bcjacob
commented
4 years ago Actually it seems to go back and forth from syntax error line 2 vs 11 with restart
Closed bcjacob closed 4 years ago
bcjacob
commented
4 years ago Actually it seems to go back and forth from syntax error line 2 vs 11 with restart
qdm12
commented
4 years ago I'll work on it tonight, sorry for the bug. I thought I fixed it this morning (info to Info) but I think I actually broke it as Tinyproxy might need an info instead of Info... Anyway, I'll ping back once it's done.
qdm12
commented
4 years ago It's random most likely because the configuration lines are written without order (from a key value map), but that should be fine.
bcjacob
commented
4 years ago thanks. no worries. to be expected with a big rewrite :)
qdm12
commented
4 years ago Please let me know if it works now. I also found out you can use the log levels Connect and Notice if that can be of interest (added to the readme).
bcjacob
commented
4 years ago qmcgaw/private-internet-access latest 08551233e0ec 2 hours ago 49.2MB
Still getting tinyproxy syntax error, and it is still refusing connections. Here is my Environment list:
environment:
- USER=********
- PASSWORD=*********
- ENCRYPTION=strong
- PROTOCOL=udp
- REGION=********
- DOT=on
- DOT_PROVIDERS=cloudflare
- NONROOT=no
- BLOCK_MALICIOUS=on
- BLOCK_SURVEILLANCE=off
- UNBLOCK=
- FIREWALL=on
- EXTRA_SUBNETS=192.168.1.0/24
- TINYPROXY=on
- TINYPROXY_LOG=Info
- TINYPROXY_USER=******
- TINYPROXY_PASSWORD=*****
- SHADOWSOCKS=off
- SHADOWSOCKS_LOG=on
- SHADOWSOCKS_PORT=8388
- SHADOWSOCKS_PASSWORD=*******Log:
Running version latest built on 2020-02-08T00:12:36Z (commit 63fd725)
pia | 🚨 Total rewrite in Go with many new features
pia | 🔧 Need help? https://github.com/qdm12/private-internet-access-docker/issues/new
pia | 💻 Email? quentin.mcgaw@gmail.com
pia | ☕ Slack? Join from the Slack button on Github
pia | 💸 Help me? https://github.com/sponsors/qdm12
pia | 2020-02-08T02:41:10.647Z INFO OpenVPN version: 2.4.8
pia | 2020-02-08T02:41:10.648Z INFO Unbound version: 1.9.6
pia | 2020-02-08T02:41:10.650Z INFO IPtables version: v1.8.3
pia | 2020-02-08T02:41:10.687Z INFO TinyProxy version: 1.10.0
pia | 2020-02-08T02:41:10.692Z INFO ShadowSocks version: 3.3.4
pia | 2020-02-08T02:41:10.692Z INFO Settings summary below:
pia | OpenVPN settings:
pia | |--Network protocol: udp
pia | PIA settings:
pia | |--Region:
pia | |--Encryption: strong
pia | |--Port forwarding: off
pia | DNS over TLS settings:
pia | |--DNS over TLS provider:
pia | |--cloudflare
pia | |--Block malicious: enabled
pia | |--Block surveillance: disabed
pia | |--Block ads: disabed
pia | |--Allowed hostnames:
pia | |--Private addresses:
pia | |--127.0.0.1/8
pia | |--10.0.0.0/8
pia | |--172.16.0.0/12
pia | |--192.168.0.0/16
pia | |--169.254.0.0/16
pia | |--::1/128
pia | |--fc00::/7
pia | |--fe80::/10
pia | |--::ffff:0:0/96
pia | |--Verbosity level: 1/5
pia | |--Verbosity details level: 0/4
pia | |--Validation log level: 0/2
pia | Firewall settings:
pia | |--Allowed subnets: 192.168.1.0/24
pia | TinyProxy settings:
pia | TinyProxy settings:
pia | |--Port: 8888
pia | |--Authentication: enabled
pia | |--Log level: Info
pia | ShadowSocks settings: disabled
pia | 2020-02-08T02:41:10.692Z INFO openvpn configurator: checking for device /dev/net/tun
pia | 2020-02-08T02:41:10.693Z INFO openvpn configurator: writing auth file /etc/openvpn/auth.conf
pia | 2020-02-08T02:41:10.694Z INFO firewall configurator: accepting all traffic
pia | 2020-02-08T02:41:10.703Z INFO dns configurator: downloading root hints from https://raw.githubusercontent.com/qdm12/files/master/named.root.updated
pia | 2020-02-08T02:41:11.097Z INFO dns configurator: downloading root key from https://raw.githubusercontent.com/qdm12/files/master/root.key.updated
pia | 2020-02-08T02:41:11.213Z INFO dns configurator: generating Unbound configuration
pia | 2020-02-08T02:41:11.765Z INFO dns configurator: 53782 hostnames blocked overall
pia | 2020-02-08T02:41:11.765Z INFO dns configurator: 144833 IP addresses blocked overall
pia | 2020-02-08T02:41:11.885Z INFO dns configurator: starting unbound
pia | 2020-02-08T02:41:11.886Z INFO dns configurator: setting local nameserver to 127.0.0.1
pia | 2020-02-08T02:41:11.933Z INFO firewall configurator: detecting default network route
pia | 2020-02-08T02:41:11.934Z INFO firewall configurator: default route found: interface eth0, gateway 172.17.0.1, subnet 172.17.0.0/16
pia | 2020-02-08T02:41:11.935Z INFO firewall configurator: adding 192.168.1.0/24 as route via eth0
pia | 2020-02-08T02:41:11.935Z INFO firewall configurator: clearing all rules
pia | 2020-02-08T02:41:11.940Z INFO firewall configurator: blocking all traffic
pia | 2020-02-08T02:41:11.944Z INFO firewall configurator: creating general rules
pia | 2020-02-08T02:41:11.949Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.172 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.950Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.170 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.951Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.168 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.953Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.165 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.954Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.177 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.956Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.182 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.957Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.175 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.959Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.181 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.960Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.178 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.961Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.183 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.963Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.184 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.964Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.171 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.966Z INFO firewall configurator: allowing output traffic to VPN server 82.102.20.163 through eth0 on port udp 1197
pia | 2020-02-08T02:41:11.968Z INFO firewall configurator: accepting input and output traffic for 172.17.0.0/16
pia | 2020-02-08T02:41:11.970Z INFO firewall configurator: accepting input traffic through eth0 from 192.168.1.0/24 to 172.17.0.0/16
pia | 2020-02-08T02:41:11.971Z INFO firewall configurator: accepting output traffic through eth0 from 172.17.0.0/16 to 192.168.1.0/24
pia | 2020-02-08T02:41:11.973Z INFO tinyproxy configurator: generating tinyproxy configuration file
pia | 2020-02-08T02:41:11.973Z INFO tinyproxy configurator: starting tinyproxy server
pia | 2020-02-08T02:41:11.973Z INFO openvpn configurator: starting openvpn
pia | 2020-02-08T02:41:11.977Z INFO Launching standard output merger
pia | 2020-02-08T02:41:11.979Z INFO openvpn: Sat Feb 8 02:41:11 2020 OpenVPN 2.4.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Feb 7 2020
pia | 2020-02-08T02:41:11.980Z INFO openvpn: Sat Feb 8 02:41:11 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
pia | 2020-02-08T02:41:11.986Z INFO openvpn: Sat Feb 8 02:41:11 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]82.102.20.172:1197
pia | 2020-02-08T02:41:11.987Z INFO openvpn: Sat Feb 8 02:41:11 2020 UDP link local: (not bound)
pia | 2020-02-08T02:41:11.987Z INFO openvpn: Sat Feb 8 02:41:11 2020 UDP link remote: [AF_INET]82.102.20.172:1197
pia | 2020-02-08T02:41:11.987Z INFO openvpn: Sat Feb 8 02:41:11 2020 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
pia | 2020-02-08T02:41:12.000Z INFO tinyproxy: Syntax error on line 5
pia | 2020-02-08T02:41:12.037Z INFO unbound: [1581129672] unbound[20:0] warning: setrlimit: Operation not permitted
pia | 2020-02-08T02:41:12.037Z INFO unbound: [1581129672] unbound[20:0] warning: cannot increase max open fds from 1024 to 4140
pia | 2020-02-08T02:41:12.038Z INFO unbound: [1581129672] unbound[20:0] warning: continuing with less udp ports: 984
pia | 2020-02-08T02:41:12.038Z INFO unbound: [1581129672] unbound[20:0] warning: increase ulimit or decrease threads, ports in config to remove this warning
pia | 2020-02-08T02:41:12.111Z INFO openvpn: Sat Feb 8 02:41:12 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
pia | 2020-02-08T02:41:12.181Z INFO unbound: [1581129672] unbound[20:0] notice: init module 0: validator
pia | 2020-02-08T02:41:12.181Z INFO unbound: [1581129672] unbound[20:0] notice: init module 1: iterator
pia | 2020-02-08T02:41:12.290Z INFO unbound: [1581129672] unbound[20:0] info: start of service (unbound 1.9.6).
pia | 2020-02-08T02:41:12.598Z INFO openvpn: Sat Feb 8 02:41:12 2020 [e96007da5f990c0033a80c7605d37884] Peer Connection Initiated with [AF_INET]82.102.20.172:1197
pia | 2020-02-08T02:41:13.933Z INFO openvpn: Sat Feb 8 02:41:13 2020 TUN/TAP device tun0 opened
pia | 2020-02-08T02:41:13.934Z INFO openvpn: Sat Feb 8 02:41:13 2020 /sbin/ip link set dev tun0 up mtu 1500
pia | 2020-02-08T02:41:13.936Z INFO openvpn: Sat Feb 8 02:41:13 2020 /sbin/ip addr add dev tun0 local 10.96.10.6 peer 10.96.10.5
pia | 2020-02-08T02:41:13.943Z INFO openvpn: Sat Feb 8 02:41:13 2020 UID set to nonrootuser
pia | 2020-02-08T02:41:13.944Z INFO openvpn: Sat Feb 8 02:41:13 2020 Initialization Sequence Completed
pia | 2020-02-08T02:41:17.113Z INFO unbound: [1581129677] unbound[20:0] info: generate keytag query _ta-4a5c-4f66. NULL INLog is also maybe interesting in that it lists the TinyProxy Settings: twice
qdm12
commented
4 years ago bcjacob
commented
4 years ago No problem. I knew the shadowsocks was now preferred and even tried to make it work, but I would like to keep one browser in the vpn and the rest of system out in my use case. Thanks for looking into this.
It looks like the last commented out line is not really commented out and appears in the tinyproxy.conf file. Also the BasicAuth line doesn't appear to get a new line
User tinyproxy
Group tinyproxy
Port 8888
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
MaxClients 100
MinSpareServers 5
MaxSpareServers 20
StartServers 10
MaxRequestsPerChild 0
DisableViaHeader Yes
LogLevel Info
# StatFile "/usr/share/tinyproxy/stats.html"BasicAuth **** ****It was those silly " Tinyproxy wants for paths. I added them to the DefaultErrorFile path and it works now. There was also another bug you would have encountered (mixing the ports of Shadowsocks and Tinyproxy around) but I fixed that too 😄
If I have the TINYPROXY_LOG=Info in my compose file I see a INFO tinyproxy: Syntax error on line 2
If I remove the line I see a INFO tinyproxy: Syntax error on line 11
I don't see any other errors, but the tiny proxy is not allowing connections with the new version. I like the tiny proxy option since I just want to be able to put in my firefox browser.