search

qdm12 / gluetun

VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
https://hub.docker.com/r/qmcgaw/gluetun
MIT License
8.1k stars 374 forks source link

Bug: v3.28.0 keeps restarting, and v3.27.0 gives me random cities (not from the region specified) #892

Closed yannduran closed 2 years ago

yannduran commented 2 years ago

Is this urgent?

No

Host OS

Synology 920+

CPU arch

No response

VPN service provider

Private Internet Access

What are you using to run the container

docker-compose

What is the version of Gluetun

v3.28.0

What's the problem 🤔

I found that even though Gluetun was showing as Healthy nothing running through it was working. I noticed I was "9 commits behind latest" (or something like that) according to the log, so I decided to recreate the container (using Portainer) to get the latest version.

It was bizarre. When it started up it said "Running version latest built on 2022-03-13T20:49:55.880Z (commit e2ba2f8)". Even accounting for time zone difference it was only a couple of days ago. However on the Releases page it had v3.28.0 tagged as latest, but as you can see in the image below it was created 17 days ago.

image

I actually forget what the original problem was that made me recreate the container (I'm 61 and have concentration and memory issues unfortunately).

So I thought I'd use v3.28.0 instead of latest, but that just kept restarting.

Then I tried v3.27.0 and there's a notice that mentions the new version available (created 16 days ago):

2022/03/15 15:25:39 INFO vpn: There is a new release v3.28.0 (v3.28.0) created 16 days ago
2022/03/15 15:25:41 INFO ip getter: Public IP address is 156.146.34.8 (Japan, Tokyo, Hatsudai)`

I'm in Melbourne Australia, not Japan, or the US, or Europe, which is where I'm getting IP addresses from, even though SERVER_REGIONS=AU Melbourne (because PIA).

Share your logs

today at 15:02:22Running version v3.28.0 built on 2022-02-26T16:22:17.744Z (commit 2b09b9c)
today at 15:02:22
today at 15:02:22🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
today at 15:02:22🐛 Bug? https://github.com/qdm12/gluetun/issues/new
today at 15:02:22✨ New feature? https://github.com/qdm12/gluetun/issues/new
today at 15:02:22☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
today at 15:02:22💻 Email? quentin.mcgaw@gmail.com
today at 15:02:22💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
today at 15:02:222022/03/15 15:02:22 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 15:02:222022/03/15 15:02:22 INFO routing: local ethernet link found: eth0
today at 15:02:222022/03/15 15:02:22 INFO routing: local ipnet found: 192.168.10.0/24
today at 15:02:222022/03/15 15:02:22 INFO firewall: enabling...
today at 15:02:222022/03/15 15:02:22 INFO firewall: enabled successfully
today at 15:02:222022/03/15 15:02:22 INFO storage: merging by most recent 11096 hardcoded servers and 11096 servers read from /gluetun/servers.json
today at 15:02:222022/03/15 15:02:22 INFO Alpine version: 3.15.0
today at 15:02:222022/03/15 15:02:22 INFO OpenVPN 2.4 version: 2.4.11
today at 15:02:222022/03/15 15:02:22 INFO OpenVPN 2.5 version: 2.5.4
today at 15:02:222022/03/15 15:02:22 INFO Unbound version: 1.13.2
today at 15:02:222022/03/15 15:02:22 INFO IPtables version: v1.8.7
today at 15:02:222022/03/15 15:02:22 INFO Settings summary:
today at 15:02:22├── VPN settings:
today at 15:02:22|   ├── VPN provider settings:
today at 15:02:22|   |   ├── Name: private internet access
today at 15:02:22|   |   └── Server selection settings:
today at 15:02:22|   |       ├── VPN type: openvpn
today at 15:02:22|   |       ├── Regions: au melbourne
today at 15:02:22|   |       └── OpenVPN server selection settings:
today at 15:02:22|   |           ├── Protocol: UDP
today at 15:02:22|   |           └── Private Internet Access encryption preset: strong
today at 15:02:22|   └── OpenVPN settings:
today at 15:02:22|       ├── OpenVPN version: 2.5
today at 15:02:22|       ├── User: [set]
today at 15:02:22|       ├── Password: [set]
today at 15:02:22|       ├── Private Internet Access encryption preset: strong
today at 15:02:22|       ├── Tunnel IPv6: no
today at 15:02:22|       ├── Network interface: tun0
today at 15:02:22|       ├── Run OpenVPN as: root
today at 15:02:22|       └── Verbosity level: 1
today at 15:02:22├── DNS settings:
today at 15:02:22|   ├── DNS server address to use: 127.0.0.1
today at 15:02:22|   ├── Keep existing nameserver(s): no
today at 15:02:22|   └── DNS over TLS settings:
today at 15:02:22|       ├── Enabled: yes
today at 15:02:22|       ├── Update period: every 24h0m0s
today at 15:02:22|       ├── Unbound settings:
today at 15:02:22|       |   ├── Authoritative servers:
today at 15:02:22|       |   |   └── cloudflare
today at 15:02:22|       |   ├── Caching: yes
today at 15:02:22|       |   ├── IPv6: no
today at 15:02:22|       |   ├── Verbosity level: 1
today at 15:02:22|       |   ├── Verbosity details level: 0
today at 15:02:22|       |   ├── Validation log level: 0
today at 15:02:22|       |   ├── System user: root
today at 15:02:22|       |   └── Allowed networks:
today at 15:02:22|       |       ├── 0.0.0.0/0
today at 15:02:22|       |       └── ::/0
today at 15:02:22|       └── DNS filtering settings:
today at 15:02:22|           ├── Block malicious: yes
today at 15:02:22|           ├── Block ads: no
today at 15:02:22|           ├── Block surveillance: no
today at 15:02:22|           └── Blocked IP networks:
today at 15:02:22|               ├── 127.0.0.1/8
today at 15:02:22|               ├── 10.0.0.0/8
today at 15:02:22|               ├── 172.16.0.0/12
today at 15:02:22|               ├── 192.168.0.0/16
today at 15:02:22|               ├── 169.254.0.0/16
today at 15:02:22|               ├── ::1/128
today at 15:02:22|               ├── fc00::/7
today at 15:02:22|               ├── fe80::/10
today at 15:02:22|               ├── ::ffff:7f00:1/104
today at 15:02:22|               ├── ::ffff:a00:0/104
today at 15:02:22|               ├── ::ffff:a9fe:0/112
today at 15:02:22|               ├── ::ffff:ac10:0/108
today at 15:02:22|               └── ::ffff:c0a8:0/112
today at 15:02:22├── Firewall settings:
today at 15:02:22|   └── Enabled: yes
today at 15:02:22├── Log settings:
today at 15:02:22|   └── Log level: INFO
today at 15:02:22├── Health settings:
today at 15:02:22|   ├── Server listening address: 127.0.0.1:9999
today at 15:02:22|   ├── Address to ping: github.com
today at 15:02:22|   └── VPN wait durations:
today at 15:02:22|       ├── Initial duration: 5s
today at 15:02:22|       └── Additional duration: 5s
today at 15:02:22├── Shadowsocks server settings:
today at 15:02:22|   └── Enabled: no
today at 15:02:22├── HTTP proxy settings:
today at 15:02:22|   └── Enabled: no
today at 15:02:22├── Control server settings:
today at 15:02:22|   ├── Listening address: :8000
today at 15:02:22|   └── Logging: yes
today at 15:02:22├── OS Alpine settings:
today at 15:02:22|   ├── Process UID: 0
today at 15:02:22|   ├── Process GID: 0
today at 15:02:22|   └── Timezone: Australia/Melbourne
today at 15:02:22├── Public IP settings:
today at 15:02:22|   ├── Fetching: every 12h0m0s
today at 15:02:22|   └── IP file path: /tmp/gluetun/ip
today at 15:02:22└── Version settings:
today at 15:02:22    └── Enabled: yes
today at 15:02:222022/03/15 15:02:22 INFO using existing username root corresponding to user id 0
today at 15:02:222022/03/15 15:02:22 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 15:02:222022/03/15 15:02:22 INFO routing: adding route for 0.0.0.0/0
today at 15:02:222022/03/15 15:02:22 INFO firewall: setting allowed subnets...
today at 15:02:222022/03/15 15:02:22 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 15:02:222022/03/15 15:02:22 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
today at 15:02:222022/03/15 15:02:22 INFO pprof http server listening on [::]:6060
today at 15:02:222022/03/15 15:02:22 INFO dns over tls: using plaintext DNS at address 1.1.1.1
today at 15:02:222022/03/15 15:02:22 INFO http server: listening on :8000
today at 15:02:222022/03/15 15:02:22 INFO healthcheck: listening on 127.0.0.1:9999
today at 15:02:222022/03/15 15:02:22 INFO firewall: allowing VPN connection...
today at 15:02:222022/03/15 15:02:22 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 15:02:222022/03/15 15:02:22 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 15:02:222022/03/15 15:02:22 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 15:02:222022/03/15 15:02:22 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 15:02:222022/03/15 15:02:22 INFO openvpn: -----END X509 CRL-----
today at 15:02:222022/03/15 15:02:22 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.215.189:1197
today at 15:02:222022/03/15 15:02:22 INFO openvpn: UDP link local: (not bound)
today at 15:02:222022/03/15 15:02:22 INFO openvpn: UDP link remote: [AF_INET]181.214.215.189:1197
today at 15:02:272022/03/15 15:02:27 INFO healthcheck: program has been unhealthy for 5s: restarting VPN
today at 15:02:272022/03/15 15:02:27 INFO vpn: stopping
today at 15:02:272022/03/15 15:02:27 INFO vpn: starting
today at 15:02:272022/03/15 15:02:27 INFO firewall: allowing VPN connection...
today at 15:02:272022/03/15 15:02:27 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 15:02:272022/03/15 15:02:27 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 15:02:272022/03/15 15:02:27 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 15:02:272022/03/15 15:02:27 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 15:02:272022/03/15 15:02:27 INFO openvpn: -----END X509 CRL-----
today at 15:02:272022/03/15 15:02:27 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.215.58:1197
today at 15:02:272022/03/15 15:02:27 INFO openvpn: UDP link local: (not bound)
today at 15:02:272022/03/15 15:02:27 INFO openvpn: UDP link remote: [AF_INET]181.214.215.58:1197
today at 15:02:32
today at 15:02:322022/03/15 15:02:32 WARN Caught OS signal, shutting down
today at 15:02:322022/03/15 15:02:32 INFO dns ticker: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO updater ticker: terminated ✔️
today at 15:02:322022/03/15 15:02:32 ERROR http server: http: Server closed
today at 15:02:322022/03/15 15:02:32 INFO http server: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO control: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO updater: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO public IP: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO tickers: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO HTTP health server: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO vpn: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO port forwarding: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO pprof server: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO other: terminated ✔️
today at 15:02:322022/03/15 15:02:32 INFO routing cleanup...
today at 15:02:322022/03/15 15:02:32 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 15:02:322022/03/15 15:02:32 INFO routing: deleting route for 0.0.0.0/0
today at 15:02:322022/03/15 15:02:32 INFO Shutdown successful

There's plenty of RAM available on the DS920+ and the CPU is usually less than 10% even with running 25 containers.

I have 3 gz files that I captured from Dozzle today if that's of any interest to you.

Share your configuration

version: "3.7"

services:
  vpn:
    image: qmcgaw/gluetun:v3.28.0
    container_name: vpn
    network_mode: secure-network
    hostname: vpn
    cap_add:
      - NET_ADMIN
    restart: always

    environment:
      - TZ=Australia/Melbourne # for accurate logs times
      - PUID=0
      - PGID=0
      # More variables are available, see the readme table
      - VPN_SERVICE_PROVIDER=pia
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      # Config files from PIA from here https://www.privateinternetaccess.com/helpdesk/kb/articles/where-can-i-find-your-ovpn-files-2
      - SERVER_REGIONS=AU Melbourne
      # - PORT_FORWARDING=on #Complete https://github.com/qdm12/gluetun/wiki/Environment-variables
      # - PORT_FORWARDING_STATUS_FILE=/gluetun/port-forwarding/port.conf

    volumes:
      - /volume1/docker/appdata/gluetun:/gluetun:rw

    ports:
      # https://github.com/qdm12/gluetun/wiki/HTTP-Control-server#OpenVPN
      # https://github.com/qdm12/gluetun/issues/386
      - 5112:3012 # vaultwarden websocket port
      - 5115:80 # vaultwarden
      - 6767:6767 # bazarr
      - 6881:6881 # qbittorrent communication
      - 6881:6881/udp # qbittorrent communication
      - 7878:7878 # radarr
      - 8080:8080 # qbittorrent ui
      - 8686:8686 # lidarr
      - 8787:8787 # readarr
      - 8989:8989 # sonarr
      - 9117:9117 # jackett
      - 9696:9696 # Prowlarr

    labels:
      - deunhealth.restart.on.unhealthy=true

    #---
yannduran commented 2 years ago

On a slight tangent, why do you preserve the recently used remote address? Doesn't that partially defeat the purpose of having a VPN? Sure it hides the real IP address but it makes tracking easier.

Also, is there a way to map the logs to a volume or to a folder in the config volume? Each time I have to recreate the container, I seem to lose all of the previous logs. I'm using Dozzle to view logs if that makes any difference.

I've had so many problems with Gluetun lately that I'm seriously considering moving to something else. Gluetun used to just work and that'd be a pity because I love your work.

A while back I tried using Watchtower, but the next day I found that it updated Gluetun and other containers, and I've had nothing but trouble since. I got rid of Watchtower, but it's so frustrating to constantly find that my VPN has stopped working overnight and that nothing that goes through it is working. I don't check regularly so I usually only find out when I try to save something in Vaultwarden and find it's not working (again). And it's usually Gluetun that's stopping it.

qdm12 commented 2 years ago

I noticed I was "9 commits behind latest" (or something like that) according to the log

Don't worry about this, this is just informational :wink:

However on the Releases page it had v3.28.0 tagged as latest, but as you can see in the image below it was created 17 days ago.

So :latest is always the 'edge' and may not be totally stable. v3.28.0 is a more stable version, which I release when I left :latest for a few days and no-one reported an error about it. Since v3.28.0 you can also use image tags :v3.28 and :v3 to get the latest v3 release.

So I thought I'd use v3.28.0 instead of latest, but that just kept restarting.

WARN Caught OS signal, shutting down is the problem and this is coming from your host for whatever reason. It means a SIGTERM or SIGINT was sent to gluetun from the host. The healthcheck was changed a few releases ago, there is a bug in Portainer where it shows it's unhealthy because it doesn't update the healthcheck command. That might be the cause it's auto-restarted from Portainer? :thinking: I also changed it to print out what signal it gets in 984e1433369a7f1595d372e0deff8b78895ca990 just now.

v3.27.0 ... I'm in Melbourne Australia, not Japan, or the US, or Europe, which is where I'm getting IP addresses from, even though SERVER_REGIONS=AU Melbourne (because PIA).

The variable was REGION before v3.28.0. Unfortunately there is no way to version the Wiki really using Github Wiki. I have an issue opened #862 to host the wiki somewhere else such that it can be versioned by release. Note however, REGION still works on the latest versions so retro-compatibility is kept. So you could try with REGION="AU Melbourne" on any image if you want. You can also check Github release notes which lists changes of environment variables, i.e. https://github.com/qdm12/gluetun/releases/tag/v3.28.0

why do you preserve the recently used remote address? Doesn't that partially defeat the purpose of having a VPN? Sure it hides the real IP address but it makes tracking easier.

That's just OpenVPN doing its thing, and it's also not what it's doing... a bit of an OpenVPN oddity. Check your logs, the IP address is different 181.214.215.189 and 181.214.215.58. There is not even an initial IP address before 181.214.215.189 so that log really doesn't make sense. I guess I could remove it from the logs, but I'd rather have the original OpenVPN logs.

Also, is there a way to map the logs to a volume or to a folder in the config volume? Each time I have to recreate the container, I seem to lose all of the previous logs. I'm using Dozzle to view logs if that makes any difference.

This is an interesting feature, created #894. On the other hand, there are existing systems to handle logs. I use loki with Grafana to collect logs: https://grafana.com/go/webinar/loki-getting-started/

A while back I tried using Watchtower, but the next day I found that it updated Gluetun and other containers, and I've had nothing but trouble since. I got rid of Watchtower

Yes that's a known bug, it's blocked by https://github.com/qdm12/deunhealth/issues/11 which I need to continue working on. Although it's a Docker bug so you'll encounter the problem with all vpn containers really.

And it's usually Gluetun that's stopping it.

If it's due to that OS signal stopping it, as mentioned above, it might be Portainer trying to auto-heal it because of its own bug not running the healthcheck properly... and because of the vpn-connected container Docker bug, connected containers then are kept disconnected... If it's something else then please let me know! :wink:

yannduran commented 2 years ago

I changed SERVER_REGIONS to REGION on v3.27.0 and it immediately started bootlooping again. I switched to v3.28.0 and it still bootloops. I switched back to v3.27.0 and changed back to SERVER_REGIONS and it doesn't bootloop, but of course I now get random IP addresses that are not in the AU Melbourne region.

If it's due to that OS signal stopping it

I really don't see how it's the OS or Portainer causing the bootlooping. CPU & RAM are absolutely fine. Doesn't the fact when I switched everything back show that?

I doubt this will help, but I'll include it anyway.

RUNNING MEM296.64 MB LOAD0%

today at 15:57:50========================================
today at 15:57:50========================================
today at 15:57:50=============== gluetun ================
today at 15:57:50========================================
today at 15:57:50=========== Made with ❤️ by ============
today at 15:57:50======= https://github.com/qdm12 =======
today at 15:57:50========================================
today at 15:57:50========================================
today at 15:57:50
today at 15:57:50Running version v3.27.0 built on 2022-01-23T15:18:52.634Z (commit 55e609c)
today at 15:57:50
today at 15:57:50🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
today at 15:57:50🐛 Bug? https://github.com/qdm12/gluetun/issues/new
today at 15:57:50✨ New feature? https://github.com/qdm12/gluetun/issues/new
today at 15:57:50☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
today at 15:57:50💻 Email? quentin.mcgaw@gmail.com
today at 15:57:50💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
today at 15:57:512022/03/21 15:57:51 INFO storage: merging by most recent 11100 hardcoded servers and 11096 servers read from /gluetun/servers.json
today at 15:57:512022/03/21 15:57:51 INFO storage: Using ExpressVPN servers from file which are 3238h36m31s more recent
today at 15:57:512022/03/21 15:57:51 INFO Alpine version: 3.15.0
today at 15:57:512022/03/21 15:57:51 INFO OpenVPN 2.4 version: 2.4.11
today at 15:57:512022/03/21 15:57:51 INFO OpenVPN 2.5 version: 2.5.4
today at 15:57:512022/03/21 15:57:51 INFO Unbound version: 1.13.2
today at 15:57:512022/03/21 15:57:51 INFO IPtables version: v1.8.7
today at 15:57:512022/03/21 15:57:51 INFO Settings summary:
today at 15:57:51├── VPN settings:
today at 15:57:51|   ├── VPN provider settings:
today at 15:57:51|   |   ├── Name: private internet access
today at 15:57:51|   |   └── Server selection settings:
today at 15:57:51|   |       ├── VPN type: openvpn
today at 15:57:51|   |       └── OpenVPN server selection settings:
today at 15:57:51|   |           ├── Protocol: UDP
today at 15:57:51|   |           └── Private Internet Access encryption preset: strong
today at 15:57:51|   └── OpenVPN settings:
today at 15:57:51|       ├── OpenVPN version: 2.5
today at 15:57:51|       ├── User: [set]
today at 15:57:51|       ├── Password: [set]
today at 15:57:51|       ├── Private Internet Access encryption preset: strong
today at 15:57:51|       ├── Tunnel IPv6: no
today at 15:57:51|       ├── Network interface: tun0
today at 15:57:51|       ├── Run OpenVPN as: root
today at 15:57:51|       └── Verbosity level: 1
today at 15:57:51├── DNS settings:
today at 15:57:51|   ├── DNS server address to use: 127.0.0.1
today at 15:57:51|   ├── Keep existing nameserver(s): no
today at 15:57:51|   └── DNS over TLS settings:
today at 15:57:51|       ├── Enabled: yes
today at 15:57:51|       ├── Update period: every 24h0m0s
today at 15:57:51|       ├── Unbound settings:
today at 15:57:51|       |   ├── Authoritative servers:
today at 15:57:51|       |   |   └── cloudflare
today at 15:57:51|       |   ├── Caching: yes
today at 15:57:51|       |   ├── IPv6: no
today at 15:57:51|       |   ├── Verbosity level: 1
today at 15:57:51|       |   ├── Verbosity details level: 0
today at 15:57:51|       |   ├── Validation log level: 0
today at 15:57:51|       |   ├── System user: root
today at 15:57:51|       |   └── Allowed networks:
today at 15:57:51|       |       ├── 0.0.0.0/0
today at 15:57:51|       |       └── ::/0
today at 15:57:51|       └── DNS filtering settings:
today at 15:57:51|           ├── Block malicious: yes
today at 15:57:51|           ├── Block ads: no
today at 15:57:51|           ├── Block surveillance: no
today at 15:57:51|           └── Blocked IP networks:
today at 15:57:51|               ├── 127.0.0.1/8
today at 15:57:51|               ├── 10.0.0.0/8
today at 15:57:51|               ├── 172.16.0.0/12
today at 15:57:51|               ├── 192.168.0.0/16
today at 15:57:51|               ├── 169.254.0.0/16
today at 15:57:51|               ├── ::1/128
today at 15:57:51|               ├── fc00::/7
today at 15:57:51|               ├── fe80::/10
today at 15:57:51|               ├── ::ffff:7f00:1/104
today at 15:57:51|               ├── ::ffff:a00:0/104
today at 15:57:51|               ├── ::ffff:a9fe:0/112
today at 15:57:51|               ├── ::ffff:ac10:0/108
today at 15:57:51|               └── ::ffff:c0a8:0/112
today at 15:57:51├── Firewall settings:
today at 15:57:51|   └── Enabled: yes
today at 15:57:51├── Log settings:
today at 15:57:51|   └── Log level: INFO
today at 15:57:51├── Health settings:
today at 15:57:51|   ├── Server listening address: 127.0.0.1:9999
today at 15:57:51|   ├── Address to ping: github.com
today at 15:57:51|   └── VPN wait durations:
today at 15:57:51|       ├── Initial duration: 5s
today at 15:57:51|       └── Additional duration: 5s
today at 15:57:51├── Shadowsocks server settings:
today at 15:57:51|   └── Enabled: no
today at 15:57:51├── HTTP proxy settings:
today at 15:57:51|   └── Enabled: no
today at 15:57:51├── Control server settings:
today at 15:57:51|   ├── Listening port: 8000
today at 15:57:51|   └── Logging: yes
today at 15:57:51├── OS Alpine settings:
today at 15:57:51|   ├── Process UID: 0
today at 15:57:51|   ├── Process GID: 0
today at 15:57:51|   └── Timezone: Australia/Melbourne
today at 15:57:51├── Public IP settings:
today at 15:57:51|   ├── Fetching: every 12h0m0s
today at 15:57:51|   └── IP file path: /tmp/gluetun/ip
today at 15:57:51└── Version settings:
today at 15:57:51    └── Enabled: yes
today at 15:57:512022/03/21 15:57:51 INFO using existing username root corresponding to user id 0
today at 15:57:512022/03/21 15:57:51 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 15:57:512022/03/21 15:57:51 INFO routing: local ethernet link found: eth0
today at 15:57:512022/03/21 15:57:51 INFO routing: local ipnet found: 192.168.10.0/24
today at 15:57:512022/03/21 15:57:51 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 15:57:512022/03/21 15:57:51 INFO routing: adding route for 0.0.0.0/0
today at 15:57:512022/03/21 15:57:51 INFO firewall: firewall disabled, only updating allowed subnets internal list
today at 15:57:512022/03/21 15:57:51 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 15:57:512022/03/21 15:57:51 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
today at 15:57:512022/03/21 15:57:51 INFO firewall: enabling...
today at 15:57:512022/03/21 15:57:51 INFO firewall: enabled successfully
today at 15:57:512022/03/21 15:57:51 INFO dns over tls: using plaintext DNS at address 1.1.1.1
today at 15:57:512022/03/21 15:57:51 INFO http server: listening on :8000
today at 15:57:512022/03/21 15:57:51 INFO healthcheck: listening on 127.0.0.1:9999
today at 15:57:512022/03/21 15:57:51 INFO firewall: setting VPN connection through firewall...
today at 15:57:512022/03/21 15:57:51 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 15:57:512022/03/21 15:57:51 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 15:57:512022/03/21 15:57:51 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 15:57:512022/03/21 15:57:51 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 15:57:512022/03/21 15:57:51 INFO openvpn: -----END X509 CRL-----
today at 15:57:512022/03/21 15:57:51 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]195.181.170.226:1197
today at 15:57:512022/03/21 15:57:51 INFO openvpn: UDP link local: (not bound)
today at 15:57:512022/03/21 15:57:51 INFO openvpn: UDP link remote: [AF_INET]195.181.170.226:1197
today at 15:57:522022/03/21 15:57:52 WARN openvpn: 'link-mtu' is used inconsistently, local='link-mtu 1569', remote='link-mtu 1554'
today at 15:57:522022/03/21 15:57:52 WARN openvpn: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
today at 15:57:522022/03/21 15:57:52 WARN openvpn: 'comp-lzo' is present in remote config but missing in local config, remote='comp-lzo'
today at 15:57:522022/03/21 15:57:52 INFO openvpn: [frankfurt402] Peer Connection Initiated with [AF_INET]195.181.170.226:1197
today at 15:57:522022/03/21 15:57:52 INFO openvpn: TUN/TAP device tun0 opened
today at 15:57:522022/03/21 15:57:52 INFO openvpn: /sbin/ip link set dev tun0 up mtu 1500
today at 15:57:522022/03/21 15:57:52 INFO openvpn: /sbin/ip link set dev tun0 up
today at 15:57:522022/03/21 15:57:52 INFO openvpn: /sbin/ip addr add dev tun0 10.1.110.73/24
today at 15:57:522022/03/21 15:57:52 INFO openvpn: Initialization Sequence Completed
today at 15:57:522022/03/21 15:57:52 INFO dns over tls: downloading DNS over TLS cryptographic files
today at 15:57:532022/03/21 15:57:53 INFO healthcheck: healthy!
today at 15:57:552022/03/21 15:57:55 INFO dns over tls: downloading hostnames and IP block lists
today at 15:58:052022/03/21 15:58:05 INFO dns over tls: init module 0: validator
today at 15:58:052022/03/21 15:58:05 INFO dns over tls: init module 1: iterator
today at 15:58:052022/03/21 15:58:05 INFO dns over tls: start of service (unbound 1.13.2).
today at 15:58:062022/03/21 15:58:06 INFO dns over tls: generate keytag query _ta-4a5c-4f66. NULL IN
today at 15:58:072022/03/21 15:58:07 INFO dns over tls: ready
today at 15:58:092022/03/21 15:58:09 INFO vpn: There is a new release v3.28.0 (v3.28.0) created 22 days ago
today at 15:58:112022/03/21 15:58:11 INFO ip getter: Public IP address is 195.181.170.226 (Germany, Hesse, Frankfurt am Main)
qdm12 commented 2 years ago

Bootloop

Wait a minute, what do you mean by 'bootloop'? Is it:

today at 15:02:272022/03/15 15:02:27 INFO healthcheck: program has been unhealthy for 5s: restarting VPN
today at 15:02:272022/03/15 15:02:27 INFO vpn: stopping
today at 15:02:272022/03/15 15:02:27 INFO vpn: starting
today at 15:02:272022/03/15 15:02:27 INFO firewall: allowing VPN connection...

Or the

WARN Caught OS signal, shutting down

??

I thought it was the second one; so here are sections for the first 'bootloop' (internal vpn restart) and the second 'bootloop' (OS signal killing the container):

Internal VPN restart

That might just be an outdated server IP address, you can update the server data yourself, see https://github.com/qdm12/gluetun/wiki/Updating-servers

OS signal killing the container

Try with the latest image (docker pull qmcgaw/gluetun and use qmcgaw/gluetun), it will log the OS signal received (SIGTERM or SIGINT). This signal comes from the Docker daemon and is not caused internally.

You can monitor events in a terminal with docker events --filter container=gluetun (where gluetun is the container name), maybe that can help in understanding why it's getting killed.

Region environment variables confusion

v3.27.0

docker run -it --rm --cap-add=NET_ADMIN -e VPNSP=pia -e OPENVPN_USER=a -e OPENVPN_PASSWORD=a -e REGION="AU Melbourne" qmcgaw/gluetun:v3.27.0

Prints in the settings tree:

├── VPN settings:
|   ├── VPN provider settings:
|   |   ├── Name: private internet access
|   |   └── Server selection settings:
|   |       ├── VPN type: openvpn
|   |       ├── Regions: au melbourne
|   |       └── OpenVPN server selection settings:
|   |           ├── Protocol: UDP
|   |           └── Private Internet Access encryption preset: strong

So the regions is taken into account (Regions: au melbourne), but I don't see it your logs, so it must be a misconfiguration.

v3.28.0

Using SERVER_REGIONS="AU Melbourne" will work, although using REGION="AU Melbourne" will work too.

There is no difference between v3.27.0 and v3.28.0 regarding the VPN internal restart logic as well.

yannduran commented 2 years ago

Yes, sorry, the second one (Caught OS signal, shutting down). I guess I got the term bootlooping from when my LG phone started doing it and that's what everyone was calling it.

Here's the docker-compose file I use:

version: "3.7"

services:
  vpn:
    image: qmcgaw/gluetun:v3.27.0
    container_name: vpn
    network_mode: secure-network
    hostname: vpn
    cap_add:
      - NET_ADMIN
    restart: always

    environment:
      - TZ=Australia/Melbourne # for accurate logs times
      - PUID=0
      - PGID=0
      - VPN_SERVICE_PROVIDER=pia
      - OPENVPN_USER=
      - OPENVPN_PASSWORD=
      - SERVER_REGIONS=AU Melbourne # REGION causes it to bootloop

    volumes:
      - /volume1/docker/appdata/gluetun:/gluetun:rw

    ports:
      - 5112:3012 # vaultwarden websocket port
      - 5115:80 # vaultwarden
      - 6767:6767 # bazarr
      - 6881:6881 # qbittorrent communication
      - 6881:6881/udp # qbittorrent communication
      - 7878:7878 # radarr
      - 8080:8080 # qbittorrent ui
      - 8686:8686 # lidarr
      - 8787:8787 # readarr
      - 8989:8989 # sonarr
      - 9117:9117 # jackett
      - 9696:9696 # Prowlarr

    labels:
      - deunhealth.restart.on.unhealthy=true

    #---

In v3.27.0, as soon as I change SERVER_REGIONS to REGION it bootloops continuously. I guess SERVER_REGIONS gets ignored which is why I get a random IP address. But as soon as I change it --> bootloop.

today at 22:42:49========================================
today at 22:42:49========================================
today at 22:42:49=============== gluetun ================
today at 22:42:49========================================
today at 22:42:49=========== Made with ❤️ by ============
today at 22:42:49======= https://github.com/qdm12 =======
today at 22:42:49========================================
today at 22:42:49========================================
today at 22:42:49
today at 22:42:49Running version v3.27.0 built on 2022-01-23T15:18:52.634Z (commit 55e609c)
today at 22:42:49
today at 22:42:49🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
today at 22:42:49🐛 Bug? https://github.com/qdm12/gluetun/issues/new
today at 22:42:49✨ New feature? https://github.com/qdm12/gluetun/issues/new
today at 22:42:49☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
today at 22:42:49💻 Email? quentin.mcgaw@gmail.com
today at 22:42:49💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
today at 22:42:492022/03/21 22:42:49 INFO storage: merging by most recent 11100 hardcoded servers and 11096 servers read from /gluetun/servers.json
today at 22:42:492022/03/21 22:42:49 INFO storage: Using ExpressVPN servers from file which are 3238h36m31s more recent
today at 22:42:492022/03/21 22:42:49 INFO Alpine version: 3.15.0
today at 22:42:502022/03/21 22:42:50 INFO OpenVPN 2.4 version: 2.4.11
today at 22:42:512022/03/21 22:42:50 INFO OpenVPN 2.5 version: 2.5.4
today at 22:42:512022/03/21 22:42:50 INFO Unbound version: 1.13.2
today at 22:42:512022/03/21 22:42:50 INFO IPtables version: v1.8.7
today at 22:42:512022/03/21 22:42:50 INFO Settings summary:
today at 22:42:51├── VPN settings:
today at 22:42:51|   ├── VPN provider settings:
today at 22:42:51|   |   ├── Name: private internet access
today at 22:42:51|   |   └── Server selection settings:
today at 22:42:51|   |       ├── VPN type: openvpn
today at 22:42:51|   |       ├── Regions: au melbourne
today at 22:42:51|   |       └── OpenVPN server selection settings:
today at 22:42:51|   |           ├── Protocol: UDP
today at 22:42:51|   |           └── Private Internet Access encryption preset: strong
today at 22:42:51|   └── OpenVPN settings:
today at 22:42:51|       ├── OpenVPN version: 2.5
today at 22:42:51|       ├── User: [set]
today at 22:42:51|       ├── Password: [set]
today at 22:42:51|       ├── Private Internet Access encryption preset: strong
today at 22:42:51|       ├── Tunnel IPv6: no
today at 22:42:51|       ├── Network interface: tun0
today at 22:42:51|       ├── Run OpenVPN as: root
today at 22:42:51|       └── Verbosity level: 1
today at 22:42:51├── DNS settings:
today at 22:42:51|   ├── DNS server address to use: 127.0.0.1
today at 22:42:51|   ├── Keep existing nameserver(s): no
today at 22:42:51|   └── DNS over TLS settings:
today at 22:42:51|       ├── Enabled: yes
today at 22:42:51|       ├── Update period: every 24h0m0s
today at 22:42:51|       ├── Unbound settings:
today at 22:42:51|       |   ├── Authoritative servers:
today at 22:42:51|       |   |   └── cloudflare
today at 22:42:51|       |   ├── Caching: yes
today at 22:42:51|       |   ├── IPv6: no
today at 22:42:51|       |   ├── Verbosity level: 1
today at 22:42:51|       |   ├── Verbosity details level: 0
today at 22:42:51|       |   ├── Validation log level: 0
today at 22:42:51|       |   ├── System user: root
today at 22:42:51|       |   └── Allowed networks:
today at 22:42:51|       |       ├── 0.0.0.0/0
today at 22:42:51|       |       └── ::/0
today at 22:42:51|       └── DNS filtering settings:
today at 22:42:51|           ├── Block malicious: yes
today at 22:42:51|           ├── Block ads: no
today at 22:42:51|           ├── Block surveillance: no
today at 22:42:51|           └── Blocked IP networks:
today at 22:42:51|               ├── 127.0.0.1/8
today at 22:42:51|               ├── 10.0.0.0/8
today at 22:42:51|               ├── 172.16.0.0/12
today at 22:42:51|               ├── 192.168.0.0/16
today at 22:42:51|               ├── 169.254.0.0/16
today at 22:42:51|               ├── ::1/128
today at 22:42:51|               ├── fc00::/7
today at 22:42:51|               ├── fe80::/10
today at 22:42:51|               ├── ::ffff:7f00:1/104
today at 22:42:51|               ├── ::ffff:a00:0/104
today at 22:42:51|               ├── ::ffff:a9fe:0/112
today at 22:42:51|               ├── ::ffff:ac10:0/108
today at 22:42:51|               └── ::ffff:c0a8:0/112
today at 22:42:51├── Firewall settings:
today at 22:42:51|   └── Enabled: yes
today at 22:42:51├── Log settings:
today at 22:42:51|   └── Log level: INFO
today at 22:42:51├── Health settings:
today at 22:42:51|   ├── Server listening address: 127.0.0.1:9999
today at 22:42:51|   ├── Address to ping: github.com
today at 22:42:51|   └── VPN wait durations:
today at 22:42:51|       ├── Initial duration: 5s
today at 22:42:51|       └── Additional duration: 5s
today at 22:42:51├── Shadowsocks server settings:
today at 22:42:51|   └── Enabled: no
today at 22:42:51├── HTTP proxy settings:
today at 22:42:51|   └── Enabled: no
today at 22:42:51├── Control server settings:
today at 22:42:51|   ├── Listening port: 8000
today at 22:42:51|   └── Logging: yes
today at 22:42:51├── OS Alpine settings:
today at 22:42:51|   ├── Process UID: 0
today at 22:42:51|   ├── Process GID: 0
today at 22:42:51|   └── Timezone: Australia/Melbourne
today at 22:42:51├── Public IP settings:
today at 22:42:51|   ├── Fetching: every 12h0m0s
today at 22:42:51|   └── IP file path: /tmp/gluetun/ip
today at 22:42:51└── Version settings:
today at 22:42:51    └── Enabled: yes
today at 22:42:512022/03/21 22:42:50 INFO using existing username root corresponding to user id 0
today at 22:42:512022/03/21 22:42:50 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:42:512022/03/21 22:42:50 INFO routing: local ethernet link found: eth0
today at 22:42:512022/03/21 22:42:50 INFO routing: local ipnet found: 192.168.10.0/24
today at 22:42:512022/03/21 22:42:50 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:42:512022/03/21 22:42:50 INFO routing: adding route for 0.0.0.0/0
today at 22:42:512022/03/21 22:42:50 INFO firewall: firewall disabled, only updating allowed subnets internal list
today at 22:42:512022/03/21 22:42:50 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:42:512022/03/21 22:42:50 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
today at 22:42:512022/03/21 22:42:50 INFO firewall: enabling...
today at 22:42:512022/03/21 22:42:51 INFO firewall: enabled successfully
today at 22:42:512022/03/21 22:42:51 INFO healthcheck: listening on 127.0.0.1:9999
today at 22:42:512022/03/21 22:42:51 INFO dns over tls: using plaintext DNS at address 1.1.1.1
today at 22:42:512022/03/21 22:42:51 INFO http server: listening on :8000
today at 22:42:512022/03/21 22:42:51 INFO firewall: setting VPN connection through firewall...
today at 22:42:512022/03/21 22:42:51 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 22:42:512022/03/21 22:42:51 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 22:42:512022/03/21 22:42:51 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 22:42:512022/03/21 22:42:51 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 22:42:512022/03/21 22:42:51 INFO openvpn: -----END X509 CRL-----
today at 22:42:512022/03/21 22:42:51 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.215.189:1197
today at 22:42:512022/03/21 22:42:51 INFO openvpn: UDP link local: (not bound)
today at 22:42:512022/03/21 22:42:51 INFO openvpn: UDP link remote: [AF_INET]181.214.215.189:1197
today at 22:42:562022/03/21 22:42:56 INFO healthcheck: program has been unhealthy for 5s: restarting VPN
today at 22:42:562022/03/21 22:42:56 INFO vpn: stopping
today at 22:42:562022/03/21 22:42:56 INFO vpn: starting
today at 22:42:562022/03/21 22:42:56 INFO firewall: setting VPN connection through firewall...
today at 22:42:562022/03/21 22:42:56 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 22:42:562022/03/21 22:42:56 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 22:42:562022/03/21 22:42:56 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 22:42:562022/03/21 22:42:56 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 22:42:562022/03/21 22:42:56 INFO openvpn: -----END X509 CRL-----
today at 22:42:562022/03/21 22:42:56 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.199.9:1197
today at 22:42:562022/03/21 22:42:56 INFO openvpn: UDP link local: (not bound)
today at 22:42:562022/03/21 22:42:56 INFO openvpn: UDP link remote: [AF_INET]181.214.199.9:1197
today at 22:43:00
today at 22:43:002022/03/21 22:43:00 WARN Caught OS signal, shutting down
today at 22:43:002022/03/21 22:43:00 INFO dns ticker: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO updater ticker: terminated ✔️
today at 22:43:002022/03/21 22:43:00 ERROR http server: http: Server closed
today at 22:43:002022/03/21 22:43:00 INFO http server: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO control: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO updater: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO public IP: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO tickers: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO HTTP health server: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO vpn: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO port forwarding: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO shadowsocks proxy: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO http proxy: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO public IP: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO unbound: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO other: terminated ✔️
today at 22:43:002022/03/21 22:43:00 INFO routing cleanup...
today at 22:43:002022/03/21 22:43:00 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:43:002022/03/21 22:43:00 INFO routing: deleting route for 0.0.0.0/0
today at 22:43:002022/03/21 22:43:00 INFO Shutdown successful
today at 22:43:14Container started
today at 22:43:002022/03/21 22:43:00 INFO routing: deleting route for 0.0.0.0/0
today at 22:43:002022/03/21 22:43:00 INFO Shutdown successful
today at 22:43:15========================================
today at 22:43:15========================================
today at 22:43:15=============== gluetun ================
today at 22:43:152022/03/21 22:43:15 INFO storage: merging by most recent 11100 hardcoded servers and 11096 servers read from /gluetun/servers.json
today at 22:43:152022/03/21 22:43:15 INFO storage: Using ExpressVPN servers from file which are 3238h36m31s more recent
today at 22:43:152022/03/21 22:43:15 INFO Alpine version: 3.15.0
today at 22:43:162022/03/21 22:43:16 INFO OpenVPN 2.4 version: 2.4.11
today at 22:43:162022/03/21 22:43:16 INFO OpenVPN 2.5 version: 2.5.4
today at 22:43:162022/03/21 22:43:16 INFO Unbound version: 1.13.2
today at 22:43:162022/03/21 22:43:16 INFO IPtables version: v1.8.7
today at 22:43:162022/03/21 22:43:16 INFO Settings summary:
today at 22:43:16├── VPN settings:
today at 22:43:16|   |           ├── Protocol: UDP
today at 22:43:16|   |           └── Private Internet Access encryption preset: strong
today at 22:43:16|   └── OpenVPN settings:
today at 22:43:16|       ├── Password: [set]
today at 22:43:16|       ├── Private Internet Access encryption preset: strong
today at 22:43:16|       ├── Tunnel IPv6: no
today at 22:43:16|       └── Verbosity level: 1
today at 22:43:16├── DNS settings:
today at 22:43:16|   ├── DNS server address to use: 127.0.0.1
today at 22:43:212022/03/21 22:43:21 INFO healthcheck: program has been unhealthy for 5s: restarting VPN
today at 22:43:212022/03/21 22:43:21 INFO vpn: stopping
today at 22:43:212022/03/21 22:43:21 INFO vpn: starting
today at 22:43:212022/03/21 22:43:21 INFO firewall: setting VPN connection through firewall...
today at 22:43:212022/03/21 22:43:21 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 22:43:212022/03/21 22:43:21 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 22:43:212022/03/21 22:43:21 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 22:43:212022/03/21 22:43:21 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 22:43:212022/03/21 22:43:21 INFO openvpn: -----END X509 CRL-----
today at 22:43:212022/03/21 22:43:21 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.215.166:1197
today at 22:43:212022/03/21 22:43:21 INFO openvpn: UDP link local: (not bound)
today at 22:43:212022/03/21 22:43:21 INFO openvpn: UDP link remote: [AF_INET]181.214.215.166:1197
today at 22:43:26
today at 22:43:262022/03/21 22:43:26 WARN Caught OS signal, shutting down
today at 22:43:262022/03/21 22:43:26 ERROR http server: http: Server closed
today at 22:43:262022/03/21 22:43:26 INFO http server: terminated ✔️
today at 22:43:262022/03/21 22:43:26 INFO HTTP health server: terminated ✔️
today at 22:43:262022/03/21 22:43:26 INFO vpn: terminated ✔️
today at 22:43:262022/03/21 22:43:26 INFO port forwarding: terminated ✔️
today at 22:43:262022/03/21 22:43:26 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:43:262022/03/21 22:43:26 INFO routing: deleting route for 0.0.0.0/0

v3.28.0 with SERVER_REGIONS --> bootloops immediately with REGION --> container gets stopped

today at 22:53:49========================================
today at 22:53:49========================================
today at 22:53:49=============== gluetun ================
today at 22:53:49========================================
today at 22:53:49=========== Made with ❤️ by ============
today at 22:53:49======= https://github.com/qdm12 =======
today at 22:53:49========================================
today at 22:53:49========================================
today at 22:53:49
today at 22:53:49Running version v3.28.0 built on 2022-02-26T16:22:17.744Z (commit 2b09b9c)
today at 22:53:49
today at 22:53:49🔧 Need help? https://github.com/qdm12/gluetun/discussions/new
today at 22:53:49🐛 Bug? https://github.com/qdm12/gluetun/issues/new
today at 22:53:49✨ New feature? https://github.com/qdm12/gluetun/issues/new
today at 22:53:49☕ Discussion? https://github.com/qdm12/gluetun/discussions/new
today at 22:53:49💻 Email? quentin.mcgaw@gmail.com
today at 22:53:49💰 Help me? https://www.paypal.me/qmcgaw https://github.com/sponsors/qdm12
today at 22:53:492022/03/21 22:53:49 WARN You are using the old environment variable REGION, please consider changing it to SERVER_REGIONS
today at 22:53:492022/03/21 22:53:49 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:53:492022/03/21 22:53:49 INFO routing: local ethernet link found: eth0
today at 22:53:492022/03/21 22:53:49 INFO routing: local ipnet found: 192.168.10.0/24
today at 22:53:492022/03/21 22:53:49 INFO firewall: enabling...
today at 22:53:492022/03/21 22:53:49 INFO firewall: enabled successfully
today at 22:53:492022/03/21 22:53:49 INFO storage: merging by most recent 11096 hardcoded servers and 11096 servers read from /gluetun/servers.json
today at 22:53:492022/03/21 22:53:49 INFO Alpine version: 3.15.0
today at 22:53:492022/03/21 22:53:49 INFO OpenVPN 2.4 version: 2.4.11
today at 22:53:492022/03/21 22:53:49 INFO OpenVPN 2.5 version: 2.5.4
today at 22:53:492022/03/21 22:53:49 INFO Unbound version: 1.13.2
today at 22:53:492022/03/21 22:53:49 INFO IPtables version: v1.8.7
today at 22:53:492022/03/21 22:53:49 INFO Settings summary:
today at 22:53:49├── VPN settings:
today at 22:53:49|   ├── VPN provider settings:
today at 22:53:49|   |   ├── Name: private internet access
today at 22:53:49|   |   └── Server selection settings:
today at 22:53:49|   |       ├── VPN type: openvpn
today at 22:53:49|   |       ├── Regions: au melbourne
today at 22:53:49|   |       └── OpenVPN server selection settings:
today at 22:53:49|   |           ├── Protocol: UDP
today at 22:53:49|   |           └── Private Internet Access encryption preset: strong
today at 22:53:49|   └── OpenVPN settings:
today at 22:53:49|       ├── OpenVPN version: 2.5
today at 22:53:49|       ├── User: [set]
today at 22:53:49|       ├── Password: [set]
today at 22:53:49|       ├── Private Internet Access encryption preset: strong
today at 22:53:49|       ├── Tunnel IPv6: no
today at 22:53:49|       ├── Network interface: tun0
today at 22:53:49|       ├── Run OpenVPN as: root
today at 22:53:49|       └── Verbosity level: 1
today at 22:53:49├── DNS settings:
today at 22:53:49|   ├── DNS server address to use: 127.0.0.1
today at 22:53:49|   ├── Keep existing nameserver(s): no
today at 22:53:49|   └── DNS over TLS settings:
today at 22:53:49|       ├── Enabled: yes
today at 22:53:49|       ├── Update period: every 24h0m0s
today at 22:53:49|       ├── Unbound settings:
today at 22:53:49|       |   ├── Authoritative servers:
today at 22:53:49|       |   |   └── cloudflare
today at 22:53:49|       |   ├── Caching: yes
today at 22:53:49|       |   ├── IPv6: no
today at 22:53:49|       |   ├── Verbosity level: 1
today at 22:53:49|       |   ├── Verbosity details level: 0
today at 22:53:49|       |   ├── Validation log level: 0
today at 22:53:49|       |   ├── System user: root
today at 22:53:49|       |   └── Allowed networks:
today at 22:53:49|       |       ├── 0.0.0.0/0
today at 22:53:49|       |       └── ::/0
today at 22:53:49|       └── DNS filtering settings:
today at 22:53:49|           ├── Block malicious: yes
today at 22:53:49|           ├── Block ads: no
today at 22:53:49|           ├── Block surveillance: no
today at 22:53:49|           └── Blocked IP networks:
today at 22:53:49|               ├── 127.0.0.1/8
today at 22:53:49|               ├── 10.0.0.0/8
today at 22:53:49|               ├── 172.16.0.0/12
today at 22:53:49|               ├── 192.168.0.0/16
today at 22:53:49|               ├── 169.254.0.0/16
today at 22:53:49|               ├── ::1/128
today at 22:53:49|               ├── fc00::/7
today at 22:53:49|               ├── fe80::/10
today at 22:53:49|               ├── ::ffff:7f00:1/104
today at 22:53:49|               ├── ::ffff:a00:0/104
today at 22:53:49|               ├── ::ffff:a9fe:0/112
today at 22:53:49|               ├── ::ffff:ac10:0/108
today at 22:53:49|               └── ::ffff:c0a8:0/112
today at 22:53:49├── Firewall settings:
today at 22:53:49|   └── Enabled: yes
today at 22:53:49├── Log settings:
today at 22:53:49|   └── Log level: INFO
today at 22:53:49├── Health settings:
today at 22:53:49|   ├── Server listening address: 127.0.0.1:9999
today at 22:53:49|   ├── Address to ping: github.com
today at 22:53:49|   └── VPN wait durations:
today at 22:53:49|       ├── Initial duration: 5s
today at 22:53:49|       └── Additional duration: 5s
today at 22:53:49├── Shadowsocks server settings:
today at 22:53:49|   └── Enabled: no
today at 22:53:49├── HTTP proxy settings:
today at 22:53:49|   └── Enabled: no
today at 22:53:49├── Control server settings:
today at 22:53:49|   ├── Listening address: :8000
today at 22:53:49|   └── Logging: yes
today at 22:53:49├── OS Alpine settings:
today at 22:53:49|   ├── Process UID: 0
today at 22:53:49|   ├── Process GID: 0
today at 22:53:49|   └── Timezone: Australia/Melbourne
today at 22:53:49├── Public IP settings:
today at 22:53:49|   ├── Fetching: every 12h0m0s
today at 22:53:49|   └── IP file path: /tmp/gluetun/ip
today at 22:53:49└── Version settings:
today at 22:53:49    └── Enabled: yes
today at 22:53:492022/03/21 22:53:49 INFO using existing username root corresponding to user id 0
today at 22:53:492022/03/21 22:53:49 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:53:492022/03/21 22:53:49 INFO routing: adding route for 0.0.0.0/0
today at 22:53:492022/03/21 22:53:49 INFO firewall: setting allowed subnets...
today at 22:53:492022/03/21 22:53:49 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:53:492022/03/21 22:53:49 INFO TUN device is not available: open /dev/net/tun: no such file or directory; creating it...
today at 22:53:492022/03/21 22:53:49 INFO pprof http server listening on [::]:6060
today at 22:53:492022/03/21 22:53:49 INFO http server: listening on :8000
today at 22:53:492022/03/21 22:53:49 INFO dns over tls: using plaintext DNS at address 1.1.1.1
today at 22:53:492022/03/21 22:53:49 INFO firewall: allowing VPN connection...
today at 22:53:492022/03/21 22:53:49 INFO healthcheck: listening on 127.0.0.1:9999
today at 22:53:492022/03/21 22:53:49 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 22:53:492022/03/21 22:53:49 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 22:53:492022/03/21 22:53:49 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 22:53:492022/03/21 22:53:49 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 22:53:492022/03/21 22:53:49 INFO openvpn: -----END X509 CRL-----
today at 22:53:492022/03/21 22:53:49 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.215.124:1197
today at 22:53:492022/03/21 22:53:49 INFO openvpn: UDP link local: (not bound)
today at 22:53:492022/03/21 22:53:49 INFO openvpn: UDP link remote: [AF_INET]181.214.215.124:1197
today at 22:53:542022/03/21 22:53:54 INFO healthcheck: program has been unhealthy for 5s: restarting VPN
today at 22:53:542022/03/21 22:53:54 INFO vpn: stopping
today at 22:53:542022/03/21 22:53:54 INFO vpn: starting
today at 22:53:542022/03/21 22:53:54 INFO firewall: allowing VPN connection...
today at 22:53:552022/03/21 22:53:55 INFO openvpn: OpenVPN 2.5.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 15 2021
today at 22:53:552022/03/21 22:53:55 INFO openvpn: library versions: OpenSSL 1.1.1l  24 Aug 2021, LZO 2.10
today at 22:53:552022/03/21 22:53:55 INFO openvpn: CRL: loaded 1 CRLs from file -----BEGIN X509 CRL-----
today at 22:53:552022/03/21 22:53:55 INFO openvpn: MIIDWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZaMCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG9w0BAQ0FAAOCAgEAppFfEpGsasjB1QgJcosGpzbf2kfRhM84o2TlqY1ua+Gi5TMdKydA3LJcNTjlI9a0TYAJfeRX5IkpoglSUuHuJgXhP3nEvX10mjXDpcu/YvM8TdE5JV2+EGqZ80kFtBeOq94WcpiVKFTR4fO+VkOK9zwspFfb1cNs9rHvgJ1QMkRUF8PpLN6AkntHY0+6DnigtSaKqldqjKTDTv2OeH3nPoh80SGrt0oCOmYKfWTJGpggMGKvIdvU3vH9+EuILZKKIskt+1dwdfA5Bkz1GLmiQG7+9ZZBQUjBG9Dos4hfX/rwJ3eU8oUIm4WoTz9rb71SOEuUUjP5NPy9HNx2vx+cVvLsTF4ZDZaUztW9o9JmIURDtbeyqxuHN3prlPWB6aj73IIm2dsDQvs3XXwRIxs8NwLbJ6CyEuvEOVCskdM8rdADWx1J0lRNlOJ0Z8ieLLEmYAA834VN1SboB6wJIAPxQU3rcBhXqO9y8aa2oRMg8NxZ5gr+PnKVMqag1x0IxbIgLxtkXQvxXxQHEMSODzvcOfK/nBRBsqTj30P+R87sU8titOoxNeRnBDRNhdEy/QGAqGh62ShPpQUCJdnKRiRTjnil9hMQHevoSuFKeEMO30FQL7BZyo37GFU+q1WPCplVZgCP9hC8Rn5K2+f6KLFo5bhtowSmu+GY1yZtg+RTtsA=
today at 22:53:552022/03/21 22:53:55 INFO openvpn: -----END X509 CRL-----
today at 22:53:552022/03/21 22:53:55 INFO openvpn: TCP/UDP: Preserving recently used remote address: [AF_INET]181.214.215.153:1197
today at 22:53:552022/03/21 22:53:55 INFO openvpn: UDP link local: (not bound)
today at 22:53:552022/03/21 22:53:55 INFO openvpn: UDP link remote: [AF_INET]181.214.215.153:1197
today at 22:54:00
today at 22:54:002022/03/21 22:54:00 WARN Caught OS signal, shutting down
today at 22:54:002022/03/21 22:54:00 ERROR http server: http: Server closed
today at 22:54:002022/03/21 22:54:00 INFO http server: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO dns ticker: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO updater ticker: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO control: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO updater: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO public IP: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO tickers: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO HTTP health server: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO vpn: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO port forwarding: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO shadowsocks proxy: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO unbound: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO http proxy: terminated ✔️
today at 22:54:002022/03/21 22:54:00 WARN pprof http server shutting down: context canceled
today at 22:54:002022/03/21 22:54:00 INFO public IP: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO pprof server: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO other: terminated ✔️
today at 22:54:002022/03/21 22:54:00 INFO routing cleanup...
today at 22:54:002022/03/21 22:54:00 INFO routing: default route found: interface eth0, gateway 192.168.10.1
today at 22:54:002022/03/21 22:54:00 INFO routing: deleting route for 0.0.0.0/0
today at 22:54:002022/03/21 22:54:00 INFO Shutdown successful
today at 22:54:04Container stopped

Only v3.27.0 with SERVER_REGIONS (although anything that's not REGION would probably also just get ignored) works. And it's not random, use v3.28.0 it doesn't work, change to v3.27.0 (only with something that's not REGION and it doesn't work. Change back again and it works. So weird.

qdm12 commented 2 years ago

deunhealth.restart.on.unhealthy=true is, 95% certainty, what's causing the kill of the container. It may get unhealthy for a few seconds until its internal VPN gets restarted. Try removing the label to see if it works better? Alternatively you could modify the health settings for the container, I think this would help for example:

    healthcheck:
      interval: 10s
      timeout: 5s
      retries: 3

I can't believe I got bitten by my own programming (deunhealth) :smile:

yannduran commented 2 years ago

I hope you're right! It's currently healthy and working. Do you think that's why v3.28.0 keeps restarting?

Next time it goes down I'll give it a try and let you know. But where do I actually put that text? In the docker-compose file for deunhealth? Or for gluetun?

qdm12 commented 2 years ago

Do you think that's why v3.28.0 keeps restarting?

Yes that must be it. Note the internal health check is fixed in v3.28.1, although it's bit irrelevant to your problem here.

But where do I actually put that text? In the docker-compose file for deunhealth? Or for gluetun?

In gluetun's docker-compose.yml so it gets unhealthy after more time and is less aggressive. I configured the image to be quite aggresive on showing its unhealthy, even if it auto-heals internally. Technically I don't think there is a point in having it tracked by deunhealth since it should auto-heal internally without a container restart.

qdm12 commented 2 years ago

Closing this for now, feel free to comment if it's still misbehaving!

qdm12 commented 2 years ago

For docker-compose, I found this reference: https://docs.docker.com/compose/compose-file/compose-file-v3/#healthcheck

I also created this FAQ healthcheck page in the Wiki to clarify how it works.