for the vpn endpoint I get a tunnel, but DNS doesn't work. How to I make it use the VPN's DNS server?

[b0m541]

in /etc/resolv.conf I can see my name server, that would constitute a DNS leak. it is not working anyway, as the routes are not yet set for a local network.

 

I do not wish to use m own dns when the tunnel is established. it should use the VPN provider's DNS. how?

 

[b0m541]

I can see that the VPN server send the VPN provider's DNS server address, but it not being put in /etc/resolv.conf (putting it there would actually be default behaviour of openvpn). How would I enable this container to do that?

Using the --dns option wants the /etc/openvpn_up/down scripts that are not coming with the container.

However, in /etc/openvpn there is a script that can be called as up and down in vpn.ovpn and it is executed with proper parameters when the tunnel is established

 

/etc/openvpn/update-resolv-conf tun0 1500 1585 vpn-dns-ip 255.255.0.0 init

 

To set the nameserver in /etc/resolv.conf the script relies on /sbin/resolvconf, and this binary is unfortunately not coming in the container.

 

This explains why using the DNS of the VPN provider does not work.

 

Would you be willing to update your image accordingly to fix this problem?

 

 

[b0m541]

I tried to install resolvconf in the container, but that does not help. Some process keeps /etc/resolv.conf locked/writable, so resolvconf cannot update the content of /etc/resolv.conf.

 

Something with the scripts in this container is definitely broken.

Using a fixed DNS server as in --dns 8.8.8.8 is a work-around, and it would be better if the problem got fixed. I may take a look at the scripts this weekend but don't hold your breath.

 

[jdr]

Hey, I've been having a consistent problem with OpenVpn-Client for some time. After a container has been running / connected for a day or two, it will break. It's not clear to me whether this is the container, or something about Mullvad, but I always have to restart the container + all the containers it relies on.

 

Wondering if there's a better solution than daily restarts.

 

Quote

Sat Jun 4 14:03:51 2022 RESOLVE: Cannot resolve host address: us-lax-001.mullvad.net:1194 (Try again)

Sat Jun 4 14:03:56 2022 RESOLVE: Cannot resolve host address: us-lax-001.mullvad.net:1194 (Try again)

Sat Jun 4 14:03:56 2022 Could not determine IPv4/IPv6 protocol

Sat Jun 4 14:03:56 2022 SIGUSR1[soft,init_instance] received, process restarting

Sat Jun 4 14:03:56 2022 Restart pause, 300 second(s)

Sat Jun 4 14:08:56 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined

 

[ich777]

9 hours ago, jdr said:

Wondering if there's a better solution than daily restarts.

I've setup a UserScript with a daily restart from the OpenVPN-Client container that is executed at night and all relying contianers like:

#!/bin/bash
docker restart OpenVPN-Client
sleep 10
docker restart FIRSTCONTAINERNAME
sleep 5
docker restart SECONDCONTAINERNAME

 

[lhw1221]

Thunderbird dose not work anymore after i restartet my server resently 
LOGS:

---Ensuring UID: 99 matches user---
usermod: no changes
---Ensuring GID: 100 matches user---
usermod: no changes
---Setting umask to 000---
---Checking for optional scripts---
---No optional script found, continuing---
---Checking configuration for noVNC---
Nothing to do, noVNC resizing set to default
Nothing to do, noVNC qaulity set to default
Nothing to do, noVNC compression set to default
---Taking ownership of data...---
---Starting...---
---Version Check---

---Thunderbird v91.10.0 up-to-date---
---Preparing Server---
---Resolution check---
---Checking for old logfiles---
---Checking for old display lock files---
---Starting TurboVNC server---
---Starting Fluxbox---
Fluxbox crashed with exit code 1. Respawning..
Fluxbox crashed with exit code 1. Respawning..
---Starting noVNC server---
WebSocket server settings:
- Listen on :8080
- Web server. Web root: /usr/share/novnc
- No SSL/TLS support (no cert file)
- Backgrounding (daemon)
Fluxbox crashed with exit code 1. Respawning..
Fluxbox crashed with exit code 1. Respawning..
---Starting Thunderbird---
Unable to init server: Could not connect: Connection refused
Error: cannot open display: :99

after this it loops showing the same everytime

Edited June 5, 2022 by lhw1221

[ich777]

1 minute ago, lhw1221 said:

Thunderbird dose not work anymore after i restartet my server resently 

This is really strange...

 

Can you try to delete the container (only the container - not the directory in your appdata directory) and try to pull a fresh copy from the CA App.

If you do it this way, everything should stay intact and you mails and everything should be right in place.

On what Unraid version are you?

 

Maybe try to restart your server once more if this fixes the issue. I run the container since I've created it without any issue.

[lhw1221]

i am still UNRAID OS 6.9.2 but i did not update the container ehter cause (update is not showing up for me)
after re installing the contianer it workt again, but still weard.

[ich777]

1 hour ago, lhw1221 said:

i am still UNRAID OS 6.9.2 but i did not update the container ehter cause (update is not showing up for me)

I would recommend that you upgrade to Unraid 6.10.2

 

1 hour ago, lhw1221 said:

after re installing the contianer it workt again, but still weard.

Seems like that your container images got corrupt for whatever reason…?

 

Maybe try to check if your Docker image is corrupt or something like that.