binhex

[Support] binhex - DelugeVPN

1881 posts in this topic

Overview: Support for Docker image arch-delugevpn in the binhex repo.

Application: Deluge - http://deluge-torrent.org/

Docker Hub: https://hub.docker.com/r/binhex/arch-delugevpn/

GitHub: https://github.com/binhex/arch-delugevpn

 

If you appreciate my work, then please consider buying me a beer  :D

 

btn_donate_SM.gif

 

For other Docker support threads and requests, news and Docker template support for the binhex repository please use the "General" thread here

2

Share this post


Link to post
Share on other sites

IMPORTANT - Existing users read

 

Hi all, i have made some changes (3rd Feb 2016) to DelugeVPN which will mean if you pull down the latest image you will now need to alter the name environment variable "LAN_RANGE" to "LAN_NETWORK", you will also now need to define this as <lan network>/<cidr notation>

 

Example CIDR notation below:-

 

subnet mask 255.255.255.0  = CIDR /24
subnet mask 255.255.0.0 = CIDR /16
subnet mask 255.0.0 = CIDR 8

 

So the env var in the unRAID webui Docker section would end up looking like this:-

 

Variable Name: Variable Value:
LAN_NETWORK    192.168.1.0/24

 

For other configurations please calculate the CIDR using this online calculator http://www.subnet-calculator.com/cidr.php

 

So you might be asking why ive made this change, the reason is that this vastly simplifies the iptables configuration, it also gets around the limitation that the linux kernel has to have iptable_mangle module loaded, which is not a default.

0

Share this post


Link to post
Share on other sites

Hi Binhex! I posted in /plugins (v6), but was told to post here as well.


 

Hi all,

 

I've recently made the move from FreeNAS to Unraid and I'm trying to get used to the whole docker setup. I feel like I've gotten most of my docker apps setup and running without a hitch, the one I can't seem to figure out is DelugeVPN from binhex. I'm using IPVanish as my vpn and have gone into the advanced settings to get everything properly set up based on these threads [https://lime-technology.com/forum/index.php?topic=38055.210] [https://lime-technology.com/forum/index.php?topic=38055.0]. Any help would be greatly appreciated as the rest of this process has been incredibly awesome.

 

I have the ca.ipvanish.com.crt file as well as the ovpn file sitting in mnt/cache/

Could this be causing the issue?

 

Here are the logs pulled:

 

2016-01-27 23:16:55,088 DEBG 'start' stdout output:

-P INPUT DROP

-P FORWARD ACCEPT

-P OUTPUT DROP

-A INPUT -i tun0 -j ACCEPT

-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT

-A INPUT -i eth0 -p udp -m udp --sport 443 -j ACCEPT

-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT

-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT

-A INPUT -i eth0 -m iprange --src-range myserverports-myserverports.254 -j ACCEPT

-A INPUT -i eth0 -m iprange --dst-range myserverports-myserverports.254 -j ACCEPT

-A INPUT -p udp -m udp --sport 53 -j ACCEPT

-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A OUTPUT -o tun0 -j ACCEPT

-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT

-A OUTPUT -o eth0 -p udp -m udp --dport 443 -j ACCEPT

-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT

-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT

-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT

-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

-A OUTPUT -o lo -j ACCEPT

 

2016-01-27 23:16:55,088 DEBG 'start' stdout output:

--------------------

 

2016-01-27 23:16:55,088 DEBG 'start' stdout output:

[info] nameservers

 

2016-01-27 23:16:55,089 DEBG 'start' stdout output:

nameserver 8.8.8.8

nameserver 8.8.4.4

 

2016-01-27 23:16:55,089 DEBG 'start' stdout output:

--------------------

 

2016-01-27 23:16:55,093 DEBG 'start' stdout output:

[info] Starting OpenVPN...

 

2016-01-27 23:16:55,097 DEBG 'start' stdout output:

Wed Jan 27 23:16:55 2016 DEPRECATED OPTION: --tls-remote, please update your configuration

 

2016-01-27 23:16:55,097 DEBG 'start' stdout output:

Wed Jan 27 23:16:55 2016 OpenVPN 2.3.9 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Dec 24 2015

Wed Jan 27 23:16:55 2016 library versions: OpenSSL 1.0.2e 3 Dec 2015, LZO 2.09

Wed Jan 27 23:16:55 2016 WARNING: file 'credentials.conf' is group or others accessible

 

Here are the VPN settings I used=

 

VPN_ENABLED            yes

VPN_USER                  myusername

VPN_PASS                  mypassword

VPN_REMOTE              ams-a08.ipvanish.com

VPN_PORT                  443

VPN_PROTOCOL          udp

VPN_PROV                  custom

ENABLE_PRIVOXY        no

LAN_RANGE                mynetworklan.3-mynetworklan.3.254

 

Let me know if there's anything else you guys need as far as info and thanks again.

0

Share this post


Link to post
Share on other sites

Hi Binhex! I posted in /plugins (v6), but was told to post here as well.


 

Hi all,

 

I've recently made the move from FreeNAS to Unraid and I'm trying to get used to the whole docker setup. I feel like I've gotten most of my docker apps setup and running without a hitch, the one I can't seem to figure out is DelugeVPN from binhex. I'm using IPVanish as my vpn and have gone into the advanced settings to get everything properly set up based on these threads [https://lime-technology.com/forum/index.php?topic=38055.210] [https://lime-technology.com/forum/index.php?topic=38055.0]. Any help would be greatly appreciated as the rest of this process has been incredibly awesome.

 

I have the ca.ipvanish.com.crt file as well as the ovpn file sitting in mnt/cache/

Could this be causing the issue?

 

Here are the logs pulled:

 

2016-01-27 23:16:55,088 DEBG 'start' stdout output:

-P INPUT DROP

-P FORWARD ACCEPT

-P OUTPUT DROP

-A INPUT -i tun0 -j ACCEPT

-A INPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT

-A INPUT -i eth0 -p udp -m udp --sport 443 -j ACCEPT

-A INPUT -i eth0 -p tcp -m tcp --dport 8112 -j ACCEPT

-A INPUT -i eth0 -p tcp -m tcp --sport 8112 -j ACCEPT

-A INPUT -i eth0 -m iprange --src-range myserverports-myserverports.254 -j ACCEPT

-A INPUT -i eth0 -m iprange --dst-range myserverports-myserverports.254 -j ACCEPT

-A INPUT -p udp -m udp --sport 53 -j ACCEPT

-A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A OUTPUT -o tun0 -j ACCEPT

-A OUTPUT -s 172.17.0.0/16 -d 172.17.0.0/16 -j ACCEPT

-A OUTPUT -o eth0 -p udp -m udp --dport 443 -j ACCEPT

-A OUTPUT -o eth0 -p tcp -m tcp --dport 8112 -j ACCEPT

-A OUTPUT -o eth0 -p tcp -m tcp --sport 8112 -j ACCEPT

-A OUTPUT -p udp -m udp --dport 53 -j ACCEPT

-A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

-A OUTPUT -o lo -j ACCEPT

 

2016-01-27 23:16:55,088 DEBG 'start' stdout output:

--------------------

 

2016-01-27 23:16:55,088 DEBG 'start' stdout output:

[info] nameservers

 

2016-01-27 23:16:55,089 DEBG 'start' stdout output:

nameserver 8.8.8.8

nameserver 8.8.4.4

 

2016-01-27 23:16:55,089 DEBG 'start' stdout output:

--------------------

 

2016-01-27 23:16:55,093 DEBG 'start' stdout output:

[info] Starting OpenVPN...

 

2016-01-27 23:16:55,097 DEBG 'start' stdout output:

Wed Jan 27 23:16:55 2016 DEPRECATED OPTION: --tls-remote, please update your configuration

 

2016-01-27 23:16:55,097 DEBG 'start' stdout output:

Wed Jan 27 23:16:55 2016 OpenVPN 2.3.9 x86_64-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Dec 24 2015

Wed Jan 27 23:16:55 2016 library versions: OpenSSL 1.0.2e 3 Dec 2015, LZO 2.09

Wed Jan 27 23:16:55 2016 WARNING: file 'credentials.conf' is group or others accessible

 

Here are the VPN settings I used=

 

VPN_ENABLED            yes

VPN_USER                  myusername

VPN_PASS                  mypassword

VPN_REMOTE              ams-a08.ipvanish.com

VPN_PORT                  443

VPN_PROTOCOL          udp

VPN_PROV                  custom

ENABLE_PRIVOXY        no

LAN_RANGE                mynetworklan.3-mynetworklan.3.254

 

Let me know if there's anything else you guys need as far as info and thanks again.

 

Hi and welcome to unRAID forums!, your going to love it here, people are friendly and knowledgeable, best forum ive ever been on for sure!.

 

OK so first thing ive spotted is this:-

 

mynetworklan.3-mynetworklan.3.254

 

so the lan range needs to be an ip range, an example:-

 

192.168.1.1-192.168.1.100

 

secondly you state this:-

 

I have the ca.ipvanish.com.crt file as well as the ovpn file sitting in mnt/cache/

 

so once you have created your cache only share on your cache drive and defined this for the /config volume mapping then you would start and stop delugevpn via the unraid webui, this wll create a folder under /config called "openvpn" so the path would then be /config/openvpn/ (obviously /config is a volume mapping to the host) you then copy the ovpn config file from your provider and any certificates supplied or referenced in the ovpn file to that folder and start delugevpn again.

 

if your still struggling after this then please post the entire /config/supervisord.log (noticed the one above is not complete) and also the contents of your ovpn config file from your provider, please ensure any sensitive info is removed before posting either of these.

0

Share this post


Link to post
Share on other sites

hey binhex

 

Firstly thanks for the great apps. I am currently using DelugeVPN with PIA. I am having some issues with download speeds. I can not seem to get any faster than 3MB download speeds. I connect to the PIA VPN with my W10 pc and ran a speed test which showed 100mb and 20mb up to my chosen server. this would indicate that I am losing or not making use of a further 6-8MB. I have tried a number of known fast torrents, ie several linux distros, in an attempt to max out my connection, as i understand torrents being torrents arent always reliable for speed, and still topped out at around the 3MB mark. I'm just curious if there is anything I can change to improve my speeds? port forwarding perhaps?

0

Share this post


Link to post
Share on other sites

hey binhex

 

Firstly thanks for the great apps. I am currently using DelugeVPN with PIA. I am having some issues with download speeds. I can not seem to get any faster than 3MB download speeds. I connect to the PIA VPN with my W10 pc and ran a speed test which showed 100mb and 20mb up to my chosen server. this would indicate that I am losing or not making use of a further 6-8MB. I have tried a number of known fast torrents, ie several linux distros, in an attempt to max out my connection, as i understand torrents being torrents arent always reliable for speed, and still topped out at around the 3MB mark. I'm just curious if there is anything I can change to improve my speeds? port forwarding perhaps?

 

As far as i know there are no further tweaks you can make to the ovpn config file to improve speeds, your options really are try different gateways or switch provider, do keep in mind though there will always be an overhead when using a vpn tunnel whatever provider you go with, so you might just have to accept this is the cost of anonymity and leave it at that. My connection is 20Mb/s DL and approx 1Mb/s UL, and i see typically 850 KB/s to 1.3 MB/s DL speeds, it doesnt overly bother me, and for the cost of PIA (which is very low if you pay yearly) im happy enough for now.

0

Share this post


Link to post
Share on other sites

I appreciate that completely. The reason im asking is that there is a very clear difference when running the PIA app on my windows machine versues connecting through delugevpn which was the reason for my question.

 

Just for clarity.

my connection is: 240mb -DL 24mb - UL

Connection through PIA VPN on W10 with the app - ~100mb - DL ~20mb - UL

Connection through PIA VPN with delugeVPN - max ~30mb - DL ~5mb - UL

 

Its no major issue. I just wanted to run it by you to see if there was anything more I could do on my end to lower the difference in speeds between using the PIA app on W10 and then with deluge.

 

At the end of the day im happy regardless.

Thanks for the response.

0

Share this post


Link to post
Share on other sites

 

 

I have the ca.ipvanish.com.crt file as well as the ovpn file sitting in mnt/cache/

 

if your still struggling after this then please post the entire /config/supervisord.log (noticed the one above is not complete) and also the contents of your ovpn config file from your provider, please ensure any sensitive info is removed before posting either of these.

 

Thanks for the speedy response time and the warm welcome! Still having some issues getting IPvanish working with this. Here's the full log this time.

I've attached the log as a .txt file because it was over the 20,000 character limit.

 

thanks.

syslog-deluge.txt

0

Share this post


Link to post
Share on other sites

 

 

I have the ca.ipvanish.com.crt file as well as the ovpn file sitting in mnt/cache/

 

if your still struggling after this then please post the entire /config/supervisord.log (noticed the one above is not complete) and also the contents of your ovpn config file from your provider, please ensure any sensitive info is removed before posting either of these.

 

Thanks for the speedy response time and the warm welcome! Still having some issues getting IPvanish working with this. Here's the full log this time.

I've attached the log as a .txt file because it was over the 20,000 character limit.

 

thanks.

 

Looks like it's nearly running, I would say this is the issue:-

 

IOError: [Errno 13] Permission denied: '/config/deluged.log'\

 

So looks like it doesn't have permissions to write to /config can you check that user nobody and group users has read and write to whatever /config maps to on the host.

0

Share this post


Link to post
Share on other sites

I appreciate that completely. The reason im asking is that there is a very clear difference when running the PIA app on my windows machine versues connecting through delugevpn which was the reason for my question.

 

Just for clarity.

my connection is: 240mb -DL 24mb - UL

Connection through PIA VPN on W10 with the app - ~100mb - DL ~20mb - UL

Connection through PIA VPN with delugeVPN - max ~30mb - DL ~5mb - UL

 

Its no major issue. I just wanted to run it by you to see if there was anything more I could do on my end to lower the difference in speeds between using the PIA app on W10 and then with deluge.

 

At the end of the day im happy regardless.

Thanks for the response.

Hmm that is interesting, are they both connecting to the same gateway and are they both using the same torrent client, as in deluge?

0

Share this post


Link to post
Share on other sites

 

 

I have the ca.ipvanish.com.crt file as well as the ovpn file sitting in mnt/cache/

 

if your still struggling after this then please post the entire /config/supervisord.log (noticed the one above is not complete) and also the contents of your ovpn config file from your provider, please ensure any sensitive info is removed before posting either of these.

 

Thanks for the speedy response time and the warm welcome! Still having some issues getting IPvanish working with this. Here's the full log this time.

I've attached the log as a .txt file because it was over the 20,000 character limit.

 

thanks.

 

Looks like it's nearly running, I would say this is the issue:-

 

IOError: [Errno 13] Permission denied: '/config/deluged.log'\

 

So looks like it doesn't have permissions to write to /config can you check that user nobody and group users has read and write to whatever /config maps to on the host.

 

sorry for my ignorance, is there a proper way to check and make sure permissions are set for the /config location. Is there a specific place I should be linking the /config for deluge to?

 

Thanks for all your help.

0

Share this post


Link to post
Share on other sites

hey binhex

 

Firstly thanks for the great apps. I am currently using DelugeVPN with PIA. I am having some issues with download speeds. I can not seem to get any faster than 3MB download speeds. I connect to the PIA VPN with my W10 pc and ran a speed test which showed 100mb and 20mb up to my chosen server. this would indicate that I am losing or not making use of a further 6-8MB. I have tried a number of known fast torrents, ie several linux distros, in an attempt to max out my connection, as i understand torrents being torrents arent always reliable for speed, and still topped out at around the 3MB mark. I'm just curious if there is anything I can change to improve my speeds? port forwarding perhaps?

Have you set max connections to unlimited?

0

Share this post


Link to post
Share on other sites

Edit the openvpn.ovpn file in /config/openvpn and change the udp port to "1196" and add "cipher AES-128-CBC" and restart the container.  Changing to "verb 5" will allow you to verify the cipher during VPN initialization by reading the supervisord.log.

 

client
dev tun
remote nl.privateinternetaccess.com 1196 udp
resolv-retry infinite
nobind
cipher AES-128-CBC
persist-key
ca ca.crt
tls-client
remote-cert-tls server
auth-user-pass credentials.conf
comp-lzo
verb 5
reneg-sec 0
crl-verify crl.pem

 

See if that improves your speeds.

0

Share this post


Link to post
Share on other sites

I appreciate that completely. The reason im asking is that there is a very clear difference when running the PIA app on my windows machine versues connecting through delugevpn which was the reason for my question.

 

Just for clarity.

my connection is: 240mb -DL 24mb - UL

Connection through PIA VPN on W10 with the app - ~100mb - DL ~20mb - UL

Connection through PIA VPN with delugeVPN - max ~30mb - DL ~5mb - UL

 

Its no major issue. I just wanted to run it by you to see if there was anything more I could do on my end to lower the difference in speeds between using the PIA app on W10 and then with deluge.

 

At the end of the day im happy regardless.

Thanks for the response.

Hmm that is interesting, are they both connecting to the same gateway and are they both using the same torrent client, as in deluge?

 

i have them both set to Ireland. I cant be 100% sure of the delugeVPN connection Vs the PIA app connection but I assume so.

 

0

Share this post


Link to post
Share on other sites

Edit the openvpn.ovpn file in /config/openvpn and change the udp port to "1196" and add "cipher AES-128-CBC" and restart the container.  Changing to "verb 5" will allow you to verify the cipher during VPN initialization by reading the supervisord.log.

 

client
dev tun
remote nl.privateinternetaccess.com 1196 udp
resolv-retry infinite
nobind
cipher AES-128-CBC
persist-key
ca ca.crt
tls-client
remote-cert-tls server
auth-user-pass credentials.conf
comp-lzo
verb 5
reneg-sec 0
crl-verify crl.pem

 

See if that improves your speeds.

 

Just trying to get access to my appdata folder atm.... its being a bit finiky!!! :S

 

Its being very finiky now.... its just asking for username and pw even though its set to public... root and my pw just doesnt work either!!! I have no idea whats going on right now  :o

 

Also its not a good idea to so this while still drunk :D

0

Share this post


Link to post
Share on other sites

 

 

 

Just trying to get access to my appdata folder atm.... its being a bit finiky!!! :S

 

Its being very finiky now.... its just asking for username and pw even though its set to public... root and my pw just doesnt work either!!! I have no idea whats going on right now  :o

 

Also its not a good idea to so this while still drunk :D

 

Telnet/SSH in and use MC.

0

Share this post


Link to post
Share on other sites

 

 

 

Just trying to get access to my appdata folder atm.... its being a bit finiky!!! :S

 

Its being very finiky now.... its just asking for username and pw even though its set to public... root and my pw just doesnt work either!!! I have no idea whats going on right now  :o

 

Also its not a good idea to so this while still drunk :D

 

Telnet/SSH in and use MC.

 

Sorry m8. im fairly noob to unraid tbh. And linux as a whole. So Telnet/SSH and MC doesnt mean much to me im afraid. basically ive tried using my file explorer to access it and it keeps asking for a user and pw and it doesnt let me actually get into it.

0

Share this post


Link to post
Share on other sites

sorry for my ignorance, is there a proper way to check and make sure permissions are set for the /config location. Is there a specific place I should be linking the /config for deluge to?

 

Thanks for all your help.

 

ok so to set permissions so that the container can write to the /config volume mapping you need to allow user nobody and/or group users to have read and write permissions, this can be achieved by telnet/ssh into your unraid box and execute something like this:-

 

chown -R nobody:users <host path defined for /config>
chmod -R 775 <host path defined for /config>

 

You shouldnt normally have to do this, and it should be run only once,not exactly sure why your permissions have screwed up. A word of warning, i would restrict the above commands to the root of the delugevpn config folder and not run it over all your docker containers.

 

As far as where you store config data for docker containers, that is entirely up to you, but i would recommend it lives on your cache drive somewhere, and the share is marked as cache only to prevent the mover process moving the files/folders to your array.

0

Share this post


Link to post
Share on other sites

ok i got it sorted. I updated my cfg as stated. One question though I'm in ireland and obv as such my most local PIA server is ireland.privateinternetaccess.com. should i replace the nl.privateinternetaccess.com with the ireland url? not seeing any real change in speeds yet but gonna add the direct linux distro links to try max it out.

 

Thanks again

0

Share this post


Link to post
Share on other sites

ok i got it sorted. I updated my cfg as stated. One question though I'm in ireland and obv as such my most local PIA server is ireland.privateinternetaccess.com. should i replace the nl.privateinternetaccess.com with the ireland url? not seeing any real change in speeds yet but gonna add the direct linux distro links to try max it out.

 

Thanks again

 

The idea is you use whatever server you want and that would depend on why you are using it.  If you wished to use Netflix in the US, then a US server would be better, but if you just want some privacy then, yeah, I guess your closest server might be ok.  The PIA servers vary in speed though, so you may be better off checking that first.  See here.

0

Share this post


Link to post
Share on other sites

unfortunately this doesnt seem to have improved my speed. I topped out at about 3.5MB download with 3-4 different linux distros. I do seem to hold a higher more consistent speed. ie with standard torrents im holding at 2.5MB solid. Guess its just the speed i get. anyway thanks alot for the suggestions.

 

And actually the upload speed in horrendous. rarely if ever getting above 100KB but more often than not sitting at less than 10KB! and again I know through the W10 app i get 20mb upload.

 

Anyway not to worry. Thanks again.

0

Share this post


Link to post
Share on other sites

unfortunately this doesnt seem to have improved my speed. I topped out at about 3.5MB download with 3-4 different linux distros. I do seem to hold a higher more consistent speed. ie with standard torrents im holding at 2.5MB solid. Guess its just the speed i get. anyway thanks alot for the suggestions.

 

And actually the upload speed in horrendous. rarely if ever getting above 100KB but more often than not sitting at less than 10KB! and again I know through the W10 app i get 20mb upload.

 

Anyway not to worry. Thanks again.

 

That's strange as I have a 80/20 connection and it maxes out for me.. Using PIA nl (because it was default)

0

Share this post


Link to post
Share on other sites

yea it really is strange. especially given that i get full speed with my W10 pc.... Just weird.

0

Share this post


Link to post
Share on other sites

yea it really is strange. especially given that i get full speed with my W10 pc.... Just weird.

Should be no different if hardware is capable of handling the encryption.  What profile do you use with the Windows PIA client?

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

Copyright © 2005-2017 Lime Technology, Inc. unRAID® is a registered trademark of Lime Technology, Inc.