search

Trigus42 / alpine-qbittorrentvpn

Multiarch docker image with the latest qBittorrent-nox client (WEB UI) and WireGuard/OpenVPN tunnel
GNU General Public License v3.0
85 stars 13 forks source link

error: list of process IDs must follow -p #39

Closed poudenes closed 1 year ago

poudenes commented 1 year ago

Hi All,

Since last update I get this error. Watchtower updated the image on 12-11-2023

[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-environment.sh: executing... 
2023-11-12 10:10:44 [INFO] LAN_NETWORK defined as '192.168.100.0/24'
2023-11-12 10:10:44 [INFO] Docker network defined as 172.30.32.0/23
2023-11-12 10:10:44 [INFO] PUID defined as 1026
2023-11-12 10:10:44 [INFO] PGID defined as 100
2023-11-12 10:10:44 [INFO] An user with PUID 1026 already exists in /etc/passwd, nothing to do.
2023-11-12 10:10:44 [INFO] VPN_ENABLED defined as 'yes'
2023-11-12 10:10:44 [INFO] VPN_TYPE defined as 'openvpn'
2023-11-12 10:10:44 [INFO] NAME_SERVERS defined as '8.8.8.8'
2023-11-12 10:10:44 [INFO] Adding 8.8.8.8 to resolv.conf
[cont-init.d] 01-environment.sh: exited 0.
[cont-init.d] 02-vpn.sh: executing... 
2023-11-12 10:10:44 [INFO] Choosen VPN config: 'privado-ams-003.ovpn'
2023-11-12 10:10:44 [INFO] Using credentials from /config/openvpn/privado-ams-003_credentials.conf
dos2unix: converting file /config/openvpn/privado-ams-003.ovpn to Unix format...
2023-11-12 10:10:44 [INFO] VPN remote line defined as 'ams-003.vpn.privado.io 1194'
2023-11-12 10:10:44 [INFO] VPN_REMOTE defined as 'ams-003.vpn.privado.io'
2023-11-12 10:10:44 [INFO] VPN_PORT defined as '1194'
2023-11-12 10:10:44 [INFO] VPN_PROTOCOL defined as 'udp'
2023-11-12 10:10:44 [INFO] VPN_DEVICE_TYPE defined as 'tun
"PrivadoVPN0'
2023-11-12 10:10:44 [INFO] Starting OpenVPN...
--------------------
**error: list of process IDs must follow -p**
Usage:
 ps [options]
 Try 'ps --help <simple|list|output|threads|misc|all>'
  or 'ps --help <s|l|o|t|m|a>'
 for additional help text.
For more details see ps(1).
[cont-init.d] 02-vpn.sh: exited 1.
**Options error: Unrecognized option or missing or extra parameter(s) in /config/openvpn/privado-ams-003.ovpn:11: ncp-disable (2.6.5)**
Use --help for more information.

Before everything worked great. What do I have to change?

Trigus42 commented 1 year ago

Not sure but I'd say that OpenVPN immediately exits because of the error **Options error: Unrecognized option or missing or extra parameter(s) in /config/openvpn/privado-ams-003.ovpn:11: ncp-disable (2.6.5)**, which prevents the script from getting the PID. Please try to remove the ncp-disable line as this option is deprecated and probably causes this error in the new OpenVPN version.

I also (hopefully) improved the logic for getting the OpenVPN PID. If the above doesn't fix the issue, please try out the corresponding image trigus42/qbittorrentvpn:issue-39 and set the env var DEBUG=yes.

poudenes commented 1 year ago

Created a new container with trigus42/qbittorrentvpn:issue-39 and set the env var DEBUG=yes. Won't start

OVPN file:

client
dev tun
#dev-node "PrivadoVPN (OpenVPN)"
proto udp
remote ams-003.vpn.privado.io 1194
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
mute-replay-warnings

verify-x509-name ams-003.vpn.privado.io name

tls-client

#block-outside-dns
route-ipv6 ::/0
route 0.0.0.0 0.0.0.0 vpn_gateway
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA
remote-cert-tls server

verb 3
auth SHA256
data-ciphers AES-256-CBC
data-ciphers-fallback AES-256-CBC
route-delay 3

<ca>
-----BEGIN CERTIFICATE-----
MIIFKDCCAxCgAwIBAgIJAMtrmqZxIV/OMA0GCSqGSIb3DQEBDQUAMBIxEDAOBgNV
< SNAP >
5IhtTKGeTx+US2hTIVHQFIO99DmacxSYvLNcSQ==
-----END CERTIFICATE-----
</ca>

Log container

[cont-init.d] 03-network.sh: exited 0.
[cont-init.d] 04-qbittorrent-setup.sh: executing... 
2023-11-12 15:06:05 [WARNING] ENABLE_SSL is set to , SSL is not enabled. This could cause issues with logging if other apps use the same Cookie name (SID).
2023-11-12 15:06:05 [WARNING] If you manage the SSL config yourself, you can ignore this.
2023-11-12 15:06:05 [WARNING] UMASK not defined (via -e UMASK), defaulting to '002'
[cont-init.d] 04-qbittorrent-setup.sh: exited 0.
[cont-init.d] 05-install.sh: executing... 
[cont-init.d] 05-install.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
2023-11-12 15:06:05 [INFO] Logging to /config/qBittorrent/data/logs/qbittorrent.log.
2023-11-12 15:06:05 [INFO] Trying to ping 1.1.1.1 and 8.8.8.8 over the docker interface for 500ms each...
2023-11-12 15:06:05 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2023-11-12 15:06:05 [ams-003.vpn.privado.io] Peer Connection Initiated with [AF_INET]91.148.224.30:1194
2023-11-12 15:06:05 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-11-12 15:06:05 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-11-12 15:06:07 SENT CONTROL [ams-003.vpn.privado.io]: 'PUSH_REQUEST' (status=1)
2023-11-12 15:06:07 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 493216,sndbuf 493216,explicit-exit-notify 5,route-gateway 172.21.34.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.21.34.21 255.255.254.0,peer-id 2'
2023-11-12 15:06:07 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2023-11-12 15:06:07 Socket Buffers: R=[212992->425984] S=[212992->425984]
2023-11-12 15:06:07 OPTIONS IMPORT: --ifconfig/up options modified
2023-11-12 15:06:07 OPTIONS IMPORT: route options modified
2023-11-12 15:06:07 OPTIONS IMPORT: route-related options modified
2023-11-12 15:06:07 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2023-11-12 15:06:07 Using peer cipher 'AES-256-CBC'
2023-11-12 15:06:07 ROUTE_GATEWAY 172.30.32.1/255.255.254.0 IFACE=eth0 HWADDR=02:42:ac:1e:21:6a
2023-11-12 15:06:07 GDG6: remote_host_ipv6=n/a
2023-11-12 15:06:07 net_route_v6_best_gw query: dst ::
2023-11-12 15:06:07 net_route_v6_best_gw result: via :: dev lo
2023-11-12 15:06:07 ROUTE6_GATEWAY :: ON_LINK IFACE=lo
2023-11-12 15:06:07 TUN/TAP device tun0 opened
2023-11-12 15:06:07 /sbin/ip link set dev tun0 up mtu 1500
2023-11-12 15:06:07 /sbin/ip link set dev tun0 up
2023-11-12 15:06:07 /sbin/ip addr add dev tun0 172.21.34.21/23
2023-11-12 15:06:07 /helper/resume-after-connect tun0 1500 0 172.21.34.21 255.255.254.0 init
2023-11-12 15:06:07 Data Channel: cipher 'AES-256-CBC', auth 'SHA256', peer-id: 2
2023-11-12 15:06:07 Timers: ping 20, ping-restart 40
2023-11-12 15:06:07 Protocol options: explicit-exit-notify 5
Terminated
2023-11-12 15:06:07 [INFO] Success: Could not connect. This means the firewall is most likely working properly.
2023-11-12 15:06:07 [INFO] qBittorrent started with PID 504
2023-11-12 15:06:07 [INFO] HEALTH_CHECK_HOST is not set. Using default host one.one.one.one
2023-11-12 15:06:07 [INFO] HEALTH_CHECK_INTERVAL is not set. Using default interval of 5s
2023-11-12 15:06:07 [INFO] HEALTH_CHECK_TIMEOUT is not set. Using default interval of 5s
2023-11-12 15:06:10 /sbin/ip route add 91.148.224.30/32 via 172.30.32.1
2023-11-12 15:06:10 /sbin/ip route add 0.0.0.0/1 via 172.21.34.1
2023-11-12 15:06:10 /sbin/ip route add 128.0.0.0/1 via 172.21.34.1
2023-11-12 15:06:10 /sbin/ip route add 0.0.0.0/0 via 172.21.34.1
RTNETLINK answers: File exists
2023-11-12 15:06:10 ERROR: Linux route add command failed: external program exited with error status: 2
2023-11-12 15:06:10 ERROR: Linux route add command failed
2023-11-12 15:06:10 WARNING: OpenVPN was configured to add an IPv6 route. However, no IPv6 has been configured for tun0, therefore the route installation may fail or may not work as expected.
2023-11-12 15:06:10 add_route_ipv6(::/0 -> :: metric -1) dev tun0
2023-11-12 15:06:10 /sbin/ip -6 route add ::/0 dev tun0
2023-11-12 15:06:10 Initialization Sequence Completed
2023-11-12 15:06:27 [NOTICE] Network seems to be down. Retrying..
2023-11-12 15:06:27 [ERROR] Network is down. Exiting..
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
2023-11-12 15:06:28 event_wait : Interrupted system call (fd=-1,code=4)
2023-11-12 15:06:28 /sbin/ip route del 91.148.224.30/32
2023-11-12 15:06:28 /sbin/ip route del 0.0.0.0/1
2023-11-12 15:06:28 /sbin/ip route del 128.0.0.0/1
2023-11-12 15:06:28 delete_route_ipv6(::/0)
2023-11-12 15:06:28 /sbin/ip -6 route del ::/0 dev tun0
2023-11-12 15:06:28 Closing TUN/TAP interface
2023-11-12 15:06:28 /sbin/ip addr del dev tun0 172.21.34.21/23
2023-11-12 15:06:28 SIGTERM[hard,] received, process exiting
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-environment.sh: executing... 
2023-11-12 15:06:46 [INFO] LAN_NETWORK defined as '192.168.100.0/24'
2023-11-12 15:06:46 [DEBUG] Docker interface defined as eth0
2023-11-12 15:06:46 [DEBUG] Docker IP defined as 172.30.33.106
2023-11-12 15:06:46 [DEBUG] Docker netmask defined as 255.255.254.0
2023-11-12 15:06:46 [INFO] Docker network defined as 172.30.32.0/23
2023-11-12 15:06:46 [DEBUG] Default gateway defined as 172.30.32.1
2023-11-12 15:06:46 [INFO] PUID defined as 1026
2023-11-12 15:06:46 [INFO] PGID defined as 100
2023-11-12 15:06:46 [INFO] An user with PUID 1026 already exists in /etc/passwd, nothing to do.
2023-11-12 15:06:46 [INFO] VPN_ENABLED defined as 'yes'
2023-11-12 15:06:46 [INFO] VPN_TYPE defined as 'openvpn'
2023-11-12 15:06:46 [INFO] NAME_SERVERS defined as '8.8.8.8'
2023-11-12 15:06:46 [INFO] Adding 8.8.8.8 to resolv.conf
[cont-init.d] 01-environment.sh: exited 0.
[cont-init.d] 02-vpn.sh: executing... 
2023-11-12 15:06:46 [INFO] Choosen VPN config: 'privado-ams-003.ovpn'
2023-11-12 15:06:46 [INFO] Using credentials from /config/openvpn/privado-ams-003_credentials.conf
dos2unix: converting file /config/openvpn/privado-ams-003.ovpn to Unix format...
2023-11-12 15:06:46 [INFO] VPN remote line defined as 'ams-003.vpn.privado.io 1194'
2023-11-12 15:06:46 [INFO] VPN_REMOTE defined as 'ams-003.vpn.privado.io'
2023-11-12 15:06:46 [INFO] VPN_PORT defined as '1194'
2023-11-12 15:06:46 [INFO] VPN_PROTOCOL defined as 'udp'
2023-11-12 15:06:46 [INFO] VPN_DEVICE_TYPE defined as 'tun
"PrivadoVPN0'
2023-11-12 15:06:46 [INFO] Starting OpenVPN...
--------------------
2023-11-12 15:06:46 [DEBUG] OpenVPN PID: 310
--------------------
2023-11-12 15:06:46 WARNING: file '/config/openvpn/privado-ams-003_credentials.conf' is group or others accessible
2023-11-12 15:06:46 OpenVPN 2.6.5 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-11-12 15:06:46 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2023-11-12 15:06:46 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
[cont-init.d] 02-vpn.sh: exited 0.
[cont-init.d] 03-network.sh: executing... 
2023-11-12 15:06:46 [INFO] Adding 192.168.100.0/24 as route via docker eth0
2023-11-12 15:06:46 TCP/UDP: Preserving recently used remote address: [AF_INET]91.148.224.30:1194
2023-11-12 15:06:46 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-11-12 15:06:46 UDPv4 link local: (not bound)
2023-11-12 15:06:46 UDPv4 link remote: [AF_INET]91.148.224.30:1194
2023-11-12 15:06:46 [DEBUG] 'main' routing table defined as follows...
--------------------
default via 172.30.32.1 dev eth0 
172.30.32.0/23 dev eth0 proto kernel scope link src 172.30.33.106 
192.168.100.0/24 via 172.30.32.1 dev eth0 
--------------------
2023-11-12 15:06:46 [DEBUG] ip rules defined as follows...
--------------------
0:  from all lookup local
2023-11-12 15:06:46 TLS: Initial packet from [AF_INET]91.148.224.30:1194, sid=6b57366e cd596897
2023-11-12 15:06:46 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
32766:  from all lookup main
32767:  from all lookup default
--------------------
/var/run/s6/etc/cont-init.d/03-network.sh: eval: line 80: unexpected EOF while looking for matching `"'
2023-11-12 15:06:46 VERIFY OK: depth=1, CN=Privado
2023-11-12 15:06:46 VERIFY KU OK
2023-11-12 15:06:46 Validating certificate extended key usage
2023-11-12 15:06:46 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-11-12 15:06:46 VERIFY EKU OK
2023-11-12 15:06:46 VERIFY X509NAME OK: CN=ams-003.vpn.privado.io
2023-11-12 15:06:46 VERIFY OK: depth=0, CN=ams-003.vpn.privado.io
/var/run/s6/etc/cont-init.d/03-network.sh: eval: line 80: unexpected EOF while looking for matching `"'
2023-11-12 15:06:46 [DEBUG] iptables table 'filter' defined as follows...
--------------------
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -s 172.30.32.0/23 -d 172.30.32.0/23 -j ACCEPT
-A INPUT -s 91.148.224.30/32 -i eth0 -p udp -m udp --sport 1194 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -s 172.30.32.0/23 -d 172.30.32.0/23 -j ACCEPT
-A OUTPUT -d 91.148.224.30/32 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8080 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
--------------------
2023-11-12 15:06:46 [DEBUG] iptables table 'mangle' defined as follows...
--------------------
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
--------------------
[cont-init.d] 03-network.sh: exited 0.
[cont-init.d] 04-qbittorrent-setup.sh: executing... 
2023-11-12 15:06:46 [WARNING] ENABLE_SSL is set to , SSL is not enabled. This could cause issues with logging if other apps use the same Cookie name (SID).
2023-11-12 15:06:46 [WARNING] If you manage the SSL config yourself, you can ignore this.
2023-11-12 15:06:46 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2023-11-12 15:06:46 [ams-003.vpn.privado.io] Peer Connection Initiated with [AF_INET]91.148.224.30:1194
2023-11-12 15:06:46 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-11-12 15:06:46 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-11-12 15:06:46 [WARNING] UMASK not defined (via -e UMASK), defaulting to '002'
[cont-init.d] 04-qbittorrent-setup.sh: exited 0.
[cont-init.d] 05-install.sh: executing... 
[cont-init.d] 05-install.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
2023-11-12 15:06:46 [INFO] Logging to /config/qBittorrent/data/logs/qbittorrent.log.
2023-11-12 15:06:46 [INFO] Trying to ping 1.1.1.1 and 8.8.8.8 over the docker interface for 500ms each...
[services.d] done.
2023-11-12 15:06:47 SENT CONTROL [ams-003.vpn.privado.io]: 'PUSH_REQUEST' (status=1)
2023-11-12 15:06:47 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 493216,sndbuf 493216,explicit-exit-notify 5,route-gateway 172.21.34.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.21.34.21 255.255.254.0,peer-id 1'
Terminated
2023-11-12 15:06:47 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2023-11-12 15:06:47 Socket Buffers: R=[212992->425984] S=[212992->425984]
2023-11-12 15:06:47 OPTIONS IMPORT: --ifconfig/up options modified
2023-11-12 15:06:47 OPTIONS IMPORT: route options modified
2023-11-12 15:06:47 OPTIONS IMPORT: route-related options modified
2023-11-12 15:06:47 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2023-11-12 15:06:47 Using peer cipher 'AES-256-CBC'
2023-11-12 15:06:47 ROUTE_GATEWAY 172.30.32.1/255.255.254.0 IFACE=eth0 HWADDR=02:42:ac:1e:21:6a
2023-11-12 15:06:47 GDG6: remote_host_ipv6=n/a
2023-11-12 15:06:47 net_route_v6_best_gw query: dst ::
2023-11-12 15:06:47 net_route_v6_best_gw result: via :: dev lo
2023-11-12 15:06:47 ROUTE6_GATEWAY :: ON_LINK IFACE=lo
2023-11-12 15:06:47 TUN/TAP device tun0 opened
2023-11-12 15:06:47 /sbin/ip link set dev tun0 up mtu 1500
2023-11-12 15:06:47 /sbin/ip link set dev tun0 up
2023-11-12 15:06:47 /sbin/ip addr add dev tun0 172.21.34.21/23
2023-11-12 15:06:47 /helper/resume-after-connect tun0 1500 0 172.21.34.21 255.255.254.0 init
2023-11-12 15:06:47 Data Channel: cipher 'AES-256-CBC', auth 'SHA256', peer-id: 1
2023-11-12 15:06:47 Timers: ping 20, ping-restart 40
2023-11-12 15:06:47 Protocol options: explicit-exit-notify 5
Terminated
2023-11-12 15:06:48 [INFO] Success: Could not connect. This means the firewall is most likely working properly.
2023-11-12 15:06:48 [INFO] qBittorrent started with PID 505
2023-11-12 15:06:48 [INFO] HEALTH_CHECK_HOST is not set. Using default host one.one.one.one
2023-11-12 15:06:48 [INFO] HEALTH_CHECK_INTERVAL is not set. Using default interval of 5s
2023-11-12 15:06:48 [INFO] HEALTH_CHECK_TIMEOUT is not set. Using default interval of 5s
2023-11-12 15:06:50 /sbin/ip route add 91.148.224.30/32 via 172.30.32.1
2023-11-12 15:06:50 /sbin/ip route add 0.0.0.0/1 via 172.21.34.1
2023-11-12 15:06:50 /sbin/ip route add 128.0.0.0/1 via 172.21.34.1
2023-11-12 15:06:50 /sbin/ip route add 0.0.0.0/0 via 172.21.34.1
RTNETLINK answers: File exists
2023-11-12 15:06:50 ERROR: Linux route add command failed: external program exited with error status: 2
2023-11-12 15:06:50 ERROR: Linux route add command failed
2023-11-12 15:06:50 WARNING: OpenVPN was configured to add an IPv6 route. However, no IPv6 has been configured for tun0, therefore the route installation may fail or may not work as expected.
2023-11-12 15:06:50 add_route_ipv6(::/0 -> :: metric -1) dev tun0
2023-11-12 15:06:50 /sbin/ip -6 route add ::/0 dev tun0
2023-11-12 15:06:50 Initialization Sequence Completed
2023-11-12 15:07:08 [NOTICE] Network seems to be down. Retrying..
2023-11-12 15:07:08 [ERROR] Network is down. Exiting..
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
2023-11-12 15:07:08 event_wait : Interrupted system call (fd=-1,code=4)
2023-11-12 15:07:08 /sbin/ip route del 91.148.224.30/32
2023-11-12 15:07:08 ERROR: Linux route delete command failed: external program did not exit normally
2023-11-12 15:07:08 ERROR: Linux route delete command failed
2023-11-12 15:07:08 /sbin/ip route del 0.0.0.0/1
2023-11-12 15:07:08 /sbin/ip route del 128.0.0.0/1
2023-11-12 15:07:08 delete_route_ipv6(::/0)
2023-11-12 15:07:08 /sbin/ip -6 route del ::/0 dev tun0
2023-11-12 15:07:08 Closing TUN/TAP interface
2023-11-12 15:07:08 /sbin/ip addr del dev tun0 172.21.34.21/23
2023-11-12 15:07:08 SIGTERM[hard,] received, process exiting
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-environment.sh: executing... 
2023-11-12 15:07:29 [INFO] LAN_NETWORK defined as '192.168.100.0/24'
2023-11-12 15:07:29 [DEBUG] Docker interface defined as eth0
2023-11-12 15:07:29 [DEBUG] Docker IP defined as 172.30.33.106
2023-11-12 15:07:29 [DEBUG] Docker netmask defined as 255.255.254.0
2023-11-12 15:07:29 [INFO] Docker network defined as 172.30.32.0/23
2023-11-12 15:07:29 [DEBUG] Default gateway defined as 172.30.32.1
2023-11-12 15:07:29 [INFO] PUID defined as 1026
2023-11-12 15:07:29 [INFO] PGID defined as 100
2023-11-12 15:07:29 [INFO] An user with PUID 1026 already exists in /etc/passwd, nothing to do.
2023-11-12 15:07:29 [INFO] VPN_ENABLED defined as 'yes'
2023-11-12 15:07:29 [INFO] VPN_TYPE defined as 'openvpn'
2023-11-12 15:07:29 [INFO] NAME_SERVERS defined as '8.8.8.8'
2023-11-12 15:07:29 [INFO] Adding 8.8.8.8 to resolv.conf
[cont-init.d] 01-environment.sh: exited 0.
[cont-init.d] 02-vpn.sh: executing... 
2023-11-12 15:07:29 [INFO] Choosen VPN config: 'privado-ams-003.ovpn'
2023-11-12 15:07:29 [INFO] Using credentials from /config/openvpn/privado-ams-003_credentials.conf
2023-11-12 15:07:29 [INFO] VPN remote line defined as 'ams-003.vpn.privado.io 1194'
2023-11-12 15:07:29 [INFO] VPN_REMOTE defined as 'ams-003.vpn.privado.io'
2023-11-12 15:07:29 [INFO] VPN_PORT defined as '1194'
2023-11-12 15:07:29 [INFO] VPN_PROTOCOL defined as 'udp'
2023-11-12 15:07:29 [INFO] VPN_DEVICE_TYPE defined as 'tun
"PrivadoVPN0'
2023-11-12 15:07:29 [INFO] Starting OpenVPN...
--------------------
2023-11-12 15:07:29 [DEBUG] OpenVPN PID: 311
--------------------
[cont-init.d] 02-vpn.sh: exited 0.
[cont-init.d] 03-network.sh: executing... 
2023-11-12 15:07:29 [INFO] Adding 192.168.100.0/24 as route via docker eth0
2023-11-12 15:07:29 [DEBUG] 'main' routing table defined as follows...
--------------------
default via 172.30.32.1 dev eth0 
172.30.32.0/23 dev eth0 proto kernel scope link src 172.30.33.106 
192.168.100.0/24 via 172.30.32.1 dev eth0 
--------------------
2023-11-12 15:07:29 [DEBUG] ip rules defined as follows...
--------------------
0:  from all lookup local
32766:  from all lookup main
32767:  from all lookup default
--------------------
2023-11-12 15:07:29 WARNING: file '/config/openvpn/privado-ams-003_credentials.conf' is group or others accessible
2023-11-12 15:07:29 OpenVPN 2.6.5 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-11-12 15:07:29 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2023-11-12 15:07:29 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-11-12 15:07:29 TCP/UDP: Preserving recently used remote address: [AF_INET]91.148.224.30:1194
2023-11-12 15:07:29 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-11-12 15:07:29 UDPv4 link local: (not bound)
2023-11-12 15:07:29 UDPv4 link remote: [AF_INET]91.148.224.30:1194
2023-11-12 15:07:29 TLS: Initial packet from [AF_INET]91.148.224.30:1194, sid=776cb6f7 3793af19
2023-11-12 15:07:29 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-11-12 15:07:29 VERIFY OK: depth=1, CN=Privado
2023-11-12 15:07:29 VERIFY KU OK
2023-11-12 15:07:29 Validating certificate extended key usage
2023-11-12 15:07:29 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-11-12 15:07:29 VERIFY EKU OK
2023-11-12 15:07:29 VERIFY X509NAME OK: CN=ams-003.vpn.privado.io
2023-11-12 15:07:29 VERIFY OK: depth=0, CN=ams-003.vpn.privado.io
2023-11-12 15:07:29 [DEBUG] iptables table 'filter' defined as follows...
--------------------
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -s 172.30.32.0/23 -d 172.30.32.0/23 -j ACCEPT
-A INPUT -s 91.148.224.30/32 -i eth0 -p udp -m udp --sport 1194 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -s 172.30.32.0/23 -d 172.30.32.0/23 -j ACCEPT
-A OUTPUT -d 91.148.224.30/32 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
dos2unix: converting file /config/openvpn/privado-ams-003.ovpn to Unix format...
/var/run/s6/etc/cont-init.d/03-network.sh: eval: line 80: unexpected EOF while looking for matching `"'
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8080 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
--------------------
2023-11-12 15:07:29 [DEBUG] iptables table 'mangle' defined as follows...
--------------------
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
--------------------
Trigus42 commented 1 year ago

I didn't really pay attention to this part last time: 

2023-11-12 15:06:46 [INFO] VPN_DEVICE_TYPE defined as 'tun
"PrivadoVPN0'
2023-11-12 15:06:46 [INFO] Starting OpenVPN...

But this should be the cause of your issue and fixed now. Please update your image (to trigus42/qbittorrentvpn:issue-39-78740a1a173573ffd27c550eba8e93630f836a83) and try again.

poudenes commented 1 year ago

This did the trick.

Container show "healthy"

This is the log:

2023-11-12 18:02:08 Control Channel: TLSv1.2, cipher SSLv3 DHE-RSA-AES256-SHA, peer certificate: 4096 bit RSA, signature: RSA-SHA512
2023-11-12 18:02:08 [ams-003.vpn.privado.io] Peer Connection Initiated with [AF_INET]91.148.224.30:1194
2023-11-12 18:02:08 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-11-12 18:02:08 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-11-12 18:02:09 SENT CONTROL [ams-003.vpn.privado.io]: 'PUSH_REQUEST' (status=1)
2023-11-12 18:02:09 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 493216,sndbuf 493216,explicit-exit-notify 5,route-gateway 172.21.60.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.21.60.3 255.255.254.0,peer-id 4'
2023-11-12 18:02:09 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2023-11-12 18:02:09 Socket Buffers: R=[212992->425984] S=[212992->425984]
2023-11-12 18:02:09 OPTIONS IMPORT: --ifconfig/up options modified
2023-11-12 18:02:09 OPTIONS IMPORT: route options modified
2023-11-12 18:02:09 OPTIONS IMPORT: route-related options modified
2023-11-12 18:02:09 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2023-11-12 18:02:09 Using peer cipher 'AES-256-CBC'
2023-11-12 18:02:09 ROUTE_GATEWAY 172.30.32.1/255.255.254.0 IFACE=eth0 HWADDR=02:42:ac:1e:21:6a
2023-11-12 18:02:09 GDG6: remote_host_ipv6=n/a
2023-11-12 18:02:09 net_route_v6_best_gw query: dst ::
2023-11-12 18:02:09 net_route_v6_best_gw result: via :: dev lo
2023-11-12 18:02:09 ROUTE6_GATEWAY :: ON_LINK IFACE=lo
2023-11-12 18:02:09 TUN/TAP device tun0 opened
2023-11-12 18:02:09 /sbin/ip link set dev tun0 up mtu 1500
2023-11-12 18:02:09 /sbin/ip link set dev tun0 up
2023-11-12 18:02:09 /sbin/ip addr add dev tun0 172.21.60.3/23
2023-11-12 18:02:09 Data Channel: cipher 'AES-256-CBC', auth 'SHA256', peer-id: 4
2023-11-12 18:02:09 Timers: ping 20, ping-restart 40
2023-11-12 18:02:09 Protocol options: explicit-exit-notify 5
2023-11-12 18:02:12 /sbin/ip route add 91.148.224.30/32 via 172.30.32.1
2023-11-12 18:02:12 /sbin/ip route add 0.0.0.0/1 via 172.21.60.1
2023-11-12 18:02:12 /sbin/ip route add 128.0.0.0/1 via 172.21.60.1
2023-11-12 18:02:12 /sbin/ip route add 0.0.0.0/0 via 172.21.60.1
RTNETLINK answers: File exists
2023-11-12 18:02:12 ERROR: Linux route add command failed: external program exited with error status: 2
2023-11-12 18:02:12 ERROR: Linux route add command failed
2023-11-12 18:02:12 WARNING: OpenVPN was configured to add an IPv6 route. However, no IPv6 has been configured for tun0, therefore the route installation may fail or may not work as expected.
2023-11-12 18:02:12 add_route_ipv6(::/0 -> :: metric -1) dev tun0
2023-11-12 18:02:12 /sbin/ip -6 route add ::/0 dev tun0
2023-11-12 18:02:12 Initialization Sequence Completed
--------------------
[cont-init.d] 02-vpn.sh: exited 0.
[cont-init.d] 03-network.sh: executing... 
2023-11-12 18:02:13 [INFO] Adding 192.168.100.0/24 as route via docker eth0
2023-11-12 18:02:13 [DEBUG] 'main' routing table defined as follows...
--------------------
0.0.0.0/1 via 172.21.60.1 dev tun0 
default via 172.30.32.1 dev eth0 
91.148.224.30 via 172.30.32.1 dev eth0 
128.0.0.0/1 via 172.21.60.1 dev tun0 
172.21.60.0/23 dev tun0 proto kernel scope link src 172.21.60.3 
172.30.32.0/23 dev eth0 proto kernel scope link src 172.30.33.106 
192.168.100.0/24 via 172.30.32.1 dev eth0 
--------------------
2023-11-12 18:02:13 [DEBUG] ip rules defined as follows...
--------------------
0:  from all lookup local
32766:  from all lookup main
32767:  from all lookup default
--------------------
2023-11-12 18:02:13 [DEBUG] iptables table 'filter' defined as follows...
--------------------
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT DROP
-A INPUT -i tun0 -j ACCEPT
-A INPUT -s 172.30.32.0/23 -d 172.30.32.0/23 -j ACCEPT
-A INPUT -s 91.148.224.30/32 -i eth0 -p udp -m udp --sport 1194 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -s 172.30.32.0/23 -d 172.30.32.0/23 -j ACCEPT
-A OUTPUT -d 91.148.224.30/32 -o eth0 -p udp -m udp --dport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m tcp --sport 8080 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
--------------------
2023-11-12 18:02:13 [DEBUG] iptables table 'mangle' defined as follows...
--------------------
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
--------------------
[cont-init.d] 03-network.sh: exited 0.
[cont-init.d] 04-qbittorrent-setup.sh: executing... 
2023-11-12 18:02:13 [WARNING] ENABLE_SSL is set to , SSL is not enabled. This could cause issues with logging if other apps use the same Cookie name (SID).
2023-11-12 18:02:13 [WARNING] If you manage the SSL config yourself, you can ignore this.
2023-11-12 18:02:13 [WARNING] UMASK not defined (via -e UMASK), defaulting to '002'
[cont-init.d] 04-qbittorrent-setup.sh: exited 0.
[cont-init.d] 05-install.sh: executing... 
[cont-init.d] 05-install.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
2023-11-12 18:02:13 [INFO] Logging to /config/qBittorrent/data/logs/qbittorrent.log.
2023-11-12 18:02:13 [INFO] Trying to ping 1.1.1.1 and 8.8.8.8 over the docker interface for 500ms each...
[services.d] done.
Terminated
Terminated
2023-11-12 18:02:15 [INFO] Success: Could not connect. This means the firewall is most likely working properly.
2023-11-12 18:02:15 [INFO] qBittorrent started with PID 611
2023-11-12 18:02:15 [INFO] HEALTH_CHECK_HOST is not set. Using default host one.one.one.one
2023-11-12 18:02:15 [INFO] HEALTH_CHECK_INTERVAL is not set. Using default interval of 5s
2023-11-12 18:02:15 [INFO] HEALTH_CHECK_TIMEOUT is not set. Using default interval of 5s
poudenes commented 1 year ago

Thanks for the fast fix!!