search

binhex / arch-qbittorrentvpn

Docker build script for Arch Linux base with qBittorrent, Privoxy and OpenVPN
GNU General Public License v3.0
458 stars 48 forks source link

Unable to successfully download PIA json to generate token from URL #179

Closed jbil2040 closed 1 year ago

jbil2040 commented 1 year ago

I'm using PIA with protocol OpenVPN. I'm trying to spin up the VPN with portforwarding, but it always fails due to the following error:

2023-05-17 03:30:14,963 DEBG 'start-script' stdout output:
[warn] Unable to successfully download PIA json to generate token from URL 'https://www.privateinternetaccess.com/gtoken/generateToken'
[info] 12 retries left
[info] Retrying in 10 secs...

I've seen this particular error in multiple issues on this repo, but none of the suggested fixes that I've found have worked.

Here's my docker compose (some info has been obfuscated):

services:
    arch-qbittorrentvpn:
        ports:
            - '6881:6881'
            - '6881:6881/udp'
            - '8090:8090'
        container_name: qbittorrentvpn
        volumes:
            - '/path:/config'
            - '/path:/downloads'
        environment:
            - VPN_ENABLED=yes
            - VPN_PROV=pia
            - VPN_CLIENT=openvpn
            - STRICT_PORT_FORWARD=yes
            - ENABLE_PRIVOXY=no
            - LAN_NETWORK=192.168.1.0/24
            - NAME_SERVERS=10.0.0.242,10.0.0.243
            - DEBUG=false
            - WEBUI_PORT=8090
            - PUID=1000
            - PGID=1000
        cap_add:
            - net_admin
        image: binhex/arch-qbittorrentvpn
        restart: always

Current OVPN config (credentials removed):

client
dev tun
proto udp
remote au-sydney.privacy.network 1198
resolv-retry infinite
nobind
persist-key
keepalive 10 60
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
compress
verb 1

Things I've tried:

Neither of these have worked.

I'm unable to try wireguard protocol due to wireguard bug on QNAP systems.

jbil2040 commented 1 year ago

I worked this out. The issue is that I was providing credentials to OpenVPN using the following line in the configuration file:

auth-user-pass credentials.txt

My assumption is that the container is authenticating the request sent to https://www.privateinternetaccess.com/gtoken/generateToken using environment variables VPN_USER and VPN_PASS.

Because I was not providing those variables (instead providing them in the OVPN configuration), I'm assuming the generate token request is sent unauthenticated and hence fails.

Specifying VPN_USER and VPN_PASS variables in my compose file resolved the issue.