Closed danjb closed 2 years ago
i would suspect you arent using the latest image, do a:-
docker pull binhex/arch-sabnzbdvpn
first
Sorry about that, I was running watchtower and thought I had the latest image, but indeed when I manually pulled one it now is using a wireguard configuration file. I am now having an issue in the container in the start-script while attempting to bring WireGuard interface up:
[info] Attempting to bring WireGuard interface 'up'...
Warning: '/config/wireguard/wg0.conf' is world accessible
[#] ip link add wg0 type wireguard
RTNETLINK answers: Operation not supported
Unable to access interface: Protocol not supported
[#] ip link delete dev wg0
Cannot find device "wg0"
[warn] WireGuard interface failed to come 'up', exit code is '1'
I'm not sure about that "world accessible" warning or whether it has anything to do with this issue. I have permissions on wg0.conf set to 600 before starting the container, but permissions are always set to 775 after the container starts. This is running Docker on a Debian 10 host.
RTNETLINK answers: Operation not supported
Unable to access interface: Protocol not supported
this is indicative of old kernel, if you are running kernel older than 5.6 then you will need to load in the required modules to support wireguard.
I installed the sabnzbdvpn with wireguard on my synology docker and I see my vpn provider wg0.conf was modified to the include
[Interface] PostUp = '/root/wireguardup.sh' PostDown = '/root/wireguarddown.sh' PrivateKey = xxxx ListenPort = 51820 DNS = 1.1.1.1 Address = 10.13.101.45/24
[Peer] PublicKey = xxxx AllowedIPs = 0.0.0.0/0 Endpoint = 209.95.32.126:1443 PersistentKeepalive = 25
but I can not find the .sh sripts
I'm trying to use wireguard (with a config file from another provider) with this container like this:
docker run -d --name nzbgetvpn \ --sysctl="net.ipv4.conf.all.src_valid_mark=1" \ --privileged=true \ -p 8080:8080 \ -p 8090:8090 \ -p 8118:8118 \ -v /nzbget/data:/data \ -v /nzbget/config:/config \ -v /etc/localtime:/etc/localtime:ro \ -e VPN_ENABLED=yes \ -e VPN_PROV=custom \ -e VPN_CLIENT=wireguard \ -e STRICT_PORT_FORWARD=no \ -e ENABLE_PRIVOXY=yes \ -e LAN_NETWORK=192.168.1.0/24 \ -e NAME_SERVERS=84.200.69.80,37.235.1.174,1.1.1.1,37.235.1.177,84.200.70.40,1.0.0.1 \ -e DEBUG=false \ -e UMASK=000 \ -e PUID=0 \ -e PGID=0 \ binhex/arch-sabnzbdvpn
The container keeps wanting an ovpn configuration file "No OpenVPN config file located in /config/openvpn/ (ovpn extension), please download from your VPN provider and then restart this container, exiting..." I thought maybe I should specify VPN_ENABLED=no, but then I get "!!IMPORTANT!! VPN IS SET TO DISABLED', YOU WILL NOT BE SECURE"
How can I get the container to not look for an ovpn file but instead use my wireguard conf file? The doc says run the container and it will create a wireguard subdirectory in the config directory, but all it does is create an openvpn directory. I tried renaming that to wireguard, but that didn't change anything.