Closed mikemulhearn closed 3 years ago
the port forwarding has been completely reworked in this image months ago, are you using 'latest' tagged image?
I'm using the base image -- "image: binhex/arch-rtorrentvpn"
is that not the same as latest? I can add the latest tag if necessary
The getvpnport.sh script I have is trying to get the port from 209.2222.18.222, but that seems to be the old way of getting the port that is no longer working -- I get stuck in the curly.sh retry loop.
####
# get dynamically assigned port number
####
echo "[info] Attempting to get dynamically assigned port..."
# pia api url for getting dynamically assigned port number
pia_vpnport_api_host="209.222.18.222"
pia_vpnport_api_port="2000"
pia_vpnport_api="http://${pia_vpnport_api_host}:${pia_vpnport_api_port}"
# create pia client id (randomly generated)
client_id=$(head -n 100 /dev/urandom | sha256sum | tr -d " -")
# run curly to grab api result
rm -f "/tmp/piaportassignapi"
curly.sh -ct 10 -rc 12 -rw 10 -of "/tmp/piaportassignapi" -url "${pia_vpnport_api}/?client_id=${client_id}"
I turned off port binding for now to let rTorrent run, but obviously the performance is severely degraded.
It looks like the new way for the "next-gen" VPN servers is by sending a token to the VPN server you are connected to to get a payload and signature back, which are used to bind a port in a subsequent "bindPort" API call (details in link in OP). That same bindPort call must be run every 15 mins as well, and expires after 2 months fwiw.
not sure what image you are runnign there or where you got the old version of getvpnport.sh, but this is the current up to date script that is included in all my vpn images:- https://github.com/binhex/arch-int-vpn/blob/master/run/root/getvpnport.sh
i can only assume the image you have on disk is out of date, try doing a docker pull to force the latest image to be pulled down.
hmm not sure either. I just ran a manual pull and it definitely pulled down the latest image. Now I'm getting errors trying to initiate the wireguard interface:
2021-01-12 14:46:37,331 DEBG 'start-script' stderr output:
Warning: `/config/wireguard/wg0.conf' is world accessible
2021-01-12 14:46:37,341 DEBG 'start-script' stderr output:
[#] ip link add wg0 type wireguard
2021-01-12 14:46:37,351 DEBG 'start-script' stderr output:
RTNETLINK answers: Operation not supported
2021-01-12 14:46:37,359 DEBG 'start-script' stderr output:
Unable to access interface: Protocol not supported
2021-01-12 14:46:37,359 DEBG 'start-script' stderr output:
[#] ip link delete dev wg0
2021-01-12 14:46:37,368 DEBG 'start-script' stderr output:
Cannot find device "wg0"
2021-01-12 14:46:37,368 DEBG 'start-script' stdout output:
[warn] WireGuard interface failed to come 'up', exit code is '1'
Do I have to clear out any configs?
rtorrent-openvpn: container_name: rtorrent-vpn image: binhex/arch-rtorrentvpn:latest
cap_add:
#- NET_ADMIN sysctls: - "net.ipv4.conf.all.src_valid_mark=1" privileged: true #devices: restart: always ports: - "11080:9080" - "10443:9443" - "8118:8118" dns: - 1.1.1.1 - 1.0.0.1 - 209.222.18.222 - 84.200.69.80 - 37.235.1.174 - 209.222.18.218 - 37.235.1.177 - 84.200.70.40 volumes: - /etc/localtime:/etc/localtime:ro - /windows/k/data:/data #- /windows/i/config:/config - ${USERDIR}/docker/rtorrent/config:/config environment: - VPN_ENABLED=yes #- VPN_CONFIG=France - VPN_USER=*redacted* - VPN_PASS=*redacted* - VPN_PROV=pia #- VPN_CLIENT=openvpn - VPN_CLIENT=wireguard - STRICT_PORT_FORWARD=yes #- STRICT_PORT_FORWARD=no - ENABLE_PRIVOXY=yes - ENABLE_PRIVOXY=no - ENABLE_AUTODL_IRSSI=yes - ENABLE_RPC2=yes - ENABLE_RPC2_AUTH=yes - RPC2_USER=*redacted* - RPC2_PASS=*redacted* - ENABLE_WEBUI_AUTH=yes - WEBUI_USER=*redacted* - WEBUI_PASS=*redacted* - LAN_NETWORK=172.22.1.0/24,127.0.0.1/24,172.17.0.1/24,172.18.0.1/24 - NAME_SERVERS=209.222.18.222,84.200.69.80,37.235.1.174,1.1.1.1,209.222.18.218,37.235.1.177,84.200.70.40,1.0.0.1 - DEBUG=false - PHP_TZ=America/New_York - UMASK=000 - PUID=${PUID} - PGID=${PGID}
I updated CentOS 7 and installed WireGuard, and now I'm good to go.
Thanks for all your hard work on this project.. I finally started migrating from a Transmission OpenVPN container to this one and I'll never look back
It looks like PIA changed over their port forwarding API in recent months.. Any chance that an update to the PIA port forwarding script in the container is already way or possible in the near future?
Here's a link to their GitHub repo with some instructions for curl integration: https://github.com/pia-foss/manual-connections/tree/v1.0.0#manual-setup-of-pf