Open Koudoussou opened 1 month ago
Hi @Koudoussou,
Your logs output end on Setting up public key infra...
means OpenVPN server starting first time and need some time to generate everything:
EasyRSA path: /usr/share/easy-rsa OVPN path: /etc/openvpn
Setting up public key infrastructure...
Just be patient and it will create all the infrastructure.
OpenVPN-UI logs also fine.
Hi @Koudoussou how is it going? Could we close this one?
Hi @d3vilh Still same output. Container are still restarting.
Still same output. Container are still restarting.
Could you share the docker logs openvpn
and docker logs openvpn-ui
Openvpn server logs should give us understanding why it is restarting.
Your docker-compose.yml
content would help as well.
$docker logs openvpn
EasyRSA path: /usr/share/easy-rsa OVPN path: /etc/openvpn
Setting up public key infrastructure...
Notice
------
'init-pki' complete; you may now create a CA or requests.
Your newly created PKI dir is:
* /usr/share/easy-rsa/pki
Using Easy-RSA configuration:
* undefined
cp: can't stat '/etc/openvpn/config/easy-rsa.vars': No such file or directory
EasyRSA path: /usr/share/easy-rsa OVPN path: /etc/openvpn
Setting up public key infrastructure...
===================== $ docker logs openvpn-ui
Init. OVPN path: /etc/openvpn
Starting OpenVPN UI!
Config file: conf/app.conf
table `user` already exists, skip
table `settings` already exists, skip
table `o_v_config` already exists, skip
table `o_v_client_config` already exists, skip
table `easy_r_s_a_config` already exists, skip
[ORM]2024/06/24 11:52:52 -[Queries/default] - [ OK / db.QueryRow / 0.0ms] - [SELECT `id`, `login`, `is_admin`, `name`, `email`, `password`, `lastlogintime`, `created`, `updated` FROM `user` WHERE `name` = ? ] - `Administrator`
2024/06/24 11:52:52.087 [D] [models.go:66] {1 true Administrator root@localhost $s2$16384$8$1$K7jKDSNqzVv23wDF9mAboziv$sXkbaZJERFdKMr7oIK8hW5U4B5xaHddm0Au+z/fpcfw= 0001-01-01 00:00:00 +0000 UTC 2024-05-29 11:32:12.49214737 +0000 UTC 2024-05-29 11:32:12.492148552 +0000 UTC}
[ORM]2024/06/24 11:52:52 -[Queries/default] - [ OK / db.QueryRow / 0.0ms] - [SELECT `id`, `profile`, `m_i_address`, `m_i_network`, `o_v_config_path`, `easy_r_s_a_path`, `created`, `updated` FROM `settings` WHERE `profile` = ? ] - `default`
2024/06/24 11:52:52.088 [D] [models.go:106] {1 default openvpn:2080 tcp /etc/openvpn /usr/share/easy-rsa 2024-05-29 11:32:12.49317661 +0000 UTC 2024-05-29 11:32:12.493177311 +0000 UTC}
[ORM]2024/06/24 11:52:52 -[Queries/default] - [ OK / db.QueryRow / 0.0ms] - [SELECT `id`, `profile`, `func_mode`, `management`, `script_security`, `user_pass_verify`, `device`, `port`, `proto`, `o_v_config_topology`, `keepalive`, `max_clients`, `o_v_config_user`, `o_v_config_group`, `o_v_config_client_config_dir`, `ifconfig_pool_persist`, `ca`, `cert`, `key`, `crl`, `dh`, `t_l_s_control_channel`, `t_l_s_min_version`, `t_l_s_remote_cert`, `cipher`, `o_v_config_ncp_ciphers`, `auth`, `server`, `route`, `push_route`, `d_n_s_server1`, `d_n_s_server2`, `redirect_g_w`, `o_v_config_logfile`, `o_v_config_log_verbose`, `o_v_config_status_log`, `o_v_config_status_log_version`, `custom_opt_one`, `custom_opt_two`, `custom_opt_three` FROM `o_v_config` WHERE `profile` = ? ] - `default`
2024/06/24 11:52:52.088 [D] [models.go:163] {1 default {0 openvpn:2080 tcp tun 1194 udp subnet 10 120 100 nobody nogroup /etc/openvpn/staticclients pki/ipp.txt pki/ca.crt pki/issued/server.crt pki/private/server.key pki/crl.pem pki/dh.pem tls-crypt pki/ta.key tls-version-min 1.2 remote-cert-tls client AES-256-GCM AES-256-GCM:AES-192-GCM:AES-128-GCM SHA512 server 10.0.70.0 255.255.255.0 route 10.0.71.0 255.255.255.0 push "route 10.0.60.0 255.255.255.0" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 1.0.0.1" push "redirect-gateway def1 bypass-dhcp" /var/log/openvpn/openvpn.log 3 /var/log/openvpn/openvpn-status.log 2 # Custom Option One # Custom Option Two
# client-to-client # Custom Option Three
# push "route 0.0.0.0 255.255.255.255 net_gateway"
# push block-outside-dns}}
[ORM]2024/06/24 11:52:52 -[Queries/default] - [ OK / db.QueryRow / 0.0ms] - [SELECT `id`, `profile`, `func_mode`, `device`, `server_address`, `port`, `resolve_retry`, `o_v_client_user`, `o_v_client_group`, `persist_tun`, `persist_key`, `remote_cert_t_l_s`, `open_vpn_server_port`, `proto`, `ca`, `cert`, `key`, `ta`, `cipher`, `redirect_gateway`, `auth`, `auth_no_cache`, `tls_client`, `verbose`, `auth_user_pass`, `t_f_a_issuer`, `custom_conf_one`, `custom_conf_two`, `custom_conf_three` FROM `o_v_client_config` WHERE `profile` = ? ] - `default`
2024/06/24 11:52:52.088 [D] [models.go:210] {1 default {0 tun 127.0.0.1 1194 resolv-retry infinite nobody nogroup persist-tun persist-key remote-cert-tls server 1194 udp AES-256-GCM redirect-gateway def1 SHA512 auth-nocache tls-client 3 MFA%20OpenVPN-UI #Custom Option One #Custom Option Two #Custom Option Three}}
[ORM]2024/06/24 11:52:52 -[Queries/default] - [ OK / db.QueryRow / 0.0ms] - [SELECT `id`, `profile`, `easy_r_s_a_d_n`, `easy_r_s_a_req_country`, `easy_r_s_a_req_province`, `easy_r_s_a_req_city`, `easy_r_s_a_req_org`, `easy_r_s_a_req_email`, `easy_r_s_a_req_ou`, `easy_r_s_a_req_cn`, `easy_r_s_a_key_size`, `easy_r_s_a_ca_expire`, `easy_r_s_a_cert_expire`, `easy_r_s_a_cert_renew`, `easy_r_s_a_crl_days` FROM `easy_r_s_a_config` WHERE `profile` = ? ] - `default`
2024/06/24 11:52:52.088 [D] [models.go:247] {1 default {org UA KY Kyiv SweetHome sweet@home.net MyOrganizationalUnit server 2048 3650 825 30 180}}
2024/06/24 11:52:52.097 [I] [server.go:280] http server Running on http://:8080
Kindly find my docker-compose.txt
So when I try to log on the web page, getting error with the credential which I put in docker-compile.
It can't find /etc/openvpn/config/easy-rsa.vars
file, which is here by default.:
cp: can't stat '/etc/openvpn/config/easy-rsa.vars': No such file or directory
We have to be sure that file is there by the volume path:
papa@hiphop:~/build/openvpn-server $ ls -l ./config/easy-rsa.vars
-rwxr-xr-x 1 papa papa 488 Jun 6 19:49 ./config/easy-rsa.vars
papa@hiphop:~/build/openvpn-server $
With correct local permissions: chmod 644 ./config/easy-rsa.vars
And listed inside the container:
papa@hiphop:~/build/openvpn-server $ docker exec -it openvpn /bin/bash -c "ls -l /etc/openvpn/config"
total 12
-rwxr-xr-x 1 1000 1000 467 Jun 6 16:49 client.conf
-rwxr-xr-x 1 1000 1000 488 Jun 6 16:49 easy-rsa.vars
-rwxr-xr-x 1 1000 1000 1062 Jun 6 16:49 old-server.conf
papa@hiphop:~/build/openvpn-server $
Here is the tree container expects to run (./pki will be created during the init).
What do you store in this volume:
volumes:
- ./openvpn-data/conf:/etc/openvpn
Ok I will follow your step and get back to you. Thank you for your support.
Thank your support.
It work now.
however, I would to implement to VPN server in failover, how can support me to do it.
May be a good documentation to implement (Load balancing). The client will use the same profile (when one server will be down the second will be used as main server so the clients can continue to use their same profile. no need to have more profile.
Thank you again
After deploying the docker containers for openvpn-server and openvpn-ui, the containers are a status restarting.
docker logs -f openvpn
Notice
'init-pki' complete; you may now create a CA or requests.
Your newly created PKI dir is:
Using Easy-RSA configuration:
EasyRSA path: /usr/share/easy-rsa OVPN path: /etc/openvpn Setting up public key infrastructure...
Also I can't connect to openvpn-ui
docker logs -f openvpn-ui
Init. OVPN path: /etc/openvpn Starting OpenVPN UI! Config file: conf/app.conf table
user
already exists, skip tablesettings
already exists, skip tableo_v_config
already exists, skip tableo_v_client_config
already exists, skip tableeasy_r_s_a_config
already exists, skip [ORM]2024/05/29 13:50:35 -[Queries/default] - [ OK / db.QueryRow / 0.0ms] - [SELECTid
,login
,is_admin
,name
,email
,password
,lastlogintime
,created
,updated
FROMuser
WHEREname
= ? ] -Administrator
2024/05/29 13:50:35.556 [D] [models.go:66] {1 true Administrator root@localhost $s2$16384$8$1$K7jKDSNqzVv23wDF9mAboziv$sXkbaZJERFdKMr7oIK8hW5U4B5xaHddm0Au+z/fpcfw= 0001-01-01 00:00:00 +0000 UTC 2024-05-29 11:32:12.49214737 +0000 UTC 2024-05-29 11:32:12.492148552 +0000 UTC} [ORM]2024/05/29 13:50:35 -[Queries/default] - [ OK / db.QueryRow / 0.0ms] - [SELECTid
,profile
,m_i_address
,m_i_network
,o_v_config_path
,easy_r_s_a_path
,created
,updated
FROMsettings
WHEREprofile
= ? ] -default
2024/05/29 13:50:35.556 [D] [models.go:106] {1 default openvpn:2080 tcp /etc/openvpn /usr/share/easy-rsa 2024-05-29 11:32:12.49317661 +0000 UTC 2024-05-29 11:32:12.493177311 +0000 UTC} [ORM]2024/05/29 13:50:35 -[Queries/defaultThank you to help me.