WeUI giving "Unauthorized"

[mokshmridul]

The docker container seems up and running, but i cant login, and i cant login as it gives me a "Unauthorized" sign on the wbui. My docker container is below

## QBITTORRENTVPN ##

  qbittorrentvpn:
    image: binhex/arch-qbittorrentvpn
    container_name: qbittorrentvpn
    privileged: true
    environment:
      - PUID=1000
      - PGID=100
      - TZ=Asia/Kolkata
      - UMASK=000
      - VPN_ENABLED=yes
      - VPN_USER=xxxx
      - VPN_PASS=xxxx
      - VPN_PROV=pia
      - VPN_CLIENT=wireguard
      #- STRICT_PORT_FORWARD=yes
      - LAN_NETWORK=192.168.0.0/24
      - NAME_SERVERS=1.1.1.1,1.0.0.1,9.9.9.9
      - DEBUG=false
      - WEBUI_PORT=8080
      - ENABLE_PRIVOXY=no
      #- VPN_OPTIONS=additional openvpn cli options \
    volumes:
      - /mnt/Tesla/Downloads/Completed:/data
      - /opt/QBitTorrent:/config
      - /etc/localtime:/etc/localtime:ro
      - /lib/modules:/lib/modules:ro
#    networks:
#     lan-all:
##      driver macvlan
#      ipv4_address: 172.31.1.130
    ports:
      - 6881:6881
      - 6881:6881/udp
      - 8780:8080
      - 8118:8118
#    cap_add:
#      - NET_ADMIN
#      - SYS_MODULE
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped
#networks:
#  lan-all:
#    driver: macvlan
#    external: true

[mokshmridul]

Any help on this would be highly appreciated :)

[anthonyrocom]

@mokshmridul is this just after you try to login with your credentials?

In the config folder, I had to edit the qBittorrent.conf file to add the following subnet whitelist. I asume that you filled out LAN_NETWORK correctly:

[Preferences] WebUI\Address=* WebUI\AuthSubnetWhitelist=192.168.0.0/24 WebUI\AuthSubnetWhitelistEnabled=true

Also make sure your WebUI\Port=8080

[mokshmridul]

Thank you for the inputs.

It wont even bring up the window for me to input the credentials, and is just stuck there.

The LAN_NETWORK is correct, and even after making the changes to the [Preferences] section and restarting the container, im still stuck at the same point.

[anthonyrocom]

@mokshmridul one thing I noticed in your docker-compose is that /lib/modules is mapped but this is not required.

Beyond that, you need to share more information from the logs and possibly your /config/wireguard/wg0.conf and I would even set DEBUG=True in your docker-compose file.

Can you show us the "docker logs qbittorrentvpn" bottom of the output? Maybe you can already spot the error.

[mokshmridul]

d that, you need to share more information from the logs and possibly your /config/wireguard/wg0.conf and I wo

i had a look at the files, but im not sure i can spot the error

wg0.conf output

[Interface]
Address = 10.32.217.250
PrivateKey = xxxx
PostUp = '/root/wireguardup.sh'
PostDown = '/root/wireguarddown.sh'

[Peer]
PublicKey = xxxx
AllowedIPs = 0.0.0.0/0
Endpoint = nl-amsterdam.privacy.network:1337

docker logs qbittorrent output

2024-05-02 22:17:05,195 DEBG 'start-script' stdout output:
[info] bangladesh.privacy.network

2024-05-02 22:17:05,195 DEBG 'start-script' stdout output:
[debug] Waiting for valid VPN gateway IP addresses from tunnel...
[debug] Waiting for valid VPN adapter IP addresses from tunnel...

2024-05-02 22:17:06,206 DEBG 'start-script' stdout output:
[debug] Valid local IP address from tunnel acquired '10.14.238.171'

2024-05-02 22:17:06,207 DEBG 'start-script' stdout output:
[debug] Valid gateway IP address from tunnel acquired '10.14.128.1'

2024-05-02 22:17:08,569 DEBG 'start-script' stdout output:
[debug] PIA generated 'token' for port forwarding is '_uXVWfdufggigOCHbRPX6wB70NRAsVeB3o9cGiX6hb4RTmszQDiPbUSA9V3byKnNsPaXrphKk_GL8ChEwwuODkEtv6PZucsXeh90BCJH+DFnqDUUCmPviQuGnjI='
[debug] PIA port forward assigned is '49882'
[debug] PIA port forward assigned expires on '2024-07-04T04:47:08.478547453Z'

2024-05-02 22:17:09,135 DEBG 'start-script' stdout output:
[info] Successfully assigned and bound incoming port '49882'

2024-05-02 22:17:09,296 DEBG 'watchdog-script' stdout output:
[debug] Checking we can resolve name 'www.google.com' to address...

2024-05-02 22:17:09,762 DEBG 'watchdog-script' stdout output:
[debug] DNS operational, we can resolve name 'www.google.com' to address '142.251.36.4'

2024-05-02 22:17:09,762 DEBG 'watchdog-script' stdout output:
[debug] Waiting for iptables chain policies to be in place...

2024-05-02 22:17:09,769 DEBG 'watchdog-script' stdout output:
[debug] iptables chain policies are in place
[info] qBittorrent listening interface IP 0.0.0.0 and VPN provider IP 10.14.238.171 different, marking for reconfigure

2024-05-02 22:17:09,774 DEBG 'watchdog-script' stdout output:
[info] qBittorrent not running
[info] qBittorrent incoming port 6881 and VPN incoming port 49882 different, marking for reconfigure

2024-05-02 22:17:09,774 DEBG 'watchdog-script' stdout output:
[info] qBittorrent config file already exists, skipping copy
[info] Removing session lock file (if it exists)...

2024-05-02 22:17:09,802 DEBG 'watchdog-script' stdout output:
[info] Attempting to start qBittorrent...

2024-05-02 22:17:09,807 DEBG 'watchdog-script' stdout output:
[info] qBittorrent process started
[info] Waiting for qBittorrent process to start listening on port 8080...

2024-05-02 22:17:09,917 DEBG 'watchdog-script' stdout output:
[info] qBittorrent process listening on port 8080

2024-05-02 22:17:10,335 DEBG 'watchdog-script' stdout output:
[debug] VPN incoming port is 49882
[debug] qBittorrent incoming port is 49882
[debug] VPN IP is 10.14.238.171
[debug] qBittorrent IP is 10.14.238.171

[mokshmridul]

Okay i got it working, but changing the internal:external ports to the same. it doesnt ask for any authentication now though, but should be able to figure that one out. Thank you for the help.

[anthonyrocom]

I also didn't see an error in your logs @mokshmridul but I guess if matching the ports worked then that's great. I noticed that you had different ports but it shouldn't be a problem. I guess it's hard for us to know if you already have something running on those ports.

Hopefully the approach that we took here to debug the situation will be helpful for someone else. Congrats on getting it solved!