search

xptsp / pivpn-docker

Run PiVPN in a Container!
MIT License
8 stars 5 forks source link

crl.pem not found #1

Closed zioperek closed 3 years ago

zioperek commented 3 years ago

Hi. The container crushes after a few seconds with log message

chown: cannot access "/etc/openvpn/crl.pem": No such file or directory ::: PiVPN Service Started

The ENVS i added were IPv4dev, pivpnDNS1, pivpnDNS2, as i run pihole and needed IPv4dev specified, for multiple network cards.

I'm running docker over portainer.io webui.

Defaults also added:

--privileged \ --net host \ --name pivpn \ -v /custom/:/home/pivpn/ovpns \ -v /custom/:/etc/openvpn

Docker info:


 Debug Mode: false

Server:
 Containers: 4
  Running: 3
  Paused: 0
  Stopped: 1
 Images: 4
 Server Version: 18.09.1
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: c4446665cb9c30056f4998ed953e6d4ff22c7c39
 runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.18.0-193.14.2.el8_2.x86_64
 Operating System: CentOS Linux 8 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 3.689GiB
 Name: centos.localdomain
 ID: 2B3X:ZETB:OPCF:DPRJ:WNES:JAWB:FR55:GMM5:MPVX:7RQ6:F3YJ:3IVY
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
 Product License: Community Engine
xptsp commented 3 years ago

I've fixed this bug but haven't updated the repo. Found a doozy of a exploit and am rewriting the website using Python instead of using a bash script to create the website....

xptsp commented 3 years ago

zioperek, please try the latest commit. It should work better. It checks for the existance of that file, and if it doesn't exist, it rebuilds the openvpn certificates to get the files required.

I also noticed that in the issue you opened, both the openvpn and ovpns directories are mounted in the exact same folder. This will not work in this commit, due to an additional check that makes sure that the openvpn directory you mount to /etc/openvpn and the ovpns directory you mount to /home/pivpn/ovpns are separate. Please make the appropriate change to your launching method to deal with this.

xptsp commented 3 years ago

Closing this issue, since there has been no response to the issue.