Open matiasAS opened 3 months ago
Could you please add a change-type (see https://github.com/balena-io/open-balena/pull/270/commits/52d0eb6c4d3fe244ca231ffe9507586145376f02)
I've added the Change-type: minor
to the commit message as requested. The changes are now ready for review. Thank you!
We don't support merged commits in the CI workflow, see here. Can you please squash your work down to a single commit, annotated with the change-type
property, rebase on master and re-push..
I've squashed the commits into a single commit and added Change-type: minor
. The branch has also been rebased on master. The changes are now ready for review.
Sorry for the inconvenience, this is the first time I collaborate on an opensource project.
Thank you!
Fails tests due to commit being out of tree, need to think about how to solve this for external contributors..
+ sudo -u balena git config --global --add safe.directory /home/balena/open-balena
+ cd /home/balena/open-balena
+ sudo -u balena git checkout 2d6c85804ce7d707a10d858dad817e259c071383
fatal: reference is not a tree: 2d6c85804ce7d707a10d858dad817e259c071383
With the help of chat gpt, I have updated the fork: 1)git remote add upstream https://github.com/balena-io/open-balena.git 2)git fetch upstream 3)git rebase upstream/master 4)git push -f origin configurable-vpn-port-api
Will that be enough?
Website deployed to CF Pages, 👀 preview link https://f4d61b54.open-balena.pages.dev
Description This pull request modifies the docker-compose.yml file to allow the VPN port of the api service to be configurable via an environment variable (VPN_PORT). If the environment variable is not set, the default value 443 will be used.
Reason
Hetzner server Proxmox pfSense for networking Nginx Proxy Manager as a reverse proxy for services Cloudflare in front I encountered the following error on devices connecting to the VPN:
Jun 30 04:05:08 a179fab openvpn[6532]: 2024-06-30 04:05:08 WARNING: Bad encapsulated packet length from peer (18516), which must be > 0 and <= 1627 -- please ensure that --tun-mtu or --link-mtu is equal on both peers -- this condition could also indicate a possible active attack on the TCP link -- [Attempting restart...]
An alternative solution to getting a new dedicated public IP for the virtual machine hosting OpenBalena was to change the VPN port to 4443, and then set up port forwarding from the public IP of pfSense to port 443 of the virtual machine.
From my research, the error was due to using pfSense and/or Nginx Proxy Manager along with Cloudflare, causing OpenVPN to "confuse" it with an HTTPS connection.
I want this change to avoid modifying the docker-compose.yml file directly and to prevent errors when updating with git pull due to file modifications.
The ideal and correct solution might be to use a dedicated IP, but I also did this to save money, even if it's a little less than 2 euros; it's still worth it, right?
Best regards, Matias Alvarez Sabate