search

guillaumedsde / alpine-qbittorrent-openvpn

qBittorrent docker container with OpenVPN client running as unprivileged user on alpine linux
https://guillaumedsde.gitlab.io/alpine-qbittorrent-openvpn/
GNU General Public License v3.0
216 stars 40 forks source link

Port forwarding #4

Closed ZerNico closed 4 years ago

ZerNico commented 4 years ago

Are there any plans of supporting port forwarding in this project?

guillaumedsde commented 4 years ago

Hi, I can definitely look into it, although I don't have a provider that supports port forwarding, if you do, I can work on it in a branch and let you so you could test it?

ZerNico commented 4 years ago

That would be really nice! Yes I can test it I have PIA. I'm not sure how hard it is to find out which port you get assigned to with PIA tho.

guillaumedsde commented 4 years ago

Yeah, I remember someone made a bash script to hit their API to get the forwarded port, (could have been haugene but I need to look deeper into it, I'll post here when I have an update

ZerNico commented 4 years ago

Should be that one here https://github.com/haugene/docker-transmission-openvpn/blob/master/transmission/updatePort.sh

guillaumedsde commented 4 years ago

Hi @ZerNico @the8thsign, I've tried porting haugene's scripts for port forwarding in the feat/port_forward branch once its CI pipeline finishes the test docker image will be available at guillaumedsde/alpine-qbittorrent-openvpn:feat_port_forward I can't test it as my provider does not support port forwarding, but PIA and PrivateVPN should both work (not quite there yet for Perfect Privacy) if you have time to test it let me know if it works :)

the8thsign commented 4 years ago

Gave it a try today. Here is the errors on start up:

Trying to use OpenVPN provider: PIA

tar: invalid magic

tar: short read

tar: docker-transmission-openvpn-master/openvpn/pia: not found in archive

chown: /etc/openvpn/pia: No such file or directory

chmod: /config/openvpn/config.ovpn: No such file or directory

cp: can't stat '/etc/openvpn/pia/CA Toronto.ovpn': No such file or directory

ERROR: Could not find OpenVPN configuration for provider PIA at https://raw.githubusercontent.com/haugene/docker-transmission-openvpn/master/openvpn/pia/CA Toronto.ovpn

[cont-init.d] 02-setup-openvpn: exited 1.

ZerNico commented 4 years ago

I am getting error 401 when trying to connect to the Web UI. Log says its picking up the port etc tho so that looks promising

guillaumedsde commented 4 years ago

Gave it a try today. Here is the errors on start up:

Trying to use OpenVPN provider: PIA

tar: invalid magic

tar: short read

tar: docker-transmission-openvpn-master/openvpn/pia: not found in archive

chown: /etc/openvpn/pia: No such file or directory

chmod: /config/openvpn/config.ovpn: No such file or directory

cp: can't stat '/etc/openvpn/pia/CA Toronto.ovpn': No such file or directory

ERROR: Could not find OpenVPN configuration for provider PIA at https://raw.githubusercontent.com/haugene/docker-transmission-openvpn/master/openvpn/pia/CA Toronto.ovpn

[cont-init.d] 02-setup-openvpn: exited 1.

I added some error checking which might get around this issue in 902eb3e you should be able to get it by pulling guillaumedsde/alpine-qbittorrent-openvpn:feat_port_forward again

the8thsign commented 4 years ago

Looks to be the exact same error after the update.

INFO: Trying to use OpenVPN provider: PIA tar: invalid magic tar: short read tar: docker-transmission-openvpn-master/openvpn/pia: not found in archive ERROR: Could not find OpenVPN configuration "CA Toronto" for provider PIA [cont-init.d] 02-setup-openvpn: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting.

guillaumedsde commented 4 years ago

Looks to be the exact same error after the update.

INFO: Trying to use OpenVPN provider: PIA tar: invalid magic tar: short read tar: docker-transmission-openvpn-master/openvpn/pia: not found in archive ERROR: Could not find OpenVPN configuration "CA Toronto" for provider PIA [cont-init.d] 02-setup-openvpn: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting.

Hum, it looks like alpine linux' built in tar command might not be complete . a55a7e0294367096a93cbe0649a18c50cd366c1b installs the alpine package for ŧar instead once this pipeline finishes can you try pulling guillaumedsde/alpine-qbittorrent-openvpn:feat_port_forward again?

the8thsign commented 4 years ago

Slightly different tar error on latest pull.

INFO: Trying to use OpenVPN provider: PIA gzip: invalid magic tar: Child returned status 1 tar: Error is not recoverable: exiting now ERROR: Could not find OpenVPN configuration "CA Toronto" for provider PIA [cont-init.d] 02-setup-openvpn: exited 1.

guillaumedsde commented 4 years ago

Slightly different tar error on latest pull.

INFO: Trying to use OpenVPN provider: PIA gzip: invalid magic tar: Child returned status 1 tar: Error is not recoverable: exiting now ERROR: Could not find OpenVPN configuration "CA Toronto" for provider PIA [cont-init.d] 02-setup-openvpn: exited 1.

Hum, strange I can't manage to reproduce it (I could before which is even stranger...) I've made a more robust script which i've also added to this branch which might fix it in the latest release of guillaumedsde/alpine-qbittorrent-openvpn:feat_port_forward

the8thsign commented 4 years ago

Wed Jun 24 18:05:12 2020 TUN/TAP device tun0 opened Wed Jun 24 18:05:12 2020 Persist state set to: ON INFO: Trying to use OpenVPN provider: PIA gzip: invalid magic tar: Child returned status 1 tar: Error is not recoverable: exiting now ERROR: Could not find OpenVPN configuration "CA Toronto" for provider PIA [cont-init.d] 02-setup-openvpn: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal.

ZerNico commented 4 years ago

Okay so for my issue, you have to use the same port for port binding (8080:8080) else it just blocks me. I guess that's some qBittorrent security option?

the8thsign commented 4 years ago

@ZerNico Try using QBT_WEBUI_PORT= instead of WEBUI_PORT=

guillaumedsde commented 4 years ago

Wed Jun 24 18:05:12 2020 TUN/TAP device tun0 opened Wed Jun 24 18:05:12 2020 Persist state set to: ON INFO: Trying to use OpenVPN provider: PIA gzip: invalid magic tar: Child returned status 1 tar: Error is not recoverable: exiting now ERROR: Could not find OpenVPN configuration "CA Toronto" for provider PIA [cont-init.d] 02-setup-openvpn: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal.

The fix I can think of is to try a different download method for the certificates, I'll look into this

guillaumedsde commented 4 years ago

Wed Jun 24 18:05:12 2020 TUN/TAP device tun0 opened Wed Jun 24 18:05:12 2020 Persist state set to: ON INFO: Trying to use OpenVPN provider: PIA gzip: invalid magic tar: Child returned status 1 tar: Error is not recoverable: exiting now ERROR: Could not find OpenVPN configuration "CA Toronto" for provider PIA [cont-init.d] 02-setup-openvpn: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal.

I've removed tar and am now using svn to download just the given provider's config files from haugene's repo. @the8thsign @ZerNico try pulling guillaumedsde/alpine-qbittorrent-openvpn:feat_port_forward and trying again when you have time :)

the8thsign commented 4 years ago

Looks to be working with the new changes. Just tested the port forwarding and I can see an open port.

the8thsign commented 4 years ago

Couple of errors which don't look like they are causing issues but FYI: INFO: Trying to use OpenVPN provider: PIA svn: E155000: Destination directory exists; please remove the directory or use --force to overwrite svn: E155000: 'pia' already exists INFO: Found OpenVPN configuration: "CA Toronto" for provider "PIA" using it

Also after a restart of the container I get this: INFO: configuring port forwarding for PIA Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding curl encountered an error looking up new port: 52

Doesn't look like forwarding is working when I get this message.

guillaumedsde commented 4 years ago

Couple of errors which don't look like they are causing issues but FYI: INFO: Trying to use OpenVPN provider: PIA svn: E155000: Destination directory exists; please remove the directory or use --force to overwrite svn: E155000: 'pia' already exists INFO: Found OpenVPN configuration: "CA Toronto" for provider "PIA" using it

This should be fixed in c3a3ef346871d567c7ae945a0051dc65196745ce

Also after a restart of the container I get this: INFO: configuring port forwarding for PIA Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding curl encountered an error looking up new port: 52

Doesn't look like forwarding is working when I get this message.

So browsing around, it looks like haugene's script is based on PIA's official port forwarding script but supposedly slightly modified in order to work with the software avaialable inside his container.

Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding

The official script includes that same warning, but Haugene's script then checks for curl errors. error 52 appears to be an error for empty curl response. I'm assuming that when port forwarding is already enabled, PIA's API sends out an empty response, so in the latest commit 15f04378bd990ae1864bd7e552cb06ce6fee5d99 I've modified the script to ignore empty responses, if you try pulling guillaumedsde/alpine-qbittorrent-openvpn:feat_port_forward and running it, it should work

the8thsign commented 4 years ago

Looking good so far!

guillaumedsde commented 4 years ago

Alright, :+1: I'll leave this Issue open for a couple of days, if no issues are reported, I'll merge the branch, I'll let both of you know here (you'll probably need to change from the feat_port_forward tag to either latest or python)

guillaumedsde commented 4 years ago

I have merged this feature into master in ee22ed23 I suggest you guys switch back to the python or latest tag to get the latest updates :)

guillaumedsde commented 4 years ago

(closing issue)

edit: didn't work for some reason....

undaunt commented 4 years ago

Would it be possible to include Mullvad in the list of supported forwarding providers if the issue is still open?

guillaumedsde commented 4 years ago

Hi, if you find a script for opening ports like the one for perfect privacy for example, I can add it

guillaumedsde commented 4 years ago

Closing this issue, as it has been implemented, if you would like me to include a script you found for your provider, feel free to open a new issue :)