search

Trigus42 / alpine-qbittorrentvpn

Multiarch docker image with the latest qBittorrent-nox client (WEB UI) and WireGuard/OpenVPN tunnel
GNU General Public License v3.0
73 stars 14 forks source link

webui can no longer be reached after qbt4.6.2-20240105 #60

Closed sysbite closed 7 months ago

sysbite commented 7 months ago

Using a image later then qbt4.6.2-20240105 results in the webui no longer be reachable, I couldn't find anything standing out in the log below, maybe the ping to eth0:

--------------------
2024-02-28 10:13:56 [DEBUG] Route: 1.1.1.1 dev RA table 51820 src 10.10.10.4 uid 0 
2024-02-28 10:13:56 [DEBUG] Ping to 1.1.1.1 succeeded
2024-02-28 10:13:57 [DEBUG] Ping to <vpniphere> via eth0 failed
[cont-init.d] 30-network.sh: exited 0.
[cont-init.d] 40-qbittorrent-setup.sh: executing... 
2024-02-28 10:13:57 [WARNING] ENABLE_SSL is set to , SSL is not enabled. This could cause issues with logging if other apps use the same Cookie name (SID).
2024-02-28 10:13:57 [WARNING] If you manage the SSL config yourself, you can ignore this.
2024-02-28 10:13:57 [WARNING] UMASK not defined (via -e UMASK), defaulting to '002'
2024-02-28 10:13:57 [INFO] BIND_INTERFACE defined as yes. Setting qBt interface to RA
grep: warning: stray \ before I
grep: warning: stray \ before I
[cont-init.d] 40-qbittorrent-setup.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
2024-02-28 10:13:57 [INFO] Logging to /config/qBittorrent/data/logs/qbittorrent.log.
[services.d] done.
2024-02-28 10:13:57 [INFO] Trying to ping 1.1.1.1 and 8.8.8.8 over the docker interface for 1 second...
2024-02-28 10:13:59 [INFO] Success: Could not connect. This means the firewall is most likely working properly.
2024-02-28 10:13:59 [INFO] qBittorrent started with PID 598

I am using this docker compose, nothing was changed between latest and qbt4.6.2-20240105

  qbittorrent:
    image: trigus42/qbittorrentvpn
    networks:
      - some_network
    dns:
      - 172.20.0.201
    container_name: qbittorrent
    environment:
      - DEBUG=yes
      - VPN_ENABLED=yes
      - VPN_TYPE=wireguard
      - PUID=1000
      - PGID=1000
      - WEBUI_PORT=8080
      - LAN_NETWORK=192.168.1.0/24,10.10.10.0/24
      - ADDITIONAL_PORTS=55016
    volumes:
      - <config mounts>
      - <data mounts>
    labels:
      - traefik.enable=true
      - traefik.http.routers.qbittorrent.tls=true
      - traefik.http.routers.qbittorrent.rule=Host(`<somehostname>`)
      - traefik.http.routers.qbittorrent.entrypoints=websecure
      - traefik.http.services.qbittorrent.loadbalancer.server.port=8080
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv6.conf.all.disable_ipv6=1
    ports:
      - 55016:55016
      - 55016:55016/udp
    restart: unless-stopped
Trigus42 commented 7 months ago

Do you have the traefik network in the LAN_NETWORK env var? The variable is no longer needed and is translated to WEBUI_ALLOWED_NETWORKS until support is removed entirely. This means that networks not included there are not allowed to access the firewall if the variable is defined.

sysbite commented 7 months ago

Indeed, thanks for the prompt reply. Removing - LAN_NETWORK=192.168.1.0/24,10.10.10.0/24 resolved this. latest is now working fine.