VPN Stack OPMV 5

  • Hi Guys, I have followed TechnoDadLifes's guide on youtube on how to create a VPN stack with transmission and docker/portainer etc, however I'm having issues in accessing Radarr, Sonarr, Jackett and Transmission using my ip and the ports


    I have had all these up and running sucessfully as individual containers NOT running through the VPN.


    I'm using a Pi4B, My IP is fixed. I don't have a VPN yet as wanted to make sure I could get the containers running in the stack before I purchased one.


    PUID PGID etc has been confirmed and the absolute paths are correct.


    I'm guessing its to do with the LOCAL_NETWORK=192.168.0.32/24 (The IP for the PI is fixed on the router as 192.168.0.32) I'm not a network guy so unsure if I need to change this or what to?


    Or its to do with me not having the VPN set up yet?


    The compose file is below and I would appreciate your comments!


    Compose file:

    version: '2.1'

    services:

    transmission-openvpn:

    volumes:

    - /srv/dev-disk-by-label-PiShareNEW/appdata/:/data

    - /etc/localtime:/etc/localtime:ro

    environment:

    - PUID=1000

    - PGID=1000

    - CREATE_TUN_DEVICE=true

    - OPENVPN_PROVIDER=NORDVPN

    # - OPENVPN_CONFIG=default

    - NORDVPN_COUNTRY=US

    - NORDVPN_CATEGORY=legacy_p2p

    - NORDVPN_PROTOCOL=udp

    - OPENVPN_USERNAME=wqxThYK8YJt6mBWdnhzXrnyM

    - OPENVPN_PASSWORD=WtvbSQgBrtWTqLeTX5tSj62Z

    - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60

    - WEBPROXY_ENABLED=false

    - LOCAL_NETWORK=192.168.0.32/24

    - TRANSMISSION_SCRAPE_PAUSED_TORRENTS_ENABLED=false

    - DNS=8.8.8.8,8.8.4.4

    cap_add:

    - NET_ADMIN

    logging:

    driver: json-file

    options:

    max-size: 10m

    ports:

    - 9091:9091

    - 9117:9117

    - 7878:7878

    - 8989:8989

    - 8686:8686

    - 5299:5299

    restart: always

    image: haugene/transmission-openvpn:latest-armhf


    jackett:

    image: linuxserver/jackett

    container_name: jackett

    network_mode: "service:transmission-openvpn"

    environment:

    - PUID=1000

    - PGID=1000

    - TZ=Europe/London

    - AUTO_UPDATE=true #optional

    - RUN_OPTS=#optional

    volumes:

    - /srv/dev-disk-by-label-PiShareNEW/appdata/jackett:/config

    - /srv/dev-disk-by-label-PiShareNEW/downloads:/downloads

    restart: unless-stopped


    radarr:

    image: linuxserver/radarr

    network_mode: "service:transmission-openvpn"

    container_name: radarr

    environment:

    - PUID=1000

    - PGID=1000

    - TZ=Europe/London

    - UMASK_SET=022 #optional

    volumes:

    - /srv/dev-disk-by-label-PiShareNEW/appdata/radarr:/config

    - /srv/dev-disk-by-label-PiShareNEW/media/movies:/movies

    - /srv/dev-disk-by-label-PiShareNEW/downloads:/downloads

    restart: unless-stopped


    sonarr:

    image: linuxserver/sonarr

    network_mode: "service:transmission-openvpn"

    container_name: sonarr

    environment:

    - PUID=1000

    - PGID=1000

    - TZ=Europe/London

    - UMASK_SET=022 #optional

    volumes:

    - /srv/dev-disk-by-label-PiShareNEW/appdata/sonarr:/config

    - /srv/dev-disk-by-label-PiShareNEW/media/tv:/tv

    - /srv/dev-disk-by-label-PiShareNEW/downloads:/downloads

    restart: unless-stopped

  • I've not done it this way, but it's probably because you don't have the vpn setup yet. That transmission container has a kill switch enabled so if you are not connecting to the vpn, it's not online (and likely the same for anything else going through it).

  • Just checked the container log and it looks like the vpn has connected? Still can't access the apps via the ports though


    Using OpenVPN provider: NORDVPN,

    2020-10-22 09:25:28 Checking curl installation,

    2020-10-22 09:25:28 Removing existing configs,

    2020-10-22 09:25:28 Selecting the best server...,

    2020-10-22 09:25:28 Searching for technology: openvpn_udp,

    2020-10-22 09:25:28 Best server : uk2099.nordvpn.com,

    2020-10-22 09:25:28 Downloading config: default.ovpn,

    2020-10-22 09:25:28 Downloading from: https://downloads.nordcdn.com/…2099.nordvpn.com.udp.ovpn,

    % Total % Received % Xferd Average Speed Time Time Time Current,

    Dload Upload Total Spent Left Speed,


    0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0

    100 2809 100 2809 0 0 18359 0 --:--:-- --:--:-- --:--:-- 18359,

    2020-10-22 09:25:28 Selecting the best server...,

    2020-10-22 09:25:28 Searching for country : GB (227),

    2020-10-22 09:25:28 Searching for technology: openvpn_udp,

    2020-10-22 09:25:28 Best server : uk2099.nordvpn.com,

    2020-10-22 09:25:28 Downloading config: uk2099.nordvpn.com.ovpn,

    2020-10-22 09:25:28 Downloading from: https://downloads.nordcdn.com/…2099.nordvpn.com.udp.ovpn,

    % Total % Received % Xferd Average Speed Time Time Time Current,

    Dload Upload Total Spent Left Speed,


    0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0

    100 2809 100 2809 0 0 26009 0 --:--:-- --:--:-- --:--:-- 26009,

    2020-10-22 09:25:28 Checking line endings,

    2020-10-22 09:25:28 Updating configs for docker-transmission-openvpn,

    Starting OpenVPN using config uk2099.nordvpn.com.ovpn,

    Setting OPENVPN credentials...,

    adding route to local network 192.168.0.0/24 via 172.17.0.1 dev eth0,

    Thu Oct 22 09:25:31 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019,

    Thu Oct 22 09:25:31 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10,

    Thu Oct 22 09:25:31 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,

    Thu Oct 22 09:25:31 2020 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,

    Thu Oct 22 09:25:31 2020 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,

    Thu Oct 22 09:25:31 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]195.181.164.39:1194,

    Thu Oct 22 09:25:31 2020 Socket Buffers: R=[180224->180224] S=[180224->180224],

    Thu Oct 22 09:25:31 2020 UDP link local: (not bound),

    Thu Oct 22 09:25:31 2020 UDP link remote: [AF_INET]195.181.164.39:1194,

    Thu Oct 22 09:25:31 2020 TLS: Initial packet from [AF_INET]195.181.164.39:1194, sid=e2a15f1f 72eac618,

    Thu Oct 22 09:25:31 2020 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this,

    Thu Oct 22 09:25:31 2020 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA,

    Thu Oct 22 09:25:31 2020 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA5,

    Thu Oct 22 09:25:31 2020 VERIFY KU OK,

    Thu Oct 22 09:25:31 2020 Validating certificate extended key usage,

    Thu Oct 22 09:25:31 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication,

    Thu Oct 22 09:25:31 2020 VERIFY EKU OK,

    Thu Oct 22 09:25:31 2020 VERIFY OK: depth=0, CN=uk2099.nordvpn.com,

    Thu Oct 22 09:25:31 2020 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA,

    Thu Oct 22 09:25:31 2020 [uk2099.nordvpn.com] Peer Connection Initiated with [AF_INET]195.181.164.39:1194,

    Thu Oct 22 09:25:32 2020 SENT CONTROL [uk2099.nordvpn.com]: 'PUSH_REQUEST' (status=1),

    Thu Oct 22 09:25:32 2020 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.1.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.1.13 255.255.255.0,peer-id 12,cipher AES-256-GCM',

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: timers and/or timeouts modified,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: explicit notify parm(s) modified,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: compression parms modified,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified,

    Thu Oct 22 09:25:32 2020 Socket Buffers: R=[180224->360448] S=[180224->360448],

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: --ifconfig/up options modified,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: route options modified,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: route-related options modified,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: peer-id set,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: adjusting link_mtu to 1657,

    Thu Oct 22 09:25:32 2020 OPTIONS IMPORT: data channel crypto options modified,

    Thu Oct 22 09:25:32 2020 Data Channel: using negotiated cipher 'AES-256-GCM',

    Thu Oct 22 09:25:32 2020 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key,

    Thu Oct 22 09:25:32 2020 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key,

    Thu Oct 22 09:25:32 2020 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:03,

    Thu Oct 22 09:25:32 2020 TUN/TAP device tun0 opened,

    Thu Oct 22 09:25:32 2020 TUN/TAP TX queue length set to 100,

    Thu Oct 22 09:25:32 2020 /sbin/ip link set dev tun0 up mtu 1500,

    Thu Oct 22 09:25:32 2020 /sbin/ip addr add dev tun0 10.8.1.13/24 broadcast 10.8.1.255,

    Thu Oct 22 09:25:32 2020 /etc/openvpn/tunnelUp.sh tun0 1500 1585 10.8.1.13 255.255.255.0 init,

    Up script executed with tun0 1500 1585 10.8.1.13 255.255.255.0 init,

    Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.1.13,

    Generating transmission settings.json from env variables,

    sed'ing True to true,

    Enforcing ownership on transmission config directories,

    Applying permissions to transmission config directories,

    Setting owner for transmission paths to 1000:1000,

    Setting permission for files (644) and directories (755),

    Setting permission for watch directory (775) and its files (664),

    ,

    -------------------------------------,

    Transmission will run as,

    -------------------------------------,

    User name: abc,

    User uid: 1000,

    User gid: 1000,

    -------------------------------------,

    ,

    STARTING TRANSMISSION,

    NO PORT UPDATER FOR THIS PROVIDER,

    Transmission startup script complete.,

    Thu Oct 22 09:25:33 2020 /sbin/ip route add 195.181.164.39/32 via 172.17.0.1,

    Thu Oct 22 09:25:33 2020 /sbin/ip route add 0.0.0.0/1 via 10.8.1.1,

    Thu Oct 22 09:25:33 2020 /sbin/ip route add 128.0.0.0/1 via 10.8.1.1,

    Thu Oct 22 09:25:33 2020 Initialization Sequence Completed,

  • I am not sure. I use this container in a modified form as I have a different VPN provider, I wanted watch folders and wanted another app (sabnzbd). I believe the idea of this one was to make sure that every one of these apps only accesses the Internet via the VPN. I am not sure how easy it is to do so outside of one stack.


    This is what I have used.


  • hehe

    OK something weird is going on. since mine is only in a lab for now, I redeployed this and I have the same issue as you. I can't connect to any of the apps in the container any more. I will let you know if I can determine why.

  • Thanks! I had not cleared my appdata folder from the previous non vpn install, Deleted everything and its up and running now. Much appreciated!

    No problem. OMV is a fun platform to play with.

    I can't wait till they rev that haugene container and allow us to add our own vpn config files. I only have a limited VPN account and I can't access the range that is included for my provider and would like to tweak it.

  • Having a nightmare with this stack, I now have everything running through the VPN, Sonarr and Radarr both picking up download, passing it to transmission for download but Sonarr and Radarr are not picking up the completed download to rename and transfer to the media folder.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!