search

psyb0t / safe-stremio

Safe-Stremio is your gateway to running Stremio Server and Stremio Web within a Docker container, wrapped in layers of security, anonymity, and badassery. This ain't your grandma's streaming setup—this is for digital pirates and cyberpunks who value privacy and control.
Do What The F*ck You Want To Public License
7 stars 1 forks source link

open_vpn set up is not working #3

Open yinjiehuang opened 1 month ago

yinjiehuang commented 1 month ago

Hi,

I am trying to set up open vpn configuration. Here are what i found:

  1. on ubuntu, i can connect through sudo openvpn --config /etc/openvpn/config.ovpn, with auth.txt set up
  2. using docker-compose.yml, but set vpn as false, i can open up the stremio web ui at :8080

But when i set vpn as true and place the config and auth file in ./openvpn folder, kick off the docker, the web ui won't load, is there something wrong on the openvpn set up? (I used to only run openvpn on the ubuntu system level, but now would love to only run it inside the docker)

Thank you!

psyb0t commented 1 month ago

hi! can you post the startup logs?

yinjiehuang commented 1 month ago

here

Attaching to safe-stremio-1
safe-stremio-1  | 2024-07-29 20:02:16 No HTTP basic authentication will be used.
safe-stremio-1  | 2024-07-29 20:02:16 Starting Nginx...
safe-stremio-1  | Ensuring the TUN device is available...
safe-stremio-1  | Starting OpenVPN...
safe-stremio-1  | Mon Jul 29 20:02:16 2024 WARNING: file '/vpn-auth.txt' is group or others accessible
safe-stremio-1  | Mon Jul 29 20:02:16 2024 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 28 2021
safe-stremio-1  | Mon Jul 29 20:02:16 2024 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
safe-stremio-1  | Mon Jul 29 20:02:16 2024 WARNING: --ping should normally be used with --ping-restart or --ping-exit
safe-stremio-1  | Mon Jul 29 20:02:16 2024 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
safe-stremio-1  | Mon Jul 29 20:02:16 2024 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
safe-stremio-1  | Mon Jul 29 20:02:17 2024 TCP/UDP: Preserving recently used remote address: [AF_INET]149.36.48.85:1194
safe-stremio-1  | Mon Jul 29 20:02:17 2024 Socket Buffers: R=[212992->212992] S=[212992->212992]
safe-stremio-1  | Mon Jul 29 20:02:17 2024 UDP link local: (not bound)
safe-stremio-1  | Mon Jul 29 20:02:17 2024 UDP link remote: [AF_INET]149.36.48.85:1194
safe-stremio-1  | Mon Jul 29 20:02:17 2024 TLS: Initial packet from [AF_INET]149.36.48.85:1194, sid=f5e30e80 7a97cda6
safe-stremio-1  | Mon Jul 29 20:02:17 2024 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
safe-stremio-1  | Mon Jul 29 20:02:17 2024 VERIFY OK: []
safe-stremio-1  | Mon Jul 29 20:02:17 2024 VERIFY OK: []
safe-stremio-1  | Mon Jul 29 20:02:17 2024 VERIFY KU OK
safe-stremio-1  | Mon Jul 29 20:02:17 2024 Validating certificate extended key usage
safe-stremio-1  | Mon Jul 29 20:02:17 2024 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
safe-stremio-1  | Mon Jul 29 20:02:17 2024 VERIFY EKU OK
safe-stremio-1  | Mon Jul 29 20:02:17 2024 VERIFY OK: []
safe-stremio-1  | Mon Jul 29 20:02:17 2024 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1581'
safe-stremio-1  | Mon Jul 29 20:02:17 2024 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
safe-stremio-1  | Mon Jul 29 20:02:17 2024 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher AES-256-GCM'
safe-stremio-1  | Mon Jul 29 20:02:17 2024 WARNING: 'auth' is used inconsistently, local='auth SHA512', remote='auth [null-digest]'
safe-stremio-1  | Mon Jul 29 20:02:17 2024 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
safe-stremio-1  | Mon Jul 29 20:02:17 2024 [] Peer Connection Initiated with [AF_INET]149.36.48.85:1194
safe-stremio-1  | 2024-07-29 20:02:17 Public IP: []
safe-stremio-1  | Mon Jul 29 20:02:18 2024 SENT CONTROL []: 'PUSH_REQUEST' (status=1)
safe-stremio-1  | Mon Jul 29 20:02:18 2024 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 162.252.172.57,dhcp-option DNS 149.154.159.92,redirect-gateway def1,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,block-outside-dns,route-gateway 10.8.8.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.8.4 255.255.255.0,peer-id 3,cipher AES-256-GCM'
safe-stremio-1  | Mon Jul 29 20:02:18 2024 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:7: block-outside-dns (2.4.7)
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: timers and/or timeouts modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: explicit notify parm(s) modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 Socket Buffers: R=[212992->425984] S=[212992->425984]
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: --ifconfig/up options modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: route options modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: route-related options modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: peer-id set
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: adjusting link_mtu to 1624
safe-stremio-1  | Mon Jul 29 20:02:18 2024 OPTIONS IMPORT: data channel crypto options modified
safe-stremio-1  | Mon Jul 29 20:02:18 2024 Data Channel: using negotiated cipher 'AES-256-GCM'
safe-stremio-1  | Mon Jul 29 20:02:18 2024 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
safe-stremio-1  | Mon Jul 29 20:02:18 2024 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
safe-stremio-1  | Mon Jul 29 20:02:18 2024 ROUTE_GATEWAY 192.168.240.1/255.255.240.0 IFACE=eth0 HWADDR=02:42:c0:a8:f0:02
safe-stremio-1  | Mon Jul 29 20:02:18 2024 TUN/TAP device tun0 opened
safe-stremio-1  | Mon Jul 29 20:02:18 2024 TUN/TAP TX queue length set to 100
safe-stremio-1  | Mon Jul 29 20:02:18 2024 /sbin/ip link set dev tun0 up mtu 1500
safe-stremio-1  | Mon Jul 29 20:02:18 2024 /sbin/ip addr add dev tun0 10.8.8.4/24 broadcast 10.8.8.255
safe-stremio-1  | Mon Jul 29 20:02:18 2024 /sbin/ip route add 149.36.48.85/32 via 192.168.240.1
safe-stremio-1  | Mon Jul 29 20:02:18 2024 /sbin/ip route add 0.0.0.0/1 via 10.8.8.1
safe-stremio-1  | Mon Jul 29 20:02:18 2024 /sbin/ip route add 128.0.0.0/1 via 10.8.8.1
safe-stremio-1  | Mon Jul 29 20:02:18 2024 Initialization Sequence Completed
safe-stremio-1  | 2024-07-29 20:02:26 Starting Stremio Server
safe-stremio-1  | Cannot update settings ENOENT: no such file or directory, open '/root/.stremio-server/server-settings.json'
safe-stremio-1  | hls executables located ->  {
safe-stremio-1  |   ffmpeg: '/usr/lib/jellyfin-ffmpeg/ffmpeg',
safe-stremio-1  |   ffsplit: null,
safe-stremio-1  |   ffprobe: '/usr/lib/jellyfin-ffmpeg/ffprobe'
safe-stremio-1  | }
safe-stremio-1  | Using app path -> /root/.stremio-server
safe-stremio-1  | (node:31) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
safe-stremio-1  | (Use `node --trace-deprecation ...` to show where the warning was created)
safe-stremio-1  | EngineFS server started at http://127.0.0.1:11470
safe-stremio-1  | hls-converter - Initiating tests for hardware accelerated transcoding support, possible options: qsv-linux,nvenc-linux,vaapi-renderD128
safe-stremio-1  | hls-converter - Testing video hw accel for profile: qsv-linux
safe-stremio-1  | EngineFS HTTPS endpoint at https://local.strem.io:12470
safe-stremio-1  | -> GET /hlsv2/11470-qsv-linux-video-hevc.mkv/video0.m3u8?mediaURL=http%3A%2F%2F127.0.0.1%3A11470%2Fsamples%2Fhevc.mkv&profile=qsv-linux&maxWidth=1200
safe-stremio-1  | -> GET /samples/hevc.mkv bytes=0-
safe-stremio-1  | -> GET /samples/hevc.mkv
safe-stremio-1  | Error [ERR_STREAM_PREMATURE_CLOSE]: Premature close
safe-stremio-1  |     at new NodeError (internal/errors.js:322:7)
safe-stremio-1  |     at Socket.onclose (internal/streams/end-of-stream.js:121:38)
safe-stremio-1  |     at Socket.emit (events.js:412:35)
safe-stremio-1  |     at Pipe.<anonymous> (net.js:686:12) {
safe-stremio-1  |   code: 'ERR_STREAM_PREMATURE_CLOSE'
safe-stremio-1  | }
safe-stremio-1  | -> GET /hlsv2/11470-qsv-linux-video-hevc.mkv/destroy
safe-stremio-1  | hls-converter 11470-qsv-linux-video-hevc.mkv has been requested to be destroyed
safe-stremio-1  | hls-converter 11470-qsv-linux-video-hevc.mkv destoyed
safe-stremio-1  | hls-converter - Tests failed for [video] hw accel profile: qsv-linux
safe-stremio-1  | hls-converter - Some tests failed for hw accel profile: qsv-linux
safe-stremio-1  | hls-converter - Testing video hw accel for profile: nvenc-linux
safe-stremio-1  | -> GET /hlsv2/11470-nvenc-linux-video-hevc.mkv/video0.m3u8?mediaURL=http%3A%2F%2F127.0.0.1%3A11470%2Fsamples%2Fhevc.mkv&profile=nvenc-linux&maxWidth=1200
safe-stremio-1  | hls-converter 11470-qsv-linux-video-hevc.mkv will be destroyed due to passing concurrency of 1
safe-stremio-1  | -> GET /samples/hevc.mkv
safe-stremio-1  | Error [ERR_STREAM_PREMATURE_CLOSE]: Premature close
safe-stremio-1  |     at new NodeError (internal/errors.js:322:7)
safe-stremio-1  |     at Socket.onclose (internal/streams/end-of-stream.js:121:38)
safe-stremio-1  |     at Socket.emit (events.js:412:35)
safe-stremio-1  |     at Pipe.<anonymous> (net.js:686:12) {
safe-stremio-1  |   code: 'ERR_STREAM_PREMATURE_CLOSE'
safe-stremio-1  | }
safe-stremio-1  | -> GET /hlsv2/11470-nvenc-linux-video-hevc.mkv/destroy
safe-stremio-1  | hls-converter 11470-nvenc-linux-video-hevc.mkv has been requested to be destroyed
safe-stremio-1  | hls-converter 11470-nvenc-linux-video-hevc.mkv destoyed
safe-stremio-1  | hls-converter - Tests failed for [video] hw accel profile: nvenc-linux
safe-stremio-1  | hls-converter - Some tests failed for hw accel profile: nvenc-linux
safe-stremio-1  | hls-converter - Testing video hw accel for profile: vaapi-renderD128
safe-stremio-1  | -> GET /hlsv2/11470-vaapi-renderD128-video-hevc.mkv/video0.m3u8?mediaURL=http%3A%2F%2F127.0.0.1%3A11470%2Fsamples%2Fhevc.mkv&profile=vaapi-renderD128&maxWidth=1200
safe-stremio-1  | hls-converter 11470-nvenc-linux-video-hevc.mkv will be destroyed due to passing concurrency of 1
safe-stremio-1  | -> GET /samples/hevc.mkv
safe-stremio-1  | Error [ERR_STREAM_PREMATURE_CLOSE]: Premature close
safe-stremio-1  |     at new NodeError (internal/errors.js:322:7)
safe-stremio-1  |     at Socket.onclose (internal/streams/end-of-stream.js:121:38)
safe-stremio-1  |     at Socket.emit (events.js:412:35)
safe-stremio-1  |     at Pipe.<anonymous> (net.js:686:12) {
safe-stremio-1  |   code: 'ERR_STREAM_PREMATURE_CLOSE'
safe-stremio-1  | }
safe-stremio-1  | -> GET /hlsv2/11470-vaapi-renderD128-video-hevc.mkv/destroy
safe-stremio-1  | hls-converter 11470-vaapi-renderD128-video-hevc.mkv has been requested to be destroyed
safe-stremio-1  | hls-converter 11470-vaapi-renderD128-video-hevc.mkv destoyed
safe-stremio-1  | hls-converter - Tests failed for [video] hw accel profile: vaapi-renderD128
safe-stremio-1  | hls-converter - Some tests failed for hw accel profile: vaapi-renderD128
safe-stremio-1  | hls-converter - Tests for hardware accelerated transcoding finished, no viable acceleration profiles detected
safe-stremio-1  | Resizing cache size to 2048MB from 0MB by deleting 0 files

seems openvpn starts correctly, but for some reason, i can not open stremio webui