qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
8.1k stars 374 forks source link

Bug: cant access services #2469

Open kajvans opened 2 months ago

kajvans commented 2 months ago

Is this urgent?

Yes

Host OS

Debian 12

CPU arch

x86_64

VPN service provider

ExpressVPN

What are you using to run the container

docker-compose

What is the version of Gluetun

v3.39.0

What's the problem πŸ€”

I am trying to access sabnzbd behind gluetun but when i try this i get: "site not available" My services in the docker network have no problem connecting to it only when i try to go to the GUI from another computer it wont work.

I tried disabling the firewall but that did nothing.

In the logs of gluetun i dont see anything unusual but maybe i missed something since i am not an expert. Sabnzbd logs also dont show anything that might reveal the problem.

Things i have tried:

  1. seperate compose files
  2. disabling firewall
  3. using service:gluetun instead of container:gluetun
  4. switching ports

the problem is not only with sabnzbd but also qbittorrent so i think it is a gluetun problem here.

Share your logs (at least 10 lines)

2024-09-03T18:59:47+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.3 and family v4
2024-09-03T18:59:47+02:00 INFO [routing] local ethernet link found: eth0
2024-09-03T18:59:47+02:00 INFO [routing] local ipnet found: 172.19.0.0/16
2024-09-03T18:59:48+02:00 INFO [firewall] enabling...
2024-09-03T18:59:48+02:00 INFO [firewall] enabled successfully
2024-09-03T18:59:49+02:00 INFO [storage] merging by most recent 20480 hardcoded servers and 19738 servers read from /gluetun/servers.json
2024-09-03T18:59:49+02:00 INFO Alpine version: 3.20.2
2024-09-03T18:59:50+02:00 INFO OpenVPN 2.5 version: 2.5.10
2024-09-03T18:59:50+02:00 INFO OpenVPN 2.6 version: 2.6.11
2024-09-03T18:59:50+02:00 INFO IPtables version: v1.8.10
2024-09-03T18:59:50+02:00 INFO Settings summary:
β”œβ”€β”€ VPN settings:
|   β”œβ”€β”€ VPN provider settings:
|   |   β”œβ”€β”€ Name: expressvpn
|   |   └── Server selection settings:
|   |       β”œβ”€β”€ VPN type: openvpn
|   |       β”œβ”€β”€ Countries: Germany
|   |       └── OpenVPN server selection settings:
|   |           └── Protocol: UDP
|   └── OpenVPN settings:
|       β”œβ”€β”€ OpenVPN version: 2.6
|       β”œβ”€β”€ Update period: every 24h0m0s
|       β”œβ”€β”€ Upstream resolvers:
|       |   └── cloudflare
|       β”œβ”€β”€ Caching: yes
|       β”œβ”€β”€ IPv6: no
|       └── DNS filtering settings:
|           β”œβ”€β”€ Block malicious: yes
|           β”œβ”€β”€ Block ads: no
|           β”œβ”€β”€ Block surveillance: no
|           └── Blocked IP networks:
|               β”œβ”€β”€ 127.0.0.1/8
|               β”œβ”€β”€ 10.0.0.0/8
|               β”œβ”€β”€ 172.16.0.0/12
|               β”œβ”€β”€ 192.168.0.0/16
|               β”œβ”€β”€ 169.254.0.0/16
|               β”œβ”€β”€ ::1/128
|               β”œβ”€β”€ fc00::/7
|               β”œβ”€β”€ fe80::/10
|               β”œβ”€β”€ ::ffff:127.0.0.1/104
|               β”œβ”€β”€ ::ffff:10.0.0.0/104
|               β”œβ”€β”€ ::ffff:169.254.0.0/112
|               β”œβ”€β”€ ::ffff:172.16.0.0/108
|               └── ::ffff:192.168.0.0/112
β”œβ”€β”€ Firewall settings:
|   β”œβ”€β”€ Enabled: yes
|   └── VPN input ports:
|       └── 57786
β”œβ”€β”€ Log settings:
|   └── Log level: info
β”œβ”€β”€ Health settings:
|   β”œβ”€β”€ Server listening address: 127.0.0.1:9999
|   β”œβ”€β”€ Target address: cloudflare.com:443
|   β”œβ”€β”€ Duration to wait after success: 5s
|   β”œβ”€β”€ Read header timeout: 100ms
|   β”œβ”€β”€ Read timeout: 500ms
|   └── VPN wait durations:
|       β”œβ”€β”€ Initial duration: 6s
|       └── Additional duration: 5s
β”œβ”€β”€ Shadowsocks server settings:
|   └── Enabled: no
β”œβ”€β”€ HTTP proxy settings:
|   └── Enabled: no
β”œβ”€β”€ Control server settings:
|   β”œβ”€β”€ Listening address: :8000
|   └── Logging: yes
β”œβ”€β”€ Storage settings:
|   └── Filepath: /gluetun/servers.json
β”œβ”€β”€ OS Alpine settings:
|   β”œβ”€β”€ Process UID: 998
|   β”œβ”€β”€ Process GID: 100
|   └── Timezone: Europe/Berlin
β”œβ”€β”€ Public IP settings:
|   β”œβ”€β”€ Fetching: every 12h0m0s
|   β”œβ”€β”€ IP file path: /tmp/gluetun/ip
|   └── Public IP data API: ipinfo
└── Version settings:
    └── Enabled: yes
2024-09-03T18:59:50+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.3 and family v4
2024-09-03T18:59:50+02:00 INFO [routing] adding route for 0.0.0.0/0
2024-09-03T18:59:50+02:00 INFO [firewall] setting allowed subnets...
2024-09-03T18:59:50+02:00 INFO [routing] default route found: interface eth0, gateway 172.19.0.1, assigned IP 172.19.0.3 and family v4
2024-09-03T18:59:50+02:00 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
2024-09-03T18:59:50+02:00 INFO [dns] using plaintext DNS at address 1.1.1.1
2024-09-03T18:59:50+02:00 INFO [http server] http server listening on [::]:8000
2024-09-03T18:59:50+02:00 INFO [healthcheck] listening on 127.0.0.1:9999
2024-09-03T18:59:50+02:00 INFO [firewall] allowing VPN connection...
2024-09-03T18:59:50+02:00 INFO [openvpn] OpenVPN 2.6.11 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2024-09-03T18:59:50+02:00 INFO [openvpn] library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
2024-09-03T18:59:50+02:00 INFO [openvpn] TCP/UDP: Preserving recently used remote address: [AF_INET]212.30.36.131:1195
2024-09-03T18:59:50+02:00 INFO [openvpn] UDPv4 link local: (not bound)
2024-09-03T18:59:50+02:00 INFO [openvpn] UDPv4 link remote: [AF_INET]212.30.36.131:1195
2024-09-03T18:59:50+02:00 INFO [openvpn] [Server-11094-0a] Peer Connection Initiated with [AF_INET]212.30.36.131:1195
2024-09-03T18:59:51+02:00 INFO [openvpn] TUN/TAP device tun0 opened
2024-09-03T18:59:51+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up mtu 1500
2024-09-03T18:59:51+02:00 INFO [openvpn] /sbin/ip link set dev tun0 up
2024-09-03T18:59:51+02:00 INFO [openvpn] /sbin/ip addr add dev tun0 local 10.122.34.41 peer 10.122.34.42
2024-09-03T18:59:51+02:00 INFO [openvpn] UID set to nonrootuser
2024-09-03T18:59:51+02:00 INFO [openvpn] Initialization Sequence Completed
2024-09-03T18:59:51+02:00 INFO [firewall] setting allowed input port 57786 through interface tun0...
2024-09-03T18:59:51+02:00 INFO [dns] downloading hostnames and IP block lists
2024-09-03T18:59:51+02:00 INFO [healthcheck] healthy!
2024-09-03T18:59:52+02:00 INFO [dns] DNS server listening on [::]:53
2024-09-03T18:59:52+02:00 INFO [dns] ready

### Share your configuration

```yml
version: "3"
services:
  gluetun:
    image: qmcgaw/gluetun
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    networks:
      - services
    environment:
      - PUID=998
      - PGID=100
      - TZ=Europe/Berlin
      - VPN_SERVICE_PROVIDER=
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      - SERVER_COUNTRIES=
      - FIREWALL_VPN_INPUT_PORTS=57786
    volumes:
      - /srv/mergerfs/config/appdata/gluetun:/gluetun
    ports:
      - 8086:8000/tcp
      - 8080:8080 # SABnzbd WEB GUI
      - 8081-8085:8081-8085 # qBittorrent WEB GUI
      - 6881-6885:6881-6885/udp
      - 6881-6885:6881-6885
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
    restart: unless-stopped
  sabnzbd:
    image: lscr.io/linuxserver/sabnzbd:latest
    restart: unless-stopped
    network_mode: container:gluetun
    container_name: sabnzbd
    environment:
      - PUID=998
      - PGID=100
      - TZ=Europe/Berlin
    volumes:
      - /srv/mergerfs/config/appdata/sabnzbd:/config
      - /srv/mergerfs/pool/share_media/:/data #optional
      - /srv/mergerfs/pool/share_media/incomplete:/incomplete-downloads
networks:
  services:
    external: true
github-actions[bot] commented 2 months ago

@qdm12 is more or less the only maintainer of this project and works on it in his free time. Please: