Closed mateiandrei94 closed 3 years ago
Hi, I believe most (if not all) of the issues you encounter have been addressed in the documentation (https://haugene.github.io/docker-transmission-openvpn/supported-providers/) under the Using a custom provider
section.
Thanks for your feedback.
I see, perhaps i missed that part of the documentation. Either way, it would be nice if all of it was automatic, and I didn't have to edit the .ovpn file. The renaming of the ovpn can be fixed with volume mount and the openvpn-credentials.txt is automatically generated. There is still the fact that I have to enter the full path to (ca, client and key) which I think can be automated.
Hi, I struggled a bit to make it work with cyberghost, the custom provider documentation is not very easy, especially when you're a newcomer like me with all those pieces of software. And I'm making it work on a synology NAS which adds even more steps to follow.
@vlaquest Would you mind open a new issue and post your setting, config, logs, issues, etc. there. We can take a look and try to help.
@vlaquest Hi, what did you do to make it work with your synology. I have follow the instruction here (tried to), but I struglle to make it work. I don't really understand much of what i'm doing....
This helped me a lot with my cyberghost config. I couldnt find a clearer or simpler information on how to manage the custom vpn in the official documentation, I notably found the "fork and edit the code" way.... a bit too much for just passing variables and files to the container. so thank you @mateiandrei94
@JohnBassHard I also use a Synology NAS First of all read the official docker app documentation from Synology.
To get openvpn working either from within or outside of a docker container both DSM 6 and 7 require enabling kernel tun/tap (or so I'm told, not sure though) I recommend creating a shared folder "startup_scripts" only the super administrator should have write access to this shared folder Place this script on startup, it will enable tun/tap I don't remember where I got this from, but it's out there on the internet somewhere
TUN.sh
#!/bin/sh
# Create the necessary file structure for /dev/net/tun
if ( [ ! -c /dev/net/tun ] ); then
if ( [ ! -d /dev/net ] ); then
mkdir -m 755 /dev/net
fi
mknod /dev/net/tun c 10 200
chmod 0755 /dev/net/tun
fi
# Load the tun module if not already loaded
if ( !(lsmod | grep -q "^tun\s") ); then
insmod /lib/modules/tun.ko
fi
You might also want resolv.conf
nameserver 1.1.1.1
nameserver 8.8.8.8
Open settings app -> task scheduler -> create -> triggered task -> user defined script ->
task name = Start TUN Device driver
user = root
event = Boot-up
enabled = yes
task settings -> run command
/volume1/startup_scripts/TUN.sh
Here my shared folder is on volume1, i'm sure you can figure out where yours is
take a look at kernel.org for more details on tun/tap
next is docker app go to image tab select image -> launch -> advanced settings volume tab -> map data, resolv.conf, custom_vpn, and openvpn-credentials network use bridge map static ports, (no idea why automatic ones even exist)
in environment set OPENVPN_PROVIDER=CUSTOM set CREATE_TUN_DEVICE=true set TRANSMISSION_RPC_PASSWORD=be_creative_don'tcopypaste
if you're not using default "docker" shared folder, create a new user for transmission, get it's pid and uid and set PUID PGID
!! do not run the container when finished !!
reboot your synology NAS
At this point, after you configure the ovpn file and credentials etc... Try to start the container, it should fail.
edit container -> check execute container using high privilege it should work
I think this is a Synology BUG, but every time you start/stop this particular container, you should do this to make it work: 1) edit -> uncheck "execute container using high privilege" 2) start container, it should fail 3) edit -> check "execute container using high privilege" 4) start container, it should work
Thanks for your message Andrei. When I find some time I will try again using the extra information you gave me. Cheers
This help me a lot! Thanks
=== My VPN Provider === CyberGhost VPN generates "Configurations" on the fly per user/slot. It then provides username/password and a zip file which (when unzipped) contains
=== My Expectations ===
Initially I expected it would be enough to place all the files in container folder
/etc/openvpn/custom
i.e.:And then configure environment variables
It didn't work.
=== The cause of problem 1/3 === The container automatically looks for a file named
default.ovpn
however cyberghost isopenvpn.ovpn
To solve this I had to rename the file fromopenvpn.ovpn
todefault.ovpn
.=== The cause of problem 2/3 === Upon inspecting of the ovpn file
auth-user-pass
is declared without a value. With GUI clients this is not a problem, however from the command line, if value is omitted, username/password will be prompted from the console. To solve this I edited the ovpn fileThen I created a file
/config/openvpn-credentials.txt
(3rd line is empty)=== The cause of problem 3/3 === Another thing that doesn't work is
ca.crt
client.crt
client.key
which are declared in the ovpn like thisFor some reason file paths relative to the ovpn file don't work. To solve this I edited the ovpn file
Describe the solution you'd like See My Expectations above
My personal solution/suggestion for problem 1
default.ovpn
My personal solution/suggestion for problem 2
/config/openvpn-credentials.txt
from environment variables at container startupauth-user-pass .*
or add new one if it doesn't already existauth-user-pass /config/openvpn-credentials.txt
My personal solution/suggestion for problem 3
ca
cert
key
with full pathDescribe alternatives you've considered Manually edit files. If it wasn't for the fact that my vpn providers likes to torture me and force me to re-generate new credentials/ovpn files (because old ones don't work anymore) I would've not opened this ticked and continued editing files manually.
Additional context There isn't any.