nordvpn "neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd"

[Shamazo]

Is there a pinned issue for this?

• [X] I have read the pinned issues and could not find my issue

Is there an existing or similar issue/discussion for this?

• [X] I have searched the existing issues
• [X] I have searched the existing discussions

Is there any comment in the documentation for this?

• [X] I have read the documentation, especially the FAQ and Troubleshooting parts

Is this related to a provider?

• [X] I have checked the provider repo for issues
• [X] My issue is NOT related to a provider

Are you using the latest release?

• [X] I am using the latest release

Have you tried using the dev branch latest?

• [ ] I have tried using dev branch

Docker run config used

Current Behavior

openvpn is requesting user authentication, but the username and password are set in the environment variables. This results in the container being unable to start.

neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Password:'.  If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
``

### Expected Behavior

The container to start

### How have you tried to solve the problem?

This occurs in latest and several 3.x versions that I tried.

There are a large number of similar issues, but they largely related to custom providers rather than with nordvpn. 

### Log output

+ mknod /dev/net/tun c 10 200
mknod: /dev/net/tun: File exists
+ chmod 0666 /dev/net/tun
+ VPN_PROVIDER=NORDVPN
+ VPN_PROVIDER=nordvpn
+ VPN_PROVIDER_HOME=/etc/openvpn/nordvpn
+ mkdir -p /etc/openvpn/nordvpn
+ [[ -z '' ]]
+ [[ NORDVPN == \*\*\N\o\n\e\*\* ]]
+ [[ -z NORDVPN ]]
+ echo 'Using OpenVPN provider: NORDVPN'
+ [[ -n '' ]]
+ [[ -x /etc/openvpn/nordvpn/configure-openvpn.sh ]]
Using OpenVPN provider: NORDVPN
Provider NORDVPN has a custom setup script, executing it
+ echo 'Provider NORDVPN has a custom setup script, executing it'
+ pushd -n /
+ . /etc/openvpn/nordvpn/configure-openvpn.sh
++ NORDVPN_PROTOCOL=TCP
++ export NORDVPN_PROTOCOL
++ NORDVPN_CATEGORY=P2P
++ export NORDVPN_CATEGORY
++ [[ -n '' ]]
++ [[ -n CH ]]
+++ /etc/openvpn/nordvpn/updateConfigs.sh
2023-04-08 18:09:52 Checking curl installation
2023-04-08 18:09:52 Removing existing configs
2023-04-08 18:09:52 Selecting the best server...
2023-04-08 18:09:52 Searching for group: legacy_p2p
2023-04-08 18:09:52 Searching for technology: openvpn_tcp
2023-04-08 18:09:52 Best server : ch322.nordvpn.com
2023-04-08 18:09:52 Downloading config: default.ovpn
2023-04-08 18:09:52 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_tcp/servers/ch322.nordvpn.com.tcp.ovpn
2023-04-08 18:09:52 Selecting the best server...
2023-04-08 18:09:52 Searching for country : CH (209)
2023-04-08 18:09:52 Searching for group: legacy_p2p
2023-04-08 18:09:52 Searching for technology: openvpn_tcp
2023-04-08 18:09:52 Best server : ch363.nordvpn.com
2023-04-08 18:09:52 Downloading config: ch363.nordvpn.com.ovpn
2023-04-08 18:09:52 Downloading from: https://downloads.nordcdn.com/configs/files/ovpn_tcp/servers/ch363.nordvpn.com.tcp.ovpn
++ export OPENVPN_CONFIG=ch363.nordvpn.com
++ OPENVPN_CONFIG=ch363.nordvpn.com
+ popd
+ MODIFY_CHOSEN_CONFIG=yeah
+ [[ -z '' ]]
+ [[ -n ch363.nordvpn.com ]]
+ readarray -t OPENVPN_CONFIG_ARRAY
+ for i in "${!OPENVPN_CONFIG_ARRAY[@]}"
+ OPENVPN_CONFIG_ARRAY[${i}]=ch363.nordvpn.com
+ OPENVPN_CONFIG_ARRAY[${i}]=ch363.nordvpn.com
+ ((  1 > 1  ))
Starting OpenVPN using config ch363.nordvpn.com.ovpn
+ [[ -f /etc/openvpn/nordvpn/ch363.nordvpn.com.ovpn ]]
+ echo 'Starting OpenVPN using config ch363.nordvpn.com.ovpn'
+ CHOSEN_OPENVPN_CONFIG=/etc/openvpn/nordvpn/ch363.nordvpn.com.ovpn
+ [[ -n yeah ]]
+ /etc/openvpn/modify-openvpn-config.sh /etc/openvpn/nordvpn/ch363.nordvpn.com.ovpn
Modifying /etc/openvpn/nordvpn/ch363.nordvpn.com.ovpn for best behaviour in this container
Point auth-user-pass option to the username/password file
Change ca certificate path
+ [[ username
 == \*\*\N\o\n\e\*\* ]]
+ [[ password
 == \*\*\N\o\n\e\*\* ]]
+ echo 'Setting OpenVPN credentials...'
+ mkdir -p /config
Setting OpenVPN credentials...
+ echo 'MY_USERNAME
'
+ echo 'MY_PASSWORD
'
+ chmod 600 /config/openvpn-credentials.txt
+ echo ''
+ echo ''
+ python3 /etc/openvpn/persistEnvironment.py /etc/transmission/environment-variables.sh
+ TRANSMISSION_CONTROL_OPTS='--script-security 2 --up-delay --up /etc/openvpn/tunnelUp.sh --route-pre-down /etc/openvpn/tunnelDown.sh'
+ [[ false == \t\r\u\e ]]
+ [[ -n 10.0.0.0/8 ]]
++ /sbin/ip route list match 0.0.0.0
++ awk '{if($5!="tun0"){print "GW="$3"\nINT="$5; exit}}'
+ eval GW=10.42.1.1 INT=eth0
++ GW=10.42.1.1
++ INT=eth0
+ [[ false == \t\r\u\e ]]
+ [[ false == \t\r\u\e ]]
+ [[ -n 10.0.0.0/8 ]]
+ [[ -n 10.42.1.1 ]]
+ [[ -n eth0 ]]
+ for localNet in ${LOCAL_NETWORK//,/ }
+ echo 'adding route to local network 10.0.0.0/8 via 10.42.1.1 dev eth0'
+ /sbin/ip route add 10.0.0.0/8 via 10.42.1.1 dev eth0
adding route to local network 10.0.0.0/8 via 10.42.1.1 dev eth0
RTNETLINK answers: File exists
+ [[ false == \t\r\u\e ]]
+ exec openvpn --script-security 2 --up-delay --up /etc/openvpn/tunnelUp.sh --route-pre-down /etc/openvpn/tunnelDown.sh --config /etc/openvpn/nordvpn/ch363.nordvpn.com.ovpn
2023-04-08 18:09:54 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2023-04-08 18:09:54 OpenVPN 2.5.0 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Dec 26 2020
2023-04-08 18:09:54 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
2023-04-08 18:09:54 neither stdin nor stderr are a tty device and you have neither a controlling tty nor systemd - can't ask for 'Enter Auth Password:'.  If you used --daemon, you need to use --askpass to make passphrase-protected keys work, and you can not use --auth-nocache.
2023-04-08 18:09:54 Exiting due to fatal error

### HW/SW Environment

```markdown
- OS: debian 10
- Docker: kubernetes 1.20 / containerd

Anything else?

This configuration used to work ~2 years ago when I initally set it up. Today I was bringing my cluster back online and needed to update the nordvpn credentials, and that was when I ran into the issue. I am probably doing something stupid ... but I haven't been able to resolve this in a few of hours of trying.

[pkishino]

this was transferred as it is a provider issue, not container issue.. second, please try using dev branch before raising any further issues.. third, check that /config/openvpn-credentials.txt contains username/password

[Shamazo]

Thank you for your help. My mistake with the repos, I had thought it belonged in the main repo since thats where the nordvpn scripts are located.

After much debugging, I found my solution.

"/config/openvpn-credentials.txt" did contain my username/password, but when inspecting it with cat, I had missed that there were extra newlines between the username and password. This is a very dumb mistake, but if anyone runs into this in the future when their secrets are base64 encoded, do "echo -n $password | base64" and not "echo $password | base64"

[ianhundere]

Thank you for your help. My mistake with the repos, I had thought it belonged in the main repo since thats where the nordvpn scripts are located.

After much debugging, I found my solution.

"/config/openvpn-credentials.txt" did contain my username/password, but when inspecting it with cat, I had missed that there were extra newlines between the username and password. This is a very dumb mistake, but if anyone runs into this in the future when their secrets are base64 encoded, do "echo -n $password | base64" and not "echo $password | base64"

thank you, even after looking at the file after my recent hydration change i was confused. cheers :people_hugging: