search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
7.35k stars 348 forks source link

Bug: Mullvad SERVER_COUNTRIES or SERVER_CITIES value errors #1599

Closed karserasl closed 1 year ago

karserasl commented 1 year ago

Is this urgent?

No

Host OS

Arch

CPU arch

x86_64

VPN service provider

Mullvad

What are you using to run the container

docker-compose

What is the version of Gluetun

Running version latest built on 2023-05-25T12:12:44.932Z (commit a43973c)

What's the problem πŸ€”

Latest commit i think it uses only lower case server cities/countries, which breaks the check.

Share your logs

gluetun  | 2023-05-25T12:55:51.869880339Z ========================================
gluetun  | 2023-05-25T12:55:51.869904715Z ========================================
gluetun  | 2023-05-25T12:55:51.869908143Z =============== gluetun ================
gluetun  | 2023-05-25T12:55:51.869910612Z ========================================
gluetun  | 2023-05-25T12:55:51.869912752Z =========== Made with ❀️ by ============
gluetun  | 2023-05-25T12:55:51.869915608Z ======= https://github.com/qdm12 =======
gluetun  | 2023-05-25T12:55:51.869917769Z ========================================
gluetun  | 2023-05-25T12:55:51.869920184Z ========================================
gluetun  | 2023-05-25T12:55:51.869922432Z 
gluetun  | 2023-05-25T12:55:51.869924535Z Running version latest built on 2023-05-25T12:12:44.932Z (commit a43973c)
gluetun  | 2023-05-25T12:55:51.869926755Z 
gluetun  | 2023-05-25T12:55:51.869928772Z πŸ”§ Need help? https://github.com/qdm12/gluetun/discussions/new
gluetun  | 2023-05-25T12:55:51.869931189Z πŸ› Bug? https://github.com/qdm12/gluetun/issues/new
gluetun  | 2023-05-25T12:55:51.869933540Z ✨ New feature? https://github.com/qdm12/gluetun/issues/new
gluetun  | 2023-05-25T12:55:51.869935953Z β˜• Discussion? https://github.com/qdm12/gluetun/discussions/new
gluetun  | 2023-05-25T12:55:51.869938262Z πŸ’» Email? quentin.mcgaw@gmail.com
gluetun  | 2023-05-25T12:55:51.869940643Z πŸ’° Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
gluetun  | 2023-05-25T12:55:51.870424611Z 2023-05-25T15:55:51+03:00 INFO [routing] default route found: interface eth0, gateway 192.168.90.1, assigned IP 192.168.90.33 and family v4
gluetun  | 2023-05-25T12:55:51.870548700Z 2023-05-25T15:55:51+03:00 INFO [routing] local ethernet link found: eth0
gluetun  | 2023-05-25T12:55:51.870557879Z 2023-05-25T15:55:51+03:00 INFO [routing] local ipnet found: 192.168.90.0/24
gluetun  | 2023-05-25T12:55:51.916831926Z 2023-05-25T15:55:51+03:00 INFO [firewall] enabling...
gluetun  | 2023-05-25T12:55:51.916849157Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] iptables --policy INPUT DROP
gluetun  | 2023-05-25T12:55:51.917867460Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] iptables --policy OUTPUT DROP
gluetun  | 2023-05-25T12:55:51.918641851Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] iptables --policy FORWARD DROP
gluetun  | 2023-05-25T12:55:51.919338447Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] ip6tables-nft --policy INPUT DROP
gluetun  | 2023-05-25T12:55:51.953516611Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] ip6tables-nft --policy OUTPUT DROP
gluetun  | 2023-05-25T12:55:51.954473145Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] ip6tables-nft --policy FORWARD DROP
gluetun  | 2023-05-25T12:55:51.980448145Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] iptables --append INPUT -i lo -j ACCEPT
gluetun  | 2023-05-25T12:55:51.981851706Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] ip6tables-nft --append INPUT -i lo -j ACCEPT
gluetun  | 2023-05-25T12:55:51.983414037Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] iptables --append OUTPUT -o lo -j ACCEPT
gluetun  | 2023-05-25T12:55:51.984612561Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o lo -j ACCEPT
gluetun  | 2023-05-25T12:55:51.986016967Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] iptables --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
gluetun  | 2023-05-25T12:55:51.987423192Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
gluetun  | 2023-05-25T12:55:51.997788330Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] iptables --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
gluetun  | 2023-05-25T12:55:52.000129146Z 2023-05-25T15:55:51+03:00 DEBUG [firewall] ip6tables-nft --append INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
gluetun  | 2023-05-25T12:55:52.003772777Z 2023-05-25T15:55:52+03:00 DEBUG [firewall] iptables --append OUTPUT -o eth0 -s 192.168.90.33 -d 192.168.90.0/24 -j ACCEPT
gluetun  | 2023-05-25T12:55:52.005029054Z 2023-05-25T15:55:52+03:00 DEBUG [firewall] ip6tables-nft --append OUTPUT -o eth0 -d ff02::1:ff/104 -j ACCEPT
gluetun  | 2023-05-25T12:55:52.006037235Z 2023-05-25T15:55:52+03:00 DEBUG [firewall] iptables --append INPUT -i eth0 -d 192.168.90.0/24 -j ACCEPT
gluetun  | 2023-05-25T12:55:52.007088887Z 2023-05-25T15:55:52+03:00 INFO [firewall] enabled successfully
gluetun  | 2023-05-25T12:55:52.265745021Z 2023-05-25T15:55:52+03:00 INFO [storage] merging by most recent 13056 hardcoded servers and 13030 servers read from /gluetun/servers.json
gluetun  | 2023-05-25T12:55:52.267396017Z 2023-05-25T15:55:52+03:00 INFO [storage] Using mullvad servers from file which are 62 days more recent
gluetun  | 2023-05-25T12:55:52.321164701Z 2023-05-25T15:55:52+03:00 DEBUG [netlink] IPv6 is not supported after searching 2 links and 0 routes
gluetun  | 2023-05-25T12:55:52.321715969Z 2023-05-25T15:55:52+03:00 ERROR VPN settings: provider settings: server selection: for VPN service provider mullvad: the city specified is not valid: value is not one of the possible choices: value marseille, choices available are Adelaide, Amsterdam, Ashburn VA, Athens, Atlanta GA, Auckland, Belgrade, Bogota, Bratislava, Brisbane, Brussels, Bucharest, Budapest, Calgary, Chicago IL, Chisinau, Copenhagen, Dallas TX, Denver CO, Dubai, Dublin, Dusseldorf, Frankfurt, Gothenburg, Helsinki, Hong Kong, Houston TX, Johannesburg, Kyiv, Lisbon, London, Los Angeles CA, Luxembourg, Madrid, MalmΓΆ, Manchester, Marseille, Melbourne, Miami FL, Milan, Montreal, New York NY, Osaka, Oslo, Paris, Perth, Phoenix AZ, Prague, Raleigh NC, Riga, Salt Lake City UT, San Jose CA, Sao Paulo, Seattle WA, Secaucus NJ, Singapore, Skopje, Sofia, Stavanger, Stockholm, Sydney, Tallinn, Tel Aviv, Tirana, Tokyo, Toronto, Vancouver, Vienna, Warsaw, Zagreb, Zurich
gluetun  | 2023-05-25T12:55:52.321730358Z 2023-05-25T15:55:52+03:00 INFO Shutdown successful
gluetun exited with code 0

Share your configuration

gluetun:
    <<: *common-keys-core # See EXTENSION FIELDS at the top
    image: qmcgaw/gluetun
    container_name: gluetun
    privileged: true
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - $QBITTORRENT_PORT:8185 # Exposing qBittorrent through Docker Host LAN IP
      - $GLUETUN_FOR_PORT1:$GLUETUN_FOR_PORT1/tcp
      - $GLUETUN_FOR_PORT1:$GLUETUN_FOR_PORT1/udp
      - $GLUETUN_FOR_PORT2:$GLUETUN_FOR_PORT2/tcp
      - $GLUETUN_FOR_PORT2:$GLUETUN_FOR_PORT2/udp
      - 8079:8079
    volumes:
      - $DOCKERDIR/appdata/gluetun:/gluetun
    environment:
      <<: *default-tz-puid-pgid
      VPN_SERVICE_PROVIDER: mullvad
      VPN_TYPE: wireguard
      WIREGUARD_PRIVATE_KEY: $GLUETUN_PRIV_KEY_MUL
      WIREGUARD_ADDRESSES: $GLUETUN_ADDRESS_MUL
      SERVER_COUNTRIES: "France"
      SERVER_CITIES: "Marseille"
      FIREWALL_VPN_INPUT_PORTS: $GLUETUN_FOR_PORT1,$GLUETUN_FOR_PORT2
      LOG_LEVEL: debug
      UPDATER_PERIOD: 24h
    labels:
      - "traefik.enable=true"
      ## HTTP Routers Auth Bypass
      - "traefik.http.routers.gluetun-qbitorrent-rtr-bypass.entrypoints=https"
      - "traefik.http.routers.gluetun-qbitorrent-rtr-bypass.rule=Host(`qbit.$DOMAINNAME1`) || Host(`qbit.$DOMAINNAME2`) && PathPrefix(`/api/v2`)" # qBittorrent
      - "traefik.http.routers.gluetun-qbitorrent-rtr-bypass.priority=100"
      ## HTTP Routers Auth
      - "traefik.http.routers.gluetun-qbitorrent-rtr.entrypoints=https"
      - "traefik.http.routers.gluetun-qbitorrent-rtr.rule=Host(`qbit.$DOMAINNAME2`)" # qBittorrent
      - "traefik.http.routers.gluetun-qbitorrent-rtr.priority=99"
      ## Middlewares
      - "traefik.http.routers.gluetun-qbitorrent-rtr-bypass.middlewares=chain-no-auth@file"
      - "traefik.http.routers.gluetun-qbitorrent-rtr.middlewares=chain-authelia@file" # qBittorrent
      ## HTTP Services
      - "traefik.http.routers.gluetun-qbitorrent-rtr.service=gluetun-qbit-svc"
      - "traefik.http.routers.gluetun-qbitorrent-rtr-bypass.service=gluetun-qbit-svc" # qBittorrent
      - "traefik.http.services.gluetun-qbit-svc.loadbalancer.server.port=8185" # qBittorrent
      #### SMOKEPING
      ## HTTP Routers
      - "traefik.http.routers.smokeping-rtr.entrypoints=https"
      - "traefik.http.routers.smokeping-rtr.rule=Host(`smokeping.$DOMAINNAME1`)"
      ## Middlewares
      - "traefik.http.routers.smokeping-rtr.middlewares=chain-local@file"
      ## HTTP Services
      - "traefik.http.routers.smokeping-rtr.service=smokeping-svc"
      - "traefik.http.services.smokeping-svc.loadbalancer.server.port=8079"
    # command: update -enduser -providers mullvad
    healthcheck:
      interval: 10s
      timeout: 15s
      retries: 3
      start_period: 30s
seth100 commented 1 year ago

Same to me right now! I had to remove SERVER_COUNTRIES and SERVER_CITIES to make it work again!

Bokaii commented 1 year ago

Same issue here, latest update broke something.

SnippetSpace commented 1 year ago

rolling back to 3.34 works in the mean time

karserasl commented 1 year ago

Yea im using the tagged v3 image and waiting to upstream fixes

Fastjur commented 1 year ago

Pretty certain that this commit: https://github.com/qdm12/gluetun/commit/a43973c093662c2b5521eb2e9e3aea053584e96b#diff-e614e18f3fe5d5bdbace977e5feeb42a34c6fd5adbcd469c8cd2ed161acfc885 with a move to gosettings has made reading the env ignore case.

RogueGhost93 commented 1 year ago

Yea im using the tagged v3 image and waiting to upstream fixes

how exactly can i revert using docker?

RogueGhost93 commented 1 year ago

rolling back to 3.34 works in the mean time

how exactly can i revert using docker?

esticle commented 1 year ago

how exactly can i revert using docker?

Instead of tag :latest use :v3.34

gdmn commented 1 year ago

the same for nordvpn:

VPN_SERVICE_PROVIDER=nordvpn
SERVER_REGIONS=Netherlands
ERROR VPN settings: provider settings: server selection: for VPN service provider nordvpn: the region specified is not valid: value is not one of the possible choices: value netherlands, choices available are Albania, Argentina, Australia, Austria, Belgium, Bosnia and Herzegovina, Brazil, Bulgaria, Canada, Chile, Costa Rica, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Georgia, Germany, Greece, Hong Kong, Hungary, Iceland, India, Indonesia, Ireland, Israel, Italy, Japan, Latvia, Lithuania, Luxembourg, Malaysia, Mexico, Moldova, Netherlands, New Zealand, North Macedonia, Norway, Poland, Portugal, Romania, Serbia, Singapore, Slovakia, Slovenia, South Africa, South Korea, Spain, Sweden, Switzerland, Taiwan, Thailand, Turkey, Ukraine, United Kingdom, United States, Vietnam
skyajal commented 1 year ago

Also see same issue with VPN Unlimited. Running version latest built on 2023-05-25T12:12:44.932Z (commit a43973c)

2023-05-26T09:14:05-04:00 ERROR VPN settings: provider settings: server selection: for VPN service provider vpn unlimited: the country specified is not valid: value is not one of the possible choices: value france, choices available are Argentina, Australia, Austria, Belarus, Belgium, Bosnia and Herzegovina, Brazil, Bulgaria, Canada, Costa Rica, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, India, Ireland, Isle of Man, Israel, Italy, Japan, Korea, Kuala Lumpur, Latvia, Libya, Lithuania, Mexico, Moldova, Netherlands, New Zealand, Norway, Oman, Poland, Portugal, Romania, Serbia, Singapore, Slovakia, Slovenia, South Africa, Spain, Sweden, Switzerland, Thailand, Turkey, United Arab Emirates, United Kingdom, United States, Vietnam

vdrover commented 1 year ago

following

feinhorn commented 1 year ago

Same issue here

hernicus commented 1 year ago

having this issue as well. downgrading to v3.34 has mitigated the issue.

prospero21 commented 1 year ago

Issue also exists for Private Internate Access. Downgrading to v3.34 fixed the issue for me aswell.

mitchplze commented 1 year ago

Same issue here with Mullvad and "Montreal" being downcased to "montreal" and causing failure.

brianjw commented 1 year ago

Same issue with Mullvad and SERVER_CITIES

sunbeam60 commented 1 year ago

Same here with Private Internet Access

kzimbauer commented 1 year ago

Same issue here. Mullvad with value SERVER_CITIES=Amsterdam

Neobond commented 1 year ago

Confirmed, but I ended up changing my docker compose file for gluetun and qbittorrent to image: qmcgaw/gluetun:v3.34 deleting the container and running docker-compose -f /volume1/docker/qbittorrentvpn.yml up -d

I question why I would need to update if it currently works fine, and updates (like this one) break things? It's like Plex updates, a giant lottery if the server suddenly stops working properly.

I also had the wonderful bug where callmebruce fork of Nightwalker stopped letting me access qbittorrent through the webui, so I have had to revert to the default theme. So I had two things that broke.

sunbeam60 commented 1 year ago

Well keeping things up to date is good practice in general, from a security point of view of course, but also as gluetun constantly changes the server list to keep up with changes in the VPN landscape.

In years of using gluetun, this is the first issue I’ve seen.

On Fri, 26 May 2023, at 23:36, Neobond wrote:

Confirmed, but I ended up changing my docker compose file for gluetun and qbittorrent to image: qmcgaw/gluetun:v3.34 deleting the container and running docker-compose -f /volume1/docker/qbittorrentvpn.yml up -d

I question why I would need to update if it currently works fine, and updates (like this one) break things? I(t's like Plex updates, a giant lottery if the server suddenly stops working properly.

I also had the wonderful bug where callmebruce fork of Nightwalker stopped letting me access qbittorrent through the webui, so I have had to revert to the default theme. So I had two things that broke.

β€” Reply to this email directly, view it on GitHub https://github.com/qdm12/gluetun/issues/1599#issuecomment-1565032317, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEEI24WXDNXSDHVVCAU3BT3XIEV5PANCNFSM6AAAAAAYOZ5K6I. You are receiving this because you commented.Message ID: @.***>

qdm12 commented 1 year ago

The latest image qmcgaw/gluetun was fixed a few minutes ago by 7e325715c7a24da73447b29cec94b207bd950745. The regression was introduced 2 days ago with a43973c093662c2b5521eb2e9e3aea053584e96b which did compare text taking care about case sensitivity (gluetun lowercases everything inputted, but keeps servers data text with case sensitivity). My apologies for the delay fixing it, obviously, and thank you for reporting the issue πŸŽ–οΈ

Just in case you are not aware, you can use released docker images such as qmcgaw/gluetun:v3 or qmcgaw/gluetun:v3.34.1 which should be more stable than the latest image qmcgaw/gluetun. I always appreciate users using the latest image since this helps fix bugs before bringing them to a stable release which would end up unstable, so ideally keep using the latest image πŸ˜‰

Neobond commented 1 year ago

qmcgaw/gluetun:v3

Does qmcgaw/gluetun:v3 reference stable? Sorry I just have a NAS for my media server and use tutorials to install these things. πŸ˜‹

DiamondPrecisionComputing commented 1 year ago

qmcgaw/gluetun:v3

Does qmcgaw/gluetun:v3 reference stable? Sorry I just have a NAS for my media server and use tutorials to install these things. πŸ˜‹

tl;dr for your use case qmcgaw/gluetun:v3.34.1 would be considered the latest stable version.

@qdm12, I believe follows a Semantic-ish versioning method. Where, for example using v3.34.1, v3 would be the Major release version number, 34 is the Minor version number, and 1 is the Patch version number.

If you are using qmcgaw/gluetun:latest, you will receive all alpha/beta/rc releases in between the more stable major, minor, or patch release. Unless you are running a business that requires as little downtime as possible the latest patch release (v3.34.1) should be sufficient for reliable stability. Whereas the aforementioned business would likely opt for either the major (v3) or minor (v3.34.0) for greater stability. I, personally, can't recount many, if any at all, times where a patch release of gluetun was broken. I'm sure I'm wrong but I'm not far off if I am.

IMHO, homelabs, unless running a business, should be fine running the latest patch release is more than sufficient. Personally, most of my containers run on :latest. Homelabs are supposed to be fun and exciting, right? πŸ˜‰ Plus, you get the added benefit of supporting and being a part of an amazing community.