Closed spikey1973 closed 8 months ago
ilteoood
commented
8 months ago The error speaks for itself: you are sharing the tun device but on your machine it doesn't exists. You could avoid sharing it and use the create tun env variable. Refer to the readme for that
spikey1973
commented
8 months ago thank you so much for your response, much appreciated!
unfortunately I only understand only part of your reply, i'm sorry, I am not very familiar with creating / edditing containers. I understand that I (obviously) can't share that what doesn't exist and that I should instead create a tun env. but that is where my understanding stops.
I looked again through your readme.md as I believe you suggested 'https://github.com/ilteoood/docker-surfshark/blob/master/README.md' but could not find any reference to this.
I also tried to search the dockers information files but unfortunately this wasn't very help full to me either.
Kind greats, Matthieu
ilteoood
commented
8 months ago Remove the tun from the devices section and set the CREATE_TUN_DEVICE environment variable to true, it should do the trick
spikey1973
commented
8 months ago Thank you, that indeed did the trick! in hind sight I should've seen that. My appologies!
there were some other issues in my code too, but I did find and solved those. All seems to be running fine with the code posted below, unfortunately... I can't seem to connect to the web gui of deluge.
Ofcourse I did read the line: Do not forget to expose the ports for attached container web ui access. in the surfshark logs. which I believe I did with the lines:
ports:
never the less I can not contact the web gui, neither via my localip:8112 -> 192.68.1.14:8812, nor via 127.0.0.1:8112. do you have any suggestion?
version: "3"
services:
surfshark:
image: ilteoood/docker-surfshark
container_name: surfshark
environment:
- SURFSHARK_USER=LPRyc2GmAjUbxtuGThtm----
- SURFSHARK_PASSWORD=9EqAtRF3Nz9avwuu9c52----
- SURFSHARK_COUNTRY=uk
- SURFSHARK_CITY=lon
- CONNECTION_TYPE=udp
- CREATE_TUN_DEVICE=true
- LAN_NETWORK=192.168.1.0/24
cap_add:
- NET_ADMIN
ports:
- 1080:1080 #if you want to use the socks5 server
- 8112:8112 #we open here the port for deluge, as this container will be the access point for the others
restart: unless-stopped
dns:
- 1.1.1.1
service_test:
image: byrnedo/alpine-curl
container_name: alpine
command: -L 'https://ipinfo.io'
depends_on:
- surfshark
network_mode: service:surfshark
restart: always
deluge:
image: linuxserver/deluge:latest
container_name: deluge
environment:
- UMASK_SET=022
- PUID=111
- PGID=321
- TZ=Europe/Rome
- DELUGE_LOGLEVEL=error
volumes:
- /volume1/Docker/Deluge/Config:/config # deluge configs
- /volume1/Download:/downloads # torrent download directory
# ports:
# - 8112:8112 #needed to access deluge gui
network_mode: service:surfshark
restart: unless-stoppedlogs from surfshark:
(list of inflated *.ovpn files from many specific location - deleted all except the last)
inflating: ovpn_configs/vn-hcm.prod.surfshark.com_udp.ovpn
Chose: uk-lon.prod.surfshark.com_udp.ovpn
Adding ip route add 192.168.1.0/24 via 192.168.32.1 dev eth0 for attached container web ui access
Do not forget to expose the ports for attached container web ui access
Creating TUN device /dev/net/tun
2024-01-08 00:42:19 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2024-01-08 00:42:19 WARNING: file 'vpn-auth.txt' is group or others accessible
2024-01-08 00:42:19 OpenVPN 2.6.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-01-08 00:42:19 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-01-08 00:42:19 WARNING: --ping should normally be used with --ping-restart or --ping-exit
2024-01-08 00:42:19 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-01-08 00:42:19 TCP/UDP: Preserving recently used remote address: [AF_INET]185.198.191.176:1194
2024-01-08 00:42:19 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-01-08 00:42:19 UDPv4 link local: (not bound)
2024-01-08 00:42:19 UDPv4 link remote: [AF_INET]185.198.191.176:1194
2024-01-08 00:42:19 TLS: Initial packet from [AF_INET]185.198.191.176:1194, sid=4cfbc583 00b29fdc
2024-01-08 00:42:19 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2024-01-08 00:42:19 VERIFY OK: depth=2, C=VG, O=Surfshark, CN=Surfshark Root CA
2024-01-08 00:42:19 VERIFY OK: depth=1, C=VG, O=Surfshark, CN=Surfshark Intermediate CA
2024-01-08 00:42:19 VERIFY KU OK
2024-01-08 00:42:19 Validating certificate extended key usage
2024-01-08 00:42:19 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-01-08 00:42:19 VERIFY EKU OK
2024-01-08 00:42:19 VERIFY OK: depth=0, CN=uk-lon-v242.prod.surfshark.com
2024-01-08 00:42:19 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2024-01-08 00:42:19 [uk-lon-v242.prod.surfshark.com] Peer Connection Initiated with [AF_INET]185.198.191.176:1194
2024-01-08 00:42:19 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-01-08 00:42:19 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-01-08 00:42:19 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 162.252.172.57,dhcp-option DNS 149.154.159.92,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,block-outside-dns,route-gateway 10.8.8.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.8.3 255.255.255.0,peer-id 1,cipher AES-256-GCM'
2024-01-08 00:42:19 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.6.8)
2024-01-08 00:42:19 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2024-01-08 00:42:19 Socket Buffers: R=[212992->425984] S=[212992->425984]
2024-01-08 00:42:19 OPTIONS IMPORT: --ifconfig/up options modified
2024-01-08 00:42:19 OPTIONS IMPORT: route options modified
2024-01-08 00:42:19 OPTIONS IMPORT: route-related options modified
2024-01-08 00:42:19 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2024-01-08 00:42:19 ROUTE_GATEWAY 192.168.32.1/255.255.240.0 IFACE=eth0 HWADDR=02:42:c0:a8:20:02
2024-01-08 00:42:19 TUN/TAP device tun0 opened
2024-01-08 00:42:19 /sbin/ip link set dev tun0 up mtu 1500
2024-01-08 00:42:19 /sbin/ip link set dev tun0 up
2024-01-08 00:42:19 /sbin/ip addr add dev tun0 10.8.8.3/24
2024-01-08 00:42:19 /vpn/sockd.sh tun0 1500 0 10.8.8.3 255.255.255.0 init
2024-01-08 00:42:19 /sbin/ip route add 185.198.191.176/32 via 192.168.32.1
2024-01-08 00:42:19 /sbin/ip route add 0.0.0.0/1 via 10.8.8.1
2024-01-08 00:42:19 /sbin/ip route add 128.0.0.0/1 via 10.8.8.1
2024-01-08 00:42:19 Initialization Sequence Completed
2024-01-08 00:42:19 Data Channel: cipher 'AES-256-GCM', peer-id: 1
2024-01-08 00:42:19 Timers: ping 60, ping-restart 180
2024-01-08 00:42:19 Protocol options: explicit-exit-notify 1logs from alpine: this multiple of time!
P % Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 244 100 244 0 0 651 0 --:--:-- --:--:-- --:--:-- 652
{
"ip": "185.198.191.177",
"city": "London",
"region": "England",
"country": "GB",
"loc": "51.5085,-0.1257",
"org": "AS62240 Clouvider",
"postal": "E1W",
"timezone": "Europe/London",
"readme": "https://ipinfo.io/missingauth"
}logs from deluge:
[migrations] started
[migrations] no migrations found
GID/UID
───────────────────────────────────────
User UID: 111
User GID: 321
───────────────────────────────────────
[custom-init] No custom files found, skipping...
Connection to 127.0.0.1 58846 port [tcp/*] succeeded!
Connection to 127.0.0.1 8112 port [tcp/*] succeeded!
[ls.io-init] done.The configuration of LAN_NETWORK depends on the local IP of your machine, are you sure that it is like 192.168.1.x?
spikey1973
commented
8 months ago yeah I am sure, the local ip of my NAS is infact 192.168.1.14
but strangely enough.... now I have a connection with the same ip i used last night... anyway guess its all working. thank you for all your help.
I am trying to use your docker-surfshark container but I am getting a "failed deploy stack" error.
failed to deploy a stack: Network surfshark_default Creating Network surfshark_default Created Container surfshark Creating Container surfshark Created Container surfshark Starting Error response from daemon: error gathering device information while adding custom device "/dev/net/tun": no such file or directorymy used code:
ofcourse I blanked the last digets of my user and passw for identity issues. I also blanked the 'service-test' and 'transmission' (in my case deluge) parts for now to get only info on the surfshark part as this is where the current issue seems to be coming from.
my local ip of the nas is: 192.168.1.14
I hope you can help me out.