search

haugene / docker-transmission-openvpn

Docker container running Transmission torrent client with WebUI over an OpenVPN tunnel
GNU General Public License v3.0
4.1k stars 1.2k forks source link

tty device error? Can't ask for 'Enter Auth Username:'. #497

Closed SuperJakish closed 6 years ago

SuperJakish commented 6 years ago

Your guides and the other issue resolutions have been awesome, but I'm now stuck. I'm running docker-compose on Windows 10 with Linux containers and I'm using ExpressVPN. Here are the transmission portions of the compose file:

version: '3'
services:
    transmission:
        container_name: transmission
        image: haugene/transmission-openvpn
        privileged: true
        #cap_add:
        #    - NET_ADMIN
        #devices:
        #    - /dev/net/tun
        restart: unless-stopped
        ports:
            - "9091:9091"
            - "8080:8080"
        dns:
            # Cloudfare
            - 1.1.1.1
            - 1.0.0.1
            # Google
            #- 8.8.8.8
            #- 8.8.4.4
        volumes:
            #- /etc/localtime:/etc/localtime:ro # A way to get the time zone in Linux or Mac
            - .\data:/data
            - .\vpn\config.ovpn:/etc/openvpn/custom/default.ovpn
        environment:
            - OPENVPN_PROVIDER=CUSTOM
            - OPENVPN_USERNAME=dummy
            - OPENVPN_PASSWORD=dummy
            - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
            - LOCAL_NETWORK=192.168.0.0/24
            - TZ=America/New_York
            - TRANSMISSION_RPC_HOST_WHITELIST=HOSTNAME

    transmission-proxy:
        container_name: transmission-proxy
        image: haugene/transmission-openvpn-proxy
        links:
            - transmission:transmission
        ports:
            - "8080:8080"
        #volumes:
            #- /etc/localtime:/etc/localtime:ro # A way to get the time zone in Linux or Mac
        environment:
            - TZ=America/New_York

And here is the output with the error I get:

transmission          | Using OpenVPN provider: CUSTOM
transmission          | No VPN configuration provided. Using default.
transmission          | Setting OPENVPN credentials...
transmission          | adding route to local network 192.168.0.0/24 via 172.18.0.1 dev eth0
transmission          | Wed May  2 15:35:47 2018 WARNING: --keysize is DEPRECATED and will be removed in OpenVPN 2.6
transmission          | Wed May  2 15:35:47 2018 OpenVPN 2.4.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar  1 2018
transmission          | Wed May  2 15:35:47 2018 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
transmission          | Wed May  2 15:35:47 2018 neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Username:'.  If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
transmission          | Wed May  2 15:35:47 2018 Exiting due to fatal error

I know I'm missing a device call that was in the example compose file, so that may be my problem, but I'm new to this and am not sure what device that was supposed to be referencing so I could convert it over to my Windows equivalent.

Many thanks in advance for your time!

SuperJakish commented 6 years ago

I know, I know... RTFM. It wasn't the reading part, it was the comprehension part that I had trouble with. I think I figured it out and I'll append this issue with what I learned in hopes of helping others. There is a bunch of stuff scattered all over the place, so I'm combining it all here.

The root of the problem was that I didn't understand the method for creating a user credentials file, so here it is spelled out in a way I can understand. ExpressVPN isn't a supported provider, so I had to do some extra work to make it happen. I learned a bunch from #293, but needed a few more dots before the picture fully formed in my head. In the ovpn file I got from Express VPN, there was a line I had to append. Originally the line was: auth-user-pass and I had to append it to: auth-user-pass /etc/openvpn/custom/auth.txt auth.txt is a file that contains the username and password in this format:

<username>
<password>

with no additional text or anything - just dump them in the two lines like that. Then, map that resource in addition to the ovpn file the docker-composer like this:

volumes:
     - .\data:/data
     - .\vpn\config.ovpn:/etc/openvpn/custom/default.ovpn
     - .\vpn\auth.txt:/etc/openvpn/custom/auth.txt

Finally, the environment variables need to be set like this:

environment:
     - OPENVPN_PROVIDER=custom
     - OPENVPN_USERNAME=dummy
     - OPENVPN_PASSWORD=dummy

The "dummy" here doesn't matter - it can literally be anything.

It looks like Kristian asked for an ExpressVPN ovpn file back in #293 and didn't get an answer, so I'll upload mine with the keys and certs redacted for reference: config.txt. Enjoy!

haugene commented 6 years ago

Hey there. Great to see you got it working. The custom provider stuff can be tricky at times because the ovpn file needs to be customized for the container as you've described here.

Hopefully this will be a good read for other trying to configure the same. Just one note on auth.txt that you mount. This file will be created based on OPENVPN_USERNAME and OPENVPN_PASSWORD if you provide them. So if you put your username/password as environment variables you can use auth-user-pass /config/openvpn-credentials.txt like the other configurations

wkerzendorf commented 6 years ago

@haugene @SuperJakish I found your post here - thank you for making this available. I'm a bit stuck running this setup on ubuntu. Specifically the proxy container does not want to run because the port 8080 is already taken by the first container. What am I missing?

burnbrigther commented 4 years ago

This did help with setting up multiple VPN endpoints. I had forgotten about having to append the auth-user-pass entry in the ovpn file. For anyone struggling with trying to get multiple VPN provider endpoints for ExpressVPN, here is my container registry run time:

docker run --name transmission-vpn --cap-add=NET_ADMIN  \
--device=/dev/net/tun -d \
-v /media/share/MYPATH:/data  \
-v /etc/localtime:/etc/localtime:ro  \
-v /home/someone/d-hto/d-hto-SF.ovpn:/etc/openvpn/custom/d-hto-SF.ovpn \
-v /home/someone/d-hto/d-hto-LA1.ovpn:/etc/openvpn/custom/d-hto-LA1.ovpn \
-v /home/someone/d-hto/d-hto-LA2.ovpn:/etc/openvpn/custom/d-hto-LA2.ovpn \
-v /home/someone/d-hto/d-hto-LA3.ovpn:/etc/openvpn/custom/d-hto-LA3.ovpn \
-v /home/someone/d-hto/auth.txt:/etc/openvpn/custom/auth.txt  \
-e OPENVPN_PROVIDER=CUSTOM  \
-e OPENVPN_CONFIG=d-hto-SF,d-hto-LA1,d-hto-LA2,d-hto-LA3 \
-e OPENVPN_USERNAME=dummy \
-e OPENVPN_PASSWORD=dummy \
-e OPENVPN_OPTS="--pull-filter ignore ping" \
-e WEBPROXY_ENABLED=false  \
-e LOCAL_NETWORK=192.168.1.0/24  \
-e TRANSMISSION_RPC_HOST_WHITELIST="127.0.0.1,192.168.*.*"  \
-e TRANSMISSION_RPC_USERNAME=username  \
-e TRANSMISSION_RPC_PASSWORD=randompassword  \
-e TRANSMISSION_UMASK=002  \
-e TRANSMISSION_RATIO_LIMIT=1.00  \
-e TRANSMISSION_RATIO_LIMIT_ENABLED=true  \
--log-driver json-file  \
--log-opt max-size=10m  \
--dns 8.8.8.8  \
--dns 8.8.4.4  \
-p 8882:9091  \
haugene/transmission-openvpn

Just remember to append your individual ovpn configuration files. I used the "pull-filter ignore ping" option as instructed redundancy section under "Run container from Docker registry". You will need to add your various configs to your designated configuration folder. You can download these custom files from your account on ExpressVPN.

Hope this helps someone too!