Ltek
commented
3 years ago Is this Image no longer maintained?
Closed Ltek closed 3 years ago
Ltek
commented
3 years ago Is this Image no longer maintained?
Kabe0
commented
3 years ago Sorry, Have been crazy busy.
So you don't use a config.ovpn file with this setup. This uses windscribe-cli to handle the network interfacing. So you only to make a config file with the username/pass of your windscribe login. You may also define it as environment variables to the docker container as described in the readme example.
Example auth.conf file
user
pass
bestYou do need to have the --device assigned, otherwise the docker container will not have access to the proper network driver to make the correct tunnel settings. --cap-add=NET_ADMIN gives the docker container access to modify the /net/tun as by default docker are not authorised to make network modifications.
I have used Synology NAS's in the past. What are you using to configure the docker container?
You should be able to ssh into your NAS and run the docker command if nessesary. Personally my suggestion would be to install https://www.portainer.io/ on your Synology NAS. That will give you access to all the controls you will need to set up this and other docker images.
https://mariushosting.com/how-to-install-portainer-on-your-synology-nas/
I do update the container, but have been crunched for time recently.
Ltek
commented
3 years ago @Kabe0 thx for the info. I'm really new to this. I installed Portainer - def over my head for now.
Can you help me build the proper Compose file?
I've see people use some settings, not sure if I need to?
volumes:
- /dev/net:/dev/net:z # tun device
- ${ROOT}/data/config/vpn:/vpn # OpenVPN configuration
security_opt:
- label:disable
ports:
- 9117:9117 # Jackett
- 8112:8112 # Deluge web UI
- 58846:58846 # Deluge bittorrent daemon
command: "-r 192.168.2.0/24" # route local network trafficso far, here's what I have - without the above...
version: "3"
services:
kabe0-deluge-windscribe:
container_name: kabe0-deluge-windscribe
image: kabe0/deluge-windscribe:latest
restart: unless-stopped
cap_add:
- NET_ADMIN # required to modify network interfaces
devices:
- /dev/net/tun
kabe0-deluge-windscribe:
command:
- '/bin/sh -c /usr/bin/python3 -u /usr/bin/init.py'
cpu_shares: 50
environment:
- VPN_LOCATION=us-central.windscribe.com
- VPN_PASSWORD=<REMOVED>
- VPN_USERNAME=<REMOVED>
- PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- HOME=/config
- WEB_PORT=8112
- DEL_PORT=58846
- DEL_UID=1000
- DEL_GID=1000
- DEL_INT=tun0
- VPN_ENABLE=True
- VPN_AUTH=/config/auth.conf
- APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1
- TZ=Americas/Denver
hostname: kabe0-deluge-windscribe
ipc: shareable
labels:
maintainer: kabe0
logging:
driver: db
options: {}
mac_address: 02:42:ac:11:00:08
networks:
bridge:
aliases:
ports:
- 0.0.0.0:8182:6881/udp
- 0.0.0.0:8181:8112/tcp
stdin_open: true
tty: true
volumes:
- /volume1/docker/deluge-windscribe:/config:rw
networks:
bridge:
external: trueThis is my actual docker-compose file I have had running for the past 6 months
version: "3"
services:
deluge-windscribe:
restart: unless-stopped
image: kabe0/deluge-windscribe:latest
volumes:
- ./downloads:/downloads
- ./DelugeConfig:/config
ports:
- 8112:8112
- 8989:8989
- 58846:58846
cap_add:
- NET_ADMIN
devices:
- /dev/net/tunA ./ represents the current directory. Inside the current directory, under DelugeConfig I have a config file called auth.conf with the three lines I mentioned above. The folder permissions for DelugeConfig are set to my user. You can find your user ID by typing
id in your main system which will print out the uid and gid values. Make sure they match your variables on the container for DEL_UID and DEL_GID
Kabe0
commented
3 years ago If you want send me the logs you get when you run it.
Ltek
commented
3 years ago I'm new to docker and for some reason Docker seems more complicated and less intuitive than anything tech I've used in 20 years... and that includes programming languages like Python :(
here's what I got...
root@NAS:~# docker-compose -f /volume1/docker/docker-compose.yml up
Creating network "docker_default" with the default driver
Creating docker_deluge-windscribe_1 ... error
ERROR: for docker_deluge-windscribe_1 Cannot start service deluge-windscribe: driver failed programming external connectivity on endpoint docker_deluge-windscribe_1 (1132c27f2537643a0abf5d479f33f4d63c4f1d0db3e7f31cd5657daf88dacd93): Bind for 0.0.0.0:8989 failed: port is already allocated
ERROR: for deluge-windscribe Cannot start service deluge-windscribe: driver failed programming external connectivity on endpoint docker_deluge-windscribe_1 (1132c27f2537643a0abf5d479f33f4d63c4f1d0db3e7f31cd5657daf88dacd93): Bind for 0.0.0.0:8989 failed: port is already allocated
ERROR: Encountered errors while bringing up the project.I slightly mod'd the YML to put in my volumes...
version: "3"
services:
deluge-windscribe:
restart: unless-stopped
image: kabe0/deluge-windscribe:latest
volumes:
- ./media/downloads:/downloads
- ./docker/deluge-windscribe:/config
ports:
- 8112:8112
- 8989:8989
- 58846:58846
cap_add:
- NET_ADMIN
devices:
- /dev/net/tunDocker is probably one of the easiest virtualization options to come around in a long time. It does have a little bit of a barrier. If you push through it though I think you will find it's extremely useful.
So the issue your running into is those ports are already consumed. So my guess is you have a container already running.
Run
docker ps to view all the active docker services. If you see one, look for it's unique instance name and end it by running
docker stop <instance_name>
Just to clarify, the ./media and ./docker folders are inside your folder with the docker-compose.yml right? It should look like this...
docker-compose.yml
media
downloads
docker
deluge-windscribe
auth.confIf that is not what your looking for, remove the dot at the beginning of each voume defined to have it go to the root of the linux machine instead of the current directory.
Kabe0
commented
3 years ago If you are running something on 8989 and don't want to change it, you can always rebind it to a different port by just specifying the alternative port on the right side of the ports defined, like
18989:8989
Ltek
commented
3 years ago just realized 8989 is the default port for Sonarr, I removed it and compose built the container. I cannot access it on port 8112 like I can with my non-VPN Container version of Deluge?
And it keeps unexpectedly stopping.
Does the error I got below matter?
root@NAS:~# docker-compose -f /volume1/docker/deluge-windscribe/docker-compose.yml up
Creating network "deluge-windscribe_default" with the default driver
Creating deluge-windscribe_deluge-windscribe_1 ... done
Attaching to deluge-windscribe_deluge-windscribe_1
deluge-windscribe_1 | WARNING: no logs are available with the 'db' log driver
deluge-windscribe_deluge-windscribe_1 exited with code 1also, in the Docker log for the container gives me a login error for Windscribe deluge-windscribe_deluge-windscribe_1.html.txt
here's the compose...
version: "3"
services:
deluge-windscribe:
restart: unless-stopped
image: kabe0/deluge-windscribe:latest
volumes:
- /volume1/media/downloads:/downloads
- /volume1/docker/deluge-windscribe:/config
ports:
- 8112:8112
- 58846:58846
cap_add:
- NET_ADMIN
devices:
- /dev/net/tunOops sorry, had sonnar connected at one point through it using that port.
Just checking, your using the username/pass for your windscribe account not the openvpn right? You could add the dns which can help That error should not be an issue.
version: "3"
services:
deluge-windscribe:
restart: unless-stopped
image: kabe0/deluge-windscribe:latest
volumes:
- /volume1/media/downloads:/downloads
- /volume1/docker/deluge-windscribe:/config
ports:
- 8112:8112
- 58846:58846
dns:
- 8.8.8.8
cap_add:
- NET_ADMIN
devices:
- /dev/net/tunYes, Username & password are correct -- I put them in the Enviro and the log is diff (see below) the Container stops/crashes now too
And still cannot connect to the Deluge UI the web page says..
This page isn’t working
192.168.2.50 didn’t send any data.
ERR_EMPTY_RESPONSE
Can I add DNS as an Environment variable, or do I need to rebuilt the container? -- not sure why DNS would help me access it locally?
Wondering if I need this, I've seen this in other tutorials... command: "-r 192.168.2.0/24" # route local network traffic how do I put that into a Compose YML?
log...
`
| date | stream | content |
|---|---|---|
| 2021-01-16 23:57:59 | stderr | 2: EOF |
| 2021-01-16 23:57:59 | stderr | 1: re.compile(b'Service communication error') |
| 2021-01-16 23:57:59 | stderr | 0: re.compile(b'Please login to use Windscribe') |
| 2021-01-16 23:57:59 | stderr | searcher: searcher_re: |
| 2021-01-16 23:57:59 | stderr | delayafterterminate: 0.1 |
| 2021-01-16 23:57:59 | stderr | delayafterclose: 0.1 |
| 2021-01-16 23:57:59 | stderr | delaybeforesend: 0.05 |
| 2021-01-16 23:57:59 | stderr | searchwindowsize: None |
| 2021-01-16 23:57:59 | stderr | ignorecase: False |
| 2021-01-16 23:57:59 | stderr | maxread: 2000 |
| 2021-01-16 23:57:59 | stderr | logfile_send: None |
| 2021-01-16 23:57:59 | stderr | logfile_read: None |
| 2021-01-16 23:57:59 | stderr | logfile: None |
| 2021-01-16 23:57:59 | stderr | delimiter: <class 'pexpect.exceptions.EOF'> |
| 2021-01-16 23:57:59 | stderr | timeout: 30 |
| 2021-01-16 23:57:59 | stderr | closed: False |
| 2021-01-16 23:57:59 | stderr | child_fd: 5 |
| 2021-01-16 23:57:59 | stderr | pid: 227 |
| 2021-01-16 23:57:59 | stderr | flag_eof: False |
| 2021-01-16 23:57:59 | stderr | exitstatus: None |
| 2021-01-16 23:57:59 | stderr | match_index: None |
| 2021-01-16 23:57:59 | stderr | match: None |
| 2021-01-16 23:57:59 | stderr | after: <class 'pexpect.exceptions.TIMEOUT'> |
| 2021-01-16 23:57:59 | stderr | before (last 100 chars): '' |
| 2021-01-16 23:57:59 | stderr | buffer (last 100 chars): b'' |
| 2021-01-16 23:57:59 | stderr | args: ['/usr/bin/windscribe', 'firewall', 'on'] |
| 2021-01-16 23:57:59 | stderr | command: /usr/bin/windscribe |
| 2021-01-16 23:57:59 | stderr | <pexpect.pty_spawn.spawn object at 0x7f98c0ea3668> |
| 2021-01-16 23:57:59 | stderr | pexpect.exceptions.TIMEOUT: Timeout exceeded. |
| 2021-01-16 23:57:59 | stderr | raise exc |
| 2021-01-16 23:57:59 | stderr | File "/usr/local/lib/python3.6/dist-packages/pexpect/expect.py", line 144, in timeout |
| 2021-01-16 23:57:59 | stderr | return self.timeout(e) |
| 2021-01-16 23:57:59 | stderr | File "/usr/local/lib/python3.6/dist-packages/pexpect/expect.py", line 181, in expect_loop |
| 2021-01-16 23:57:59 | stderr | return exp.expect_loop(timeout) |
| 2021-01-16 23:57:59 | stderr | File "/usr/local/lib/python3.6/dist-packages/pexpect/spawnbase.py", line 372, in expect_list |
| 2021-01-16 23:57:59 | stderr | timeout, searchwindowsize, async_) |
| 2021-01-16 23:57:59 | stderr | File "/usr/local/lib/python3.6/dist-packages/pexpect/spawnbase.py", line 344, in expect |
| 2021-01-16 23:57:59 | stderr | cond = child.expect(['Please login to use Windscribe', 'Service communication error', pexpect.EOF], timeout=50) |
| 2021-01-16 23:57:59 | stderr | File "/usr/bin/init.py", line 52, in |
| 2021-01-16 23:57:59 | stderr | Traceback (most recent call last): |
| 2021-01-16 23:56:59 | stdout | Starting windscribe ... OK |
| 2021-01-16 23:56:57 | stdout | Using VPN_USERNAME and VPN_PASSWORD to login. |
| 2021-01-16 23:56:57 | stdout | Initializing Container |
| 2021-01-16 23:55:18 | stdout | Starting windscribe ... OK |
| 2021-01-16 23:55:16 | stdout | Using VPN_USERNAME and VPN_PASSWORD to login. |
| 2021-01-16 23:55:16 | stdout | Initializing Container |
`
Kabe0
commented
3 years ago Can I add DNS as an Environment variable, or do I need to rebuilt the container? -- not sure why DNS would help me access it locally?
The DNS should use the dns: flag as it allows docker to add it to the actual network bridge configuration. It can help on some systems that have issues with their resolve.conf which causes domain names to not resolve which windscribe uses when requesting an IP from one of it's regions.
Based on your message log, it seems windscribe is not presenting a login request. So what would make sense to do now is test the container without any of the other pieces to see why it's not continuing. Run the following command anywhere to see if you can manually login to windscribe
docker run -it -p 8112:8112 -it --cap-add=NET_ADMIN \
--device /dev/net/tun:/dev/net/tun --name deluge-openvpntest kabe0/deluge-windscribe:latest /bin/bashThis command should launch you into the terminal for the docker container. In here we can run the windscribe-cli commands manually and see what is happening.
First, let's see if you have access to the web DNS. You can call ping on something like google. If it resolves properly you at least have internet in docker
ping google.com
If this fails, try restarting the computer, and then see if the ping works. This has nothing to do with the container but is typically a network issue with the bridge connection. This can happen if you have more than one network source such as a wifi connection and ethernet.
Next, try running the following command to initiate windscribe-cli
windscribe start
This should print the following lines
Starting windscribe ... OKIf that happens, continue to the next step
windscribe login
Then, enter your username and password as you defined in the config file.
Let me know if that works, as right now, that's where the python script is failing. It's not recieving the message to put in the username and pass for windscribe.
Ltek
commented
3 years ago ALL the manual test worked perfectly. shows 'Logged In' I just realized, 'deluge-windscribe' container is stopped and that command created a new container named deluge-openvpntest ... that is what we ran. but, I cannot get to the web UI on it?
Kabe0
commented
3 years ago Oh we did not turn that part on yet, what this test was to see if you could get past that error message.
Now try running windscribe connect and see if you can get it to connect to one of the vpn locations. If so, we can now run the final test below and try running the container without any volumes. If this works, then at least we know the issue is not the container itself.
Remove that container, and then run this command (putting in your username and password) and let's see if it works.
docker run -e VPN_USERNAME=<username> -e VPN_PASSWORD=<pass> -p 8112:8112 -it --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun --name deluge-openvpntest kabe0/deluge-windscribe:latestIf you have any dollar symbols in your password, you will need to escape them with a back slash like, VPN_PASSWORD=my\$Secret\&
The script being run in the docker container is /usr/bin/python3 -u /usr/bin/init.py so if you want to /bin/bash again, that's the script being executed to start windscribe and docker.
If this does not work, then there is a bug that has appeared due to something on your system. Most likely something is causing the init.py file to fail to find the proper
Ltek
commented
3 years ago container connected...
root@ec275d9ffd8f:/# windscribe connect
Connecting to US East Washington DC Precedent (UDP:443)
Firewall Enabled
/etc/resolv.conf is not a symlink, this may break DNS
Connected to US East Washington DC Precedent
Your IP changed from 24.128.114.83 to 104.168.34.152
root@ec275d9ffd8f:/# when building the new container...
add=NET_ADMIN --device /dev/net/tun:/dev/net/tun --name deluge-openvpntest kabe0/deluge-windscribe:latest
Initializing Container
Using VPN_USERNAME and VPN_PASSWORD to login.
Starting windscribe ... OK
Initializing Deluge
Configuring firewall settings
usermod: no changes
Making config directory.
Deluged Init... the CLU hung here, did not give me back a prompt. the Container is running and I can connect to the Web UI and add a torrent. BUT the DL doesnt start, Deluge shows "Error: Connection timed out".
After that I realized there were no Volumes set. I stopped the container and set the /config and /downloads -- now I cannot connect to the Web UI -- and the container "stopped unexpectedly" a min or so after I start it, every time. so I removed the volumes, and I still same issues.
If I rebuild using your command line, the container works, but still "Error: Connection timed out".
Kabe0
commented
3 years ago So the CLU is not hanging, it's running as intended. We have not run the app in Daemon mode so it's printing out all the logs as is. To run it as a daemon just add -d at the end like
docker run -e VPN_USERNAME=<username> -e VPN_PASSWORD=<pass> -p 8112:8112 -it --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun --name deluge-openvpntest kabe0/deluge-windscribe:latest -dDoes your deluge instance have an IP address on the bottom right?
Anyways, so you got to the point of getting deluge to actually run which is good. That means we are closer to resolving whatever issue is going on. It looks like your config folder has an issue, so it's preventing deluge from running. Can you confirm that the use permissions for that folder are 1000:1000? If deluge cannot write, it will never initialize.
Ltek
commented
3 years ago All folders are set to an acct in the admin group... 1027 & 101 ...on my other containers I set Enviro variables PUID & PGID to those.
I dont know how to set the folder perms to 1000:1000 ... wouldnt I need a user in the system with that ID? Or does Docker create some hidden system account with 1000:1000?
Kabe0
commented
3 years ago oh the 1000:1000 is not mandatory, but based on what is happening, it looks like either a file or folder inside /config is set wrong. You can set your GID UID as follows
docker run -e VPN_USERNAME=<username> -e VPN_PASSWORD=<pass> -e DEL_UID=1027 -e DEL_GID=101 -p 8112:8112 -it --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun --name deluge-openvpntest kabe0/deluge-windscribe:latest -dI am just curious if you go inside your config folder, if you find that any of the file permissions are different than that of your main folder permissions?
Ltek
commented
3 years ago found this...
File: ‘/volume1/docker/deluge-windscribe’
Size: 68 Blocks: 0 IO Block: 4096 directory
Device: 2eh/46d Inode: 5556 Links: 1
Access: (0755/drwxr-xr-x) Uid: ( 1000/ UNKNOWN) Gid: ( 1000/ UNKNOWN)
Access: 2021-01-17 08:56:24.334448508 -0700
Modify: 2021-01-17 08:56:16.948359516 -0700
Change: 2021-01-17 08:56:17.214362712 -0700
Birth: -when I run your new command...
docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "exec: \"-d\": executable file not found in $PATH": unknown.
Kabe0
commented
3 years ago oh whoops, the -d is at the wrong spot. We need to more specifically look at the folder your binding to docker. As I think inside the deluge configs themselves are set to the wrong user permisisons.
docker run -d -e VPN_USERNAME=<username> -e VPN_PASSWORD=<pass> -e DEL_UID=1027 -e DEL_GID=101 -p 8112:8112 -it --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun --name deluge-openvpntest kabe0/deluge-windscribe:latestStops Unexpectedly after about 1 or 2 mins... Web UI never able to pull up
Kabe0
commented
3 years ago Ok, leave the -d off for now until the error is sorted out. Your running with the /config folder mounted to the docker image right?
if you run ll in your /config directory, what does it look like?
Inside that should be a deluge folder... check that it's set to the same user/group
then inside that should be a few deluge files, also confirm those have the same user/group.
You could always run chown -R 1027:101 /volume1/docker/deluge-windscribe to ensure nothing is set to the wrong ID.
Finally, if you run that previous command, with your volumes mounted but with /bin/bash assigned to the end, you can navigate inside the docker container to the /config folder and verify it even exists.
Ltek
commented
3 years ago Using your command line, it never creates a .config folder If I add ... -v /volume1/docker/deluge-windscribe:/config ... then it creates .config folder, which 'administrators' group has Read/Write -- same as the parent folders, including 'docker'
with, or without the volume statement, we get this...
Using VPN_USERNAME and VPN_PASSWORD to login.
Starting windscribe ... OK
Initializing Deluge
Configuring firewall settings
groupmod: GID '101' already exists
Making config directory.
Deluged Init
Traceback (most recent call last):
File "/usr/bin/deluged", line 11, in <module>
load_entry_point('deluge===2.0.3-2-201906121747-ubuntu18.04.1', 'console_scripts', 'deluged')()
File "/usr/lib/python3/dist-packages/deluge/core/daemon_entry.py", line 87, in start_daemon
options = parser.parse_args()
File "/usr/lib/python3/dist-packages/deluge/argparserbase.py", line 250, in parse_args
return self._handle_ui_options(options)
File "/usr/lib/python3/dist-packages/deluge/argparserbase.py", line 343, in _handle_ui_options
os.setuid(options.group)
PermissionError: [Errno 1] Operation not permittedPermissionError: [Errno 1] Operation not permitted
that's the problem. Deluge has no read/write permissions. What are the deluge folder permissions inside your /config/.config folder?
Ltek
commented
3 years ago the Deluge container (using linuxserver image) runs perfectly fine... just doesnt have VPN built-in
Ltek
commented
3 years ago your command line without the volume statement, never creates the folder. if I manually create them before building the container, same PermissionError.
Kabe0
commented
3 years ago Volumes are part of docker volumes. If you don't bind to a real physical folder, it will store it inside dockers own volumes instead.
Did you use this config folder with linuxserver as well as my container? That might cause a problem. I don't know if their config is mounted to the home folder like mine is. Can you mount it to a new config folder instead?
The folder structure should look like this if it's structured properly
/volume1/docker/deluge-windscribe
.config
deluge
core.confif I add the volume statement, I still get PermissionError BUT it does create BOTH the .config folder and 'deluge' folder inside the .config folder + core.conf
also... created a new /docker/deluge-openvpntest folder and ran the command... same error
Kabe0
commented
3 years ago one sec I think i got the bug to reproduce.
Kabe0
commented
3 years ago Ok so I want you to update your image. Run docker image pull kabe0/deluge-windscribe:latest
Let me know if it runs now. It's an intel based nas right? Otherwise I have to compile arm.
Ltek
commented
3 years ago updating it now... yes, Intel.
Ltek
commented
3 years ago its running and I can get to the WebUI...
I try to config AutoAdd with /downloads or anything in that tree I get "You must have read and write access to watch folder." BUT /config works so it seems like maybe there is a hardcoded /downloads folders which might cause a conflict?
Also, the container seems VERY Unstable... using Docker UI, I removed the /downloads volume I configured and now the Deluge Web UI will not come up
20:20:03 [ERROR ][deluge.ui.web.json_api :185 ] [Failure instance: Traceback (failure with no frames): <class 'deluge.error.WrappedException'>: You must have read and write access to watch folder.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/deluge/core/rpcserver.py", line 326, in dispatch
ret = self.factory.methods[method](*args, **kwargs)
File "/usr/lib/python3/dist-packages/deluge/plugins/AutoAdd-1.8.egg/deluge_autoadd/core.py", line 446, in add
'You must have read and write access to watch folder.',
File "/usr/lib/python3/dist-packages/deluge/plugins/AutoAdd-1.8.egg/deluge_autoadd/core.py", line 79, in check_input
raise Exception(message)
Exception: You must have read and write access to watch folder.ok i'll have to look at this tonight. There is something happening. Not sure what you setup as autoadd unless your talking about a plugin?
Kabe0
commented
3 years ago The issue is related to the group ID. I initially had a -u and -G flag set on the daemon for deluge, but that was throwing the error. I think that might be why your file issue is happening
Turning that off was not the real fix. This looks easy enough to solve. Just have to finish some actual work first before I look at this tonight, haha.
Ltek
commented
3 years ago AutoAdd plugin is built-in. And seems to be smart (vs Deluge being dumb) since it actually checks to ensure you get access to the folders you config it with.
I rebuilt the container: removed command line volume... /media/downloads:/downloads mapping. added command line volume... /media:/media
then went into AutoAdd and tried to set Watch Folder to /media/downloads ... "Path does not exist"
Kabe0
commented
3 years ago I am right now testing the problem we had with the file permissions. Will let you know probably in the hour when it's working.
Oh, media is used by linux already. You may need to make the name slightly different. Try giving it something like /media/downloads:/nas-media or something, however typically when you bind a folder in docker, it will just replace it with your own folder.
If I feel like im going crazy, I will sometimes run a command like
docker exec <container_name> ll /mediajust to see if the folder exists inside the container.
Kabe0
commented
3 years ago Ok got somewhere. Ran a test of user 1001:1002 as my sample.
Got a torrent downloading *ubuntu and managed to have it download to the downloads folder without a problem. Apologies for all the back and fourth. Most questions I get are usually easily solved so this is the first real bug that has come up.
Please pull the latest version and let me know if you are now successful so I can patch the arm versions.
I would be very surprised if you are going to still have problems with actual torrents running. If you have any other questions related to the volume linking let me know.
The symptom was that you cannot run both the user and group calls with the deluged service. Now, this might not be an actual issue in pure daemon mode, but that would require configuring the logs differently and personally I like my containers to run a bit lighter than that if possible. The group is already the primary for the user anyways so there is really no reason to assign the group explicitly anyways to the container.
Thanks for spending time to get me all the information! You probably have helped a lot of others who may have gotten stuck when setting a different group ID from their user id.
Kabe0
commented
3 years ago Make sure by the way for your torrent watcher permissions match that of the uid:gid, or you can change the permissions of the folder so that it at least has read access.
I have just tested the watcher to make sure it will work for you:
Ltek
commented
3 years ago I tried it again and it ran and the Web UI came up... but only the first time. After I shut it down, the Web UI never came back up. And when I start it manually again, it crashes.
I need to map a volume to the /volume1/media folder. -- which works perfectly on the linuxserver non-VPN Deluge container using the same UID/GID. That container they ask use to set PGID & PUID in Enviro Variables. I also have containers from linuxserver for Radarr, Sonarr, Jackett -- and Portainer running 24x7 using the same folder structure / mapped volumes.
I'm using this command to build yours...
docker run -e VPN_USERNAME=<USER> -e VPN_PASSWORD=<PW> -v /volume1/docker/deluge-windscribe:/config -v /volume1/media:/media -e DEL_UID=1027 -e DEL_GID=100 -p 58846:58846 -p 8112:8112 -it --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun --name deluge-windscribe kabe0/deluge-windscribe:latest
I'm at a loss why the linuxserver version worked perfectly first shot and yours is not. I'm thinking it might just be better to figure out how to run a container that is just a VPN and route my existing linuxserver Deluge container through it. I've spent like 3 hours trying to get yours working and its not.
thanks for the time.
Kabe0
commented
3 years ago So I see the issue your having here with start/stop. I typically use docker-compose so did not notice this problem. Adding the dns flag resolved the issue for me, but will need to look at it at some point in the future. It's an issue with the VPN interfering with the resolve.conf.
I understand if you don't want to, but if you do have a moment just let me know if this works.
docker run -e VPN_USERNAME=<USER> -e VPN_PASSWORD=<PW> -v /volume1/docker/deluge-windscribe:/config -v /volume1/media:/media -e DEL_UID=1027 --dns 8.8.8.8 -e DEL_GID=100 -p 58846:58846 -p 8112:8112 -it --cap-add=NET_ADMIN --device /dev/net/tun:/dev/net/tun --name deluge-windscribe kabe0/deluge-windscribe:latestAdding --dns to run notes as it effects all instances in the event that the container is resumed
Ltek
commented
3 years ago Added --dns seems to have fixed startup
Still cant access the volumes. It sure looks like you have hard coded /downloads since when I open Deluge for the first time, it shows /downloads filled in for "Download to" and other preferences?
Tried these mappings, not at same time... UID is THE Admin!
error in Deluge... "You must have read and write access to watch folder."
/volume1/media/downloads --> /downloads
/volume1/media --> /media (used in my linuxserver Deluge container)
/volume1/media --> /store (tried also since you said 'media' cant be used)
When I BASH into the container, all of these show up and I can navigate them, see the files in them.
I suspect something with the user permissions is not being read by the container properly since as I mentioned, this same UID/GID and folder structure works 100% perfectly with the linuxserver Deluge image.
Kabe0
commented
3 years ago Downloads is hard-coded as a lot of users were having problems with the first-time startup, so I created a template that also restricts the access to the VPN only to ensure there is no way packets are accidentally sent if the VPN for whatever reason disconnects, however it's just a deluge config, so whatever you change it to persists onwards as long as there is a deluge folder.
Ah I get it not sure why it took me that long to see it. Your using the preserved group users = 100. The linuxserver image is a custom image so they avoid group conflicts. I am using Ubuntu as my base so a few group names already exists. The solution is kind of silly, but I just had to add a few base groups to the deluge user and it's good to go. I pushed users into the deluge user as it does make sense to have that user part of that group pool and I don't want to have synology users having mounting problems.
The latest image pushed has the user added to the group. A hotfix on an older imagewould be just running this command
usermod -a -G users deluge Appending that to a dockerfile would allow someone to add any group they want to this existing image for people reading this
For future reference, if your ever working with docker images, typically ID's greater than 999 as anything below that is system reserved. Maybe this is a sign that I should start using lighter base images in the future.
Ltek
commented
3 years ago I dont understand "pushing users into a user"; I only know 'users in groups' for perms.
Are you telling me I can rebuild the container and my UID:GID will now work?
Kabe0
commented
3 years ago Apologies, Pulling the latest image will fix the gid/uid issue.
I'm working to set this up on a Synology NAS. I have it running but not sure its 100% config'd properly.
A few questions.
1... where do I place the config.ovpn file?
2... when I use the Windscribe Config generator, it only allows me to select 1 location, not a region AND require to select a specific port from a list (cannot input the ports I have set in Docker). -- Will I need to open a port in Docker to allow for Windscribe? -- How do we create a file for use that allows it to select the 'best' as ypu stated was the default in the container setup?
3... Do I need the below commands or do they run automatically when I start the container? I use Synology's Docker manager UI - not scripts or compose
if they need to be added separately, how do I put them in? As Environment variables or something else?
--cap-add=NET_ADMIN \ --device /dev/net/tun:/dev/net/tun \
thanks for helping out a noobie!