update:
Just did a bit if tinkering and it is now possible to use any wireguard configuration, that includes killswitch and custom dns. Had to redeploy the container since privoxy was not working properly. Apparently this happens from time to time and various images. Delete your privoxy folder and double check that qbit is not using the same listening port. Adjust your compose and qbit settings in webgui. Finally check your log for any errors.
Found the cause. Lowering the upload slots in qbittorrent solved it. First part of the graph is without limitations, middle part with max 4 per torrent and last part max 2.
Hello,
Please help me clarifying a strange thing that is happening on my nas. The disk reads (+-60MB/s) shown in the graph on the performance statistics page does not correspond to what is actually happening in regards to network traffic according to opnsense. Taken into account the difference between KiB/s (torrent), MB/s (omv graph) and Mb/s (opnsense). When I stop the upload the graph drops, so It's for sure related to qbittorrent. I can hear the disk is being put to work while qbittorrent is capped at 500 KiB/s upload rate (more or less verfied by opnsense). Only a few torrents are being uploaded at the same time.
After stopping torrents:
Thank you
To do that you need a point-to-site configuration. In this article you can see how to configure it. https://www.procustodibus.com/…ard-point-to-site-config/
I don't know if you want to connect to a remote server that you own or a commercial remote server. If it is the latter, you will have to consult that provider about what they allow you to do. You will also have to adapt the iptables configurations to what that article says for it to work.
That's not what I mean. Every client has individually been configured to use a vpn connection. In the future I will configure opnsense to do as you suggested.
Thank you for the suggestion. All seems to work now. Webgui/ssh is reachable with vpn connection enabled through wireguard plugin. I really want killswitch for obvious reasons enabled. Any ideas?
Seems like you have run into this before, no?
That was a problem with a docker container. Since then I used binhex qbittorrent which functions really good. I wanted to try the wireguard plugin now, thus having all my clients in my household using a vpn.
Try regenerating the wireguard config with the killswitch DISabled.
While you where responding to my post I've updated/modified it. Will try disable option.
Hello,
Tried solving this problem by myself and searched this forum for similar error but no luck. I'm trying to get wireguard through the plugin (custom) to work with the following configs:
[Interface]
# Device: device name here
PrivateKey = insert key here
Address = 10.69.171.24/32
DNS = 100.64.0.63
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = insert key here
AllowedIPs = 0.0.0.0/0
Endpoint = 193.32.249.66:51820After a reboot the terminal shows that a connection is made with the mullvad server on a different external ip. Google is pingable and the curl ifconfig.io command verifies the external ip. But I cannot access the webgui, nor ssh.
Then I made a change (AllowedIPs) to the config with the help of nano editor and some info on this forum:
[Interface]
# Device: device name here
PrivateKey = insert key here
Address = 10.69.171.24/32
DNS = 100.64.0.63
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = insert key here=
AllowedIPs = 192.168.1.0/24
Endpoint = 193.32.249.66:51820After a reboot the terminal shows a the normal public ip. No vpn connection has been made. This time it is possible to access the webgui/ssh.
A final change in the config (dns) didn't help:
[Interface]
# Device: device name here
PrivateKey = insert key here
Address = 10.69.171.24/32
DNS = 192.168.1.1
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = insert key here
AllowedIPs = 0.0.0.0/0
Endpoint = 193.32.249.66:51820The wireguard config is newly generated on the mullvad website with killswitch enabled. I've noticed when I make a change in /etc/wireguard/wgnet_mullwg.conf (AllowedIPs) and after a reboot the webgui doesn't reflect that change.
Thank you in advance!
Not too long ago a update broke the system or at least a importend part of it. Can't remember exacly what it was and the search function will not let me search my own old posts so I cannot give you an example. I believe it had something to do with grub also. But it does happen once in a while.
Once in a while an update won't go smoothly.
ok all is good. Pffeww. No new updates.
ok did a reboot. It's up but still getting a notification for the same updates. And this message:
E: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem.Will run to see if it resolves it.
Don't think that's the problem given the series of events. And no way to check now, even hooking up a monitor gives a blank output.
And it is not possible to login on the webgui or connect through ssh....
Hello,
This morning I've installed updates and get the following errors after unsuccesfull installation:
Fetched 3,934 B in 3s (1,487 B/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
stem.
Failed: grub-install --target=x86_64-efi
WARNING: Bootloader is not properly installed, system may not be bootable
cp: cannot create regular file '/boot/grub/unicode.pf2': Read-only file system
debconf: DbDriver "config": could not write /var/cache/debconf/config.dat-new: Input/output error
dpkg: error processing package grub-efi-amd64 (--configure):
installed grub-efi-amd64 package post-installation script subprocess returned error exit
status 1
dpkg: error: unable to create new file '/var/lib/dpkg/status-new': Input/output error
Python path configuration:
PYTHONHOME = (not set)
PYTHONPATH = (not set)
program name = '/usr/bin/python3'
isolated = 0
environment = 1
user site = 1
import site = 1
sys._base_executable = '/usr/bin/python3'
sys.base_prefix = '/usr'
sys.base_exec_prefix = '/usr'
sys.platlibdir = 'lib'
sys.executable = '/usr/bin/python3'
sys.prefix = '/usr'
sys.exec_prefix = '/usr'
sys.path = [
'/usr/lib/python39.zip',
'/usr/lib/python3.9',
'/usr/lib/python3.9/lib-dynload',
]
Fatal Python error: init_fs_encoding: failed
to get the Python codec of the filesystem encoding
Python runtime state: core initialized
Traceback (most recent call last):
File "<frozen importlib._bootstrap>", line
1007, in _find_and_load
File "<frozen importlib._bootstrap>", line
982, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line
925, in _find_spec
File "<frozen importlib._bootstrap_external>", line 1349, in find_spec
File "<frozen importlib._bootstrap_external>", line 1321, in _get_spec
File "<frozen importlib._bootstrap_external>", line 1450, in find_spec
File "<frozen importlib._bootstrap_external>", line 1490, in _fill_cache
OSError: [Errno 5] Input/output error: '/usr/lib/python3.9'
E: Sub-process /usr/bin/dpkg returned an error code (2)
W: Problem unlinking the file /var/cache/apt/pkgcache.bin - pkgDPkgPM::Go (30: Read-only file system)
E: Problem executing scripts DPkg::Post-Invoke 'if [ -x /usr/bin/dpkgnotify ]; then /usr/bin/dpkgnotify; fi;'
E: Sub-process returned an error codeSomewhere it says that system may not be bootable which is the scary part. Any idea's?
Thank you.
Hi,
Is there anyone that can give some advice on which docker I should use for setting up a cups printserver that supports the samsung m2020 series? In particular the m2026w. A compose file would be nice. My previous attempt didn't work:
Thank you.
Thank you for the advice. Got It more or less running. I've stumbled upon a problem. My printer is a samsung m2026w (m2020 series). I cannot print a test page from the webgui and remote clients. This is what I get:
Queue Name Description Location Make and Model Status
Samsung_M2020_Series Samsung M2020 Series kantoor Samsung M2020 Series Idle - "File "/usr/lib/cups/filter/rastertospl" not available: No such file or directory"ID Name User Size Pages State Control
Samsung_M2020_Series-11 Unknown Withheld 1k Unknown stopped After some digging it turn out that my printer is not supported by the debian team on which this docker image is based on. I've tried manually installing a ppd file since the printer was not listed in add printer. Here is my docker compose to be clear:
version: '3.3'
services:
cupsd:
image: olbat/cupsd
container_name: cupsd
volumes:
- '/dev/bus/usb:/dev/bus/usb'
ports:
- '631:631'
privileged: true
restart: alwaysAny advice is welcome. Or should I start a separate thread?
Update:
Adding the following did not solve it:
'/var/run/dbus:/var/run/dbus'Would you be so kind to share your compose/stack please?
Greetings
If it's so trivial maybe you can submit the PR?
I second that motion. 
Alles anzeigenGreat question! I'm not sure if this question has come up for this image before. Would also make a good suggestion to DyonR.
Unfortunately, the Wireguard configuration file can have only one name - wg0.conf, so having multiple .conf files with different names which use different servers in the same directory will not work.
Also, having one proper wg0.conf file that has multiple servers configured within it doesn't work either.
The only way I can see accomplishing this would be having a down connection trigger some custom code that renames another server .conf file to wg0.conf and then restarts the container. Would be an interesting exercise.
So far, after many years of continuously running this and other similar images 24/7 I have not noticed an outage from my my VPN provider.
Yes unfortunately only one config file is supported as stated on the docker page. Would be cool if future updates had this option. Simply call them wg0.conf, wg1.conf etc. Would you like to send in a request? And also may I inquire which vpn provider you use?
