search

binhex / arch-qbittorrentvpn

Docker build script for Arch Linux base with qBittorrent, Privoxy and OpenVPN
GNU General Public License v3.0
397 stars 46 forks source link

Container suddenly stopped working... #210

Closed MYeager1967 closed 6 months ago

MYeager1967 commented 7 months ago

Everything was working fine this morning and then it suddenly stopped. Log keeps repeating the following...

2023-11-30 17:13:15,164 DEBG 'start-script' stdout output:
2023-11-30 17:13:15 UDPv4 link remote: [AF_INET]194.5.49.74:1195
2023-11-30 17:14:15,595 DEBG 'start-script' stdout output:
2023-11-30 17:14:15 [UNDEF] Inactivity timeout (--ping-restart), restarting
2023-11-30 17:14:15,596 DEBG 'start-script' stdout output:
2023-11-30 17:14:15 SIGHUP[soft,ping-restart] received, process restarting
2023-11-30 17:14:15,596 DEBG 'start-script' stdout output:
2023-11-30 17:14:15 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 
2023-11-30 17:14:15 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-11-30 17:14:15,596 DEBG 'start-script' stdout output:
2023-11-30 17:14:15 WARNING: file 'credentials.conf' is group or others accessible
2023-11-30 17:14:15 OpenVPN 2.6.8 [git:makepkg/3b0d9489cc423da3+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Nov 17 2023
2023-11-30 17:14:15 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2023-11-30 17:14:15 DCO version: N/A
2023-11-30 17:14:15 Restart pause, 1 second(s)
2023-11-30 17:14:16,596 DEBG 'start-script' stdout output:
2023-11-30 17:14:16 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
2023-11-30 17:14:16 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-11-30 17:14:16,599 DEBG 'start-script' stdout output:
2023-11-30 17:14:16 TCP/UDP: Preserving recently used remote address: [AF_INET]194.5.49.74:1195
2023-11-30 17:14:16 Socket Buffers: R=[212992->425984] S=[212992->425984]
2023-11-30 17:14:16 UDPv4 link local: (not bound)
2023-11-30 17:14:16 UDPv4 link remote: [AF_INET]194.5.49.74:1195

It was working, so I don't think it's a container problem, but I'm stumped...

MYeager1967 commented 7 months ago

Someone was kind enough to point out that my conf file permissions aren't what they'd have them, and I appreciate it, but it's not helpful. The issue resolved itself though.....

binhex commented 6 months ago

VPN provider endpoint most probably went down, next time try switching to another endpoint

MYeager1967 commented 6 months ago

That's what I figured when it resolved itself. Would be nice if I could list several endpoints and have it round-robin them, but it's probably not a frequent enough issue to be worth the code changes...

maxfield-allison commented 6 months ago

Someone was kind enough to point out that my conf file permissions aren't what they'd have them, and I appreciate it, but it's not helpful. The issue resolved itself though.....

that was me and i deleted because i misread accessible as innaccessible

MYeager1967 commented 6 months ago

It's all good. I'll probably nail it down one of these days when I have time but as of now it's behind a pretty tight firewall and inaccessible from anyone that doesn't have access to the machine.

binhex commented 6 months ago

Would be nice if I could list several endpoints and have it round-robin them, but it's probably not a frequent enough issue to be worth the code changes...

it does this for openvpn as it supports it, wireguard sadly does not support multiple endpoints.

MYeager1967 commented 6 months ago

Seriously? How do I set it up to do it? I didn't see any reference to using multiple endpoints. I'm using OpenVPN...

Better question, do I still need all the certificates and such broken out into their own files or do I just need the ovpn files downloaded from my provider????

binhex commented 6 months ago

Seriously? How do I set it up to do it?

Q20:- https://github.com/binhex/documentation/blob/master/docker/faq/vpn.md

do I still need all the certificates and such broken out into their own files

If that is the format your vpn provider packages them in, then yes, some vpn providers embed the certificates in the ovpn file, some do not.

MYeager1967 commented 6 months ago

Wonderful. I used to use a container that forced me to break the certificates and stuff out of the ovpn file. I had already tested it by the time you replied and cleaned the files up. Now I can incorporate multiple endpoints. I missed that before. Thank you for pointing it out.

Had a question regarding an error that didn't really matter but I figured out how to get it to stop.