Closed jacobwoffenden closed 4 years ago
Downgrading to linuxserver/openvpn-as:2.7.5-ls54
seems to have fixed my login issue
However I cannot start the VPN server from the UI
iptables service not started because of error (SVC_RUN_EXCEPT)
iptables service not started because of error (SVC_RUN_EXCEPT)
We've had similar iptables related issues reported on centos. Make sure iptables is installed on host, and is accessible to the container
iptables is installed on my system, although firewalld was configured to use nftables as it's backed.
As a test, I've
Both didn't work.
I will downgrade to CentOS 7 and test.
There could be missing kernel modules as well
With regards to the original issue (Your session has expired), I've had the same issue. Looking at the docker logs as the container starts up, I see
Automatic configuration failed, see /usr/local/openvpn_as/init.log
You can configure manually using the /usr/local/openvpn_as/bin/ovpn-init tool.
/var/lib/dpkg/info/openvpn-as.postinst: line 72: systemctl: command not found
Indeed it appears that there is no systemctl
available in the image
Ah thanks @aptalca ! Not sure if there's any more logs which might be of help - is there a command-line way to see if openvpn is running as expected?
I can see content in /config/log/openvpn.log
, but all the "error" lines are all fairly vague:
2020-02-25T23:13:45+0000 [stdout#info] 'NoneType' object has no attribute 'status': xml/authrpc:250,sagent/saccess:62,subscription/subxml:19,subscription/subxml:29 (exceptions.AttributeError)
2020-02-25T23:13:45+0000 [stdout#info] [WEB] OUT: "2020-02-25T23:13:45+0000 [stdout#info] SESSION ERROR: exceptions.AttributeError: 'NoneType' object has no attribute 'status' (9000)"
2020-02-25T23:13:45+0000 [stdout#info] [WEB] OUT: '2020-02-25T23:13:45+0000 [stdout#info] ERROR in renderHTTP (astatus.py)'
edit: (that's not all the error lines, just the first few generated when hitting the failed login)
@Pingue also see here: https://discourse.linuxserver.io/t/just-installed-openvpn-as-cant-login-as-admin/1162/5
Turns out it wasn't the openvpn container at fault - it was a typo in my nginx proxy config which was the cause. Thanks for the quick replies, @aptalca
I ended up downgrading to CentOS 7 and everything is working fine now.
I suspect a big of investigation around CentOS 8, firewalld and nftables is needed.
Feel free to close.
Thanks for letting us know
I can confirm that this same problem is happening in Fedora 31 / Fedora 31 Server. And i think is safe to say that this can also be reproduced in RHEL 8 so firewalld / nftables comparability is highly desirable
When you are passing your network stack to a container it needs to be in a similar env. In this case we have an ubuntu contianer that expects a basic iptables setup in place . In order for this to be compatible it would likely need to be a rhel based container. We do not even have a baseimage for rhel distros and have no plans, we right now exclusively build for Ubuntu and Alpine .
In basic summary you are SOL , look around for a rhel based container or install sys level.
When you are passing your network stack to a container it needs to be in a similar env. In this case we have an ubuntu contianer that expects a basic iptables setup in place . In order for this to be compatible it would likely need to be a rhel based container. We do not even have a baseimage for rhel distros and have no plans, we right now exclusively build for Ubuntu and Alpine .
In basic summary you are SOL , look around for a rhel based container or install sys level.
Thanks for the answer, it's good to know about environment incompatibility, although it is unfortunate, as this was my first attempt to use an image from linuxserver.io.
Since there may be more people using CentOS / RHEL8 trying to use the image, either by updating CentOS7 / RHEL7 or by the first attempt, can I suggest an incompatibility note to be added?
edit: Some interesting read: iptables official deprecation note, 2018 https://ral-arturo.org/2018/06/16/nfws2018.html
Same issues for me on Synology Docker. Also tried creating container via SSH with --cap-add=NET_ADMIN
and still same issue as posted.
@Kryptonit3 specifically look at step 5, you need to manually create a tun device sys level. https://www.reddit.com/r/synology/comments/74te0y/howto_deploy_openvpn_on_synology_using_docker/
If you are new to Docker or this application our issue tracker is ONLY used for reporting bugs or requesting features. Please use our discord server for general support.
Expected Behavior
To be able to log into Admin portal
Current Behavior
I get the following error
Steps to Reproduce
Environment
OS: CentOS Linux release 8.1.1911 (Core) CPU architecture: x86_64
How docker service was installed: Docker Compose
Command used to create docker container (run/create/compose/screenshot)
Docker logs
Same as above. However, see the following from
openvpn.log
docker-compose.yaml