Bridge networking mode not taken as default

If you are new to Docker or this application our issue tracker is ONLY used for reporting bugs or requesting features. Please use our discord server for general support.

Expected Behavior

The container should be listening on ports 9443 and 1194 for VPN connections. I should be able to login to the web admin interface.

Current Behavior

Ports are not listening. In addition, I'm unable to login due to a "session expired" error when logging in with the default admin credentials: SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)

Steps to Reproduce

Copy example docker-compose.yml to system
Modify config path
Run docker-compose up
Try to login to https://myserver:943/admin (gets session error)
Test for connectivity on 9443 - telnet myserver 943 (connection closes)

I tried running older versions of the image back to 169. Anything pre-2.7.5-ls22 lets me login, but the VPN server isn't started. When I click to start the VPN service, I get this error:

service failed to start due to unresolved dependencies: set(['user'])
service failed to start due to unresolved dependencies: set(['iptables_openvpn'])
Service deferred error: IPTablesServiceBase: failed to run iptables-restore [status=2]: ["iptables-restore v1.6.0: Port `0' not valid", '', 'Error occurred at line: 126', "Try `iptables-restore -h' or 'iptables-restore --help' for more information."]: internet/defer:323,sagent/ipts:122,sagent/ipts:49,util/mycprof:11,<string>:1,sagent/sagent_entry:14,sagent/sagent_entry:11,util/daemon:28,util/daemon:69,application/app:423,scripts/_twistd_unix:202,application/app:445,application/app:348,internet/base:1166,internet/base:1178,internet/epollreactor:194,python/log:85,python/log:70,python/context:59,python/context:37,internet/epollreactor:223,internet/posixbase:191,internet/process:260,internet/process:762,internet/process:775,internet/_baseprocess:60,svc/pp:117,svc/svcnotify:32,internet/defer:238,internet/defer:307,internet/defer:323,sagent/ipts:122,sagent/ipts:49,util/error:61,util/error:44
service failed to start due to unresolved dependencies: set(['user', 'iptables_live', 'iptables_openvpn'])
service failed to start due to unresolved dependencies: set(['user', 'iptables_live', 'iptables_openvpn'])
service failed to start due to unresolved dependencies: set(['user', 'iptables_live', 'iptables_openvpn'])

Environment

OS: Ubuntu 19.10 CPU architecture: arm64
How docker service was installed: apt, docker-compose installed with pip3 docker version:

Client:
 Version:           19.03.6
 API version:       1.40
 Go version:        go1.12.10
 Git commit:        369ce74a3c
 Built:             Fri Feb 28 23:26:00 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          19.03.6
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.10
  Git commit:       369ce74a3c
  Built:            Wed Feb 19 01:04:38 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.3.3-0ubuntu1~19.10.1
  GitCommit:        
 runc:
  Version:          spec: 1.0.1-dev
  GitCommit:        
 docker-init:
  Version:          0.18.0
  GitCommit:

docker-compose version:

docker-compose version 1.25.4, build unknown
docker-py version: 4.2.0
CPython version: 3.7.5
OpenSSL version: OpenSSL 1.1.1c  28 May 2019

Command used to create docker container (run/create/compose/screenshot)

---
version: "2.1"
services:
  openvpn-as:
    image: linuxserver/openvpn-as
    container_name: openvpn-as-test
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
      - INTERFACE=eth0 #optional
    volumes:
      - ./config:/config
    ports:
      - 943:943
      - 9443:9443
      - 1194:1194/udp
    restart: unless-stopped

Same behavior occurs when leaving eth0, or commenting it out

docker inspect Networks section:

            "Networks": {
                "openvpn-test_default": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": [
                        "e07c49846fc0",
                        "openvpn-as"
                    ],
                    "NetworkID": "27f36628e63ffe17c23380d1d04e5996e19db329081d4c613fd31b43ef354aa6",
                    "EndpointID": "08d13c4242bef791b4097f7ecb42d98c53dcbfd170a7598375e5a4b178f6e7b2",
                    "Gateway": "172.28.0.1",
                    "IPAddress": "172.28.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:1c:00:02",
                    "DriverOpts": null
                }
            }

Docker logs

openvpn-as-test | [s6-init] making user provided files available at /var/run/s6/etc...exited 0.
openvpn-as-test | [s6-init] ensuring user provided files have correct perms...exited 0.
openvpn-as-test | [fix-attrs.d] applying ownership & permissions fixes...
openvpn-as-test | [fix-attrs.d] done.
openvpn-as-test | [cont-init.d] executing container initialization scripts...
openvpn-as-test | [cont-init.d] 01-envfile: executing... 
openvpn-as-test | [cont-init.d] 01-envfile: exited 0.
openvpn-as-test | [cont-init.d] 10-adduser: executing... 
openvpn-as-test | 
openvpn-as-test | -------------------------------------
openvpn-as-test |           _         ()
openvpn-as-test |          | |  ___   _    __
openvpn-as-test |          | | / __| | |  /  \ 
openvpn-as-test |          | | \__ \ | | | () |
openvpn-as-test |          |_| |___/ |_|  \__/
openvpn-as-test | 
openvpn-as-test | 
openvpn-as-test | Brought to you by linuxserver.io
openvpn-as-test | -------------------------------------
openvpn-as-test | 
openvpn-as-test | To support LSIO projects visit:
openvpn-as-test | https://www.linuxserver.io/donate/
openvpn-as-test | -------------------------------------
openvpn-as-test | GID/UID
openvpn-as-test | -------------------------------------
openvpn-as-test | 
openvpn-as-test | User uid:    1000
openvpn-as-test | User gid:    1000
openvpn-as-test | -------------------------------------
openvpn-as-test | 
openvpn-as-test | [cont-init.d] 10-adduser: exited 0.
openvpn-as-test | [cont-init.d] 20-time: executing... 
openvpn-as-test | 
openvpn-as-test | Current default time zone: 'Europe/London'
openvpn-as-test | Local time is now:      Sun Apr 12 20:19:34 BST 2020.
openvpn-as-test | Universal Time is now:  Sun Apr 12 19:19:34 UTC 2020.
openvpn-as-test | 
openvpn-as-test | [cont-init.d] 20-time: exited 0.
openvpn-as-test | [cont-init.d] 30-config: executing... 
openvpn-as-test | installing openvpn-as for the first time
openvpn-as-test | Get:1 http://as-repository.openvpn.net/as/debian bionic InRelease [3,186 B]
openvpn-as-test | Get:2 http://as-repository.openvpn.net/as/debian bionic/main amd64 Packages [2,811 B]
openvpn-as-test | Hit:3 http://archive.ubuntu.com/ubuntu bionic InRelease
openvpn-as-test | Get:4 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
openvpn-as-test | Get:5 http://archive.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
openvpn-as-test | Get:6 http://archive.ubuntu.com/ubuntu bionic-updates/main Sources [403 kB]
openvpn-as-test | Get:7 http://archive.ubuntu.com/ubuntu bionic-updates/restricted Sources [8,069 B]
openvpn-as-test | Get:8 http://archive.ubuntu.com/ubuntu bionic-updates/restricted amd64 Packages [59.0 kB]
openvpn-as-test | Get:9 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [1,371 kB]
openvpn-as-test | Get:10 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [1,183 kB]
openvpn-as-test | Get:11 http://archive.ubuntu.com/ubuntu bionic-security/restricted Sources [5,440 B]
openvpn-as-test | Get:12 http://archive.ubuntu.com/ubuntu bionic-security/main Sources [187 kB]
openvpn-as-test | Get:13 http://archive.ubuntu.com/ubuntu bionic-security/restricted amd64 Packages [44.6 kB]
openvpn-as-test | Get:14 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages [889 kB]
openvpn-as-test | Fetched 4,334 kB in 2s (2,289 kB/s)
openvpn-as-test | Reading package lists...
openvpn-as-test | Reading package lists...
openvpn-as-test | Building dependency tree...
openvpn-as-test | Reading state information...
openvpn-as-test | The following additional packages will be installed:
openvpn-as-test |   openvpn-as-bundled-clients
openvpn-as-test | The following NEW packages will be installed:
openvpn-as-test |   openvpn-as openvpn-as-bundled-clients
openvpn-as-test | 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
openvpn-as-test | Need to get 151 MB of archives.
openvpn-as-test | After this operation, 202 MB of additional disk space will be used.
openvpn-as-test | Get:1 http://as-repository.openvpn.net/as/debian bionic/main amd64 openvpn-as-bundled-clients all 8 [130 MB]
openvpn-as-test | Get:2 http://as-repository.openvpn.net/as/debian bionic/main amd64 openvpn-as amd64 2.8.3-f28d2eae-Ubuntu18 [21.0 MB]
openvpn-as-test | debconf: unable to initialize frontend: Dialog
openvpn-as-test | debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76, <> line 2.)
openvpn-as-test | debconf: falling back to frontend: Readline
openvpn-as-test | debconf: unable to initialize frontend: Readline
openvpn-as-test | debconf: (Can't locate Term/ReadLine.pm in @INC (you may need to install the Term::ReadLine module) (@INC contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.26.1 /usr/local/share/perl/5.26.1 /usr/lib/x86_64-linux-gnu/perl5/5.26 /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.26 /usr/share/perl/5.26 /usr/local/lib/site_perl /usr/lib/x86_64-linux-gnu/perl-base) at /usr/share/perl5/Debconf/FrontEnd/Readline.pm line 7, <> line 2.)
openvpn-as-test | debconf: falling back to frontend: Teletype
openvpn-as-test | dpkg-preconfigure: unable to re-open stdin: 
openvpn-as-test | Fetched 151 MB in 6s (26.1 MB/s)
openvpn-as-test | Selecting previously unselected package openvpn-as-bundled-clients.
(Reading database ... 13215 files and directories currently installed.)
openvpn-as-test | Preparing to unpack .../openvpn-as-bundled-clients_8_all.deb ...
openvpn-as-test | Unpacking openvpn-as-bundled-clients (8) ...
openvpn-as-test | Selecting previously unselected package openvpn-as.
openvpn-as-test | Preparing to unpack .../openvpn-as_2.8.3-f28d2eae-Ubuntu18_amd64.deb ...
openvpn-as-test | Unpacking openvpn-as (2.8.3-f28d2eae-Ubuntu18) ...
openvpn-as-test | Setting up openvpn-as-bundled-clients (8) ...
openvpn-as-test | Setting up openvpn-as (2.8.3-f28d2eae-Ubuntu18) ...
openvpn-as-test | Automatic configuration failed, see /usr/local/openvpn_as/init.log
openvpn-as-test | You can configure manually using the /usr/local/openvpn_as/bin/ovpn-init tool.
openvpn-as-test | /var/lib/dpkg/info/openvpn-as.postinst: line 68: systemctl: command not found
openvpn-as-test | Stopping openvpn-as now; will start again later after configuring
openvpn-as-test | cat: /var/run/openvpnas.pid: No such file or directory
openvpn-as-test | kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]
openvpn-as-test | [cont-init.d] 30-config: exited 0.
openvpn-as-test | [cont-init.d] 40-openvpn-init: executing... 
openvpn-as-test | Detected an existing OpenVPN-AS configuration.
openvpn-as-test | Continuing will delete this configuration and restart from scratch.
openvpn-as-test | Please enter 'DELETE' to delete existing configuration: 
openvpn-as-test |           OpenVPN Access Server
openvpn-as-test |           Initial Configuration Tool
openvpn-as-test | ------------------------------------------------------
openvpn-as-test | OpenVPN Access Server End User License Agreement (OpenVPN-AS EULA)
openvpn-as-test | 
openvpn-as-test |     1. Copyright Notice: OpenVPN Access Server License;
... (Open VPN's license, removed for brevity)
openvpn-as-test |        renewals unless this is specified in your contract with OpenVPN Inc.
openvpn-as-test | 
openvpn-as-test | Please enter 'yes' to indicate your agreement [no]: 
openvpn-as-test | Once you provide a few initial configuration settings,
openvpn-as-test | OpenVPN Access Server can be configured by accessing
openvpn-as-test | its Admin Web UI using your Web browser.
openvpn-as-test | 
openvpn-as-test | Will this be the primary Access Server node?
openvpn-as-test | (enter 'no' to configure as a backup or standby node)
openvpn-as-test | > Press ENTER for default [yes]: 
openvpn-as-test | Please specify the network interface and IP address to be
openvpn-as-test | used by the Admin Web UI:
openvpn-as-test | (1) all interfaces: 0.0.0.0
openvpn-as-test | (2) eth0: 172.28.0.2
openvpn-as-test | Please enter the option number from the list above (1-2).
openvpn-as-test | > Press Enter for default [1]: 
openvpn-as-test | Please specify the port number for the Admin Web UI.
openvpn-as-test | > Press ENTER for default [943]: 
openvpn-as-test | Please specify the TCP port number for the OpenVPN Daemon
openvpn-as-test | > Press ENTER for default [443]: 
openvpn-as-test | Should client traffic be routed by default through the VPN?
openvpn-as-test | > Press ENTER for default [yes]: 
openvpn-as-test | Should client DNS traffic be routed by default through the VPN?
openvpn-as-test | > Press ENTER for default [yes]: 
openvpn-as-test | Use local authentication via internal DB?
openvpn-as-test | > Press ENTER for default [yes]: 
openvpn-as-test | Private subnets detected: ['172.28.0.0/16']
openvpn-as-test | 
openvpn-as-test | Should private subnets be accessible to clients by default?
openvpn-as-test | > Press ENTER for default [yes]: 
openvpn-as-test | To initially login to the Admin Web UI, you must use a
openvpn-as-test | username and password that successfully authenticates you
openvpn-as-test | with the host UNIX system (you can later modify the settings
openvpn-as-test | so that RADIUS or LDAP is used for authentication instead).
openvpn-as-test | 
openvpn-as-test | You can login to the Admin Web UI as "openvpn" or specify
openvpn-as-test | a different user account to use for this purpose.
openvpn-as-test | 
openvpn-as-test | Do you wish to login to the Admin UI as "openvpn"?
openvpn-as-test | > Press ENTER for default [yes]: 
openvpn-as-test | > Specify the username for an existing user or for the new user account: Note: This user already exists.
openvpn-as-test | 
openvpn-as-test | > Please specify your Activation key (or leave blank to specify later): 
openvpn-as-test | 
openvpn-as-test | 
openvpn-as-test | Initializing OpenVPN...
openvpn-as-test | Removing Cluster Admin user login...
openvpn-as-test | userdel "admin_c"
openvpn-as-test | Adding new user login...
openvpn-as-test | useradd -s /sbin/nologin "admin"
openvpn-as-test | Writing as configuration file...
openvpn-as-test | Perform sa init...
openvpn-as-test | Wiping any previous userdb...
openvpn-as-test | Creating default profile...
openvpn-as-test | Modifying default profile...
openvpn-as-test | Adding new user to userdb...
openvpn-as-test | Modifying new user as superuser in userdb...
openvpn-as-test | Getting hostname...
openvpn-as-test | Hostname: 8d26b9501467
openvpn-as-test | Preparing web certificates...
openvpn-as-test | Getting web user account...
openvpn-as-test | Adding web group account...
openvpn-as-test | Adding web group...
openvpn-as-test | Adjusting license directory ownership...
openvpn-as-test | Initializing confdb...
openvpn-as-test | Generating PAM config...
openvpn-as-test | Enabling service
openvpn-as-test | Error: Could not execute 'systemctl enable openvpnas' to enable startup/shutdown scripts
openvpn-as-test | Stopping openvpn-as now; will start again later after configuring
openvpn-as-test | cat: /var/run/openvpnas.pid: No such file or directory
openvpn-as-test | kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]
openvpn-as-test | [cont-init.d] 40-openvpn-init: exited 0.
openvpn-as-test | [cont-init.d] 50-interface: executing... 
openvpn-as-test | MOD Default {'admin_ui.https.ip_address': None} {'admin_ui.https.ip_address': 'eth0'}
openvpn-as-test | MOD Default {'cs.https.ip_address': None} {'cs.https.ip_address': 'eth0'}
openvpn-as-test | MOD Default {'vpn.daemon.0.listen.ip_address': None} {'vpn.daemon.0.listen.ip_address': 'eth0'}
openvpn-as-test | MOD Default {'vpn.daemon.0.server.ip_address': None} {'vpn.daemon.0.server.ip_address': 'eth0'}
openvpn-as-test | [cont-init.d] 50-interface: exited 0.
openvpn-as-test | [cont-init.d] 99-custom-scripts: executing... 
openvpn-as-test | [custom-init] no custom files found exiting...
openvpn-as-test | [cont-init.d] 99-custom-scripts: exited 0.
openvpn-as-test | [cont-init.d] done.
openvpn-as-test | [services.d] starting services
openvpn-as-test | [services.d] done.

Current Solution

With the recommendation of @aptalca to use bridge mode, I changed my docker-compose.yml to the following, which resolves the login issue, and services behave as expected:

--
version: "2.1"
services:
  openvpn-as:
    image: linuxserver/openvpn-as
    container_name: openvpn-as-test
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/London
      - INTERFACE=eth0 #optional
    volumes:
      - ./config:/config
    ports:
      - 943:943
      - 9443:9443
      - 1194:1194/udp
    restart: unless-stopped
    network_mode: bridge

docker inspect networks section:

            "Networks": {
                "bridge": {
                    "IPAMConfig": null,
                    "Links": null,
                    "Aliases": null,
                    "NetworkID": "b889b0e3c60c4a80edb2a9b9929213a22e968e8f9ab47192f73b57a2352f7fc6",
                    "EndpointID": "63fdada74856dc4a2fc0e25e78ee5bcb3ef88b41af083ff82d11980a5b7fbf72",
                    "Gateway": "172.17.0.1",
                    "IPAddress": "172.17.0.2",
                    "IPPrefixLen": 16,
                    "IPv6Gateway": "",
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "02:42:ac:11:00:02",
                    "DriverOpts": null
                }
            }

linuxserver-archive / docker-openvpn-as