search

qdm12 / gluetun-wiki

Home to the Markdown Wiki page for Gluetun
MIT License
274 stars 31 forks source link

PureVPN WireGuard #11

Closed Modged closed 9 months ago

Modged commented 10 months ago

Hello I like your project. So firstly thank you ! I don't know if its better to create "issue" or trying to find answer elsewhere, I hope I am not going something I shouldn't ?

I am github, dockerhub and docker enthusiast but beginner ... :(

The project seems very complete but I am missing some information PureVPN WireGuard is "straight forward" on my host ! All I have to do is : sudo wg-quick up wg0 And one sec later I am connected. Of course I had to insert their conf file on my host : sudo nano /etc/wireguard/wg0.conf Which is a this moment

[Interface]
PrivateKey=**_myprivatekey_**
Address=**_theserveripaddr_**
DNS=9.9.9.9,1.1.1.1
[Peer]
PublicKey=**_mypublickey_**
AllowedIPs=0.0.0.0/0
Endpoint=sx**_SERVERNAME_**-wg.pointtoserver.com:51820
PersistentKeepalive=21

So when I have run 

sudo docker run -it \ 
--rm \
--cap-add=NET_ADMIN \
-e VPN_SERVICE_PROVIDER=purevpn \
-v /Docker/gluetun/wg0.conf:/gluetun/wireguard/wg0.conf \
-v gluetunvpn_data:/data \
-e SERVER_COUNTRIES=**_Mine_** \
qmcgaw/gluetun:latest

It asks me the parameters but in the documentation I have read that I only needed a conf file mounted to /gluetun/wireguard/wg0.conf. ERROR reading from files: provider: server selection: wireguard: parsing peer section: endpoint host is not an IP: ParseAddr("sx**_SERVERNAME_**-wg.pointtoserver.com"): unexpected character (at "sx**_SERVERNAME_**-wg.pointtoserver.com") Where is my mistake ? By the way its not a problem for me to give the variables ... Thanks again :)

Edit1 : if i give the variables :

-e WIREGUARD_PRIVATE_KEY=prikey \
-e WIREGUARD_ADDRESSES=ipaddr \
-e WIREGUARD_PUBLIC_KEY=pubkey \

ERROR reading from environment variables: wireguard: environment variable WIREGUARD_ADDRESSES: netip.ParsePrefix("**_X.X.X.X_**"): no '/'

So welcome to edit2 I guess ...

Edit2 : didnt see the container is waiting the CIDR for the variable "WIREGUARD_ADDRESSES" the so I added the /32 Edit3 : the container doesn't resolve the endpoint address which is sxXXXXXXX-wg.pointtoserver.com as an IP address so I pinged it and it returned an IP which I used to replace the "VPN_ENDPOINT_IP". Edit 4 : Now the container starts but can't establish connection to PureVPN

Error (I only have modified X.X.X.X:51820 and Y.Y.Y.Y:44550) :

2023-08-24T06:34:35+02:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.3 and family v4
2023-08-24T06:34:35+02:00 INFO [routing] adding route for 0.0.0.0/0
2023-08-24T06:34:35+02:00 INFO [firewall] setting allowed subnets...
2023-08-24T06:34:35+02:00 INFO [routing] default route found: interface eth0, gateway 172.17.0.1, assigned IP 172.17.0.3 and family v4
2023-08-24T06:34:35+02:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2023-08-24T06:34:35+02:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2023-08-24T06:34:35+02:00 INFO [http server] http server listening on [::]:8000
2023-08-24T06:34:35+02:00 INFO [firewall] allowing VPN connection...
2023-08-24T06:34:35+02:00 INFO [healthcheck] listening on 127.0.0.1:9999
2023-08-24T06:34:35+02:00 INFO [wireguard] Using userspace implementation since Kernel support does not exist
2023-08-24T06:34:35+02:00 INFO [wireguard] Connecting to **_X.X.X.X_**:51820
2023-08-24T06:34:35+02:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2023-08-24T06:34:35+02:00 INFO [dns] downloading DNS over TLS cryptographic files
2023-08-24T06:34:43+02:00 INFO [healthcheck] program has been unhealthy for 6s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-24T06:34:43+02:00 INFO [vpn] stopping
2023-08-24T06:34:43+02:00 ERROR [vpn] cannot get version information: Get "https://api.github.com/repos/qdm12/gluetun/commits": context canceled
2023-08-24T06:34:43+02:00 INFO [vpn] starting
2023-08-24T06:34:43+02:00 INFO [firewall] allowing VPN connection...
2023-08-24T06:34:43+02:00 INFO [wireguard] Using available kernelspace implementation
2023-08-24T06:34:43+02:00 INFO [wireguard] Connecting to _**_X.X.X.X_**:51820_
2023-08-24T06:34:43+02:00 INFO [wireguard] Wireguard setup is complete. Note Wireguard is a silent protocol and it may or may not work, without giving any error message. Typically i/o timeout errors indicate the Wireguard connection is not working.
2023-08-24T06:34:45+02:00 WARN [dns] cannot update files: Get "https://www.internic.net/domain/named.root": dial tcp: lookup www.internic.net on 1.1.1.1:53: read udp **Y.Y.Y.Y**:44550->1.1.1.1:53: i/o timeout
2023-08-24T06:34:45+02:00 INFO [dns] attempting restart in 10s
2023-08-24T06:34:54+02:00 INFO [healthcheck] program has been unhealthy for 11s: restarting VPN (see https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md)
2023-08-24T06:34:54+02:00 INFO [vpn] stopping

There is the complete Docker Run :

docker run -it \ 
--cap-add=NET_ADMIN \
--rm \
--cap-add=NET_ADMIN \
-v gluetunvpn_data:/data \
-e TZ=Europe/**_MyCountry_** \
-e VPN_SERVICE_PROVIDER=custom -e VPN_TYPE=wireguard \
-e VPN_ENDPOINT_IP=**_Y.Y.Y.Y_** \
-e VPN_ENDPOINT_PORT=51820 \
-e WIREGUARD_PUBLIC_KEY= **_mypublickey_** \
-e WIREGUARD_PRIVATE_KEY= **_myprivatekey_** \
-e WIREGUARD_ADDRESSES=**_"X.X.X.X/32"_** \
qmcgaw/gluetun
dvermeulen commented 10 months ago

Did you try and regenerate the Wireguard config file? I have had a working container that stopped and started giving me very similar issues, and regenerating the configuration and reapplying them to the container allowed it to start working. I was working from a container that was already working, so it's not exactly the same and may not be the right fix.

I would also try a different endpoint (destination country and server), just in case PureVPN connections from your selected endpoint are being blocked.

evilalmus commented 9 months ago

@Modged did you ever get this working? I'm having the same issue as you (except I have set my VPN_SERVICE_PROVIDER=custom because if I choose VPN_SERVICE_PROVIDER=purevpn the console reports that wireguard is not valid for purevpn.

qdm12 commented 9 months ago

didnt see the container is waiting the CIDR for the variable "WIREGUARD_ADDRESSES" the so I added the /32

a9ada1a3bbe7aa676d61bb4a6519a222f3eb1482 automagically adds /32 in case there is none specified.

the container doesn't resolve the endpoint address which is sxXXXXXXX-wg.pointtoserver.com as an IP address so I pinged it and it returned an IP which I used to replace the "VPN_ENDPOINT_IP".

Yes for now you cannot use hostnames, you have to resolve the hostname yourself. You can use generally nslookup hostname.com to get one or more ip addresses.

Edit 4 : Now the container starts but can't establish connection to PureVPN

Try what @dvermeulen suggested (and I guess you had to set VPN_SERVICE_PROVIDER=custom anyway, as @evilalmus mentions). I cannot help much since it could be anything outside my control not working (VPN server down, router firewall blocking it, ISP, etc.)

Also I'm sorry I'm quite very late at answering, this project got way too popular for me to handle it in my spare time, so doing my best 😉