Can't connect to Transmission webui (haugene/transmission-openvpn)

Forg6 · Jan 11th 2022

Hello,

I'm trying to set up my omv with Transmission and OpenVPN, using the haugene/transmission-openvpn docker. So far, everything seems to work, except actually connecting to the webui. If I use the container's console, and curl it (curl localhost:9091), it says "Permanently moved", which is correct according to the documentation. I'm only running this container (next to portainer, which uses port 9000), all stock omv installation, nothing crazy. Here are the logs:

Code

Tue Jan 11 13:44:53 2022 /sbin/ip addr del dev tun0 10.3.112.132/24
Tue Jan 11 13:44:53 2022 SIGTERM[hard,] received, process exiting
Starting container with revision: 20877f1b168b6ff27fc58aeef40756572c562d47
Creating TUN device /dev/net/tun
Using OpenVPN provider: PIA
Running with VPN_CONFIG_SOURCE auto
Provider PIA has a bundled setup script. Defaulting to internal config
Executing setup script for PIA
Downloading OpenVPN config bundle openvpn into temporary file /tmp/tmp.uVIBCHFmwr
Extract OpenVPN config bundle into PIA directory /etc/openvpn/pia
Starting OpenVPN using config luxembourg.ovpn
Modifying /etc/openvpn/pia/luxembourg.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Setting OpenVPN credentials...
adding route to local network 192.168.0.0/24 via 172.18.0.1 dev eth0
Tue Jan 11 13:50:20 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Tue Jan 11 13:50:20 2022 library versions: OpenSSL 1.1.1f  31 Mar 2020, LZO 2.10
Tue Jan 11 13:50:20 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Jan 11 13:50:20 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]5.253.204.122:1198
Tue Jan 11 13:50:20 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Jan 11 13:50:20 2022 UDP link local: (not bound)
Tue Jan 11 13:50:20 2022 UDP link remote: [AF_INET]5.253.204.122:1198
Tue Jan 11 13:50:20 2022 TLS: Initial packet from [AF_INET]5.253.204.122:1198, sid=4a64b39d 09b4dd44
Tue Jan 11 13:50:20 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Jan 11 13:50:20 2022 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com
Tue Jan 11 13:50:20 2022 VERIFY KU OK
Tue Jan 11 13:50:20 2022 Validating certificate extended key usage
Tue Jan 11 13:50:20 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Jan 11 13:50:20 2022 VERIFY EKU OK
Tue Jan 11 13:50:20 2022 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=luxembourg405, name=luxembourg405
Tue Jan 11 13:50:20 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Tue Jan 11 13:50:20 2022 [luxembourg405] Peer Connection Initiated with [AF_INET]5.253.204.122:1198
Tue Jan 11 13:50:21 2022 SENT CONTROL [luxembourg405]: 'PUSH_REQUEST' (status=1)
Tue Jan 11 13:50:21 2022 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1,route-ipv6 2000::/3,dhcp-option DNS 10.0.0.243,route-gateway 10.8.112.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.8.112.58 255.255.255.0,peer-id 44,cipher AES-128-GCM'
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: timers and/or timeouts modified
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: compression parms modified
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: route options modified
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: route-related options modified
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: peer-id set
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: adjusting link_mtu to 1625
Tue Jan 11 13:50:21 2022 OPTIONS IMPORT: data channel crypto options modified
Tue Jan 11 13:50:21 2022 Data Channel: using negotiated cipher 'AES-128-GCM'
Tue Jan 11 13:50:21 2022 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Tue Jan 11 13:50:21 2022 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Tue Jan 11 13:50:21 2022 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02
Tue Jan 11 13:50:21 2022 GDG6: remote_host_ipv6=n/a
Tue Jan 11 13:50:21 2022 ROUTE6: default_gateway=UNDEF
Tue Jan 11 13:50:21 2022 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
Tue Jan 11 13:50:21 2022 OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3
Tue Jan 11 13:50:21 2022 TUN/TAP device tun0 opened
Tue Jan 11 13:50:21 2022 TUN/TAP TX queue length set to 100
Tue Jan 11 13:50:21 2022 /sbin/ip link set dev tun0 up mtu 1500
Tue Jan 11 13:50:21 2022 /sbin/ip addr add dev tun0 10.8.112.58/24 broadcast 10.8.112.255
Tue Jan 11 13:50:21 2022 /etc/openvpn/tunnelUp.sh tun0 1500 1553 10.8.112.58 255.255.255.0 init
Up script executed with tun0 1500 1553 10.8.112.58 255.255.255.0 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.112.58
Updating Transmission settings.json with values from env variables
Using existing settings.json for Transmission /data/transmission-home/settings.json
Overriding bind-address-ipv4 because TRANSMISSION_BIND_ADDRESS_IPV4 is set to 10.8.112.58
Overriding download-dir because TRANSMISSION_DOWNLOAD_DIR is set to /data/completed
Overriding incomplete-dir because TRANSMISSION_INCOMPLETE_DIR is set to /data/incomplete
Overriding rpc-port because TRANSMISSION_RPC_PORT is set to 9091
Overriding watch-dir because TRANSMISSION_WATCH_DIR is set to /data/watch
sed'ing True to true
Enforcing ownership on transmission config directories
Applying permissions to transmission config directories
Setting owner for transmission paths to 998:100
Setting permissions for download and incomplete directories

2
Directories: 775
Files: 664
Setting permission for watch directory (775) and its files (664)

-------------------------------------
Transmission will run as
-------------------------------------
User name:   abc
User uid:    998
User gid:    100
-------------------------------------

STARTING TRANSMISSION
Transmission startup script complete.
Privoxy: Starting
Privoxy: Using config file at /etc/privoxy/config
Privoxy: Setting port to 8118
Privoxy: Running as PID 91
Tue Jan 11 13:50:24 2022 /sbin/ip route add 5.253.204.122/32 via 172.18.0.1
Tue Jan 11 13:50:24 2022 /sbin/ip route add 0.0.0.0/1 via 10.8.112.1
Tue Jan 11 13:50:24 2022 /sbin/ip route add 128.0.0.0/1 via 10.8.112.1
Tue Jan 11 13:50:24 2022 WARNING: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.
Tue Jan 11 13:50:24 2022 Initialization Sequence Completed

Display More

Edit: Added info. DELETED--- km0201. I got it working (so far) using this video and the mentioned documentation above.

KM0201 · Jan 11th 2022

It looks like you're using PIA... I've used this stack/docker-compose for years... works just fine for PIA... the main thing you need to check is

openvpn_config= make sure you're pointing at a PIA server that is availalble (I'll put the list at the end)

openvpn_username= make sure your username is right. I believe PIA still give syou two user names (one starts with a p, the other with an x.. make sure you're using the one with the p)

openvpn_password= again make sure your VPN password is right.

Code

version: '2.1'
services:
 transmission-openvpn:
    container_name: transvpn
    volumes:
        - /NAS/Torrents/:/data
        - /etc/localtime:/etc/localtime:ro
    environment:
        - PUID=1000
        - PGID=100
        - CREATE_TUN_DEVICE=true
        - OPENVPN_PROVIDER=PIA
        - PIA_OPENVPN_CONFIG_BUNDLE=openvpn
        - OPENVPN_CONFIG=us_florida
        - OPENVPN_USERNAME=pxxxxxx
        - OPENVPN_PASSWORD=xxxxxxxxx
        - DISABLE_PORT_UPDATER=true
        - TRANSMISSION_WEB_UI=transmission-web-control
        - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60
        - WEBPROXY_ENABLED=false
        - LOCAL_NETWORK=192.168.1.0/24
    cap_add:
        - NET_ADMIN
    logging:
        driver: json-file
        options:
            max-size: 10m
    ports:
        - 9091:9091
    restart: always
    image: haugene/transmission-openvpn

Display More

This is the current list of PIA servers that haugene has built in...

Code

root@6ba34b9a356b:/etc/openvpn/pia# ls
albania.ovpn       configure-openvpn.sh  israel.ovpn         panama.ovpn          united_arab_emirates.ovpn
algeria.ovpn       crl.rsa.2048.pem      italy.ovpn          philippines.ovpn     update-port.sh
andorra.ovpn       cyprus.ovpn           japan.ovpn          poland.ovpn          us_atlanta.ovpn
argentina.ovpn     czech_republic.ovpn   kazakhstan.ovpn     portugal.ovpn        us_california.ovpn
armenia.ovpn       de_berlin.ovpn        latvia.ovpn         qatar.ovpn           us_chicago.ovpn
au_melbourne.ovpn  de_frankfurt.ovpn     liechtenstein.ovpn  romania.ovpn         us_denver.ovpn
au_perth.ovpn      default.ovpn          lithuania.ovpn      saudi_arabia.ovpn    us_east.ovpn
au_sydney.ovpn     denmark.ovpn          luxembourg.ovpn     serbia.ovpn          us_florida.ovpn
austria.ovpn       egypt.ovpn            macao.ovpn          singapore.ovpn       us_houston.ovpn
bahamas.ovpn       estonia.ovpn          macedonia.ovpn      slovakia.ovpn        us_las_vegas.ovpn
bangladesh.ovpn    finland.ovpn          malta.ovpn          south_africa.ovpn    us_new_york.ovpn
belgium.ovpn       france.ovpn           mexico.ovpn         spain.ovpn           us_seattle.ovpn
brazil.ovpn        georgia.ovpn          moldova.ovpn        sri_lanka.ovpn       us_silicon_valley.ovpn
bulgaria.ovpn      greece.ovpn           monaco.ovpn         sweden.ovpn          us_texas.ovpn
ca.rsa.2048.crt    greenland.ovpn        mongolia.ovpn       switzerland.ovpn     us_washington_dc.ovpn
ca_montreal.ovpn   hong_kong.ovpn        montenegro.ovpn     taiwan.ovpn          us_west.ovpn
ca_ontario.ovpn    hungary.ovpn          morocco.ovpn        turkey.ovpn          venezuela.ovpn
ca_toronto.ovpn    iceland.ovpn          netherlands.ovpn    uk_london.ovpn       vietnam.ovpn
ca_vancouver.ovpn  india.ovpn            new_zealand.ovpn    uk_manchester.ovpn
cambodia.ovpn      ireland.ovpn          nigeria.ovpn        uk_southampton.ovpn
china.ovpn         isle_of_man.ovpn      norway.ovpn         ukraine.ovpn
root@6ba34b9a356b:/etc/openvpn/pia#

Display More

KM0201 · Jan 11th 2022

Forg6

Pay attention when posting pics like that. You posted your PIA username and password. I'm guessing you're not trying to share your account w/ anyone who happens to see that pic. I went ahead and removed it in case you don't see this for a while

2nd. Your PUID as 998. This has been discussed on this forum so often I almost get tired of saying it. That user is not designed for this and shouldn't be used for it. I didn't even watch the video and am already 99% certain it was dbtech just because of that.

Create a user (an unprivileged one) and add use the PUID for that user.

Forg6 · Jan 11th 2022

Thank for the quick reply, and the removal of the pic. I've checked the vpn; the username, password and server are all correct. I didn't know about the user, I'm still new to linux. I've made a new one within the container (as I should?), it should have less privileges.

If I add the user to Advanced container settings > command & logging > user, it says password found in password file. I'm trying to fix it.

Furthermore, without the new user and using your environment it still doesn't seem to work unfortunately.

Code

Starting container with revision: 20877f1b168b6ff27fc58aeef40756572c562d47
Creating TUN device /dev/net/tun
Using OpenVPN provider: PIA
Running with VPN_CONFIG_SOURCE auto
Provider PIA has a bundled setup script. Defaulting to internal config
Executing setup script for PIA
Downloading OpenVPN config bundle openvpn into temporary file /tmp/tmp.IWdMm7y8jt
Extract OpenVPN config bundle into PIA directory /etc/openvpn/pia
Starting OpenVPN using config luxembourg.ovpn
Modifying /etc/openvpn/pia/luxembourg.ovpn for best behaviour in this container
Modification: Point auth-user-pass option to the username/password file
Modification: Change ca certificate path
Modification: Change ping options
Modification: Update/set resolv-retry to 15 seconds
Modification: Change tls-crypt keyfile path
Modification: Set output verbosity to 3
Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop
Setting OpenVPN credentials...
adding route to local network 192.168.1.0/24 via 172.18.0.1 dev eth0
Tue Jan 11 14:53:03 2022 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 19 2021
Tue Jan 11 14:53:03 2022 library versions: OpenSSL 1.1.1f  31 Mar 2020, LZO 2.10
Tue Jan 11 14:53:03 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Tue Jan 11 14:53:03 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]5.253.204.121:1198
Tue Jan 11 14:53:03 2022 Socket Buffers: R=[212992->212992] S=[212992->212992]
Tue Jan 11 14:53:03 2022 UDP link local: (not bound)
Tue Jan 11 14:53:03 2022 UDP link remote: [AF_INET]5.253.204.121:1198
Tue Jan 11 14:53:03 2022 TLS: Initial packet from [AF_INET]5.253.204.121:1198, sid=a82b4799 d17fbd7d
Tue Jan 11 14:53:03 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Jan 11 14:53:03 2022 VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com
Tue Jan 11 14:53:03 2022 VERIFY KU OK
Tue Jan 11 14:53:03 2022 Validating certificate extended key usage
Tue Jan 11 14:53:03 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Jan 11 14:53:03 2022 VERIFY EKU OK
Tue Jan 11 14:53:03 2022 VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=luxembourg405, name=luxembourg405
Tue Jan 11 14:53:03 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Tue Jan 11 14:53:03 2022 [luxembourg405] Peer Connection Initiated with [AF_INET]5.253.204.121:1198
Tue Jan 11 14:53:04 2022 SENT CONTROL [luxembourg405]: 'PUSH_REQUEST' (status=1)
Tue Jan 11 14:53:04 2022 PUSH: Received control message: 'PUSH_REPLY,comp-lzo no,redirect-gateway def1,route-ipv6 2000::/3,dhcp-option DNS 10.0.0.243,route-gateway 10.7.112.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.7.112.49 255.255.255.0,peer-id 43,cipher AES-128-GCM'
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: timers and/or timeouts modified
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: compression parms modified
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: --ifconfig/up options modified
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: route options modified
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: route-related options modified
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: peer-id set
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: adjusting link_mtu to 1625
Tue Jan 11 14:53:04 2022 OPTIONS IMPORT: data channel crypto options modified
Tue Jan 11 14:53:04 2022 Data Channel: using negotiated cipher 'AES-128-GCM'
Tue Jan 11 14:53:04 2022 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Tue Jan 11 14:53:04 2022 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Tue Jan 11 14:53:04 2022 ROUTE_GATEWAY 172.18.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:12:00:02
Tue Jan 11 14:53:04 2022 GDG6: remote_host_ipv6=n/a
Tue Jan 11 14:53:04 2022 ROUTE6: default_gateway=UNDEF
Tue Jan 11 14:53:04 2022 OpenVPN ROUTE6: OpenVPN needs a gateway parameter for a --route-ipv6 option and no default was specified by either --route-ipv6-gateway or --ifconfig-ipv6 options
Tue Jan 11 14:53:04 2022 OpenVPN ROUTE: failed to parse/resolve route for host/network: 2000::/3
Tue Jan 11 14:53:04 2022 TUN/TAP device tun0 opened
Tue Jan 11 14:53:04 2022 TUN/TAP TX queue length set to 100
Tue Jan 11 14:53:04 2022 /sbin/ip link set dev tun0 up mtu 1500
Tue Jan 11 14:53:04 2022 /sbin/ip addr add dev tun0 10.7.112.49/24 broadcast 10.7.112.255
Tue Jan 11 14:53:04 2022 /etc/openvpn/tunnelUp.sh tun0 1500 1553 10.7.112.49 255.255.255.0 init
Up script executed with tun0 1500 1553 10.7.112.49 255.255.255.0 init
Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.7.112.49
Using Transmission Web Control UI, overriding TRANSMISSION_WEB_HOME
Updating Transmission settings.json with values from env variables
Using existing settings.json for Transmission /data/transmission-home/settings.json
Overriding bind-address-ipv4 because TRANSMISSION_BIND_ADDRESS_IPV4 is set to 10.7.112.49
Overriding download-dir because TRANSMISSION_DOWNLOAD_DIR is set to /data/completed
Overriding incomplete-dir because TRANSMISSION_INCOMPLETE_DIR is set to /data/incomplete
Overriding rpc-port because TRANSMISSION_RPC_PORT is set to 9091
Overriding watch-dir because TRANSMISSION_WATCH_DIR is set to /data/watch
sed'ing True to true
Enforcing ownership on transmission config directories
Applying permissions to transmission config directories
Setting owner for transmission paths to 1000:100
Setting permissions for download and incomplete directories

2
Directories: 775
Files: 664
Setting permission for watch directory (775) and its files (664)

-------------------------------------
Transmission will run as
-------------------------------------
User name:   abc
User uid:    1000
User gid:    100
-------------------------------------

STARTING TRANSMISSION
Transmission startup script complete.
Tue Jan 11 14:53:05 2022 /sbin/ip route add 5.253.204.121/32 via 172.18.0.1
Tue Jan 11 14:53:05 2022 /sbin/ip route add 0.0.0.0/1 via 10.7.112.1
Tue Jan 11 14:53:05 2022 /sbin/ip route add 128.0.0.0/1 via 10.7.112.1
Tue Jan 11 14:53:05 2022 WARNING: OpenVPN was configured to add an IPv6 route over tun0. However, no IPv6 has been configured for this interface, therefore the route installation may fail or may not work as expected.
Tue Jan 11 14:53:05 2022 Initialization Sequence Completed

Display More

KM0201 · Jan 11th 2022

Quote from Forg6

Thank for the quick reply, and the removal of the pic. I've checked the vpn; the username, password and server are all correct. I didn't know about the user, I'm still new to linux. I've made a new one within the container (as I should?), it should have less privileges.
If I add the user to Advanced container settings > command & logging > user, it says no matching users are found.
Furthermore, without the new user and using your environment it still doesn't seem to work.

No, that's not what I'm referring to.... (I would delete what you did there)

The user I'm referring to, is an OMV user....

In the OMV web panel, click on Access Right Management/User/Add

Add a username/passwrd

At the bottom set your shell to "/bin/bash"

Save.

Now, click one of the columns and enable the UID/GID columns, and it will show you the PUID/PGID for that user... use those numbers (probably 1000/100 if it's your first users)... See pic for an example of what I'm saying..

After you fix your user... can you post a pic of your volume mappings.

Soma · Jan 11th 2022

Quote from Forg6

Transmission will run as
-------------------------------------
User name: abc
User uid: 998
User gid: 100
-------------------------------------

[EDIT]This is not linuxserver image but the principle used on ALPINE based images, it equals www-data on a host.

&& useradd -u 911 -U -d /config -s /bin/false abc \

[/EDIT]

This is the user that ~~linuxserver~~ uses inside the container, NOT a user on the host.

It's correct.

What you need to show is the stack/YML that you used to launch the container (namely, this setting):

Code

    environment:
        - PUID=1000
        - PGID=100

KM0201 · Jan 11th 2022

Quote from Soma
This is the user that linuxserver uses inside the container, NOT a user on the host.
It's correct.

What you need to show is the stack/YML that you used to launch the container (namely, this setting):
Code
    environment:
        - PUID=1000
        - PGID=100

He posted a pic of his container environments a few minutes ago before I deleted it because it had his passwords, etc.. but he was using 998/100 just like every other person who watches a dbtech video..

Forg6 · Jan 11th 2022

I've made a new user with PUID=1000, PGID=100. I've also changed that in the environment. Here are my volumes link.

Soma · Jan 11th 2022

Quote from KM0201

He posted a pic of his container environments a few minutes ago before I deleted it because it had his passwords, etc.. but he was using 998/100 just like every other person who watches a dbtech video..

Isn't that, the log from the running container?!? On post #1

KM0201 · Jan 11th 2022

Quote from Soma

Isn't that, the log from the running container?!? On post #1

Yes.

I don't believe he's changed it yet.

Quote from Forg6

I've made a new user with PUID=1000, PGID=100. I've also changed that in the environment. Here are my volumes link.

Well there's part of your problem (maybe entirely).. you need to map /data somewhere.

So.. create a folder under Shared Folders.. say.. "Torrents"

After you add the share, click the Columns and enable the "absolute path" column... then you need to add that path to your volumes as a "bind".. it will look something like this (this is a lot easier to do w/ a stack or docker-compose, but since this is where we are...).. Your config folder is fine... your /data folder is the problem... so change that to "bind" and then put the absolute path to your Torrents folder, in the host box.. It will look something like this...

metRo_ · Aug 29th 2022

Hi,

I tried lscr.io/linuxserver/transmission:latest and it worked. Then I tried transmission with openvpn but can't make it work with nordvpn:

Code

---
version: "2"
services:
  transmission-openvpn:
    image: haugene/transmission-openvpn:latest
    container_name: transmission-openvpn-syno
    restart: always
    cap_add:
      - NET_ADMIN # This runs the container with raised privileges
    devices:
      - /dev/net/tun # This creates a tunnel for Transmission
    volumes:
      - /srv/dev-disk-by-label-DATA/Filmes:/data # Change this to your Torrent path
    environment:
      - OPENVPN_PROVIDER=NORDVPN # Or other compatible OpenVPN provider
      #- OPENVPN_CONFIG=Spain # Or other region that supports port forwarding. Check with your VPN provider
      - OPENVPN_USERNAME=USER # VPN provider username
      - OPENVPN_PASSWORD=PASS # VPN provider password
      #- NORDVPN_COUNTRY=ES
      - LOCAL_NETWORK=192.168.1.5 # If your server's IP address is 192.168.1.x, then use this. If your server's IP address is 192.168.0.x, then change to 192.168.0.0/24
      - OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60 # Leave this as is
      - PUID=1002 #Change to your PUID
      - PGID=100 #Change to your PGID
    logging:
            driver: json-file
            options:
                max-size: 10m
    ports:
      - 9091:9091 #GUI Port
      - 8888:8888 #Transmission Port
    dns:
      - 8.8.8.8 #Use whatever DNS provider you want. This is Google.
      - 8.8.4.4 #Use whatever DNS provider you want. This is Google.

Display More

Output log:

Quote

Using OpenVPN provider: NORDVPN,

Running with VPN_CONFIG_SOURCE auto,

Provider NORDVPN has a bundled setup script. Defaulting to internal config,

Executing setup script for NORDVPN,

2022-08-29 16:56:52 Checking curl installation,

2022-08-29 16:56:52 Removing existing configs,

2022-08-29 16:56:52 Selecting the best server...,

2022-08-29 16:56:52 Searching for group: legacy_p2p,

2022-08-29 16:56:52 Searching for technology: openvpn_udp,

2022-08-29 16:56:52 Best server : pt89.nordvpn.com,

2022-08-29 16:56:52 Downloading config: default.ovpn,

2022-08-29 16:56:52 Downloading from: https://downloads.nordcdn.com/…pt89.nordvpn.com.udp.ovpn,

Starting OpenVPN using config default.ovpn,

Modifying /etc/openvpn/nordvpn/default.ovpn for best behaviour in this container,

Modification: Point auth-user-pass option to the username/password file,

Modification: Change ca certificate path,

Modification: Change ping options,

Modification: Update/set resolv-retry to 15 seconds,

Modification: Change tls-crypt keyfile path,

Modification: Set output verbosity to 3,

Modification: Remap SIGUSR1 signal to SIGTERM, avoid OpenVPN restart loop,

Setting OpenVPN credentials...,

adding route to local network 192.168.1.5 via 172.23.0.1 dev eth0,

Mon Aug 29 16:56:53 2022 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 22 2022,

Mon Aug 29 16:56:53 2022 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10,

Mon Aug 29 16:56:53 2022 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,

Mon Aug 29 16:56:53 2022 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,

Mon Aug 29 16:56:53 2022 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,

Mon Aug 29 16:56:53 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]5.154.174.161:1194,

Mon Aug 29 16:56:53 2022 Socket Buffers: R=[180224->180224] S=[180224->180224],

Mon Aug 29 16:56:53 2022 UDP link local: (not bound),

Mon Aug 29 16:56:53 2022 UDP link remote: [AF_INET]5.154.174.161:1194,

Mon Aug 29 16:56:53 2022 TLS: Initial packet from [AF_INET]5.154.174.161:1194, sid=767af0f4 2fee763b,

Mon Aug 29 16:56:53 2022 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this,

Mon Aug 29 16:56:53 2022 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA,

Mon Aug 29 16:56:53 2022 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA7,

Mon Aug 29 16:56:53 2022 VERIFY KU OK,

Mon Aug 29 16:56:53 2022 Validating certificate extended key usage,

Mon Aug 29 16:56:53 2022 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication,

Mon Aug 29 16:56:53 2022 VERIFY EKU OK,

Mon Aug 29 16:56:53 2022 VERIFY X509NAME OK: CN=pt89.nordvpn.com,

Mon Aug 29 16:56:53 2022 VERIFY OK: depth=0, CN=pt89.nordvpn.com,

Mon Aug 29 16:56:53 2022 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA,

Mon Aug 29 16:56:53 2022 [pt89.nordvpn.com] Peer Connection Initiated with [AF_INET]5.154.174.161:1194,

Mon Aug 29 16:56:54 2022 SENT CONTROL [pt89.nordvpn.com]: 'PUSH_REQUEST' (status=1),

Mon Aug 29 16:56:54 2022 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway 10.8.2.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.8.2.2 255.255.255.0,peer-id 0,cipher AES-256-GCM',

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: timers and/or timeouts modified,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: explicit notify parm(s) modified,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: compression parms modified,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified,

Mon Aug 29 16:56:54 2022 Socket Buffers: R=[180224->360448] S=[180224->360448],

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: --ifconfig/up options modified,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: route options modified,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: route-related options modified,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: peer-id set,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: adjusting link_mtu to 1657,

Mon Aug 29 16:56:54 2022 OPTIONS IMPORT: data channel crypto options modified,

Mon Aug 29 16:56:54 2022 Data Channel: using negotiated cipher 'AES-256-GCM',

Mon Aug 29 16:56:54 2022 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key,

Mon Aug 29 16:56:54 2022 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key,

Mon Aug 29 16:56:54 2022 ROUTE_GATEWAY 172.23.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:17:00:02,

Mon Aug 29 16:56:54 2022 TUN/TAP device tun0 opened,

Mon Aug 29 16:56:54 2022 TUN/TAP TX queue length set to 100,

Mon Aug 29 16:56:54 2022 /sbin/ip link set dev tun0 up mtu 1500,

Mon Aug 29 16:56:54 2022 /sbin/ip addr add dev tun0 10.8.2.2/24 broadcast 10.8.2.255,

Mon Aug 29 16:56:54 2022 /etc/openvpn/tunnelUp.sh tun0 1500 1585 10.8.2.2 255.255.255.0 init,

Up script executed with tun0 1500 1585 10.8.2.2 255.255.255.0 init,

Updating TRANSMISSION_BIND_ADDRESS_IPV4 to the ip of tun0 : 10.8.2.2,

Updating Transmission settings.json with values from env variables,

Using existing settings.json for Transmission /data/transmission-home/settings.json,

Overriding bind-address-ipv4 because TRANSMISSION_BIND_ADDRESS_IPV4 is set to 10.8.2.2,

Overriding download-dir because TRANSMISSION_DOWNLOAD_DIR is set to /data/completed,

Overriding incomplete-dir because TRANSMISSION_INCOMPLETE_DIR is set to /data/incomplete,

Overriding rpc-port because TRANSMISSION_RPC_PORT is set to 9091,

Overriding watch-dir because TRANSMISSION_WATCH_DIR is set to /data/watch,

sed'ing True to true,

Enforcing ownership on transmission config directories,

Applying permissions to transmission config directories,

Setting owner for transmission paths to 1002:100,

Setting permissions for download and incomplete directories,,

2,

Directories: 775,

Files: 664,

Setting permission for watch directory (775) and its files (664),

,

-------------------------------------,

Transmission will run as,

-------------------------------------,

User name: abc,

User uid: 1002,

User gid: 100,

-------------------------------------,

,

STARTING TRANSMISSION,

Transmission startup script complete.,

Mon Aug 29 16:56:55 2022 /sbin/ip route add 5.154.174.161/32 via 172.23.0.1,

Mon Aug 29 16:56:55 2022 /sbin/ip route add 0.0.0.0/1 via 10.8.2.1,

Mon Aug 29 16:56:55 2022 /sbin/ip route add 128.0.0.0/1 via 10.8.2.1,

Mon Aug 29 16:56:55 2022 Initialization Sequence Completed,

Display More

It looks like it can connect to nordvpn but doesn't set up transmission.

LOCAL_NETWORK was wrongly configured.

Can't connect to Transmission webui (haugene/transmission-openvpn)

KM0201 Jan 11th 2022

KM0201 Jan 11th 2022

Participate now!

Tags