search

Trigus42 / alpine-qbittorrentvpn

Multiarch docker image with the latest qBittorrent-nox client (WEB UI) and WireGuard/OpenVPN tunnel
GNU General Public License v3.0
73 stars 14 forks source link

VPN Unlimited OVPN not work #46

Closed poudenes closed 9 months ago

poudenes commented 10 months ago

Hi All,

Tried everything to let this work but get some errors:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-environment.sh: executing... 
2023-12-04 11:32:12 [INFO] LAN_NETWORK defined as '192.168.100.0/24'
2023-12-04 11:32:12 [INFO] Docker network defined as 172.30.32.0/23
2023-12-04 11:32:12 [INFO] PUID defined as 1026
2023-12-04 11:32:12 [INFO] PGID defined as 100
2023-12-04 11:32:12 [INFO] An user with PUID 1026 does not exist, adding an user called 'qbittorrent' with PUID 1026
2023-12-04 11:32:15 [INFO] VPN_ENABLED defined as 'yes'
dos2unix: converting file /config/openvpn/vpn_unlimited.ovpn to Unix format...
2023-12-04 11:32:15 [INFO] VPN_TYPE defined as 'openvpn'
2023-12-04 11:32:15 [INFO] NAME_SERVERS defined as '1.1.1.1'
2023-12-04 11:32:15 [INFO] Adding 1.1.1.1 to resolv.conf
[cont-init.d] 01-environment.sh: exited 0.
[cont-init.d] 02-vpn.sh: executing... 
2023-12-04 11:32:15 [INFO] Choosen VPN config: 'vpn_unlimited.ovpn'
2023-12-04 11:32:15 [INFO] Using credentials from /config/openvpn/vpn_unlimited_credentials.conf
2023-12-04 11:32:15 [INFO] VPN remote line defined as 'nl.vpnunlimitedapp.com 1194'
2023-12-04 11:32:15 [INFO] VPN_REMOTE defined as 'nl.vpnunlimitedapp.com'
2023-12-04 11:32:15 [INFO] VPN_PORT defined as '1194'
2023-12-04 11:32:15 [INFO] VPN_PROTOCOL defined as 'udp'
2023-12-04 11:32:15 [INFO] VPN_DEVICE_TYPE defined as 'tun0'
2023-12-04 11:32:15 [INFO] Starting OpenVPN...
--------------------
2023-12-04 11:32:16 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 
2023-12-04 11:32:16 WARNING: file '/config/openvpn/vpn_unlimited_credentials.conf' is group or others accessible
2023-12-04 11:32:16 OpenVPN 2.6.5 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-12-04 11:32:16 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2023-12-04 11:32:16 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-12-04 11:32:16 TCP/UDP: Preserving recently used remote address: [AF_INET]199.247.27.95:1194
2023-12-04 11:32:16 UDPv4 link local: (not bound)
2023-12-04 11:32:16 UDPv4 link remote: [AF_INET]199.247.27.95:1194
2023-12-04 11:32:48 [UNDEF] Inactivity timeout (--ping-exit), exiting
2023-12-04 11:32:48 SIGTERM[soft,ping-exit] received, process exiting
--------------------
2023-12-04 11:32:48 [ERROR] Failed to start OpenVPN
[cont-init.d] 02-vpn.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.

OVPN file:

client
dev tun
reneg-sec 0
persist-tun
persist-key
ping 5
ping-exit 30
nobind
comp-lzo no
remote-random
remote-cert-tls server
auth-nocache
route-metric 1
cipher AES-256-CBC
auth sha512
<ca>
-----BEGIN CERTIFICATE-----
<< SNAP >> Removed cert
-----END CERTIFICATE-----
</ca>
remote nl.vpnunlimitedapp.com 1194
proto udp

Docker config:

version: "3.9"
services:

  qbittorrent:
    image: trigus42/qbittorrentvpn
    container_name: qbittorrent
    hostname: qbittorrent
    restart: always
    ports:
      - 8084:8080
      - 20000:20000
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /volumeUSB2/usbshare/docker/qbittorrent/:/config:rw
      - /volumeUSB2/usbshare/docker/qbittorrent/downloads:/downloads:rw
      - /volume1/data/torrents:/data/torrents:rw
    environment:
      TZ: Europe/Amsterdam
      LAN_NETWORK: 192.168.100.0/24
      VPN_ENABLED: yes
      VPN_TYPE: openvpn
      NAME_SERVERS: 1.1.1.1
      VPN_USERNAME: KS2-USERNAME
      VPN_PASSWORD: PASSWORD
      PUID: 1026
      PGID: 100
      FIREWALL_OUTBOUND_SUBNETS: 172.30.33.0/24,192.168.100.0/24
      UNPRIVILEGED: No
    mem_limit: 2g
    cpu_shares: 768
#    security_opt:
#      - no-new-privileges:no
#    cap_add:
#      - NET_ADMIN
    networks:
       synology:
         ipv4_address: 172.30.33.106

networks:
  synology:
    external: true
poudenes commented 10 months ago

The install is working with VPN_ENABLED: no

Trigus42 commented 10 months ago

Can you please set the environment variable DEBUG=true, add the option verb 4 to the OpenVPN config and post the log?

Also please use this version of the compose file:

version: "3.9"
services:

  qbittorrent:
    image: trigus42/qbittorrentvpn
    container_name: qbittorrent
    hostname: qbittorrent
    restart: always
    ports:
      - 8084:8080
      - 20000:20000
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /volumeUSB2/usbshare/docker/qbittorrent/:/config:rw
      - /volumeUSB2/usbshare/docker/qbittorrent/downloads:/downloads:rw
      - /volume1/data/torrents:/data/torrents:rw
    environment:
      TZ: Europe/Amsterdam
      LAN_NETWORK: 192.168.100.0/24
      VPN_ENABLED: yes
      VPN_TYPE: openvpn
      NAME_SERVERS: 1.1.1.1
      VPN_USERNAME: KS2-USERNAME
      VPN_PASSWORD: PASSWORD
      PUID: 1026
      PGID: 100
    mem_limit: 2g
    cpu_shares: 768
    cap_add:
      - NET_ADMIN
    networks:
       synology:
         ipv4_address: 172.30.33.106

networks:
  synology:
    external: true
poudenes commented 10 months ago

log output replaced in new post

Trigus42 commented 10 months ago

The log seems incomplete? Did you kill the container at some point? If it is, please unset the restart flag in the compose file and post one full log from start to exit.

poudenes commented 10 months ago

Sorry here you are.

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-environment.sh: executing... 
2023-12-06 15:39:19 [INFO] LAN_NETWORK defined as '192.168.100.0/24'
2023-12-06 15:39:20 [DEBUG] Docker interface defined as eth0
2023-12-06 15:39:21 [DEBUG] Docker IP defined as 172.30.33.106
2023-12-06 15:39:21 [DEBUG] Docker netmask defined as 255.255.254.0
2023-12-06 15:39:21 [INFO] Docker network defined as 172.30.32.0/23
2023-12-06 15:39:21 [DEBUG] Default gateway defined as 172.30.32.1
2023-12-06 15:39:21 [INFO] PUID defined as 1026
2023-12-06 15:39:21 [INFO] PGID defined as 100
2023-12-06 15:39:21 [INFO] An user with PUID 1026 does not exist, adding an user called 'qbittorrent' with PUID 1026
2023-12-06 15:39:22 [INFO] VPN_ENABLED defined as 'yes'
2023-12-06 15:39:22 [INFO] VPN_TYPE defined as 'openvpn'
2023-12-06 15:39:22 [INFO] NAME_SERVERS defined as '1.1.1.1'
2023-12-06 15:39:22 [INFO] Adding 1.1.1.1 to resolv.conf
[cont-init.d] 01-environment.sh: exited 0.
[cont-init.d] 02-vpn.sh: executing... 
2023-12-06 15:39:22 [INFO] Choosen VPN config: 'vpn_unlimited.ovpn'
2023-12-06 15:39:22 [INFO] Using credentials from /config/openvpn/vpn_unlimited_credentials.conf
dos2unix: converting file /config/openvpn/vpn_unlimited.ovpn to Unix format...
2023-12-06 15:39:22 [INFO] VPN remote line defined as 'nl.vpnunlimitedapp.com 1194'
2023-12-06 15:39:22 [INFO] VPN_REMOTE defined as 'nl.vpnunlimitedapp.com'
2023-12-06 15:39:22 [INFO] VPN_PORT defined as '1194'
2023-12-06 15:39:22 [INFO] VPN_PROTOCOL defined as 'udp'
2023-12-06 15:39:22 [INFO] VPN_DEVICE_TYPE defined as 'tun0'
2023-12-06 15:39:22 [INFO] Starting OpenVPN...
--------------------
2023-12-06 15:39:22 [DEBUG] OpenVPN PID: 313
2023-12-06 15:39:22 us=188616 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 
2023-12-06 15:39:22 us=188894 WARNING: file '/config/openvpn/vpn_unlimited_credentials.conf' is group or others accessible
2023-12-06 15:39:22 us=188957 Current Parameter Settings:
2023-12-06 15:39:22 us=189009   config = '/config/openvpn/vpn_unlimited.ovpn'
2023-12-06 15:39:22 us=189060   mode = 0
2023-12-06 15:39:22 us=189110   persist_config = DISABLED
2023-12-06 15:39:22 us=189158   persist_mode = 1
2023-12-06 15:39:22 us=189199   show_ciphers = DISABLED
2023-12-06 15:39:22 us=189260   show_digests = DISABLED
2023-12-06 15:39:22 us=189308   show_engines = DISABLED
2023-12-06 15:39:22 us=189355   genkey = DISABLED
2023-12-06 15:39:22 us=189397   genkey_filename = '[UNDEF]'
2023-12-06 15:39:22 us=189450   key_pass_file = '[UNDEF]'
2023-12-06 15:39:22 us=189492   show_tls_ciphers = DISABLED
2023-12-06 15:39:22 us=189543   connect_retry_max = 0
2023-12-06 15:39:22 us=189587 Connection profiles [0]:
2023-12-06 15:39:22 us=189639   proto = udp
2023-12-06 15:39:22 us=189680   local = '[UNDEF]'
2023-12-06 15:39:22 us=189734   local_port = '[UNDEF]'
2023-12-06 15:39:22 us=189785   remote = 'nl.vpnunlimitedapp.com'
2023-12-06 15:39:22 us=189830   remote_port = '1194'
2023-12-06 15:39:22 us=189891   remote_float = DISABLED
2023-12-06 15:39:22 us=189939   bind_defined = DISABLED
2023-12-06 15:39:22 us=189985   bind_local = DISABLED
2023-12-06 15:39:22 us=190026   bind_ipv6_only = DISABLED
2023-12-06 15:39:22 us=190081   connect_retry_seconds = 1
2023-12-06 15:39:22 us=190128   connect_timeout = 120
2023-12-06 15:39:22 us=190175   socks_proxy_server = '[UNDEF]'
2023-12-06 15:39:22 us=190215   socks_proxy_port = '[UNDEF]'
2023-12-06 15:39:22 us=190268   tun_mtu = 1500
2023-12-06 15:39:22 us=190309   tun_mtu_defined = ENABLED
2023-12-06 15:39:22 us=190362   link_mtu = 1500
2023-12-06 15:39:22 us=190402   link_mtu_defined = DISABLED
2023-12-06 15:39:22 us=190453   tun_mtu_extra = 0
2023-12-06 15:39:22 us=190494   tun_mtu_extra_defined = DISABLED
2023-12-06 15:39:22 us=190544   tls_mtu = 1250
2023-12-06 15:39:22 us=190594   mtu_discover_type = -1
2023-12-06 15:39:22 us=190641   fragment = 0
2023-12-06 15:39:22 us=190682   mssfix = 1492
2023-12-06 15:39:22 us=190734   mssfix_encap = ENABLED
2023-12-06 15:39:22 us=190775   mssfix_fixed = DISABLED
2023-12-06 15:39:22 us=190828   explicit_exit_notification = 0
2023-12-06 15:39:22 us=190885   tls_auth_file = '[UNDEF]'
2023-12-06 15:39:22 us=190933   key_direction = not set
2023-12-06 15:39:22 us=190974   tls_crypt_file = '[UNDEF]'
2023-12-06 15:39:22 us=191027   tls_crypt_v2_file = '[UNDEF]'
2023-12-06 15:39:22 us=191068 Connection profiles END
2023-12-06 15:39:22 us=191122   remote_random = ENABLED
2023-12-06 15:39:22 us=191162   ipchange = '[UNDEF]'
2023-12-06 15:39:22 us=191214   dev = 'tun'
2023-12-06 15:39:22 us=191254   dev_type = '[UNDEF]'
2023-12-06 15:39:22 us=191307   dev_node = '[UNDEF]'
2023-12-06 15:39:22 us=191348   lladdr = '[UNDEF]'
2023-12-06 15:39:22 us=191401   topology = 1
2023-12-06 15:39:22 us=191442   ifconfig_local = '[UNDEF]'
2023-12-06 15:39:22 us=191494   ifconfig_remote_netmask = '[UNDEF]'
2023-12-06 15:39:22 us=191534   ifconfig_noexec = DISABLED
2023-12-06 15:39:22 us=191587   ifconfig_nowarn = DISABLED
2023-12-06 15:39:22 us=191627   ifconfig_ipv6_local = '[UNDEF]'
2023-12-06 15:39:22 us=191682   ifconfig_ipv6_netbits = 0
2023-12-06 15:39:22 us=191722   ifconfig_ipv6_remote = '[UNDEF]'
2023-12-06 15:39:22 us=191772   shaper = 0
2023-12-06 15:39:22 us=191815   mtu_test = 0
2023-12-06 15:39:22 us=191878   mlock = DISABLED
2023-12-06 15:39:22 us=191927   keepalive_ping = 0
2023-12-06 15:39:22 us=191974   keepalive_timeout = 0
2023-12-06 15:39:22 us=192014   inactivity_timeout = 0
2023-12-06 15:39:22 us=192066   session_timeout = 0
2023-12-06 15:39:22 us=192107   inactivity_minimum_bytes = 0
2023-12-06 15:39:22 us=192161   ping_send_timeout = 5
2023-12-06 15:39:22 us=192201   ping_rec_timeout = 30
2023-12-06 15:39:22 us=192254   ping_rec_timeout_action = 1
2023-12-06 15:39:22 us=192294   ping_timer_remote = DISABLED
2023-12-06 15:39:22 us=192352   remap_sigusr1 = 0
2023-12-06 15:39:22 us=192399   persist_tun = ENABLED
2023-12-06 15:39:22 us=192446   persist_local_ip = DISABLED
2023-12-06 15:39:22 us=192487   persist_remote_ip = DISABLED
2023-12-06 15:39:22 us=192542   persist_key = ENABLED
2023-12-06 15:39:22 us=192589   passtos = DISABLED
2023-12-06 15:39:22 us=192636   resolve_retry_seconds = 1000000000
2023-12-06 15:39:22 us=192677   resolve_in_advance = DISABLED
2023-12-06 15:39:22 us=192730   username = '[UNDEF]'
2023-12-06 15:39:22 us=192770   groupname = '[UNDEF]'
2023-12-06 15:39:22 us=192820   chroot_dir = '[UNDEF]'
2023-12-06 15:39:22 us=192880   cd_dir = '[UNDEF]'
2023-12-06 15:39:22 us=192925   writepid = '[UNDEF]'
2023-12-06 15:39:22 us=192968   up_script = '[UNDEF]'
2023-12-06 15:39:22 us=193018   down_script = '[UNDEF]'
2023-12-06 15:39:22 us=193058   down_pre = DISABLED
2023-12-06 15:39:22 us=193108   up_restart = DISABLED
2023-12-06 15:39:22 us=193148   up_delay = DISABLED
2023-12-06 15:39:22 us=193203   daemon = DISABLED
2023-12-06 15:39:22 us=193250   log = DISABLED
2023-12-06 15:39:22 us=193296   suppress_timestamps = DISABLED
2023-12-06 15:39:22 us=193336   machine_readable_output = DISABLED
2023-12-06 15:39:22 us=193387   nice = 0
2023-12-06 15:39:22 us=193427   verbosity = 4
2023-12-06 15:39:22 us=193475   mute = 0
2023-12-06 15:39:22 us=193515   gremlin = 0
2023-12-06 15:39:22 us=193566   status_file = '[UNDEF]'
2023-12-06 15:39:22 us=193606   status_file_version = 1
2023-12-06 15:39:22 us=193662   status_file_update_freq = 60
2023-12-06 15:39:22 us=193709   occ = ENABLED
2023-12-06 15:39:22 us=193755   rcvbuf = 0
2023-12-06 15:39:22 us=193795   sndbuf = 0
2023-12-06 15:39:22 us=193857   mark = 0
2023-12-06 15:39:22 us=193906   sockflags = 0
2023-12-06 15:39:22 us=193951   fast_io = DISABLED
2023-12-06 15:39:22 us=193993   comp.alg = 1
2023-12-06 15:39:22 us=194044   comp.flags = 24
2023-12-06 15:39:22 us=194084   route_script = '/helper/resume-after-connect'
2023-12-06 15:39:22 us=194132   route_default_gateway = '[UNDEF]'
2023-12-06 15:39:22 us=194174   route_default_metric = 1
2023-12-06 15:39:22 us=194225   route_noexec = DISABLED
2023-12-06 15:39:22 us=194268   route_delay = 0
2023-12-06 15:39:22 us=194318   route_delay_window = 30
2023-12-06 15:39:22 us=194369   route_delay_defined = DISABLED
2023-12-06 15:39:22 us=194413   route_nopull = DISABLED
2023-12-06 15:39:22 us=194456   route_gateway_via_dhcp = DISABLED
2023-12-06 15:39:22 us=194506   allow_pull_fqdn = DISABLED
2023-12-06 15:39:22 us=194549   Pull filters:
2023-12-06 15:39:22 us=194600     ignore "route-ipv6"
2023-12-06 15:39:22 us=194642     ignore "ifconfig-ipv6"
2023-12-06 15:39:22 us=194692     ignore "tun-ipv6"
2023-12-06 15:39:22 us=194736     ignore "redirect-gateway ipv6"
2023-12-06 15:39:22 us=194786     ignore "dhcp-option DNS6"
2023-12-06 15:39:22 us=194847   management_addr = '[UNDEF]'
2023-12-06 15:39:22 us=194896   management_port = '[UNDEF]'
2023-12-06 15:39:22 us=194944   management_user_pass = '[UNDEF]'
2023-12-06 15:39:22 us=194991   management_log_history_cache = 250
2023-12-06 15:39:22 us=195031   management_echo_buffer_size = 100
2023-12-06 15:39:22 us=195083   management_client_user = '[UNDEF]'
2023-12-06 15:39:22 us=195124   management_client_group = '[UNDEF]'
2023-12-06 15:39:22 us=195176   management_flags = 0
2023-12-06 15:39:22 us=195217   shared_secret_file = '[UNDEF]'
2023-12-06 15:39:22 us=195270   key_direction = not set
2023-12-06 15:39:22 us=195310   ciphername = 'AES-256-CBC'
2023-12-06 15:39:22 us=195364   ncp_ciphers = 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305'
2023-12-06 15:39:22 us=195404   authname = 'sha512'
2023-12-06 15:39:22 us=195454   engine = DISABLED
2023-12-06 15:39:22 us=195495   replay = ENABLED
2023-12-06 15:39:22 us=195545   mute_replay_warnings = DISABLED
2023-12-06 15:39:22 us=195586   replay_window = 64
2023-12-06 15:39:22 us=195636   replay_time = 15
2023-12-06 15:39:22 us=195678   packet_id_file = '[UNDEF]'
2023-12-06 15:39:22 us=195728   test_crypto = DISABLED
2023-12-06 15:39:22 us=195771   tls_server = DISABLED
2023-12-06 15:39:22 us=195826   tls_client = ENABLED
2023-12-06 15:39:22 us=195882   ca_file = '[INLINE]'
2023-12-06 15:39:22 us=195927   ca_path = '[UNDEF]'
2023-12-06 15:39:22 us=195969   dh_file = '[UNDEF]'
2023-12-06 15:39:22 us=196018   cert_file = '[UNDEF]'
2023-12-06 15:39:22 us=196062   extra_certs_file = '[UNDEF]'
2023-12-06 15:39:22 us=196112   priv_key_file = '[UNDEF]'
2023-12-06 15:39:22 us=196154   pkcs12_file = '[UNDEF]'
2023-12-06 15:39:22 us=196203   cipher_list = '[UNDEF]'
2023-12-06 15:39:22 us=196245   cipher_list_tls13 = '[UNDEF]'
2023-12-06 15:39:22 us=196293   tls_cert_profile = '[UNDEF]'
2023-12-06 15:39:22 us=196337   tls_verify = '[UNDEF]'
2023-12-06 15:39:22 us=196387   tls_export_cert = '[UNDEF]'
2023-12-06 15:39:22 us=196429   verify_x509_type = 0
2023-12-06 15:39:22 us=196491   verify_x509_name = '[UNDEF]'
2023-12-06 15:39:22 us=196540   crl_file = '[UNDEF]'
2023-12-06 15:39:22 us=196595   ns_cert_type = 0
2023-12-06 15:39:22 us=196644   remote_cert_ku[i] = 65535
2023-12-06 15:39:22 us=196699   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=196750   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=196804   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=196860   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=196917   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=196965   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197020   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197068   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197123   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197171   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197225   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197273   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197327   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197375   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197429   remote_cert_ku[i] = 0
2023-12-06 15:39:22 us=197478   remote_cert_eku = 'TLS Web Server Authentication'
2023-12-06 15:39:22 us=197534   ssl_flags = 192
2023-12-06 15:39:22 us=197582   tls_timeout = 2
2023-12-06 15:39:22 us=197636   renegotiate_bytes = -1
2023-12-06 15:39:22 us=197685   renegotiate_packets = 0
2023-12-06 15:39:22 us=197739   renegotiate_seconds = 0
2023-12-06 15:39:22 us=197787   handshake_window = 60
2023-12-06 15:39:22 us=197858   transition_window = 3600
2023-12-06 15:39:22 us=197916   single_session = DISABLED
2023-12-06 15:39:22 us=197962   push_peer_info = DISABLED
2023-12-06 15:39:22 us=198023   tls_exit = DISABLED
2023-12-06 15:39:22 us=198069   tls_crypt_v2_metadata = '[UNDEF]'
2023-12-06 15:39:22 us=198129   server_network = 0.0.0.0
2023-12-06 15:39:22 us=198179   server_netmask = 0.0.0.0
2023-12-06 15:39:22 us=198237   server_network_ipv6 = ::
2023-12-06 15:39:22 us=198287   server_netbits_ipv6 = 0
2023-12-06 15:39:22 us=198344   server_bridge_ip = 0.0.0.0
2023-12-06 15:39:22 us=198394   server_bridge_netmask = 0.0.0.0
2023-12-06 15:39:22 us=198451   server_bridge_pool_start = 0.0.0.0
2023-12-06 15:39:22 us=198503   server_bridge_pool_end = 0.0.0.0
2023-12-06 15:39:22 us=198558   ifconfig_pool_defined = DISABLED
2023-12-06 15:39:22 us=198611   ifconfig_pool_start = 0.0.0.0
2023-12-06 15:39:22 us=198667   ifconfig_pool_end = 0.0.0.0
2023-12-06 15:39:22 us=198719   ifconfig_pool_netmask = 0.0.0.0
2023-12-06 15:39:22 us=198776   ifconfig_pool_persist_filename = '[UNDEF]'
2023-12-06 15:39:22 us=198826   ifconfig_pool_persist_refresh_freq = 600
2023-12-06 15:39:22 us=198903   ifconfig_ipv6_pool_defined = DISABLED
2023-12-06 15:39:22 us=198953   ifconfig_ipv6_pool_base = ::
2023-12-06 15:39:22 us=199012   ifconfig_ipv6_pool_netbits = 0
2023-12-06 15:39:22 us=199058   n_bcast_buf = 256
2023-12-06 15:39:22 us=199115   tcp_queue_limit = 64
2023-12-06 15:39:22 us=199162   real_hash_size = 256
2023-12-06 15:39:22 us=199218   virtual_hash_size = 256
2023-12-06 15:39:22 us=199265   client_connect_script = '[UNDEF]'
2023-12-06 15:39:22 us=199324   learn_address_script = '[UNDEF]'
2023-12-06 15:39:22 us=199371   client_disconnect_script = '[UNDEF]'
2023-12-06 15:39:22 us=199430   client_crresponse_script = '[UNDEF]'
2023-12-06 15:39:22 us=199476   client_config_dir = '[UNDEF]'
2023-12-06 15:39:22 us=199535   ccd_exclusive = DISABLED
2023-12-06 15:39:22 us=199582   tmp_dir = '/tmp'
2023-12-06 15:39:22 us=199644   push_ifconfig_defined = DISABLED
2023-12-06 15:39:22 us=199692   push_ifconfig_local = 0.0.0.0
2023-12-06 15:39:22 us=199750   push_ifconfig_remote_netmask = 0.0.0.0
2023-12-06 15:39:22 us=199799   push_ifconfig_ipv6_defined = DISABLED
2023-12-06 15:39:22 us=199874   push_ifconfig_ipv6_local = ::/0
2023-12-06 15:39:22 us=199923   push_ifconfig_ipv6_remote = ::
2023-12-06 15:39:22 us=199979   enable_c2c = DISABLED
2023-12-06 15:39:22 us=200026   duplicate_cn = DISABLED
2023-12-06 15:39:22 us=200083   cf_max = 0
2023-12-06 15:39:22 us=200129   cf_per = 0
2023-12-06 15:39:22 us=200185   cf_initial_max = 100
2023-12-06 15:39:22 us=200231   cf_initial_per = 10
2023-12-06 15:39:22 us=200287   max_clients = 1024
2023-12-06 15:39:22 us=200333   max_routes_per_client = 256
2023-12-06 15:39:22 us=200390   auth_user_pass_verify_script = '[UNDEF]'
2023-12-06 15:39:22 us=200436   auth_user_pass_verify_script_via_file = DISABLED
2023-12-06 15:39:22 us=200495   auth_token_generate = DISABLED
2023-12-06 15:39:22 us=200541   auth_token_lifetime = 0
2023-12-06 15:39:22 us=200601   auth_token_secret_file = '[UNDEF]'
2023-12-06 15:39:22 us=200647   port_share_host = '[UNDEF]'
2023-12-06 15:39:22 us=200704   port_share_port = '[UNDEF]'
2023-12-06 15:39:22 us=200750   vlan_tagging = DISABLED
2023-12-06 15:39:22 us=200809   vlan_accept = all
2023-12-06 15:39:22 us=200868   vlan_pvid = 1
2023-12-06 15:39:22 us=200912   client = ENABLED
2023-12-06 15:39:22 us=200957   pull = ENABLED
2023-12-06 15:39:22 us=201008   auth_user_pass_file = '/config/openvpn/vpn_unlimited_credentials.conf'
2023-12-06 15:39:22 us=201064 OpenVPN 2.6.5 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-12-06 15:39:22 us=201120 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2023-12-06 15:39:22 us=201961 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-12-06 15:39:22 us=204160 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2023-12-06 15:39:22 us=212135 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2023-12-06 15:39:22 us=212305 TCP/UDP: Preserving recently used remote address: [AF_INET]95.85.21.13:1194
2023-12-06 15:39:22 us=212377 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-12-06 15:39:22 us=212431 UDPv4 link local: (not bound)
2023-12-06 15:39:22 us=212488 UDPv4 link remote: [AF_INET]95.85.21.13:1194
2023-12-06 15:39:22 us=218209 TLS: Initial packet from [AF_INET]95.85.21.13:1194, sid=85882463 da9784af
2023-12-06 15:39:22 us=236035 VERIFY OK: depth=1, C=US, ST=NY, L=New York, O=Simplex Solutions Inc., OU=Vpn Unlimited, CN=server.vpnunlimitedapp.com, name=server.vpnunlimitedapp.com, emailAddress=support@simplexsolutionsinc.com
2023-12-06 15:39:22 us=236332 VERIFY KU OK
2023-12-06 15:39:22 us=236399 Validating certificate extended key usage
2023-12-06 15:39:22 us=236452 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-12-06 15:39:22 us=236510 VERIFY EKU OK
2023-12-06 15:39:22 us=236560 VERIFY OK: depth=0, CN=openvpn2.vpnunlimitedapp.com
2023-12-06 15:39:55 us=71927 [UNDEF] Inactivity timeout (--ping-exit), exiting
2023-12-06 15:39:55 us=72807 TCP/UDP: Closing socket
2023-12-06 15:39:55 us=72991 SIGTERM[soft,ping-exit] received, process exiting
--------------------
2023-12-06 15:39:55 [ERROR] Failed to start OpenVPN
[cont-init.d] 02-vpn.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
Trigus42 commented 9 months ago

I am not sure why you get an inactivity timeout. At this point there is no firewall up yet and to some extent the connection establishment works fine.

It might be helpful to see the OpenVPN log at verb 7, but I am not sure if this might expose some sensitive information. Does this OpenVPN config file work in other containers?

poudenes commented 9 months ago

Im using this same .OVPN file also in my Asus GTAX11000 router to route some devices. I will make changes to verb 7 and check the log. If none sensitiveinformation is there i will post it.

poudenes commented 9 months ago

Log with Verb 7

2023-12-08 16:21:56 [INFO] LAN_NETWORK defined as '192.168.100.0/24'
2023-12-08 16:21:56 [DEBUG] Docker interface defined as eth0
2023-12-08 16:21:57 [DEBUG] Docker IP defined as 172.30.33.106
2023-12-08 16:21:57 [DEBUG] Docker netmask defined as 255.255.254.0
2023-12-08 16:21:57 [INFO] Docker network defined as 172.30.32.0/23
2023-12-08 16:21:57 [DEBUG] Default gateway defined as 172.30.32.1
2023-12-08 16:21:57 [INFO] PUID defined as 1026
2023-12-08 16:21:57 [INFO] PGID defined as 100
2023-12-08 16:21:57 [INFO] An user with PUID 1026 already exists in /etc/passwd, nothing to do.
2023-12-08 16:21:57 [INFO] VPN_ENABLED defined as 'yes'
2023-12-08 16:21:57 [INFO] VPN_TYPE defined as 'openvpn'
2023-12-08 16:21:57 [INFO] NAME_SERVERS defined as '1.1.1.1'
2023-12-08 16:21:57 [INFO] Adding 1.1.1.1 to resolv.conf
[cont-init.d] 01-environment.sh: exited 0.
[cont-init.d] 02-vpn.sh: executing... 
2023-12-08 16:21:57 [INFO] Choosen VPN config: 'vpn_unlimited.ovpn'
2023-12-08 16:21:57 [INFO] Using credentials from /config/openvpn/vpn_unlimited_credentials.conf
2023-12-08 16:21:57 [INFO] VPN remote line defined as 'nl.vpnunlimitedapp.com 1194'
2023-12-08 16:21:57 [INFO] VPN_REMOTE defined as 'nl.vpnunlimitedapp.com'
2023-12-08 16:21:57 [INFO] VPN_PORT defined as '1194'
2023-12-08 16:21:57 [INFO] VPN_PROTOCOL defined as 'udp'
2023-12-08 16:21:57 [INFO] VPN_DEVICE_TYPE defined as 'tun0'
2023-12-08 16:21:57 [INFO] Starting OpenVPN...
--------------------
2023-12-08 16:21:57 [DEBUG] OpenVPN PID: 311
dos2unix: converting file /config/openvpn/vpn_unlimited.ovpn to Unix format...
2023-12-08 16:21:57 us=576574 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 
2023-12-08 16:21:57 us=576733 WARNING: file '/config/openvpn/vpn_unlimited_credentials.conf' is group or others accessible
2023-12-08 16:21:57 us=576790 Current Parameter Settings:
2023-12-08 16:21:57 us=576824   config = '/config/openvpn/vpn_unlimited.ovpn'
2023-12-08 16:21:57 us=576870   mode = 0
2023-12-08 16:21:57 us=576906   persist_config = DISABLED
2023-12-08 16:21:57 us=576943   persist_mode = 1
2023-12-08 16:21:57 us=576981   show_ciphers = DISABLED
2023-12-08 16:21:57 us=577015   show_digests = DISABLED
2023-12-08 16:21:57 us=577044   show_engines = DISABLED
2023-12-08 16:21:57 us=577086   genkey = DISABLED
2023-12-08 16:21:57 us=577121   genkey_filename = '[UNDEF]'
2023-12-08 16:21:57 us=577163   key_pass_file = '[UNDEF]'
2023-12-08 16:21:57 us=577199   show_tls_ciphers = DISABLED
2023-12-08 16:21:57 us=577231   connect_retry_max = 0
2023-12-08 16:21:57 us=577244 Connection profiles [0]:
2023-12-08 16:21:57 us=577322   proto = udp
2023-12-08 16:21:57 us=577373   local = '[UNDEF]'
2023-12-08 16:21:57 us=577427   local_port = '[UNDEF]'
2023-12-08 16:21:57 us=577479   remote = 'nl.vpnunlimitedapp.com'
2023-12-08 16:21:57 us=577531   remote_port = '1194'
2023-12-08 16:21:57 us=577580   remote_float = DISABLED
2023-12-08 16:21:57 us=577632   bind_defined = DISABLED
2023-12-08 16:21:57 us=577680   bind_local = DISABLED
2023-12-08 16:21:57 us=577731   bind_ipv6_only = DISABLED
2023-12-08 16:21:57 us=577780   connect_retry_seconds = 1
2023-12-08 16:21:57 us=577832   connect_timeout = 120
2023-12-08 16:21:57 us=577888   socks_proxy_server = '[UNDEF]'
2023-12-08 16:21:57 us=577941   socks_proxy_port = '[UNDEF]'
2023-12-08 16:21:57 us=577990   tun_mtu = 1500
2023-12-08 16:21:57 us=578041   tun_mtu_defined = ENABLED
2023-12-08 16:21:57 us=578090   link_mtu = 1500
2023-12-08 16:21:57 us=578141   link_mtu_defined = DISABLED
2023-12-08 16:21:57 us=578190   tun_mtu_extra = 0
2023-12-08 16:21:57 us=578242   tun_mtu_extra_defined = DISABLED
2023-12-08 16:21:57 us=578292   tls_mtu = 1250
2023-12-08 16:21:57 us=578344   mtu_discover_type = -1
2023-12-08 16:21:57 us=578453   fragment = 0
2023-12-08 16:21:57 us=578502   mssfix = 1492
2023-12-08 16:21:57 us=578609   mssfix_encap = ENABLED
2023-12-08 16:21:57 us=578661   mssfix_fixed = DISABLED
2023-12-08 16:21:57 us=578760   explicit_exit_notification = 0
2023-12-08 16:21:57 us=578811   tls_auth_file = '[UNDEF]'
2023-12-08 16:21:57 us=578869   key_direction = not set
2023-12-08 16:21:57 us=578973   tls_crypt_file = '[UNDEF]'
2023-12-08 16:21:57 us=579007   tls_crypt_v2_file = '[UNDEF]'
2023-12-08 16:21:57 us=579044 Connection profiles END
2023-12-08 16:21:57 us=579096   remote_random = ENABLED
2023-12-08 16:21:57 us=579145   ipchange = '[UNDEF]'
2023-12-08 16:21:57 us=579243   dev = 'tun'
2023-12-08 16:21:57 us=579277   dev_type = '[UNDEF]'
2023-12-08 16:21:57 us=579326   dev_node = '[UNDEF]'
2023-12-08 16:21:57 us=579375   lladdr = '[UNDEF]'
2023-12-08 16:21:57 us=579474   topology = 1
2023-12-08 16:21:57 us=579508   ifconfig_local = '[UNDEF]'
2023-12-08 16:21:57 us=579552   ifconfig_remote_netmask = '[UNDEF]'
2023-12-08 16:21:57 us=579602   ifconfig_noexec = DISABLED
2023-12-08 16:21:57 us=579701   ifconfig_nowarn = DISABLED
2023-12-08 16:21:57 us=579748   ifconfig_ipv6_local = '[UNDEF]'
2023-12-08 16:21:57 us=579800   ifconfig_ipv6_netbits = 0
2023-12-08 16:21:57 us=579909   ifconfig_ipv6_remote = '[UNDEF]'
2023-12-08 16:21:57 us=579944   shaper = 0
2023-12-08 16:21:57 us=580009   mtu_test = 0
2023-12-08 16:21:57 us=580110   mlock = DISABLED
2023-12-08 16:21:57 us=580157   keepalive_ping = 0
2023-12-08 16:21:57 us=580254   keepalive_timeout = 0
2023-12-08 16:21:57 us=580305   inactivity_timeout = 0
2023-12-08 16:21:57 us=580415   session_timeout = 0
2023-12-08 16:21:57 us=580465   inactivity_minimum_bytes = 0
2023-12-08 16:21:57 us=580560   ping_send_timeout = 5
2023-12-08 16:21:57 us=580608   ping_rec_timeout = 30
2023-12-08 16:21:57 us=580635   ping_rec_timeout_action = 1
2023-12-08 16:21:57 us=580693   ping_timer_remote = DISABLED
2023-12-08 16:21:57 us=580791   remap_sigusr1 = 0
2023-12-08 16:21:57 us=580824   persist_tun = ENABLED
2023-12-08 16:21:57 us=580860   persist_local_ip = DISABLED
2023-12-08 16:21:57 us=580892   persist_remote_ip = DISABLED
2023-12-08 16:21:57 us=580919   persist_key = ENABLED
2023-12-08 16:21:57 us=580966   passtos = DISABLED
2023-12-08 16:21:57 us=581013   resolve_retry_seconds = 1000000000
2023-12-08 16:21:57 us=581066   resolve_in_advance = DISABLED
2023-12-08 16:21:57 us=581114   username = '[UNDEF]'
2023-12-08 16:21:57 us=581166   groupname = '[UNDEF]'
2023-12-08 16:21:57 us=581215   chroot_dir = '[UNDEF]'
2023-12-08 16:21:57 us=581267   cd_dir = '[UNDEF]'
2023-12-08 16:21:57 us=581315   writepid = '[UNDEF]'
2023-12-08 16:21:57 us=581413   up_script = '[UNDEF]'
2023-12-08 16:21:57 us=581461   down_script = '[UNDEF]'
2023-12-08 16:21:57 us=581557   down_pre = DISABLED
2023-12-08 16:21:57 us=581606   up_restart = DISABLED
2023-12-08 16:21:57 us=581703   up_delay = DISABLED
2023-12-08 16:21:57 us=581751   daemon = DISABLED
2023-12-08 16:21:57 us=581856   log = DISABLED
2023-12-08 16:21:57 us=581892   suppress_timestamps = DISABLED
2023-12-08 16:21:57 us=581957   machine_readable_output = DISABLED
2023-12-08 16:21:57 us=582056   nice = 0
2023-12-08 16:21:57 us=582090   verbosity = 7
2023-12-08 16:21:57 us=582125   mute = 0
2023-12-08 16:21:57 us=582174   gremlin = 0
2023-12-08 16:21:57 us=582224   status_file = '[UNDEF]'
2023-12-08 16:21:57 us=582321   status_file_version = 1
2023-12-08 16:21:57 us=582356   status_file_update_freq = 60
2023-12-08 16:21:57 us=582421   occ = ENABLED
2023-12-08 16:21:57 us=582510   rcvbuf = 0
2023-12-08 16:21:57 us=582551   sndbuf = 0
2023-12-08 16:21:57 us=582585   mark = 0
2023-12-08 16:21:57 us=582635   sockflags = 0
2023-12-08 16:21:57 us=582733   fast_io = DISABLED
2023-12-08 16:21:57 us=582780   comp.alg = 1
2023-12-08 16:21:57 us=582886   comp.flags = 24
2023-12-08 16:21:57 us=582975   route_script = '/helper/resume-after-connect'
2023-12-08 16:21:57 us=583016   route_default_gateway = '[UNDEF]'
2023-12-08 16:21:57 us=583055   route_default_metric = 1
2023-12-08 16:21:57 us=583106   route_noexec = DISABLED
2023-12-08 16:21:57 us=583154   route_delay = 0
2023-12-08 16:21:57 us=583249   route_delay_window = 30
2023-12-08 16:21:57 us=583283   route_delay_defined = DISABLED
2023-12-08 16:21:57 us=583333   route_nopull = DISABLED
2023-12-08 16:21:57 us=583383   route_gateway_via_dhcp = DISABLED
2023-12-08 16:21:57 us=583482   allow_pull_fqdn = DISABLED
2023-12-08 16:21:57 us=583532   Pull filters:
2023-12-08 16:21:57 us=583630     ignore "route-ipv6"
2023-12-08 16:21:57 us=583681     ignore "ifconfig-ipv6"
2023-12-08 16:21:57 us=583776     ignore "tun-ipv6"
2023-12-08 16:21:57 us=583811     ignore "redirect-gateway ipv6"
2023-12-08 16:21:57 us=583876     ignore "dhcp-option DNS6"
2023-12-08 16:21:57 us=583981   management_addr = '[UNDEF]'
2023-12-08 16:21:57 us=584018   management_port = '[UNDEF]'
2023-12-08 16:21:57 us=584032   management_user_pass = '[UNDEF]'
2023-12-08 16:21:57 us=584065   management_log_history_cache = 250
2023-12-08 16:21:57 us=584099   management_echo_buffer_size = 100
2023-12-08 16:21:57 us=584137   management_client_user = '[UNDEF]'
2023-12-08 16:21:57 us=584165   management_client_group = '[UNDEF]'
2023-12-08 16:21:57 us=584205   management_flags = 0
2023-12-08 16:21:57 us=584236   shared_secret_file = '[UNDEF]'
2023-12-08 16:21:57 us=584265   key_direction = not set
2023-12-08 16:21:57 us=584300   ciphername = 'AES-256-CBC'
2023-12-08 16:21:57 us=584331   ncp_ciphers = 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305'
2023-12-08 16:21:57 us=584363   authname = 'sha512'
2023-12-08 16:21:57 us=584397   engine = DISABLED
2023-12-08 16:21:57 us=584419   replay = ENABLED
2023-12-08 16:21:57 us=584434   mute_replay_warnings = DISABLED
2023-12-08 16:21:57 us=584448   replay_window = 64
2023-12-08 16:21:57 us=584462   replay_time = 15
2023-12-08 16:21:57 us=584499   packet_id_file = '[UNDEF]'
2023-12-08 16:21:57 us=584539   test_crypto = DISABLED
2023-12-08 16:21:57 us=584576   tls_server = DISABLED
2023-12-08 16:21:57 us=584615   tls_client = ENABLED
2023-12-08 16:21:57 us=584655   ca_file = '[INLINE]'
2023-12-08 16:21:57 us=584691   ca_path = '[UNDEF]'
2023-12-08 16:21:57 us=584725   dh_file = '[UNDEF]'
2023-12-08 16:21:57 us=584764   cert_file = '[UNDEF]'
2023-12-08 16:21:57 us=584801   extra_certs_file = '[UNDEF]'
2023-12-08 16:21:57 us=584840   priv_key_file = '[UNDEF]'
2023-12-08 16:21:57 us=584882   pkcs12_file = '[UNDEF]'
2023-12-08 16:21:57 us=584918   cipher_list = '[UNDEF]'
2023-12-08 16:21:57 us=584952   cipher_list_tls13 = '[UNDEF]'
2023-12-08 16:21:57 us=584992   tls_cert_profile = '[UNDEF]'
2023-12-08 16:21:57 us=585028   tls_verify = '[UNDEF]'
2023-12-08 16:21:57 us=585067   tls_export_cert = '[UNDEF]'
2023-12-08 16:21:57 us=585098   verify_x509_type = 0
2023-12-08 16:21:57 us=585125   verify_x509_name = '[UNDEF]'
2023-12-08 16:21:57 us=585167   crl_file = '[UNDEF]'
2023-12-08 16:21:57 us=585206   ns_cert_type = 0
2023-12-08 16:21:57 us=585241   remote_cert_ku[i] = 65535
2023-12-08 16:21:57 us=585281   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585320   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585350   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585387   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585418   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585447   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585475   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585520   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585549   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585589   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585622   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585649   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585689   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585720   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585747   remote_cert_ku[i] = 0
2023-12-08 16:21:57 us=585776   remote_cert_eku = 'TLS Web Server Authentication'
2023-12-08 16:21:57 us=585821   ssl_flags = 192
2023-12-08 16:21:57 us=585864   tls_timeout = 2
2023-12-08 16:21:57 us=585897   renegotiate_bytes = -1
2023-12-08 16:21:57 us=585924   renegotiate_packets = 0
2023-12-08 16:21:57 us=585964   renegotiate_seconds = 0
2023-12-08 16:21:57 us=585995   handshake_window = 60
2023-12-08 16:21:57 us=586024   transition_window = 3600
2023-12-08 16:21:57 us=586067   single_session = DISABLED
2023-12-08 16:21:57 us=586100   push_peer_info = DISABLED
2023-12-08 16:21:57 us=586127   tls_exit = DISABLED
2023-12-08 16:21:57 us=586154   tls_crypt_v2_metadata = '[UNDEF]'
2023-12-08 16:21:57 us=586192   server_network = 0.0.0.0
2023-12-08 16:21:57 us=586221   server_netmask = 0.0.0.0
2023-12-08 16:21:57 us=586258   server_network_ipv6 = ::
2023-12-08 16:21:57 us=586288   server_netbits_ipv6 = 0
2023-12-08 16:21:57 us=586317   server_bridge_ip = 0.0.0.0
2023-12-08 16:21:57 us=586353   server_bridge_netmask = 0.0.0.0
2023-12-08 16:21:57 us=586392   server_bridge_pool_start = 0.0.0.0
2023-12-08 16:21:57 us=586431   server_bridge_pool_end = 0.0.0.0
2023-12-08 16:21:57 us=586464   ifconfig_pool_defined = DISABLED
2023-12-08 16:21:57 us=586500   ifconfig_pool_start = 0.0.0.0
2023-12-08 16:21:57 us=586529   ifconfig_pool_end = 0.0.0.0
2023-12-08 16:21:57 us=586567   ifconfig_pool_netmask = 0.0.0.0
2023-12-08 16:21:57 us=586600   ifconfig_pool_persist_filename = '[UNDEF]'
2023-12-08 16:21:57 us=586636   ifconfig_pool_persist_refresh_freq = 600
2023-12-08 16:21:57 us=586671   ifconfig_ipv6_pool_defined = DISABLED
2023-12-08 16:21:57 us=586713   ifconfig_ipv6_pool_base = ::
2023-12-08 16:21:57 us=586742   ifconfig_ipv6_pool_netbits = 0
2023-12-08 16:21:57 us=586783   n_bcast_buf = 256
2023-12-08 16:21:57 us=586815   tcp_queue_limit = 64
2023-12-08 16:21:57 us=586854   real_hash_size = 256
2023-12-08 16:21:57 us=586891   virtual_hash_size = 256
2023-12-08 16:21:57 us=586918   client_connect_script = '[UNDEF]'
2023-12-08 16:21:57 us=586947   learn_address_script = '[UNDEF]'
2023-12-08 16:21:57 us=586985   client_disconnect_script = '[UNDEF]'
2023-12-08 16:21:57 us=587020   client_crresponse_script = '[UNDEF]'
2023-12-08 16:21:57 us=587056   client_config_dir = '[UNDEF]'
2023-12-08 16:21:57 us=587095   ccd_exclusive = DISABLED
2023-12-08 16:21:57 us=587123   tmp_dir = '/tmp'
2023-12-08 16:21:57 us=587165   push_ifconfig_defined = DISABLED
2023-12-08 16:21:57 us=587211   push_ifconfig_local = 0.0.0.0
2023-12-08 16:21:57 us=587247   push_ifconfig_remote_netmask = 0.0.0.0
2023-12-08 16:21:57 us=587280   push_ifconfig_ipv6_defined = DISABLED
2023-12-08 16:21:57 us=587319   push_ifconfig_ipv6_local = ::/0
2023-12-08 16:21:57 us=587355   push_ifconfig_ipv6_remote = ::
2023-12-08 16:21:57 us=587391   enable_c2c = DISABLED
2023-12-08 16:21:57 us=587424   duplicate_cn = DISABLED
2023-12-08 16:21:57 us=587474   cf_max = 0
2023-12-08 16:21:57 us=587502   cf_per = 0
2023-12-08 16:21:57 us=587542   cf_initial_max = 100
2023-12-08 16:21:57 us=587570   cf_initial_per = 10
2023-12-08 16:21:57 us=587611   max_clients = 1024
2023-12-08 16:21:57 us=587654   max_routes_per_client = 256
2023-12-08 16:21:57 us=587690   auth_user_pass_verify_script = '[UNDEF]'
2023-12-08 16:21:57 us=587723   auth_user_pass_verify_script_via_file = DISABLED
2023-12-08 16:21:57 us=587751   auth_token_generate = DISABLED
2023-12-08 16:21:57 us=587792   auth_token_lifetime = 0
2023-12-08 16:21:57 us=587850   auth_token_secret_file = '[UNDEF]'
2023-12-08 16:21:57 us=587902   port_share_host = '[UNDEF]'
2023-12-08 16:21:57 us=587937   port_share_port = '[UNDEF]'
2023-12-08 16:21:57 us=587995   vlan_tagging = DISABLED
2023-12-08 16:21:57 us=588030   vlan_accept = all
2023-12-08 16:21:57 us=588086   vlan_pvid = 1
2023-12-08 16:21:57 us=588121   client = ENABLED
2023-12-08 16:21:57 us=588175   pull = ENABLED
2023-12-08 16:21:57 us=588212   auth_user_pass_file = '/config/openvpn/vpn_unlimited_credentials.conf'
2023-12-08 16:21:57 us=588268 OpenVPN 2.6.5 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-12-08 16:21:57 us=588320 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2023-12-08 16:21:57 us=590288 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-12-08 16:21:57 us=592420 MTU: adding 426 buffer tailroom for compression for 1768 bytes of payload
2023-12-08 16:21:57 us=592446 PID packet_id_init seq_backtrack=64 time_backtrack=15
2023-12-08 16:21:57 us=592506 PID packet_id_init seq_backtrack=64 time_backtrack=15
2023-12-08 16:21:57 us=592527 PID packet_id_init seq_backtrack=64 time_backtrack=15
2023-12-08 16:21:57 us=592581 PID packet_id_init seq_backtrack=64 time_backtrack=15
2023-12-08 16:21:57 us=592603 Control Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1250 tun_max_mtu:0 headroom:126 payload:1600 tailroom:126 ET:0 ]
2023-12-08 16:21:57 us=592631 GETADDRINFO flags=0x0901 ai_family=0 ai_socktype=2
2023-12-08 16:21:57 us=603260 RESOLVE_REMOTE flags=0x0901 phase=1 rrs=0 sig=-1 status=0
2023-12-08 16:21:57 us=603417 Data Channel MTU parms [ mss_fix:0 max_frag:0 tun_mtu:1500 tun_max_mtu:1600 headroom:136 payload:1768 tailroom:562 ET:0 ]
2023-12-08 16:21:57 us=603513 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,auth SHA512,keysize 256,key-method 2,tls-client'
2023-12-08 16:21:57 us=603540 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,auth SHA512,keysize 256,key-method 2,tls-server'
2023-12-08 16:21:57 us=603563 TCP/UDP: Preserving recently used remote address: [AF_INET]199.247.27.95:1194
2023-12-08 16:21:57 us=603585 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-12-08 16:21:57 us=603610 UDPv4 link local: (not bound)
2023-12-08 16:21:57 us=603627 UDPv4 link remote: [AF_INET]199.247.27.95:1194
2023-12-08 16:21:57 us=603654 SENT PING
2023-12-08 16:21:57 us=604071 UDPv4 WRITE [14] to [AF_INET]199.247.27.95:1194: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 [ ] pid=0 DATA len=0
2023-12-08 16:21:57 us=609085 UDPv4 READ [26] from [AF_INET]199.247.27.95:1194: P_CONTROL_HARD_RESET_SERVER_V2 kid=0 [ 0 ] pid=0 DATA len=0
2023-12-08 16:21:57 us=609130 TLS: Initial packet from [AF_INET]199.247.27.95:1194, sid=55c4d9fe cc1cd34a
2023-12-08 16:21:57 us=609253 UDPv4 WRITE [303] to [AF_INET]199.247.27.95:1194: P_CONTROL_V1 kid=0 [ 0 ] pid=1 DATA len=277
2023-12-08 16:21:57 us=630314 UDPv4 READ [1222] from [AF_INET]199.247.27.95:1194: P_CONTROL_V1 kid=0 [ 1 ] pid=1 DATA len=1196
2023-12-08 16:21:57 us=631021 UDPv4 WRITE [26] to [AF_INET]199.247.27.95:1194: P_ACK_V1 kid=0 [ 1 0 ] DATA len=0
2023-12-08 16:21:57 us=631115 UDPv4 READ [1222] from [AF_INET]199.247.27.95:1194: P_CONTROL_V1 kid=0 [ 1 ] pid=2 DATA len=1196
2023-12-08 16:21:57 us=631183 UDPv4 WRITE [30] to [AF_INET]199.247.27.95:1194: P_ACK_V1 kid=0 [ 2 1 0 ] DATA len=0
2023-12-08 16:21:57 us=631255 UDPv4 READ [1222] from [AF_INET]199.247.27.95:1194: P_CONTROL_V1 kid=0 [ 1 ] pid=3 DATA len=1196
2023-12-08 16:21:57 us=632227 VERIFY OK: depth=1, C=US, ST=NY, L=New York, O=Simplex Solutions Inc., OU=Vpn Unlimited, CN=server.vpnunlimitedapp.com, name=server.vpnunlimitedapp.com, emailAddress=support@simplexsolutionsinc.com
2023-12-08 16:21:57 us=632479 VERIFY KU OK
2023-12-08 16:21:57 us=632508 Validating certificate extended key usage
2023-12-08 16:21:57 us=632531 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-12-08 16:21:57 us=632544 VERIFY EKU OK
2023-12-08 16:21:57 us=632557 VERIFY OK: depth=0, CN=openvpn2.vpnunlimitedapp.com
2023-12-08 16:21:57 us=632633 UDPv4 WRITE [34] to [AF_INET]199.247.27.95:1194: P_ACK_V1 kid=0 [ 3 2 1 0 ] DATA len=0
2023-12-08 16:21:57 us=632704 UDPv4 READ [207] from [AF_INET]199.247.27.95:1194: P_CONTROL_V1 kid=0 [ 1 ] pid=4 DATA len=181
2023-12-08 16:21:57 us=633391 UDPv4 WRITE [630] to [AF_INET]199.247.27.95:1194: P_CONTROL_V1 kid=0 [ 4 3 2 1 ] pid=2 DATA len=592
2023-12-08 16:22:00 us=140947 UDPv4 WRITE [630] to [AF_INET]199.247.27.95:1194: P_CONTROL_V1 kid=0 [ 4 3 2 1 ] pid=2 DATA len=592
2023-12-08 16:22:00 us=145584 UDPv4 READ [22] from [AF_INET]199.247.27.95:1194: P_ACK_V1 kid=0 [ 2 ] DATA len=0
2023-12-08 16:22:05 us=162463 SENT PING
2023-12-08 16:22:11 us=137912 SENT PING
2023-12-08 16:22:16 us=917921 SENT PING
2023-12-08 16:22:21 us=685918 SENT PING
2023-12-08 16:22:26 us=501923 SENT PING
2023-12-08 16:22:30 us=919881 [UNDEF] Inactivity timeout (--ping-exit), exiting
2023-12-08 16:22:30 us=920566 PID packet_id_free
2023-12-08 16:22:30 us=920756 PID packet_id_free
2023-12-08 16:22:30 us=920909 PID packet_id_free
2023-12-08 16:22:30 us=921091 PID packet_id_free
2023-12-08 16:22:30 us=921307 PID packet_id_free
2023-12-08 16:22:30 us=921431 PID packet_id_free
2023-12-08 16:22:30 us=922075 PID packet_id_free
2023-12-08 16:22:30 us=922209 PID packet_id_free
2023-12-08 16:22:30 us=922391 TCP/UDP: Closing socket
2023-12-08 16:22:30 us=922527 PID packet_id_free
2023-12-08 16:22:30 us=922646 SIGTERM[soft,ping-exit] received, process exiting
--------------------
2023-12-08 16:22:30 [ERROR] Failed to start OpenVPN
[cont-init.d] 02-vpn.sh: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
Trigus42 commented 9 months ago

It seems like a server problem to me. Can you try your config file with another OpenVPN container?

For example:

version: '3.4'

services:
  vpn:
    image: dperson/openvpn-client
    cap_add:
      - net_admin
    #security_opt:
    #  - label:disable
    volumes:
    #  - /dev/net:/dev/net:z
      - ./config/openvpn:/vpn

For this image you have to rename your config file to vpn.conf, your credentials file to credentials.txt and add the line auth-user-pass credentials.txt to your OpenVPN config.

If it doesn't work try to uncomment one or both of the commented lines.

poudenes commented 9 months ago

I did a test with my other VPN provider Privado and this is working without any issues. So I guess VPN unlimited have a different way of working. I will contact them to see what this can be. I'll keep this open. If I have a solution I'll post it here.

EDIT: Tried it also with a VPN that use cert files. Also working correct. (JFYI)

poudenes commented 9 months ago

Removed my slots and recreate a new OVPN file. Now everything is working again correct on VPN unlimited.