unable to connect to docker containers in browser on local network

Hi all.

Firstly sorry if i'm posting in an incorrect format or anything like that, first time here.

So i've recently purchased a raspberry pi and have discovered Techno Dad Life.

I have been following his video titled "Easy Automated Home Media Server: VPN, Radarr, Sonarr, Lidarr, Librarian in 10 Minutes."

I am 9min11sec in and have all the dockers running in portainer however, I am unable to carry out the next part where I am supposed to connect the containers by copying the ip and adding the port number, eg http://192.168.1.100:9091 for transmission.

I can confirm I am on the same network while trying to open it but the error message I get is "This site can’t be reached192.168.1.100 took too long to respond. ERR_CONNECTION_TIMED_OUT"

The pi is connected via ethernet while I am using portainer on my laptop connected via wifi.

I have searched this forum and google to try and resolve the issue myself so but was unable to find an answer so I do apologize if I am missing something obvious.

The following is my compose file:

version: '2.1'

services:

transmission-openvpn:

volumes:

- /srv/dev-disk-by-label-datadisk/data/downloads/:/data

- /etc/localtime:/etc/localtime:ro

environment:

- PUID=1000

- PGID=100

- CREATE_TUN_DEVICE=true

- OPENVPN_PROVIDER=NORDVPN

# - OPENVPN_CONFIG=default

- NORDVPN_COUNTRY=UK

- NORDVPN_CATEGORY=legacy_p2p

- NORDVPN_PROTOCOL=udp

- OPENVPN_USERNAME=

- OPENVPN_PASSWORD=

- OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60

- WEBPROXY_ENABLED=false

- LOCAL_NETWORK=192.168.1.100/24

- TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED=false

- DNS=8.8.8.8,8.8.4.4

cap_add:

- NET_ADMIN

logging:

driver: json-file

options:

max-size: 10m

ports:

- 9091:9091

- 9117:9117

- 7878:7878

- 8989:8989

- 8686:8686

- 5299:5299

restart: always

image: haugene/transmission-openvpn:latest-armhf

jackett:

image: linuxserver/jackett

container_name: jackett

network_mode: "service:transmission-openvpn"

environment:

- PUID=1000

- PGID=100

- TZ=America/New_York

- AUTO_UPDATE=true #optional

- RUN_OPTS=#optional

volumes:

- /srv/dev-disk-by-label-datadisk/appdata/jackett:/config

- /srv/dev-disk-by-label-datadisk/downloads/watch:/downloads

restart: unless-stopped

radarr:

image: linuxserver/radarr

network_mode: "service:transmission-openvpn"

container_name: radarr

environment:

- PUID=1000

- PGID=100

- TZ=America/New_York

- UMASK_SET=022 #optional

volumes:

- /srv/dev-disk-by-label-datadisk/appdata/radarr:/config

- /srv/dev-disk-by-label-datadisk/media/movies:/movies

- /srv/dev-disk-by-label-datadisk/downloads/completed:/downloads

restart: unless-stopped

sonarr:

image: linuxserver/sonarr

network_mode: "service:transmission-openvpn"

container_name: sonarr

environment:

- PUID=1000

- PGID=100

- TZ=America/New_York

- UMASK_SET=022 #optional

volumes:

- /srv/dev-disk-by-label-datadisk/appdata/sonarr:/config

- /srv/dev-disk-by-label-datadisk/media/tv:/tv

- /srv/dev-disk-by-label-datadisk/downloads/completed:/downloads

restart: unless-stopped

lidarr:

image: linuxserver/lidarr

network_mode: "service:transmission-openvpn"

container_name: lidarr

environment:

- PUID=1000

- PGID=100

- TZ=America/New_York

- UMASK_SET=022 #optional

volumes:

- /srv/dev-disk-by-label-datadisk/appdata/lidarr:/config

- /srv/dev-disk-by-label-datadisk/media/music:/music

- /srv/dev-disk-by-label-datadisk/downloads/completed:/downloads

restart: unless-stopped

lazylibrarian:

image: linuxserver/lazylibrarian

network_mode: "service:transmission-openvpn"

container_name: lazylibrarian

environment:

- PUID=1000

- PGID=100

- TZ=America/New_York

#- DOCKER_MODS=linuxserver/calibre-web:calibre #optional

volumes:

- /srv/dev-disk-by-label-datadisk/appdata/lazylibrarian:/config

- /srv/dev-disk-by-label-datadisk/downloads/completed:/downloads

- /srv/dev-disk-by-label-datadisk/media/ebooks:/books

restart: unless-stopped

The following is the ip I am using to get into portainer:

http://192.168.1.100:9000

Any advice would be greatly appreciated.

Zitat von Frepke

You better hide your vpn credentials, everyone can use them now

Thanks for spotting that. I'll have the credentials changed just incase.

Zitat von gderf

Are the containers running?

What do the container logs show?

All containers state are running except transmission which says healthy. I cant seem to get into the logs. When I try it says 'failure. unable to retrieve container information'. Could there be a clue to whats going on there?

Zitat von gderf

I would change LOCAL_NETWORK=192.168.1.100/24 to LOCAL_NETWORK=192.168.1.0/24 but this likely doesn't matter.

Do these correspond to an actual real user and group on the system?

- PUID=1000

- PGID=100

Alles anzeigen

Thanks for getting back to me so fast. I've been able to get a log for the transmission container after restarting my pi so will post that below.

Yes the puid and pgid matched what I had for the pi. Ive changed them to puid=1001 and pgid=100 now as thats what it is for a user i created by following techno dads video on setting up openmediavault 5 on raspberry pi.

Still unable to get in. It says '192.168.1.100 took too long to respond.' when i try to go to http://192.168.1.100:9091/

Here is the log for transmission container:

Using OpenVPN provider: NORDVPN,

2020-08-05 22:28:36 Checking curl installation,

2020-08-05 22:28:36 Removing existing configs,

2020-08-05 22:28:36 Selecting the best server...,

2020-08-05 22:28:36 Searching for technology: openvpn_udp,

2020-08-05 22:28:36 Best server : uk1778.nordvpn.com,

2020-08-05 22:28:36 Downloading config: default.ovpn,

2020-08-05 22:28:36 Downloading from: https://downloads.nordcdn.com/…1778.nordvpn.com.udp.ovpn,

% Total % Received % Xferd Average Speed Time Time Time Current,

Dload Upload Total Spent Left Speed,

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0

100 2808 100 2808 0 0 39000 0 --:--:-- --:--:-- --:--:-- 39000,

2020-08-05 22:28:36 Selecting the best server...,

2020-08-05 22:28:36 Searching for technology: openvpn_udp,

2020-08-05 22:28:36 Best server : uk1778.nordvpn.com,

2020-08-05 22:28:36 Downloading config: uk1778.nordvpn.com.ovpn,

2020-08-05 22:28:36 Downloading from: https://downloads.nordcdn.com/…1778.nordvpn.com.udp.ovpn,

% Total % Received % Xferd Average Speed Time Time Time Current,

Dload Upload Total Spent Left Speed,

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0

100 2808 100 2808 0 0 37945 0 --:--:-- --:--:-- --:--:-- 37945,

2020-08-05 22:28:36 Checking line endings,

2020-08-05 22:28:36 Updating configs for docker-transmission-openvpn,

Starting OpenVPN using config uk1778.nordvpn.com.ovpn,

Setting OPENVPN credentials...,

adding route to local network 192.168.1.1/24 via 172.17.0.1 dev eth0,

Error: Invalid prefix for given prefix length.,

Wed Aug 5 22:28:38 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019,

Wed Aug 5 22:28:38 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10,

Wed Aug 5 22:28:38 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,

Wed Aug 5 22:28:38 2020 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,

Wed Aug 5 22:28:38 2020 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,

Wed Aug 5 22:28:38 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]185.5.172.227:1194,

Wed Aug 5 22:28:38 2020 Socket Buffers: R=[180224->180224] S=[180224->180224],

Wed Aug 5 22:28:38 2020 UDP link local: (not bound),

Wed Aug 5 22:28:38 2020 UDP link remote: [AF_INET]185.5.172.227:1194,

Wed Aug 5 22:28:38 2020 TLS: Initial packet from [AF_INET]185.5.172.227:1194, sid=4b1aebe2 d07777db,

Wed Aug 5 22:28:38 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this,

Wed Aug 5 22:28:38 2020 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA,

Wed Aug 5 22:28:38 2020 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA5,

Wed Aug 5 22:28:38 2020 VERIFY KU OK,

Wed Aug 5 22:28:38 2020 Validating certificate extended key usage,

Wed Aug 5 22:28:38 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication,

Wed Aug 5 22:28:38 2020 VERIFY EKU OK,

Wed Aug 5 22:28:38 2020 VERIFY OK: depth=0, CN=uk1778.nordvpn.com,

Wed Aug 5 22:28:38 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA,

Wed Aug 5 22:28:38 2020 [uk1778.nordvpn.com] Peer Connection Initiated with [AF_INET]185.5.172.227:1194,

Wed Aug 5 22:28:40 2020 SENT CONTROL [uk1778.nordvpn.com]: 'PUSH_REQUEST' (status=1),

Wed Aug 5 22:28:40 2020 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.1.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.1.51 255.255.255.0,peer-id 49,cipher AES-256-GCM',

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: timers and/or timeouts modified,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: explicit notify parm(s) modified,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: compression parms modified,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified,

Wed Aug 5 22:28:40 2020 Socket Buffers: R=[180224->360448] S=[180224->360448],

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: --ifconfig/up options modified,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: route options modified,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: route-related options modified,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: peer-id set,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: adjusting link_mtu to 1657,

Wed Aug 5 22:28:40 2020 OPTIONS IMPORT: data channel crypto options modified,

Wed Aug 5 22:28:40 2020 Data Channel: using negotiated cipher 'AES-256-GCM',

Wed Aug 5 22:28:40 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key,

Wed Aug 5 22:28:40 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key,

Wed Aug 5 22:28:40 2020 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:02,

Wed Aug 5 22:28:40 2020 TUN/TAP device tun0 opened,

Wed Aug 5 22:28:40 2020 TUN/TAP TX queue length set to 100,

Wed Aug 5 22:28:40 2020 /sbin/ip link set dev tun0 up mtu 1500,

Wed Aug 5 22:28:40 2020 /sbin/ip addr add dev tun0 10.8.1.51/24 broadcast 10.8.1.255,

Wed Aug 5 22:28:40 2020 /etc/openvpn/tunnelUp.sh tun0 1500 1585 10.8.1.51 255.255.255.0 init,

Up script executed with tun0 1500 1585 10.8.1.51 255.255.255.0 init,

Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.1.51,

Generating transmission settings.json from env variables,

sed'ing True to true,

Enforcing ownership on transmission config directories,

Applying permissions to transmission config directories,

Setting owner for transmission paths to 1001:100,

Setting permission for files (644) and directories (755),

Setting permission for watch directory (775) and its files (664),

,

-------------------------------------,

Transmission will run as,

-------------------------------------,

User name: abc,

User uid: 1001,

User gid: 100,

-------------------------------------,

,

STARTING TRANSMISSION,

NO PORT UPDATER FOR THIS PROVIDER,

Transmission startup script complete.,

Wed Aug 5 22:28:41 2020 /sbin/ip route add 185.5.172.227/32 via 172.17.0.1,

Wed Aug 5 22:28:41 2020 /sbin/ip route add 0.0.0.0/1 via 10.8.1.1,

Wed Aug 5 22:28:41 2020 /sbin/ip route add 128.0.0.0/1 via 10.8.1.1,

Wed Aug 5 22:28:41 2020 Initialization Sequence Completed,

Zitat von gderf

What about the other containers? Can you connect to them?

no i cant connect to any of them. same error message.

Zitat von gderf

I think something about the openvpn setup has hijacked your LAN, preventing connections, but I do not know what the problem is.

Can you ping any IP addresses to sites from the OMV machine? Can you ping OMV's IP address from OMV?

Next, stop the transmission-vpn container and see if you can now connect to the other containers.

So when I ping anything from within the device itself I get:

"64 bytes from 192.168.1.100: icmp_seq=13 ttl=64 time=0.107 ms" - it keeps going on for ever and I have to close down the terminal as I can no longer use it.

When I ping the local host from another device on the network it responds as expected saying 'Reply from 192.168.1.100: bytes=32 time<1ms TTL=64'

Stopping transmission-vpn does not allow me to connect to other containers.

Zitat von gderf

You can interrupt ping by typing Ctrl-C or you can specify some small number of pings like this

ping -c 3 google.com

Looks like your LAN networking is OK, but can't explain why you can't connect to your containers. You really need to get into the container logs somehow. Try this command:

docker logs radarr

docker logs sonarr

etc.

Alles anzeigen

Thank you so much for the information you have already provided me.

I've attached the logs to this message.

Zitat von gderf

Verify that all the directories specified in your volumes: statements can be written to and read by user 1001.

Thank you for all the suggestions you've been giving me. Work has taken over a bit so not been able to get round to trying the last 2 things you've suggested but will give it a go soon.