Closed mattiasghodsian closed 3 years ago
@mattiasghodsian Can you share your VPN config?
By looking on the config file am guessing the last few lines are the issue here?
ovpn.conf
client
dev tun
remote-cert-tls server
cipher aes-256-cbc
pull
nobind
reneg-sec 0
resolv-retry infinite
verb 3
persist-key
persist-tun
remote-random
remote pool-2.prd.se.sthlm.ovpn.com 1194
remote pool-2.prd.se.sthlm.ovpn.com 1195
proto udp
mute-replay-warnings
replay-window 256
comp-lzo
auth-user-pass /etc/openvpn/credentials
ca /etc/openvpn/ovpn-ca.crt
tls-auth /etc/openvpn/ovpn-tls.key 1
log /tmp/openvpn.log
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
I'm going to say that the VPN container is actually working just fine. You can thank log /tmp/openvpn.log
for eating your log messages. :)
When I copied your config and replaced your remote
s and credentials with my own, I also had no output. docker logs
streams stdout from the container which empty because it was being sent to /tmp/openvpn.log
. Just remove that line and you should see the log you're expecting.
Also, the ca
and tls-auth
lines may also have to change unless you're adding those files to the /etc/openvpn/
directory. It doesn't look like you are based on the Compose file screenshot.
I add files like that to the directory with the config file so I can reference them like this without having to put things in all kinds of different places:
ca ovpn-ca.crt
Thank you for the feedback, I changed paths in the config and added credentials to the mounted folder, and got it up and running
Am reopening this duo to stuck unhealthy when docker project was moved to my newly installed ubuntu server.
docker-compose ps
c7db7a4d227d ghcr.io/wfg/openvpn-client "/data/scripts/entry…" 8 minutes ago Up 8 minutes (unhealthy)
DockStation
openvpn-client Status: Up 7 minutes (unhealty) Created: 25 April 2021
docker-compose logs openvpn-client
openvpn-client |
openvpn-client | ---- Running with the following variables ----
openvpn-client | Kill switch: on
openvpn-client | HTTP proxy: off
openvpn-client | SOCKS proxy: off
openvpn-client | Allowing subnets: none
openvpn-client | Using configuration file: /data/vpn/ovpn.conf
openvpn-client | Using OpenVPN log level: 3
openvpn-client |
openvpn-client | Creating /data/vpn/ovpn.conf.modified and making required changes to that file.
openvpn-client | Changes made.
openvpn-client |
openvpn-client | Creating VPN kill switch and local routes.
openvpn-client | Allowing established and related connections...
openvpn-client | Allowing loopback connections...openvpn-client | Allowing Docker network connections...
openvpn-client | Allowing specified subnets...
openvpn-client | Error: any valid prefix is expected rather than "/".
openvpn-client | iptables v1.8.6 (legacy): invalid mask `' specified
openvpn-client | Try `iptables -h' or 'iptables --help' for more information.
openvpn-client | iptables v1.8.6 (legacy): invalid mask `' specified
openvpn-client | Try `iptables -h' or 'iptables --help' for more information.
openvpn-client | Allowing remote servers in configuration file...
openvpn-client | Using:
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.61 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.68 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.67 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.69 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.64 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.66 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.70 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.62 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.63 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.65 PORT: 1194)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.65 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.63 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.62 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.70 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.66 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.64 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.69 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.67 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.68 PORT: 1195)
openvpn-client | pool-2.prd.se.sthlm.ovpn.com (IP: 217.64.148.61 PORT: 1195)
openvpn-client | Allowing connections over VPN interface...
openvpn-client | Preventing anything else...
openvpn-client | iptables rules created and routes configured.
openvpn-client |
openvpn-client | Running OpenVPN client.
openvpn-client |
openvpn-client | 2021-04-25 15:05:13 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
ovpn.config
client
dev tun
remote-cert-tls server
cipher aes-256-cbc
pull
nobind
reneg-sec 0
resolv-retry infinite
verb 3
persist-key
persist-tun
remote-random
remote pool-2.prd.se.sthlm.ovpn.com 1194
remote pool-2.prd.se.sthlm.ovpn.com 1195
proto udp
mute-replay-warnings
replay-window 256
comp-lzo
auth-user-pass /data/vpn/credentials
ca /data/vpn/ovpn-ca.crt
tls-auth /data/vpn/ovpn-tls.key 1
log /tmp/openvpn.log
script-security 2
up /data/vpn/update-resolv-conf
down /data/vpn/update-resolv-conf
What environment variables are being used in the Compose file on the Ubuntu server?
openvpn-client:
image: ghcr.io/wfg/openvpn-client
container_name: openvpn-client
cap_add:
- NET_ADMIN
devices:
- /dev/net/tun
environment:
- KILL_SWITCH=on
ports:
- 1080:1080
- 6881:6881
- 6881:6881/udp
- 8081:8080
- 9117:9117
- 8989:8989
volumes:
- ./data/vpn:/data/vpn
restart: unless-stopped
Interesting. So what's changed from the previous server where it worked?
The difference was that the new server was using docker with snap, installing docker without snap solved the issue. don't know exactly why...
Am getting a Compression warning and the container keeps rebooting giving exit code 1
VPN provider: ovpn.com