binhex / arch-delugevpn Goto Github PK
View Code? Open in Web Editor NEWDocker build script for Arch Linux base with Deluge, Privoxy and OpenVPN
License: GNU General Public License v3.0
Docker build script for Arch Linux base with Deluge, Privoxy and OpenVPN
License: GNU General Public License v3.0
Just noticed I was getting this in my error logs
017-02-16 21:11:06,628 DEBG 'deluge-script' stderr output:
/usr/lib/python2.7/site-packages/deluge/_libtorrent.py:59: RuntimeWarning: to-Python converter for boost::shared_ptrlibtorrent::alert already registered; second conversion method ignored.
import libtorrent as lt
http://forum.deluge-torrent.org/viewtopic.php?f=7&t=53939#p223925
Not sure what the fix is, as this is an older post and supposedly it was fixed
Hi,
When I start the docker container, it crashes with the following output:
docker: Error response from daemon: driver failed programming external connectivity on endpoint deluge-vpn (887412b5aa707426f7d811c7c20c689df993523427ee1d13a297c02b9793d640): iptables failed: iptables --wait -t nat -A DOCKER -p tcp -d 0/0 --dport 8118 -j DNAT --to-destination 172.17.0.2:8118 ! -i docker0: iptables: No chain/target/match by that name.
(exit status 1).
Is there any fix to this? I have the suspicion that it is something to do with my Arch host setup.
Thanks!
It seems like deluged and deluge-web are being set to listen on the VPN interface. I see OpenVPN getting a 10.8.. IP yet the container->docker host interface is 172...*. Why wouldn't deluged and deluge-web listen on the container->docker host interface?
To expand out the usability of this docker, could we get an option to load a specified ovpn file on a mounted volume? Something like:
-e USE_OVPNFILE=TRUE -e OVPN_FILE=/config/openvpn/default.ovpn
Would open this up to using other VPN services, which would be nice given how overloaded PIA has become. Then I could just place my ovpn file and certs into wherever that is mounted and use my own VPN service.
I've got this docker container running and everything seems to be working great. However, when I try to manage torrents with the command line tool deluge-console (docker exec delugevpn deluge-console info
), it gives me the error
[ERROR ] 14:26:03 client:391 RPCError Message Received!
--------------------------------------------------------------------------------
RPCRequest: daemon.login(, )
--------------------------------------------------------------------------------
File "/usr/lib/python2.7/site-packages/deluge/core/rpcserver.py", line 262, in dispatch
ret = component.get("AuthManager").authorize(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/deluge/core/authmanager.py", line 89, in authorize
raise BadLoginError("Username does not exist")
BadLoginError: Username does not exist
--------------------------------------------------------------------------------
Failed to connect to 127.0.0.1:58846 with reason: Username does not exist
The same thing happens if I use docker exec to get into bash in the container and run deluge-console there. I've looked up the error and some people had this error when they were running deluge-console from a different user than the one that is running deluge, and I'm guessing this is the problem, but I can't figure out how to make it work. Looking in htop while inside the container, it says that user nobody is running deluge. If i su nobody and then run deluge-console, I still get the same error. Any idea how I can use deluge-console with this docker container? Thanks!
I'm trying to get this container working with PIA. I've tried every combination of user/password/remote I can think of but I keep getting the same error explaining that the local issuer certificate can't be found. Is there a step missing in the setup details? Where do we get this certificate and where should it be stored?
`DEBG 'start-script' stdout output:
UDPv4 link local: [undef]
UDPv4 link remote: [AF_INET]104.200.153.85:1198
DEBG 'start-script' stdout output:
VERIFY ERROR: depth=0, error=unable to get local issuer certificate: C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=1da62a494fe4951e6cea37cf8a930bcc, name=1da62a494fe4951e6cea37cf8a930bcc
TLS_ERROR: BIO read tls_read_plaintext error: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
TLS Error: TLS object -> incoming plaintext read error
TLS Error: TLS handshake failed
SIGUSR1[soft,tls-error] received, process restarting`
Not sure if this is a issue or not but when starting getting errors that the ovpn file and serts are not pressent. How does this work now?
Server config: proxmox 4.4 -> centos 7 lxc -> docker 1.13.1
I run delugevpn with other NAS-related containers (sonarr, couchpotato, plex) with docker-compose. Compose create their own docker network - https://docs.docker.com/compose/networking/
Your iptables rules accept connections only in bridge network (172.17.0.0/16).
If you try to run container with docker-compose, docker create network (172.18.0.0/16 in my case) and container services will be inaccessible from this network - other containers in Compose app can't communicate with delugevpn. Though i can connect to webui (8112) and daemon (58846) from LAN_NETWORK (192.168.10.0/24), but not to privoxy (8118)
I replace 172.17.0.0/16 to 172.16.0.0/12 in iptable.sh and this seems to work for me.
The tracker I am using with Deluge claims that it cannot reach the port that I've specified (and I've confirmed this with one of those janky web-based port scanners).
I'm not very savvy with iptables
, but I dug through your config file and it looks to me like all traffic FROM the VPN connection should be routed to the torrent client free and clear. My VPN provider does not block any ports and is very torrent friendly. I also see that port forwarding is enabled via systemctl
, which exhausts most of the troubleshooting I've come across.
Is this expected, or is something amiss?
Thank you for all your hard work!
It would be great if port 58846 was able to be exposed for integrating with things like CouchPotato.
Can workaround by passing the following on the command line --expose=58846
, but I'm guessing that the iptables rules are still blocking it.
Hi,
Would it be possible to upgrade libtorrent to 1.0.11 from the 1.0.9 that is installed now? I have noticed with 1.0.9 there are a number of torrents that report : Error: unsupported URL protocol
, however I do not see these same issues with 1.0.11.
Thanks in advance!
Hoping this is an easy one, I cant seem to sort it.
Can reach deluge webui via localhost without issue (works great btw).
However on a diff machine on my network I can not reach the webui.
So
Docker Command
docker run -d
--cap-add=NET_ADMIN
-p 8112:8112
-p 8118:8118
-p 58846:58846
-p 58946:58946
--name=delugevpn
-v {a path}:/data
-v {another path}:/config
-v /etc/localtime:/etc/localtime:ro
-e VPN_ENABLED=yes
-e VPN_USER=angela_merkel
-e VPN_PASS=chocolate
-e VPN_PROV=pia
-e VPN_REMOTE=us-seattle.privateinternetaccess.com
-e STRICT_PORT_FORWARD=no
-e ENABLE_PRIVOXY=no
-e LAN_NETWORK=192.168.1.1/24
-e NAME_SERVERS=8.8.8.8,8.8.4.4
-e DEBUG=false
-e UMASK=000
-e PUID=1000
-e PGID=1000
binhex/arch-delugevpn
Note other docker containers like nzbget and sonarr are reachable via ip.
Thanks for the help and effort on maintaining these containers!
Hi Im getting an error when trying to run this. It was working and then the computer lost power and shut down and I keep getting this error when trying to restart it.
I've tried reinstalling the image and docker itself and still getting the error.
Running this on Synology.
--------------------
[info] Starting OpenVPN...
2016-01-20 19:54:29,826 DEBG 'start' stdout output:
Wed Jan 20 19:54:29 2016 OpenVPN 2.3.9 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 24 2015
2016-01-20 19:54:29,826 DEBG 'start' stdout output:
Wed Jan 20 19:54:29 2016 library versions: OpenSSL 1.0.2e 3 Dec 2015, LZO 2.09
2016-01-20 19:54:29,827 DEBG 'start' stdout output:
Wed Jan 20 19:54:29 2016 WARNING: file 'credentials.conf' is group or others accessible
2016-01-20 19:54:29,852 DEBG 'start' stdout output:
Wed Jan 20 19:54:29 2016 UDPv4 link local: [undef]
Wed Jan 20 19:54:29 2016 UDPv4 link remote: [AF_INET]172.98.67.49:1194
2016-01-20 19:54:29,881 DEBG 'start' stdout output:
Wed Jan 20 19:54:29 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2016-01-20 19:54:29,985 DEBG 'start' stdout output:
Wed Jan 20 19:54:29 2016 [Private Internet Access] Peer Connection Initiated with [AF_INET]172.98.67.49:1194
2016-01-20 19:54:30,987 INFO success: webui entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2016-01-20 19:54:30,987 INFO success: deluge entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2016-01-20 19:54:32,497 DEBG 'start' stdout output:
Wed Jan 20 19:54:32 2016 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
Wed Jan 20 19:54:32 2016 Exiting due to fatal error
2016-01-20 19:54:32,497 DEBG fd 9 closed, stopped monitoring <POutputDispatcher at 140240024263136 for <Subprocess at 140240024262128 with name start in state RUNNING> (stdout)>
2016-01-20 19:54:32,497 DEBG fd 14 closed, stopped monitoring <POutputDispatcher at 140240024263568 for <Subprocess at 140240024262128 with name start in state RUNNING> (stderr)>
2016-01-20 19:54:32,497 INFO exited: start (exit status 1; not expected)
2016-01-20 19:54:32,497 DEBG received SIGCLD indicating a child quit
Hey there,
Firstly your delugeVPN image is awesome. I've been used it for a while now :)
I recently updated to the latest version and keep getting the following errors.
When I start up the docker container, the web UI will not start and in the logs it just hangs there indefinitely @ Deluge listening interface IP 0.0.0.0 and VPN provider IP 10.32.10.6 different, marking for reconfigure.
2017-06-28 08:06:14.654924 [info] Starting Supervisor...
2017-06-28 08:06:14,923 CRIT Set uid to user 0
2017-06-28 08:06:14,923 INFO Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2017-06-28 08:06:14,926 INFO supervisord started with pid 7
2017-06-28 08:06:15,927 INFO spawned: 'start-script' with pid 117
2017-06-28 08:06:15,929 INFO spawned: 'deluge-script' with pid 118
2017-06-28 08:06:15,930 INFO spawned: 'deluge-web-script' with pid 119
2017-06-28 08:06:15,931 INFO spawned: 'privoxy-script' with pid 120
2017-06-28 08:06:15,936 DEBG 'deluge-script' stdout output:
[info] Deluge config file already exists, skipping copy
2017-06-28 08:06:15,936 INFO success: start-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-28 08:06:15,936 INFO success: deluge-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-28 08:06:15,936 INFO success: deluge-web-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-28 08:06:15,936 INFO success: privoxy-script entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2017-06-28 08:06:15,937 DEBG 'deluge-script' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid
2017-06-28 08:06:15,937 DEBG 'start-script' stdout output:
[info] VPN is enabled, beginning configuration of VPN
2017-06-28 08:06:15,939 DEBG 'privoxy-script' stdout output:
[info] Privoxy set to disabled
2017-06-28 08:06:15,939 DEBG fd 26 closed, stopped monitoring <POutputDispatcher at 47934776159048 for <Subprocess at 47934775428232 with name privoxy-script in state RUNNING> (stderr)>
2017-06-28 08:06:15,940 DEBG fd 22 closed, stopped monitoring <POutputDispatcher at 47934776159480 for <Subprocess at 47934775428232 with name privoxy-script in state RUNNING> (stdout)>
2017-06-28 08:06:15,940 INFO exited: privoxy-script (exit status 0; expected)
2017-06-28 08:06:15,940 DEBG received SIGCLD indicating a child quit
2017-06-28 08:06:15,944 DEBG 'start-script' stdout output:
[info] VPN default certs defined, copying to /config/openvpn/...
2017-06-28 08:06:15,947 DEBG 'start-script' stdout output:
[info] VPN config file (ovpn extension) is located at /config/openvpn/openvpn.ovpn
2017-06-28 08:06:15,948 DEBG 'start-script' stderr output:
dos2unix: converting file /config/openvpn/openvpn.ovpn to Unix format...
2017-06-28 08:06:15,978 DEBG 'start-script' stdout output:
[info] Default route for container is 172.17.0.1
2017-06-28 08:06:15,981 DEBG 'start-script' stdout output:
[info] Adding 8.8.8.8 to /etc/resolv.conf
2017-06-28 08:06:15,983 DEBG 'start-script' stdout output:
[info] Adding 8.8.4.4 to /etc/resolv.conf
2017-06-28 08:06:15,987 DEBG 'start-script' stdout output:
[info] Adding 192.168.0.0/16 as route via docker eth0
2017-06-28 08:06:15,988 DEBG 'start-script' stdout output:
[info] ip route defined as follows...
--------------------
2017-06-28 08:06:15,988 DEBG 'start-script' stdout output:
default via 172.17.0.1 dev eth0
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.8
192.168.0.0/16 via 172.17.0.1 dev eth0
2017-06-28 08:06:15,988 DEBG 'start-script' stdout output:
--------------------
2017-06-28 08:06:15,991 DEBG 'start-script' stdout output:
[info] iptable_mangle support detected, adding fwmark for tables
2017-06-28 08:06:16,007 DEBG 'start-script' stdout output:
[info] Docker network defined as 172.17.0.0/16
2017-06-28 08:06:16,045 DEBG 'start-script' stdout output:
[info] iptables defined as follows...
--------------------
2017-06-28 08:06:16,047 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.0.0/16 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.0.0/16 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
2017-06-28 08:06:16,048 DEBG 'start-script' stdout output:
--------------------
[info] Starting OpenVPN...
2017-06-28 08:06:16,058 DEBG 'start-script' stdout output:
[info] OpenVPN started
2017-06-28 08:06:22,644 DEBG 'deluge-script' stdout output:
[info] Deluge not running
[info] Deluge listening interface IP 0.0.0.0 and VPN provider IP 10.32.10.6 different, marking for reconfigure
I have reverted back to tag 1.3.15-1-02 for the meantime. Let me know if there's any more info you need or if I've messed up the setup.
Cheers!
I just wanted to post this while I was thinking about it, and if someone else doesn't get around to it I can, but:
I had to skim through your install scripts to figure out how you were installing deluge (using the aor's latest, clever) to see if you were using the newest version that was just recently.
Because of the method you used, the user needs to know that they have to actually not only remove the container, but also use rmi to get rid of the image as well otherwise it doesn't see an update to grab due to the image not actually changing between versions (which then downloads the new deluge).
Only took a few minutes to hunt down, but still took a minute and might be worth capturing the work done in the readme to streamline this in the future.
I get lots of OpenSSL errors since PIA re-issued their certs:
https://www.privateinternetaccess.com/forum/discussion/21779/we-are-removing-our-russian-presence
2016-08-16 16:11:48,510 DEBG 'start-script' stdout output:
Tue Aug 16 16:11:48 2016 VERIFY ERROR: depth=1, error=self signed certificate in certificate chain: C=US, ST=OH, L=Columbus, O=Private Internet Access, CN=Private Internet Access CA, [email protected]
Tue Aug 16 16:11:48 2016 OpenSSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Tue Aug 16 16:11:48 2016 TLS_ERROR: BIO read tls_read_plaintext error
2016-08-16 16:11:48,511 DEBG 'start-script' stdout output:
Tue Aug 16 16:11:48 2016 TLS Error: TLS object -> incoming plaintext read error
Tue Aug 16 16:11:48 2016 TLS Error: TLS handshake failed
Tue Aug 16 16:11:48 2016 SIGUSR1[soft,tls-error] received, process restarting
2016-08-16 16:11:50,518 DEBG 'start-script' stdout output:
Tue Aug 16 16:11:50 2016 UDPv4 link local: [undef]
Tue Aug 16 16:11:50 2016 UDPv4 link remote: [AF_INET]46.166.190.131:1194
2016-08-16 16:11:50,722 DEBG 'start-script' stdout output:
Tue Aug 16 16:11:50 2016 WARNING: file 'credentials.conf' is group or others accessible
2017-10-19 14:06:23,185 DEBG 'deluge-script' stdout output:
[debug] Waiting for file '/home/nobody/vpn_incoming_port.txt' to be generated (contains PIA API generated incoming port number)...
2017-10-19 14:06:23,249 DEBG 'start-script' stdout output:
[warn] Response code 000 from curl != 2xx
[warn] Exit code 7 from curl != 0
[info] 12 retries left
see this over and over, anyone else?
When using the umask 077 600 (rw-------)
the file /home/nobody/vpn_incoming_port.txt
is not readable (obviously) which results in deluge being improperly configured...
I'm trying to get this started, but I'm getting many errors. I'm running the following docker-compose.yml
file:
version: "3"
services:
deluge:
image: binhex/arch-delugevpn
container_name: deluge
restart: on-failure
cap_add:
- NET_ADMIN
ports:
- "8112:8112"
- "8118:8118"
- "58846:58846"
- "58946:58946"
networks:
- plexnet
environment:
- PUID=1001
- PGID=1001
- VPN_ENABLED=yes
- VPN_USER=mask_username
- VPN_PASS=mask_password
- VPN_REMOTE=france.privateinternetaccess.com
- VPN_PORT=1198
- VPN_PROTOCOL=udp
- VPN_DEVICE_TYPE=tun
- VPN_PROV=pia
- STRONG_CERTS=no
- ENABLE_PRIVOXY=yes
- LAN_NETWORK=61.183.79.118/32
- NAME_SERVERS=8.8.8.8,8.8.4.4
- DEBUG=false
- UMASK=000
volumes:
- /etc/localtime:/etc/localtime:ro
- /home/tomato/.config/Deluge:/config
- /home/tomato/downloads:/data
networks:
plexnet:
driver: bridge
And these are the log files I'm getting: https://pastebin.com/kyPMJdCU
Honestly I have no idea where to start with this, so I'm hoping to get some help here.
Edit: these are the logs with DEBUG
set to true
: https://pastebin.com/eYeJSF6J
It seems that right now Deluge will create files only writable by nobody. Would it be possible to allow us to configure Deluge's UMASK? Deluge also seems to create all the download folders with nobody as both the owner and group - it would be great if we could configure the group it creates the folders as.
This way I could allow Sonarr to pull files from Deluge's complete folder (Sonarr runs as a separate user 'nzbdrone' that is also part of the 'users' group).
Using a macvlan network I can't connect to any ports on the delugevpn container. Nmap shows no open ports also.
Containers IP is 192.168.1.43
and LAN_NETWORK
is set to 192.168.1.0/24
Debug output of the iptables setup shows:
2017-09-17 16:36:09,198 DEBG 'start-script' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1198 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -i eth0 -p tcp -m tcp --dport 58846 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -i eth0 -p tcp -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1198 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -d 192.168.1.0/24 -o eth0 -p tcp -m tcp --sport 58846 -j ACCEPT
-A OUTPUT -s 192.168.1.0/24 -d 192.168.1.0/24 -o eth0 -p tcp -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
The container appears to be functioning (OpenVPN connected, no error messages output, etc.) but I can't connect. I can connect to other containers on the same macvlan network.
Hi,
Is there a way to access log for deluge-web ? I just find logs for the daemon (/config/deluged.log).
I would like to map it to my host and use fail2ban.
Thanks !
I am noticing that every day or so the container resets, I am guessing due to the port changing etc... /w PIA. However, when this happens my torrents in the process of downloading go to a error status and have to be rechecked manually. In addition, my selected plugins reset back to default.
I have 2 questions around this:
Is there any way to make deluge resume when it finds it has to update based on the port or whatever reason? *Update - I see there was a PR for this, so dont think this needs to be answered.
Is there a way to make my plugin setting persistent? My /config is mapped to a directory to keep things persistent, but the plugins change anyway.
Have I overlooked something in the documentation or can you set some sort of password auth to limit access to the privoxy instance?
Hi,
I'm running a QNAP x64 machine and I'm getting the warning about iptables_mangle during startup of the container.
I don't have iptables_mangle available, but I do have ip6table_mangle.
I've recently switched from PIA to a different VPN.
Is there any documentation on how to use the "custom" vpn type? Or can you give a hint? I wouldn't know where to begin.
Never mind. I figured it out. :-)
Seems to be an issue / enhancement handled by Deluge (per ticket# 259) about ten years ago, yet...
The binhex (docker) version of delugevpn that I downloaded and installed in unRAID does not seem have such a feature enabled in its webGUI. What does it take to enable such a feature? Is there a plug-in readily available? I can't find anything further on the issue, except that Deluge 'fixed' it years ago, but that patch applied to the GTK UI, not the WebGUI. Thanks.
BTW The DelugeVPN docker worked great the first time out and provided for an excellent configuration with VPN and Privoxy included. Wish all apps were to easy to install and configure.
binhex - This image is awesome and works great with my PIA account, plus the additional add-on of Privoxy is extremely useful.
I have a question / request though:
Would it be possible to re-work this image a bit to provide for two volume mapped folder locations instead of just the one /data
location?
Coming from a non-container version of Deluge the general recommendation is to have/use a two folder set-up generally something like ~/downloading
and ~/complete
.
I would like to keep those two folders in use and volume map them into this container but right now there is only the /data
location available (not including /config
which should remain on its own).
Anyway just a thought - would really appreciate it if the tweak could be made - but if not I'll find some way to work around it.
Thanks again for all your awesome Docker images.
Hi,
I have setup my container on Unraid 6.0.1 but get a strange error in the log about '/tmp/openvpn/openvpn-status.log'. here is the full log:
2015-08-19 17:42:42,801 CRIT Set uid to user 0
2015-08-19 17:42:42,802 WARN Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2015-08-19 17:42:42,807 INFO supervisord started with pid 1
2015-08-19 17:42:43,810 INFO spawned: 'deluge' with pid 7
2015-08-19 17:42:43,812 INFO spawned: 'setip' with pid 8
2015-08-19 17:42:43,815 INFO spawned: 'start' with pid 9
2015-08-19 17:42:43,817 INFO spawned: 'webui' with pid 10
2015-08-19 17:42:43,820 INFO spawned: 'privoxy' with pid 11
2015-08-19 17:42:43,823 INFO spawned: 'setport' with pid 12
2015-08-19 17:42:43,829 DEBG 'deluge' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid
2015-08-19 17:42:43,830 INFO success: setip entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-08-19 17:42:43,830 INFO success: start entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-08-19 17:42:43,830 INFO success: privoxy entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-08-19 17:42:43,830 INFO success: setport entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-08-19 17:42:43,843 DEBG 'start' stdout output:
[info] VPN is enabled, beginning configuration of OpenVPN
2015-08-19 17:42:43,852 DEBG 'privoxy' stdout output:
[info] VPN is enabled, checking VPN tunnel local ip is valid
2015-08-19 17:42:43,854 DEBG 'start' stdout output:
[info] VPN provider defined as custom
2015-08-19 17:42:43,915 DEBG 'start' stdout output:
[info] ip routing table
2015-08-19 17:42:43,916 DEBG 'start' stdout output:
default via 172.17.42.1 dev eth0
2015-08-19 17:42:43,916 DEBG 'start' stdout output:
172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.82
--------------------
2015-08-19 17:42:43,943 DEBG 'start' stdout output:
[info] iptables
2015-08-19 17:42:43,944 DEBG 'start' stdout output:
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 1194 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8118 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 8118 -j ACCEPT
-A INPUT -p udp -m udp --sport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT
-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT
-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
2015-08-19 17:42:43,944 DEBG 'start' stdout output:
--------------------
2015-08-19 17:42:43,944 DEBG 'start' stdout output:
[info] nameservers
2015-08-19 17:42:43,945 DEBG 'start' stdout output:
nameserver 8.8.8.8
nameserver 8.8.4.4
2015-08-19 17:42:43,945 DEBG 'start' stdout output:
--------------------
[info] Starting OpenVPN...
2015-08-19 17:42:43,950 DEBG 'start' stdout output:
Options error: --status fails with '/tmp/openvpn/openvpn-status.log': No such file or directory
Options error: Please correct these errors.
Use --help for more information.
2015-08-19 17:42:43,951 DEBG fd 15 closed, stopped monitoring <POutputDispatcher at 47109767012224 for <Subprocess at 47109767010352 with name start in state RUNNING> (stdout)>
2015-08-19 17:42:43,951 DEBG fd 19 closed, stopped monitoring <POutputDispatcher at 47109767061872 for <Subprocess at 47109767010352 with name start in state RUNNING> (stderr)>
2015-08-19 17:42:43,951 INFO exited: start (exit status 1; not expected)
2015-08-19 17:42:43,951 DEBG received SIGCLD indicating a child quit
2015-08-19 17:42:44,951 INFO success: deluge entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-08-19 17:42:44,952 INFO success: webui entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
Thanks in advance!
When I add the docker, I get a "This webpage is not available" error. Any tips in how I can get this working?
Here is the command I run to se it up:
docker run -d --name="binhex-delugevpn" --net="bridge" --privileged="true" -e VPN_USER="<USERNAME>" -e VPN_PASS="<PASSWORD>" -e VPN_REMOTE="chi-a03.wlvpn.com" -e VPN_PORT="1194" -e VPN_PROV="custom" -e ENABLE_PRIVOXY="no" -e TZ="America/Denver" -p 8112:8112/tcp -p 8118:8118/tcp -v "/mnt/cache/appdata/deluge_vpn/config":"/config":rw -v "/mnt/cache/appdata/deluge_vpn/data":"/data":rw binhex/arch-delugevpn
Here is my logs:
/usr/bin/docker logs --tail=350 -f binhex-delugevpn 2>&1
2015-04-08 11:04:19,144 CRIT Set uid to user 0
2015-04-08 11:04:19,144 WARN Included extra file "/etc/supervisor/conf.d/delugevpn.conf" during parsing
2015-04-08 11:04:19,146 INFO supervisord started with pid 1
2015-04-08 11:04:20,148 INFO spawned: 'deluge' with pid 8
2015-04-08 11:04:20,148 INFO spawned: 'setip' with pid 9
2015-04-08 11:04:20,149 INFO spawned: 'start' with pid 10
2015-04-08 11:04:20,149 INFO spawned: 'webui' with pid 11
2015-04-08 11:04:20,150 INFO spawned: 'privoxy' with pid 12
2015-04-08 11:04:20,151 INFO spawned: 'setport' with pid 13
2015-04-08 11:04:20,163 DEBG 'start' stdout output:
[info] VPN provider defined as custom
2015-04-08 11:04:20,163 INFO success: setip entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-04-08 11:04:20,163 INFO success: start entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-04-08 11:04:20,163 INFO success: privoxy entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-04-08 11:04:20,163 INFO success: setport entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
2015-04-08 11:04:20,163 DEBG 'start' stdout output:
[crit] VPN provider defined as custom, no files with an ovpn extension exist in /config/openvpn/ please create and restart delugevpn
2015-04-08 11:04:20,163 DEBG fd 15 closed, stopped monitoring (stdout)>
2015-04-08 11:04:20,163 DEBG fd 19 closed, stopped monitoring (stderr)>
2015-04-08 11:04:20,163 INFO exited: start (exit status 1; not expected)
2015-04-08 11:04:20,163 DEBG received SIGCLD indicating a child quit
2015-04-08 11:04:21,164 INFO success: deluge entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2015-04-08 11:04:21,164 INFO success: webui entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
PIA uses a different port for the strong certs, specifically 1197, instead of 1198. Source: https://helpdesk.privateinternetaccess.com/hc/en-us/articles/218984968-What-is-the-difference-between-the-OpenVPN-config-files-on-your-website-
And in fact I couldn't connect to PIA with strong certs until I set my port to 1197. I think it would be helpful with a small note in the readme about changing the port when using STRONG_CERTS :)
The example in the repo and at https://hub.docker.com/r/binhex/arch-delugevpn/ for Private Internet Access do not work. It seems that to get thing to work we now have to download the openvpn config files from PIA and put the desired ovpn, crt, and pem file in the containers /config/openvpn folder.
The OVPN files can be found here https://www.privateinternetaccess.com/openvpn/openvpn.zip.
If this is not done and you follow the current examples the container goes into a restart loop.
I've had to use a bash script to get this all to work specifically because I had to have the openvpn config files in place before the docker container was run. Here's my script if you want a reference https://github.com/Wolfereign/Portland/blob/master/run_container/deluge.sh
Not able to send torrents to deluge. I have tried to set this manually. This is using the docker app in Unraid v6.3.5
Please see below for example from the log. I am able to test the connection to deluge webui successfully, however.
2017-07-06 23:18:06 WARNING SEARCHQUEUE-MANUAL-161511 :: Deluge: Unable to send Torrent
Hello,
Here my env cfg :
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"HOME=/data/deluge-home/",
"TERM=xterm",
"LANG=en_GB.UTF-8",
"VPN_ENABLED=yes",
"[email protected]",
"VPN_PASS=xxx",
"VPN_PROV=custom",
"UMASK=0755",
"VPN_OPTIONS=France-256.ovpn",
"LAN_NETWORK=192.168.1.0/24",
"ENABLE_PRIVOXY=yes"
My server is on the router ip 192.168.1.3 and when i'm trying to access to 192.168.1.3:8112 from 192.168.1.2 computer, it's not working. I got a message in my browser saying the computer doesn't allow access to the page.
I think I filled in all the settings correctly but for some reason it stops at 'Waiting for valid IP address from tunnel...'. I don't know what I'm missing. Can you something in the logs?
Hi,
I don't know if this is too much to ask, but would it be possible to include ffmpeg, ffprobe and 7zip in the docker container? I ask because adding these packages would allow for https://github.com/clinton-hall/nzbToMedia to be added as a deluge plugin. This plugin is very handy for auto extracting downloaded media files and well as verifying they are not corrupt.
Thanks in advance!
So strange thing is I get different files when I use the ssh:// vs the https:// git clone.
Using the https one seems to be missing start.sh, which is required based on delugevpn.conf calling it.
The ssh:// one has apps/config/pia and /apps/root
Very strange!
I'm having problems trying to run this as an Openshift pod.
I've previously had it working with no problems at all but one of the recent commits seems to have broken it for me.
Commit: 0212220 removed the iptables rules to allow ingress/egress DNS traffic which prevents the initial DNS lookup for the VPN endpoint (x.privateinternetaccess.com) to fail.
It's possible and likely that I'm missing something here so I'd appreciate any advice.
Unraid recently updated to 6.1.8 and delugevpn did along with it. Now the container no longer starts or shows activity in the logs.
I've removed the image, re-downloaded, reconfigured, it builds fine, but the issue persists.
Is this known?
I have been using this docker image with PIA. When I recently updated the image, I'm getting an error about an .ovpn config file not being present. Is this now required for using PIA? Is there a way the config file could be auto-generated, or do we need to provide one? If we need to provide one, it would be good to add that to the documentation.
I did a docker-compose pull (which pulls the newest arch-delugevpn among other docker images) last night and it updated. After restarting arch-delugevpn with the newest image from docker hub, I noticed that many torrents that had stalled and stopped downloading for weeks or months suddenly restarted and were again downloading. What would have made this occur? If, in the future, other torrents stall like this is there a way to get them to start up again other than waiting for a future arch-delugevpn image update?
For the life of me I cant access deluge docker from lan, while vpn is enable ive tryed all combo's
VPN=Off,privoxy=Off can access
VPN=Off,privoxy=On can access
VPN=On,privoxy=On cant access
VPN=On,privoxy=Off cant access
Ive tryed webui and also remote daemon (i can access both with VPN turned off)
hopefully im just over looking something.
After configuring what I needed, etc, I tried to connect to port 8118 in firefox, and had no luck. I tried to poke around a bit at the code, however I'm not seeing port 8118 being enabled? I'm slightly new to docker, so bare with my minimal knowledge of what I should be looking for. Almost seems as 8118 needs to be set up in the firewall script?
It would be great if it was possible to simply mount a .ovpn configuration file into the image that would contain the various VPN parameters rather than requiring lots of envionment variables be set
When I look at the log it says that it wakes up checks and then goes back to sleep on a 10 min cycle. Is there a way to turn that off?
I got it running, but I cant seem to acces the web interface..
This is the command I ran to install the container:
docker run -d --cap-add=NET_ADMIN -p 8112:8112 -p 8118:8118 --name=delugevpn -v /media:/data -v /media:/media -v /media/Nori/appdata/DelugeVPN:/config -v /etc/localtime:/etc/localtime:ro -e VPN_ENABLED=yes -e VPN_USER= -e VPN_PASS= -e VPN_REMOTE=nl.privateinternetaccess.com -e VPN_PORT=1194 -e VPN_PROV=pia -e ENABLE_PRIVOXY=yes binhex/arch-delugevpn
And I forwarded 8112 to port 9091 but I can't seem to connect to the web interface.
Did I do something wrong?
Can some one help me please?
Is it possible?
Hi,
I'm trying to add the port for the daemon so I can use a thinclient on a Windows machine to access Deluge but so far I'm stumped.
I've pulled the rep, built the dockerfile using the modified Iptables.sh as follows:
#!/bin/bash
# ip route
###
# split comma seperated string into list from LAN_NETWORK env variable
IFS=',' read -ra lan_network_list <<< "${LAN_NETWORK}"
# process lan networks in the list
for lan_network_item in "${lan_network_list[@]}"; do
# strip whitespace from start and end of lan_network_item
lan_network_item=$(echo "${lan_network_item}" | sed -e 's/^[ \t]*//')
echo "[info] Adding ${lan_network_item} as route via docker eth0"
ip route add "${lan_network_item}" via "${DEFAULT_GATEWAY}" dev eth0
done
echo "[info] ip route defined as follows..."
echo "--------------------"
ip route
echo "--------------------"
# setup iptables marks to allow routing of defined ports via eth0
###
# check kernel for iptable_mangle module
lsmod | grep "iptable_mangle" > /dev/null
iptable_mangle_exit_code=$?
if [[ "${DEBUG}" == "true" ]]; then
echo "[debug] Modules currently loaded for kernel" ; lsmod
fi
# if iptable_mangle is not available then attempt to load module
if [[ $iptable_mangle_exit_code != 0 ]]; then
# attempt to load module
echo "[info] iptable_mangle module not supported, attempting to load..."
modprobe iptable_mangle > /dev/null
iptable_mangle_exit_code=$?
fi
# if iptable_mangle is available then set fwmark
if [[ $iptable_mangle_exit_code == 0 ]]; then
echo "[info] iptable_mangle support detected, adding fwmark for tables"
# setup route for deluge webui using set-mark to route traffic for port 8112 to eth0
echo "8112 webui" >> /etc/iproute2/rt_tables
ip rule add fwmark 1 table webui
ip route add default via $DEFAULT_GATEWAY table webui
echo "58846 delrem" >> /etc/iproute2/rt_tables
ip rule add fwmark 3 table webui
ip route add default via $DEFAULT_GATEWAY table delrem
# setup route for privoxy using set-mark to route traffic for port 8118 to eth0
if [[ $ENABLE_PRIVOXY == "yes" ]]; then
echo "8118 privoxy" >> /etc/iproute2/rt_tables
ip rule add fwmark 2 table privoxy
ip route add default via $DEFAULT_GATEWAY table privoxy
fi
else
echo "[warn] iptable_mangle module not supported, you will not be able to connect to Deluge webui or Privoxy outside of your LAN"
fi
# input iptable rules
###
# set policy to drop for input
iptables -P INPUT DROP
# accept input to tunnel adapter
iptables -A INPUT -i "${VPN_DEVICE_TYPE}0" -j ACCEPT
# accept input to/from docker containers (172.x range is internal dhcp)
iptables -A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
# accept input to vpn gateway
iptables -A INPUT -i eth0 -p $VPN_PROTOCOL --sport $VPN_PORT -j ACCEPT
# accept input to deluge webui port 8112
iptables -A INPUT -i eth0 -p tcp --dport 8112 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 8112 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 58846 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 58846 -j ACCEPT
# accept input to privoxy port 8118 if enabled
if [[ $ENABLE_PRIVOXY == "yes" ]]; then
iptables -A INPUT -i eth0 -p tcp --dport 8118 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 8118 -j ACCEPT
fi
# process lan networks in the list
for lan_network_item in "${lan_network_list[@]}"; do
# strip whitespace from start and end of lan_network_item
lan_network_item=$(echo "${lan_network_item}" | sed -e 's/^[ \t]*//')
# accept input to deluge daemon port - used for lan access
iptables -A INPUT -i eth0 -s "${lan_network_item}" -p tcp --dport 58846 -j ACCEPT
done
# accept input dns lookup
iptables -A INPUT -p udp --sport 53 -j ACCEPT
# accept input icmp (ping)
iptables -A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
# accept input to local loopback
iptables -A INPUT -i lo -j ACCEPT
# output iptable rules
###
# set policy to drop for output
iptables -P OUTPUT DROP
# accept output from tunnel adapter
iptables -A OUTPUT -o "${VPN_DEVICE_TYPE}0" -j ACCEPT
# accept output to/from docker containers (172.x range is internal dhcp)
iptables -A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT
# accept output from vpn gateway
iptables -A OUTPUT -o eth0 -p $VPN_PROTOCOL --dport $VPN_PORT -j ACCEPT
# if iptable mangle is available (kernel module) then use mark
if [[ $iptable_mangle_exit_code == 0 ]]; then
# accept output from deluge webui port 8112 - used for external access
iptables -t mangle -A OUTPUT -p tcp --dport 8112 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -p tcp --sport 8112 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -p tcp --dport 58846 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -p tcp --sport 58846 -j MARK --set-mark 1
# accept output from privoxy port 8118 - used for external access
if [[ $ENABLE_PRIVOXY == "yes" ]]; then
iptables -t mangle -A OUTPUT -p tcp --dport 8118 -j MARK --set-mark 2
iptables -t mangle -A OUTPUT -p tcp --sport 8118 -j MARK --set-mark 2
fi
fi
# accept output from deluge webui port 8112 - used for lan access
iptables -A OUTPUT -o eth0 -p tcp --dport 8112 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 8112 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --dport 58846 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 58846 -j ACCEPT
# accept output from privoxy port 8118 - used for lan access
if [[ $ENABLE_PRIVOXY == "yes" ]]; then
iptables -A OUTPUT -o eth0 -p tcp --dport 8118 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 8118 -j ACCEPT
fi
# process lan networks in the list
for lan_network_item in "${lan_network_list[@]}"; do
# strip whitespace from start and end of lan_network_item
lan_network_item=$(echo "${lan_network_item}" | sed -e 's/^[ \t]*//')
# accept output to deluge daemon port - used for lan access
iptables -A OUTPUT -o eth0 -d "${lan_network_item}" -p tcp --sport 58846 -j ACCEPT
done
# accept output for dns lookup
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
# accept output for icmp (ping)
iptables -A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
# accept output from local loopback adapter
iptables -A OUTPUT -o lo -j ACCEPT
echo "[info] iptables defined as follows..."
echo "--------------------"
iptables -S
echo "--------------------"
And of course also added
-p 58846:58846
to the docker init script.
But I still can't connect to the server. I can access the WebUi just fine.
Any hints you can give me? :)
Any chance you can add autodl-irssi?
Install info for building from source.
https://github.com/autodl-community/autodl-irssi/blob/master/docs/installation.md
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.