[ERROR] Network is down. Exiting..

tiritibambix commented 2 years ago

Hello !

So I have installed qbittorentvpn through a simple stack in portainer.

---
version: "3"
services:
  qbittorrentvpn:
    image: trigus42/qbittorrentvpn
    container_name: qbittorrentvpn
    privileged: true   
    environment:
      - VPN_USERNAME=myvpnusername
      - VPN_PASSWORD=myvpnpassword
      - PUID=998 #optional
      - PGID=100 #optional
      - WEBUI_PORT_ENV=8991 #optional
      - INCOMING_PORT_ENV=8999 #optional
      - VPN_ENABLED=yes
      - LAN_NETWORK=192.168.1.0/24
      - NAME_SERVERS=8.8.8.8,8.8.4.4
    ports:
      - 8991:8080
      - 8999:8999
      - 8999:8999/udp
    volumes:
      - /srv/dev-disk-by-uuid-e782a243-3842-48b2-8144-c7e79db17f49/Files/QBittorentVPN/config:/config
      - /srv/dev-disk-by-uuid-e782a243-3842-48b2-8144-c7e79db17f49/Files/QBittorentVPN/downloads:/downloads
    restart: unless-stopped

I changed default WEBUI_PORT_ENV to 8991 as 8080 is already in use on my system.

I downloaded the .conf file from my vpn provider and renamed it wg0.conf and placed it in /srv/.../Files/QBittorentVPN/config/wireguard/

I get this log :

[#] ip link set mtu 1420 up dev wg0,
[#] resolvconf -a wg0 -m 0 -x,
[#] wg set wg0 fwmark 51820,
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820,
[#] ip -4 rule add not fwmark 51820 table 51820,
[#] ip -4 rule add table main suppress_prefixlength 0,
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1,
[#] iptables-restore -n,
--------------------,
[cont-init.d] 02-vpn: exited 0.,
[cont-init.d] 03-network: executing... ,
2021-10-19 15:22:13 [INFO] Docker network defined as 192.168.16.0/20,
2021-10-19 15:22:13 [INFO] Adding 192.168.1.0/24 as route via docker eth0,
[cont-init.d] 03-network: exited 0.,
[cont-init.d] 04-qbittorrent-setup: executing... ,
2021-10-19 15:22:13 [WARNING] ENABLE_SSL is set to , SSL is not enabled. This could cause issues with logging if other apps use the same Cookie name (SID).,
2021-10-19 15:22:13 [WARNING] If you manage the SSL config yourself, you can ignore this.,
2021-10-19 15:22:13 [WARNING] UMASK not defined (via -e UMASK), defaulting to '002',
[cont-init.d] 04-qbittorrent-setup: exited 0.,
[cont-init.d] 05-install: executing... ,
[cont-init.d] 05-install: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
2021-10-19 15:22:13 [INFO] Logging to /config/qBittorrent/data/logs/qbittorrent.log.,
[services.d] done.,
2021-10-19 15:22:13 [INFO] Trying to ping 1.1.1.1 and 8.8.8.8 over the docker interface for 500ms each...,
Terminated,
Terminated,
2021-10-19 15:22:15 [INFO] Success: Could not connect. This means the firewall is most likely working properly.,
2021-10-19 15:22:16 [INFO] qBittorrent started with PID 491,
2021-10-19 15:22:16 [INFO] HEALTH_CHECK_HOST is not set. Using default host one.one.one.one,
2021-10-19 15:22:16 [INFO] HEALTH_CHECK_INTERVAL is not set. Using default interval of 5s,
2021-10-19 15:22:41 [ERROR] Network is down. Exiting..,
[cont-finish.d] executing container finish scripts...,
[cont-finish.d] done.,
[s6-finish] waiting for services.,
[s6-finish] sending all processes the TERM signal.,
[s6-finish] sending all processes the KILL signal and exiting.,
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.,
[s6-init] ensuring user provided files have correct perms...exited 0.,
[fix-attrs.d] applying ownership & permissions fixes...,
[fix-attrs.d] done.,
[cont-init.d] executing container initialization scripts...,
[cont-init.d] 01-environment: executing... ,
2021-10-19 15:22:51 [INFO] LAN_NETWORK defined as '192.168.1.0/24',
2021-10-19 15:22:51 [INFO] PUID defined as 998,
2021-10-19 15:22:51 [INFO] PGID defined as 100,
2021-10-19 15:22:51 [INFO] An user with PUID 998 already exists in /etc/passwd, nothing to do.,
2021-10-19 15:22:51 [INFO] VPN_ENABLED defined as 'yes',
2021-10-19 15:22:51 [WARNING] VPN_TYPE not set, defaulting to Wireguard.,
2021-10-19 15:22:51 [INFO] NAME_SERVERS defined as '8.8.8.8,8.8.4.4',
2021-10-19 15:22:51 [INFO] Adding 8.8.8.8 to resolv.conf,
2021-10-19 15:22:51 [INFO] Adding 8.8.4.4 to resolv.conf,
[cont-init.d] 01-environment: exited 0.,
[cont-init.d] 02-vpn: executing... ,
2021-10-19 15:22:51 [INFO] WireGuard config file is found at /config/wireguard/wg0.conf,
dos2unix: converting file /config/wireguard/wg0.conf to Unix format...,
2021-10-19 15:22:51 [INFO] VPN remote line defined as '185.144.83.11:51820',
2021-10-19 15:22:51 [INFO] VPN_REMOTE defined as '185.144.83.11',
2021-10-19 15:22:51 [INFO] VPN_PORT defined as '51820',
2021-10-19 15:22:51 [INFO] VPN_PROTOCOL set as 'udp', since WireGuard is always udp.,
2021-10-19 15:22:51 [INFO] VPN_DEVICE_TYPE set as 'wg0', since WireGuard will always be wg0.,
2021-10-19 15:22:51 [INFO] Starting WireGuard...,
--------------------,
Warning: `/config/wireguard/wg0.conf' is world accessible,
[#] ip link add wg0 type wireguard,
[#] wg setconf wg0 /dev/fd/63,
[#] ip -4 address add 10.100.0.173/32 dev wg0,
[#] ip link set mtu 1420 up dev wg0,
[#] resolvconf -a wg0 -m 0 -x,
[#] wg set wg0 fwmark 51820,
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820,
[#] ip -4 rule add not fwmark 51820 table 51820,
[#] ip -4 rule add table main suppress_prefixlength 0,
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1,
[#] iptables-restore -n,
--------------------,
[cont-init.d] 02-vpn: exited 0.,
[cont-init.d] 03-network: executing... ,
2021-10-19 15:22:52 [INFO] Docker network defined as 192.168.16.0/20,
2021-10-19 15:22:52 [INFO] Adding 192.168.1.0/24 as route via docker eth0,
[cont-init.d] 03-network: exited 0.,
[cont-init.d] 04-qbittorrent-setup: executing... ,
2021-10-19 15:22:52 [WARNING] ENABLE_SSL is set to , SSL is not enabled. This could cause issues with logging if other apps use the same Cookie name (SID).,
2021-10-19 15:22:52 [WARNING] If you manage the SSL config yourself, you can ignore this.,
2021-10-19 15:22:52 [WARNING] UMASK not defined (via -e UMASK), defaulting to '002',
[cont-init.d] 04-qbittorrent-setup: exited 0.,
[cont-init.d] 05-install: executing... ,
[cont-init.d] 05-install: exited 0.,
[cont-init.d] done.,
[services.d] starting services,
2021-10-19 15:22:52 [INFO] Logging to /config/qBittorrent/data/logs/qbittorrent.log.,
[services.d] done.,
2021-10-19 15:22:52 [INFO] Trying to ping 1.1.1.1 and 8.8.8.8 over the docker interface for 500ms each...,
Terminated,
Terminated,
2021-10-19 15:22:54 [INFO] Success: Could not connect. This means the firewall is most likely working properly.,
2021-10-19 15:22:54 [INFO] qBittorrent started with PID 492,
2021-10-19 15:22:54 [INFO] HEALTH_CHECK_HOST is not set. Using default host one.one.one.one,
2021-10-19 15:22:54 [INFO] HEALTH_CHECK_INTERVAL is not set. Using default interval of 5s

I can't access webui.

What am I doing wrong ?

tiritibambix commented 2 years ago

Ok, so. So far, I have tried this :

Change ports on both sides (e.g. 8991:8991)
Change port in qBittorrent.conf from 8080 to match my port 8991
Add WebUI\HostHeaderValidation=false to qBittorrent.conf
Remove the "_ENV" in the variables (WEBUI_PORT and INCOMING_PORT) as it seems to work for some people. My ports are open on my router.

I'm clueless !

tiritibambix commented 2 years ago

So I tried something, because why not.

I created a proxy host in nginx proxy manager pointing to my container. I CAN ACCESS THE UI, but can't do anything : "qBittorrent client is not reachable"

Trigus42 commented 2 years ago

There are some things wrong with your compose file:

version: "3"
services:
  qbittorrentvpn:
    image: trigus42/qbittorrentvpn
    container_name: qbittorrentvpn
    privileged: true   
    environment:
      ## Not needed when using Wireguard
      # - VPN_USERNAME=myvpnusername
      # - VPN_PASSWORD=myvpnpassword
      - PUID=998 #optional
      - PGID=100 #optional
      ## This environment variable doesn't exist
      # - WEBUI_PORT_ENV=8991 #optional
      ## This neither
      # - INCOMING_PORT_ENV=8999 #optional
      - VPN_ENABLED=yes
      - LAN_NETWORK=192.168.1.0/24
      - NAME_SERVERS=8.8.8.8,8.8.4.4
    ports:
      ## As you mentioned you need to set WebUI\HostHeaderValidation=false in the qBittorrent.conf but then this is perfectly fine
      - 8991:8080
      ## You probably don't want to be directly connectable (circumventing the VPN)
      ## If you want to be connectable, you have to use a VPN that allows port forwarding (you don't have to connectable for most things, except if you use private trackers)
      ## This didn't do much anyway cause you didn't allow the ports in the firewall using ADDITIONAL_PORTS
      # - 8999:8999
      # - 8999:8999/udp
    volumes:
      - /srv/dev-disk-by-uuid-e782a243-3842-48b2-8144-c7e79db17f49/Files/QBittorentVPN/config:/config
      - /srv/dev-disk-by-uuid-e782a243-3842-48b2-8144-c7e79db17f49/Files/QBittorentVPN/downloads:/downloads
    restart: unless-stopped

However, this all shouldn't cause your problem. The only thing I can think of rn that could cause it is, that you set the LAN_NETWORK env variable wrong. Please check that again.
Maybe the client you are trying to access the WebUI with is on another network? If it still doesn't work, you can try to set SET_FWMARK=yes.

Change port in qBittorrent.conf from 8080 to match my port 8991

This won't work cause the firewall only allows port 8080

You can find all environment variables you can use here: https://github.com/Trigus42/alpine-qbittorrentvpn#environment-variables

Sorry I took so long to reply. I was (and still am) quite busy.

EDIT:
Maybe the default HEALTH_CHECK_HOST one.one.one.one is not reachable for some reason or your DNS resolution is not working properly. Maybe try out another one like 8.8.8.8.

tiritibambix commented 2 years ago

Thank you so much for your answer. I tried your compose file and ... it works.

I am ashamed to admit that it is a (still unidentified) problem with my browser (vivaldi). I tried brave and it works \o/

Thank you so much for your time. Take care.

Trigus42 / alpine-qbittorrentvpn

[ERROR] Network is down. Exiting.. #8