search

syncloud / platform

Run popular services on your device with one click
https://syncloud.org
GNU General Public License v3.0
396 stars 40 forks source link

OpenVPN app installation impossible #539

Closed DarkCoocky closed 3 years ago

DarkCoocky commented 3 years ago

I tried to install the OpenVPN from apps Store and from CLI. Each time i try the app cannot be installed. I don't have any error on website interface, on CLI I have

`error : cannot perform the following tasks :

cyberb commented 3 years ago

Can you send us logs? or send them first to yourself and check shat is the error? also you can try running journalctl -xe

DarkCoocky commented 3 years ago

You mean sending logs through Web UI? I'm gonna retry the command you wrote and copy paste the output in a file. Just wait until I come home :)

I'm gonna investigate by myself too.

cyberb commented 3 years ago

You mean sending logs through Web UI?

Yes, it collects various logs in one email, you can use it with "support" unchecked to not share it with us.

DarkCoocky commented 3 years ago

I sent the logs for you. I don't know if there are the things we're looking for because it's been almost 2hrs since the last problem with openVPN.

DarkCoocky commented 3 years ago

Here's the output of journalctl that i put into a txt. journalctl.txt

Look around line 1315 there are some errors about openVPN checksum verifications. You can also look lines 1455 and after it's after the installation, when openVPN starts.

Seems that the snap's downloaded size and the expected size doesn't match

L.1324 : Sep 10 16:40:58 syncloud snapd[259]: 2020/09/10 16:40:58.960026 snapasserts.go:71: Syncloud hack: snap "openvpn" file does not have expected size according to signatures (download is broken or tampered): 40927232 != 1

cyberb commented 3 years ago

This must be the problem:

Sep 10 16:42:25 syncloud openvpn.server[15530]: iptables v1.8.2 (nf_tables): Chain 'MASQUERADE' does not exist
Sep 10 16:42:25 syncloud openvpn.server[15530]: Try `iptables -h' or 'iptables --help' for more information.
Sep 10 16:42:25 syncloud openvpn.server[15530]: iptables v1.8.2 (nf_tables): Chain 'MASQUERADE' does not exist
Sep 10 16:42:25 syncloud openvpn.server[15530]: Try `iptables -h' or 'iptables --help' for more information.
Sep 10 16:42:25 syncloud systemd[1]: snap.openvpn.server.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
cyberb commented 3 years ago

Are you running on docker?

DarkCoocky commented 3 years ago

I think that's the problem too I'm running syncloud on Raspberry Pi 3 B+

cyberb commented 3 years ago 
iptables --version

Are you on latest image?

DarkCoocky commented 3 years ago

iptables v.1.8.2 (nf_tables)

cyberb commented 3 years ago 
cat /etc/os-release
DarkCoocky commented 3 years ago

PRETTY_NAME="Debian GNU/linux 10 (buster)" NAME="Debian GNU/linux" VERSION_ID="10" VERSION="10 (buster)" VERSION_CODENAME=buster ID=debian HOME_URL="https://www.debian.org/" SUPPORT_URL="https://www.debian.org/support" BUG_REPORT_URL="https://bugs.debian.org/"

cyberb commented 3 years ago

Must be these install commands:

    if ! iptables -t nat -C POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE; then
        iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
    fi
cyberb commented 3 years ago

could you try running each?

DarkCoocky commented 3 years ago

Must be these install commands:

    if ! iptables -t nat -C POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE; then
        iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
    fi

Are you sure of the syntax ? Got an error on second line and the first changes the character at beginning of the line from # to >

cyberb commented 3 years ago

Yes, try these independently:

iptables -t nat -C POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
DarkCoocky commented 3 years ago

The system tells me for each that chain MASQUERADE doesn't exist. (You can see it in the screenshot) CommandResult

cyberb commented 3 years ago

try this:

grep MASQ /boot/config-*

my output:

CONFIG_NFT_MASQ=m
CONFIG_NF_NAT_MASQUERADE_IPV4=y
CONFIG_NFT_MASQ_IPV4=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_NFT_MASQ_IPV6=m
CONFIG_NF_NAT_MASQUERADE_IPV6=y
CONFIG_IP6_NF_TARGET_MASQUERADE=m
DarkCoocky commented 3 years ago

Output :

grep : /boot/config-*: No such file or directory

cyberb commented 3 years ago

try 

grep MASQ /proc/config

or 

zcat /proc/config.gz | grep MASQ

also

ls /proc/config*
DarkCoocky commented 3 years ago

Still nothing, no file or directory image I tried to find the file through files app in webUI. Didn't find any of these files or dir.

cyberb commented 3 years ago

ok, this this

modprobe configs

and then 

zcat /proc/config.gz | grep MASQ
DarkCoocky commented 3 years ago

CONFIG_NF_NAT_MASQUERADE_IPV4=m CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_NF_NAT_MASQUERADE_IPV6=m CONFIG_IP6_NF_TARGET_MASQUERADE=m

cyberb commented 3 years ago

@thomasschaeferm you helped us with openvpn in past, did you test on RPi3 B+? did you have to do anything special apart from installing stock Syncloud image, like upgrading kernel of something?

cyberb commented 3 years ago

@DarkCoocky can you try PRi 4 image as they should be backward compatible: https://github.com/syncloud/platform/releases/download/20.06/syncloud-raspberrypi4-20.06.img.xz

thomasschaeferm commented 3 years ago

I own only a raspberry pi 2 and 4. I never tested with raspberry pi 3. ( I tested also x86_64)

cyberb commented 3 years ago

I own only a raspberry pi 2

Ok, have you tested on RPi 2 with stock image and openvpn works?

cyberb commented 3 years ago

Actually I just tested rpi3 on both v3 and v4 images and I can confirm that openvpn does not work on image rpi3 and works on image for rpi4. I am not sure if we even need to maintain separate image for rpi3, I will remove it.

thomasschaeferm commented 3 years ago

I run rpi2 with opensuse and a self compiled open vpn(2.5 beta4) with my own config scripts. Raspberry 4 with 64 bit is just my test device for everything, mostly idle at the moment. If you want, that I test some things then I would start from scratch with a different sd-card and the images you provide.

DarkCoocky commented 3 years ago

@DarkCoocky can you try PRi 4 image as they should be backward compatible: https://github.com/syncloud/platform/releases/download/20.06/syncloud-raspberrypi4-20.06.img.xz

I'll try this but, about the migration process, are the users exported ? Because I've got nextcloud running and you don't mention in the wiki if all the information about the users are stored on the external drive.

cyberb commented 3 years ago

Files are stored on external disk (if external disk is not activated files will be lost after migration)

For users and other settings you need to do a backup of nextcloud app before the migration and make sure it is on the latest version.

After migration you need to install Nextcloud and restore the backup.

If user accounts were created in Users app then they will have to be recreated, but Nextcloud backup will still keep all the info about them.

I will update our wiki.

cyberb commented 3 years ago

Updated: https://github.com/syncloud/platform/wiki/Device-migration

cyberb commented 3 years ago

reopen if it does not work.

DarkCoocky commented 3 years ago

Did the migration, everything works (and that's already great news lol). And OpenVPN is installed successfully. Thank you for your help :)