OpenVPN config problem

[Rufus13apostol]

Hi there, I use a yaml config file to use this image in openmediavault, but I think I'm not configuring openvpn correctly. This is my config file:

version: '3.3' services: my-jdownloader2-headless: image: mcarleio/my-jdownloader2-headless restart: always cap_add:

• NET_ADMIN ports:
• 5800:5800 volumes:
• '/my/path/to/config/files:/opt/jd/cfg'
• '/my/path/to/config/files:/home/jdownloader/Downloads' environment:

  - MY_JD_EMAIL=your.mail@example.org

      #- MY_JD_PASSWORD=your_password

• VPN_USERNAME=XXXX
• VPN_PASSWORD=XXXX

Logs says this: spawn /openvpn.sh NO_VPN_CONFIGURED spawn /jd.sh

Is there any particular format for the .openvpn files?

regards

[mcarleio]

Hi @Rufus13apostol,

do you have at least one *.ovpn file under /my/path/to/config/files/ovpn?

[Rufus13apostol]

Yes, actually 2! look:

[mcarleio]

/opt/jd/cfg is the directory for JDownloaders config and /opt/jd/cfg/ovpn should contain the *.ovpn files.

So, you have to do 2 things:

1. Rename your folder /srv/..../Configs/Jdownloader/openvpn to /srv/..../Configs/Jdownloader/ovpn
2. Change line 15 of your yaml to - /srv/..../Configs/Jdownloader:/opt/jd/cfg

[Rufus13apostol]

Thanks!, now it seems to work, but I cannot access de GUI, this is what the logs say: Fri Feb 18 09:06:48 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019 Fri Feb 18 09:06:48 2022 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10 Fri Feb 18 09:06:48 2022 WARNING: --ping should normally be used with --ping-restart or --ping-exit Fri Feb 18 09:06:48 2022 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication Fri Feb 18 09:06:48 2022 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication Fri Feb 18 09:06:48 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]XXXXXXXXX Fri Feb 18 09:06:48 2022 Socket Buffers: R=[212992->212992] S=[212992->212992] Fri Feb 18 09:06:48 2022 UDP link local: (not bound) Fri Feb 18 09:06:48 2022 UDP link remote: [AF_INET]xxxxxx Fri Feb 18 09:06:48 2022 TLS: Initial packet from [AF_INET]xxxxxxxx, sid=xxxxxx xxxxxx Fri Feb 18 09:06:48 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Fri Feb 18 09:06:48 2022 VERIFY OK: depth=2, C=VG, O=, CN= Root CA Fri Feb 18 09:06:48 2022 VERIFY OK: depth=1, C=VG, O=, CN= Intermediate CA Fri Feb 18 09:06:48 2022 VERIFY KU OK Fri Feb 18 09:06:48 2022 Validating certificate extended key usage Fri Feb 18 09:06:48 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Fri Feb 18 09:06:48 2022 VERIFY EKU OK Fri Feb 18 09:06:48 2022 VERIFY OK: depth=0, CN=es-vlc-v019.prod..com Fri Feb 18 09:06:48 2022 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1633', remote='link-mtu 1581' Fri Feb 18 09:06:48 2022 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher AES-256-GCM' Fri Feb 18 09:06:48 2022 WARNING: 'auth' is used inconsistently, local='auth SHA512', remote='auth [null-digest]' Fri Feb 18 09:06:48 2022 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA Fri Feb 18 09:06:48 2022 [es-vlc-v019.prod..com] Peer Connection Initiated with [AF_INET]185.153.150.76:1194 Fri Feb 18 09:06:49 2022 SENT CONTROL [es-vlc-v019.prod..com]: 'PUSH_REQUEST' (status=1) Fri Feb 18 09:06:49 2022 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS xxxxxxxxx,dhcp-option DNS xxxxxxxx,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,block-outside-dns,route-gateway 10.8.8.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.8.8 255.255.255.0,peer-id 5,cipher AES-256-GCM' Fri Feb 18 09:06:49 2022 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.4.7) Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: timers and/or timeouts modified Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: explicit notify parm(s) modified Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified Fri Feb 18 09:06:49 2022 Socket Buffers: R=[212992->425984] S=[212992->425984] Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: --ifconfig/up options modified Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: route options modified Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: route-related options modified Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: peer-id set Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: adjusting link_mtu to 1656 Fri Feb 18 09:06:49 2022 OPTIONS IMPORT: data channel crypto options modified Fri Feb 18 09:06:49 2022 Data Channel: using negotiated cipher 'AES-256-GCM' Fri Feb 18 09:06:49 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Fri Feb 18 09:06:49 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Fri Feb 18 09:06:49 2022 ROUTE_GATEWAY 172.21.0.1/255.255.0.0 IFACE=eth0 HWADDR=xxxxxxxxx Fri Feb 18 09:06:49 2022 TUN/TAP device tun0 opened Fri Feb 18 09:06:49 2022 TUN/TAP TX queue length set to 100 Fri Feb 18 09:06:49 2022 /sbin/ip link set dev tun0 up mtu 1500 Fri Feb 18 09:06:49 2022 /sbin/ip addr add dev tun0 10.8.8.8/24 broadcast 10.8.8.255 Fri Feb 18 09:06:49 2022 /sbin/ip route add 185.153.150.76/32 via 172.21.0.1 Fri Feb 18 09:06:49 2022 /sbin/ip route add 0.0.0.0/1 via 10.8.8.1 Fri Feb 18 09:06:49 2022 /sbin/ip route add 128.0.0.0/1 via 10.8.8.1 Fri Feb 18 09:06:49 2022 Initialization Sequence Completed spawn /jd.sh

[mcarleio]

When you provide the variables MY_JD_EMAIL and MY_JD_PASSWORD and start the container, you should be able to access your instance through https://my.jdownloader.org/

This docker image does not provide any VNC functionality.

[Rufus13apostol]

Hi there again. I think now is working, but I fail to connect it to https://my.jdownloader.org/, it does not found any jd service running. Don't I need to expose jd docker to public internet? I'm using nginx proxy manager to do that.

Thanks

[mcarleio]

I am not sure what you mean with

expose jd docker to public internet

When the VPN connection is working, then the container itself can access the internet and so should the JD service inside.

Could you please verify, that there is a file /srv/..../Configs/Jdownloader/org.jdownloader.api.myjdownloader.MyJDownloaderSettings.json which contains your defined values for MY_JD_EMAIL and MY_JD_PASSWORD and if not, provide your current yaml config?

[Rufus13apostol]

Sorry , no "org.jdownloader.api.myjdownloader.MyJDownloaderSettings.json" config file, I pass everything through the yml file:

---

version: '3.3' services: jdownloader: image: mcarleio/my-jdownloader2-headless container_name: jdwonloader2-openvpn restart: always cap_add:

• NET_ADMIN ports:
• 5800:5800 volumes:
• /srv/dev-disk-by-uuid-313be20a-73fc-4cc6-9c7e-b3200346f049/Configs/Jdownloader:/opt/jd/cfg
• /srv/dev-disk-by-uuid-313be20a-73fc-4cc6-9c7e-b3200346f049/Downloads/Jdownloader/:/home/jdownloader/Downloads environment:
• MY_JD_EMAIL=XXXXXXX
• MY_JD_PASSWORD=XXXXXXX
• VPN_USERNAME=XXXXXXX
• VPN_PASSWORD=XXXXXXX
• JD_UID=998 #Change to your PUID
• JD_GID=100 #Change to your PGID

[mcarleio]

Hm... Does the log output anything? Are there any files in /srv/dev-disk-by-uuid-313be20a-73fc-4cc6-9c7e-b3200346f049/Configs/Jdownloader?