[Tuto] Installation de OpenVPN, Jackett, Prowlarr, rutorrent, Qbittorrent, Sonarr, Radarr ....

[EVO]

Salut,
Il n'y a aucune modif a faire sur Syno, je l'utilise également sur Syno.
Il faut juste bien penser a faire l'étape du TUN

 

[MilesTEG]

Je pense que le soucis viens de la.

Pourtant Qbittorent ou Deemix fonctionnent bien...
Mais pas moyen de faire fonctionner Filezilla ou firefox... Je précise que depuis une MV, dans laquelle j'ai connecté le VPN, pas de soucis pour utiliser Filezilla ou firefox...

 

[julien69]

Super tuto... Fonctionne à merveille sur NAS QNAP.
J'essaye de le faire fonctionne avec Wireguard mais j'y arrive pas.
Est-ce que tu as déjà essayé?

 

[EVO]

J'essaye de le faire fonctionne avec Wireguard mais j'y arrive pas.
Est-ce que tu as déjà essayé?

Oui, également avec l'image docker de linuxserver.

Voici la partie vpn de mon compose :

  wireguard:
    image: ghcr.io/linuxserver/wireguard
    container_name: vpn
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Paris
    volumes:
      - /srv/dev-disk-by-uuid-d2068795-3818-40f0-854c-3afc97c329eb/docker/wireguard/config:/config
      - /lib/modules:/lib/modules
    ports:
      - 8080:8080
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

A modifier :

ports:
      - 8080:8080

Par les ports dont tu a besoin d'acces en local ( webui )

/srv/dev-disk-by-uuid-d2068795-3818-40f0-854c-3afc97c329eb/docker/wireguard/config par le chemin vers ton dossier /config sur l'hote

     - PUID=1000
      - PGID=1000

Par tes PUID/GUID

Dans le dossier /config, tu doit placer ton wg0.conf

 

[julien69]

Oui, également avec l'image docker de linuxserver.

Voici la partie vpn de mon compose :

  wireguard:
    image: ghcr.io/linuxserver/wireguard
    container_name: vpn
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Europe/Paris
    volumes:
      - /srv/dev-disk-by-uuid-d2068795-3818-40f0-854c-3afc97c329eb/docker/wireguard/config:/config
      - /lib/modules:/lib/modules
    ports:
      - 8080:8080
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

A modifier :

ports:
      - 8080:8080

Par les ports dont tu a besoin d'acces en local ( webui )

/srv/dev-disk-by-uuid-d2068795-3818-40f0-854c-3afc97c329eb/docker/wireguard/config par le chemin vers ton dossier /config sur l'hote

     - PUID=1000
      - PGID=1000

Par tes PUID/GUID

Dans le dossier /config, tu doit placer ton wg0.conf

Merci pour ton retour...
Je souhaites conserver le portforwarding de PIA, du coup je suis obligé de partir avec les containers delugevpn ou rtorrentvpn.
Il y a bien la possibilité de passer par wireguard mais cela ne marche pas.

 

[Nouch]

@EVOTk
Est-il possible de créer 2 containers QBittorrent sur 2 ports différents :
- QBittorrent1 > Port 8586
- Qbittorrent2 > Port 8587
Si oui que faut-il modifier dans le docker-compose.yml
Merci pour ta réponse

 

[EVO]

Si oui que faut-il modifier dans le docker-compose.yml

Bien sur, du moment que tu n'utilise pas le meme port aucun soucis.

Dans le docker compose, il te faut copier/coller cette partie :

  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent
    container_name: qbittorrent
#    labels:
#     - autoheal=true
#     - com.centurylinklabs.watchtower.enable=true
    depends_on:
     - vpn
    network_mode: "service:vpn"
    environment:
     - PUID=${PUID}
     - PGID=${PGID}
     - TZ=${TZ}
     - WEBUI_PORT=8586
    volumes:
     - ${RACINE}/qbittorrent/config:/config
     - ${RACINE}/qbittorrent/downloads:/downloads
    restart: unless-stopped

Enfin de l'avoir 2 fois. Sur ta 2eme instance, il faut modifier :
le 1ere terme qbittorrent:, par exemple par qbittorrent2: afin qu'il ne soit pas en double dans le compose.
container_name: qbittorrent deviens par exemple container_name: qbittorrent2
WEBUI_PORT=8586 par WEBUI_PORT=8587
${RACINE}/qbittorrent/config:/config est lui indiquer un autre chemin pour sa configuration , par exemple ${RACINE}/qbittorrent2/config:/config

Au tout début dans le service vpn, il faudra rajouter le port de la nouvelle instance qbit afin de pouvoir y acceder.

Par exemple apres :
- 8586:8586 # WebUI qbittorrent
Tu rajoute :
- 8587:8587 # WebUI qbittorrent2

 

[Nouch]

@EVOTk

Merci pour ta réponse.
J'ai bien modifié le compose avec ces nouvelles valeurs mais j'ai l'erreur suivante :

ERROR: Duplicate mount points: [/volume2/docker/downloads-vpn/qbittorrent/downloads:/downloads/qbittorrent:rw, /volume2/docker/downloads-vpn/qbittorrent2/downloads:/downloads/qbittorrent:rw]

Voici mon compose :

qbittorrent2:
    image: ghcr.io/linuxserver/qbittorrent
    container_name: qbittorrent2
    labels:
    - autoheal=true
#      - com.centurylinklabs.watchtower.enable=true
    depends_on:
     - vpn
    network_mode: "service:vpn"
    environment:
     - PUID=${PUID}
     - PGID=${PGID}
     - TZ=${TZ}
     - WEBUI_PORT=8587
    volumes:
     - ${RACINE}/qbittorrent2/config:/config
     - ${RACINE}/qbittorrent2/downloads:/downloads
    restart: unless-stopped
    healthcheck:
     test: ["CMD-SHELL", "curl --fail http://172.20.0.1:8587/ || exit 1"]
     interval: 1m30s
     timeout: 10s
     retries: 3

 

[EVO]

Salut,
On est d'accord que tu as
${RACINE}/qbittorrent/downloads:/downloads
Pour le 1er conteneur et

${RACINE}/qbittorrent2/downloads:/downloads

Pour le 2eme ?

Ici leur semble indiqué que tu utilise plusieurs fois ${RACINE}/qbittorrent2/downloads:/downloads

 

[Nouch]

Je te confirme que j'ai bien ce que tu écris :

qbittorrent:
    image: ghcr.io/linuxserver/qbittorrent
    container_name: qbittorrent
    labels:
    - autoheal=true
#      - com.centurylinklabs.watchtower.enable=true
    depends_on:
     - vpn
    network_mode: "service:vpn"
    environment:
     - PUID=${PUID}
     - PGID=${PGID}
     - TZ=${TZ}
     - WEBUI_PORT=8586
    volumes:
     - ${RACINE}/qbittorrent/config:/config
     - ${RACINE}/qbittorrent/downloads:/downloads
    restart: unless-stopped
    healthcheck:
     test: ["CMD-SHELL", "curl --fail http://172.20.0.1:8586/ || exit 1"]
     interval: 1m30s
     timeout: 10s
     retries: 3

  qbittorrent2:
    image: ghcr.io/linuxserver/qbittorrent
    container_name: qbittorrent2
    labels:
    - autoheal=true
#      - com.centurylinklabs.watchtower.enable=true
    depends_on:
     - vpn
    network_mode: "service:vpn"
    environment:
     - PUID=${PUID}
     - PGID=${PGID}
     - TZ=${TZ}
     - WEBUI_PORT=8587
    volumes:
     - ${RACINE}/qbittorrent2/config:/config
     - ${RACINE}/qbittorrent2/downloads:/downloads
    restart: unless-stopped
    healthcheck:
     test: ["CMD-SHELL", "curl --fail http://172.20.0.1:8587/ || exit 1"]
     interval: 1m30s
     timeout: 10s
     retries: 3

 

[EVO]

Salut,
Tu devrais essayé en créant des montages différent pour /downloads, par exemple :

Pour qbit1:
- ${RACINE}/qbittorrent/downloads:/downloads/qbittorrent1

Pour qbit2:
- ${RACINE}/qbittorrent2/downloads:/downloads/qbittorrent2

 

[Nouch]

@EVOTk

J'ai réussi en modifiant uniquement pour qbt2 le chemin downloads comme tu l'as indiqué.
J'ai lancé un torrent qui s'est correctement chargé mais je ne sais absolument pas ou se trouve le fichier téléchargé.
Rien dans le dossier /downloads ?! ?

 

[EVO]

Il faut DL dans downloads/qbittorrent2 alors

downloads étant dans le conteneur

 

[Frolic]

Bonsoir,
j'ai une erreur avec le VPN.
Pour le moment impossible de télécharger.

2037-05-14 06:48:40 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-05-14 06:48:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-05-14 06:48:40 NOTE: --fast-io is disabled since we are not using UDP,
2037-05-14 06:27:52 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:27:52 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:45:12 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-05-14 06:44:24 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-05-14 06:45:20 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-05-14 06:45:20 TCP connection established with [AF_INET]138.199.16.209:443,
2037-05-14 06:46:32 TCP_CLIENT link local: (not bound),
2037-05-14 06:46:32 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-05-14 06:46:48 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=2c5d35dd 5de4beec,
2037-05-14 06:31:20 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-05-14 06:44:08 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-05-14 06:44:32 TLS_ERROR: BIO read tls_read_plaintext error,
2037-05-14 06:45:04 TLS Error: TLS object -> incoming plaintext read error,
2037-05-14 06:45:04 TLS Error: TLS handshake failed,
2037-05-14 06:50:48 Fatal TLS error (check_tls_errors_co), restarting,
2037-05-14 06:51:12 SIGUSR1[soft,tls-error] received, process restarting,
2037-05-14 06:48:40 Restart pause, 300 second(s),
2037-05-14 06:48:40 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-05-14 06:48:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-05-14 06:48:40 NOTE: --fast-io is disabled since we are not using UDP,
2037-05-14 06:27:52 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:27:52 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:45:12 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-05-14 06:44:24 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-05-14 06:45:20 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-05-14 06:45:20 TCP connection established with [AF_INET]138.199.16.209:443,
2037-05-14 06:46:32 TCP_CLIENT link local: (not bound),
2037-05-14 06:46:32 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-05-14 06:46:48 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=24c21c5f e99c9624,
2037-05-14 06:31:20 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-05-14 06:44:08 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-05-14 06:44:32 TLS_ERROR: BIO read tls_read_plaintext error,
2037-05-14 06:45:04 TLS Error: TLS object -> incoming plaintext read error,
2037-05-14 06:45:04 TLS Error: TLS handshake failed,
2037-05-14 06:50:48 Fatal TLS error (check_tls_errors_co), restarting,
2037-05-14 06:51:12 SIGUSR1[soft,tls-error] received, process restarting,
2037-05-14 06:48:40 Restart pause, 300 second(s),
2037-05-14 06:48:40 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-05-14 06:48:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-05-14 06:48:40 NOTE: --fast-io is disabled since we are not using UDP,
2037-05-14 06:27:52 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:27:52 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:45:12 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-05-14 06:44:24 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-05-14 06:45:20 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-05-14 06:45:20 TCP connection established with [AF_INET]138.199.16.209:443,
2037-05-14 06:46:32 TCP_CLIENT link local: (not bound),
2037-05-14 06:46:32 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-05-14 06:46:48 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=980cce99 abe2a8a1,
2037-05-14 06:31:20 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-05-14 06:44:08 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-05-14 06:44:32 TLS_ERROR: BIO read tls_read_plaintext error,
2037-05-14 06:45:04 TLS Error: TLS object -> incoming plaintext read error,
2037-05-14 06:45:04 TLS Error: TLS handshake failed,
2037-05-14 06:50:48 Fatal TLS error (check_tls_errors_co), restarting,
2037-05-14 06:51:12 SIGUSR1[soft,tls-error] received, process restarting,
2037-05-14 06:48:40 Restart pause, 300 second(s),
2037-05-14 06:48:40 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-05-14 06:48:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-05-14 06:48:40 NOTE: --fast-io is disabled since we are not using UDP,
2037-05-14 06:27:52 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:27:52 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:45:12 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-05-14 06:44:24 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-05-14 06:45:20 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-05-14 06:45:20 TCP connection established with [AF_INET]138.199.16.209:443,
2037-05-14 06:46:32 TCP_CLIENT link local: (not bound),
2037-05-14 06:46:32 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-05-14 06:46:48 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=6ea342b8 d71a053e,
2037-05-14 06:31:20 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-05-14 06:44:08 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-05-14 06:44:32 TLS_ERROR: BIO read tls_read_plaintext error,
2037-05-14 06:45:04 TLS Error: TLS object -> incoming plaintext read error,
2037-05-14 06:45:04 TLS Error: TLS handshake failed,
2037-05-14 06:50:48 Fatal TLS error (check_tls_errors_co), restarting,
2037-05-14 06:51:12 SIGUSR1[soft,tls-error] received, process restarting,
2037-05-14 06:48:40 Restart pause, 300 second(s),
2037-05-14 06:48:40 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-05-14 06:48:40 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-05-14 06:48:40 NOTE: --fast-io is disabled since we are not using UDP,
2037-05-14 06:27:52 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:27:52 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-05-14 06:45:12 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-05-14 06:44:24 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-05-14 06:45:20 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-05-14 06:45:20 TCP connection established with [AF_INET]138.199.16.209:443,
2037-05-14 06:46:32 TCP_CLIENT link local: (not bound),
2037-05-14 06:46:32 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-05-14 06:46:48 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=a2d8bfd9 76888708,
2037-05-14 06:31:20 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-05-14 06:44:08 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-05-14 06:44:32 TLS_ERROR: BIO read tls_read_plaintext error,
2037-05-14 06:45:04 TLS Error: TLS object -> incoming plaintext read error,
2037-05-14 06:45:04 TLS Error: TLS handshake failed,
2037-05-14 06:50:48 Fatal TLS error (check_tls_errors_co), restarting,
2037-05-14 06:51:12 SIGUSR1[soft,tls-error] received, process restarting,
2037-05-14 06:48:40 Restart pause, 300 second(s)

 

[EVO]

Effectivement, avez-vous bien placé les fichiers certificats avec votre fichier ovpn ? ( s'il ne sont pas inclu dans le ovpn )

 

[Frolic]

Je suis sous Raspberry, si sa change quelque chose.
J'ai le fichier .ovpn où j'ai modifier l'adresse "auth-user-pass /vpn/vpn.auth"
et le fichier "vpn.auth" avec mes identifiants.
Les deux se trouve dans le dossier /home/pi/Docker/downloads-vpn/vpn/config

 

[EVO]

Je suis sous Raspberry, si sa change quelque chose.

Je ne pense pas, il me semble que toutes les images utilisée sont compatible ARMv7/v8-64.

Dans ton fichier opvn tu doit avoir une fin qui ressemble a ceci :

<ca>
-----BEGIN CERTIFICATE-----
MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2
MDEwMTAwMDAwMFoXDTM1MTIzMTIzNTk1OVowOTELMAkGA1UEBhMCUEExEDAOBgNV
BAoTB05vcmRWUE4xGDAWBgNVBAMTD05vcmRWUE4gUm9vdCBDQTCCAiIwDQYJKoZI
hvcNAQEBBQADggIPADCCAgoCggIBAMkr/BYhyo0F2upsIMXwC6QvkZps3NN2/eQF
kfQIS1gql0aejsKsEnmY0Kaon8uZCTXPsRH1gQNgg5D2gixdd1mJUvV3dE3y9FJr
XMoDkXdCGBodvKJyU6lcfEVF6/UxHcbBguZK9UtRHS9eJYm3rpL/5huQMCppX7kU
eQ8dpCwd3iKITqwd1ZudDqsWaU0vqzC2H55IyaZ/5/TnCk31Q1UP6BksbbuRcwOV
skEDsm6YoWDnn/IIzGOYnFJRzQH5jTz3j1QBvRIuQuBuvUkfhx1FEwhwZigrcxXu
MP+QgM54kezgziJUaZcOM2zF3lvrwMvXDMfNeIoJABv9ljw969xQ8czQCU5lMVmA
37ltv5Ec9U5hZuwk/9QO1Z+d/r6Jx0mlurS8gnCAKJgwa3kyZw6e4FZ8mYL4vpRR
hPdvRTWCMJkeB4yBHyhxUmTRgJHm6YR3D6hcFAc9cQcTEl/I60tMdz33G6m0O42s
Qt/+AR3YCY/RusWVBJB/qNS94EtNtj8iaebCQW1jHAhvGmFILVR9lzD0EzWKHkvy
WEjmUVRgCDd6Ne3eFRNS73gdv/C3l5boYySeu4exkEYVxVRn8DhCxs0MnkMHWFK6
MyzXCCn+JnWFDYPfDKHvpff/kLDobtPBf+Lbch5wQy9quY27xaj0XwLyjOltpiST
LWae/Q4vAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqG
SIb3DQEBDQUAA4ICAQC9fUL2sZPxIN2mD32VeNySTgZlCEdVmlq471o/bDMP4B8g
nQesFRtXY2ZCjs50Jm73B2LViL9qlREmI6vE5IC8IsRBJSV4ce1WYxyXro5rmVg/
k6a10rlsbK/eg//GHoJxDdXDOokLUSnxt7gk3QKpX6eCdh67p0PuWm/7WUJQxH2S
DxsT9vB/iZriTIEe/ILoOQF0Aqp7AgNCcLcLAmbxXQkXYCCSB35Vp06u+eTWjG0/
pyS5V14stGtw+fA0DJp5ZJV4eqJ5LqxMlYvEZ/qKTEdoCeaXv2QEmN6dVqjDoTAo
k0t5u4YRXzEVCfXAC3ocplNdtCA72wjFJcSbfif4BSC8bDACTXtnPC7nD0VndZLp
+RiNLeiENhk0oTC+UVdSc+n2nJOzkCK0vYu0Ads4JGIB7g8IB3z2t9ICmsWrgnhd
NdcOe15BincrGA8avQ1cWXsfIKEjbrnEuEk9b5jel6NfHtPKoHc9mDpRdNPISeVa
wDBM1mJChneHt59Nh8Gah74+TM1jBsw4fhJPvoc7Atcg740JErb904mZfkIEmojC
VPhBHVQ9LHBAdM8qFI2kRK0IynOmAZhexlP/aT/kpEsEPyaZQlnBn3An1CRz8h0S
PApL8PytggYKeQmRhl499+6jLxcZ2IegLfqq41dzIjwHwTMplg+1pKIOVojpWA==
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
e685bdaf659a25a200e2b9e39e51ff03
0fc72cf1ce07232bd8b2be5e6c670143
f51e937e670eee09d4f2ea5a6e4e6996
5db852c275351b86fc4ca892d78ae002
d6f70d029bd79c4d1c26cf14e9588033
cf639f8a74809f29f72b9d58f9b8f5fe
fc7938eade40e9fed6cb92184abb2cc1
0eb1a296df243b251df0643d53724cdb
5a92a1d6cb817804c4a9319b57d53be5
80815bcfcb2df55018cc83fc43bc7ff8
2d51f9b88364776ee9d12fc85cc7ea5b
9741c4f598c485316db066d52db4540e
212e1518a9bd4828219e24b20d88f598
a196c9de96012090e333519ae18d3509
9427e7b372d348d352dc4c85e18cd4b9
3f8a56ddb2e64eb67adfc9b337157ff4
-----END OpenVPN Static key V1-----
</tls-auth>

Copie la partie entre <ca> et </ca> et place ceci dans un fichier ca.crt
Copie la partie entre <tls-auth> et </tls-auth> est place ceci dans un fichier ta.key

Place ces deux fichier avec ton fichier openvpn et vpn.authet relance le conteneur, et regarde les logs !

 

[Frolic]

Je copie ou je coupe ?
Quand je copie, ca ne change rien.

 

[EVO]

Copie

 

[Frolic]

Je ne comprend rien au log

2037-06-12 05:59:36 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-06-12 05:59:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-06-12 05:59:36 NOTE: --fast-io is disabled since we are not using UDP,
2037-06-12 05:38:48 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:38:48 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:56:08 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-06-12 05:55:20 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-06-12 05:56:16 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-06-12 05:56:16 TCP connection established with [AF_INET]138.199.16.209:443,
2037-06-12 05:57:28 TCP_CLIENT link local: (not bound),
2037-06-12 05:57:28 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-06-12 05:57:44 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=9631b23f 30a83006,
2037-06-12 05:42:16 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-06-12 05:55:04 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-06-12 05:55:28 TLS_ERROR: BIO read tls_read_plaintext error,
2037-06-12 05:56:00 TLS Error: TLS object -> incoming plaintext read error,
2037-06-12 05:56:00 TLS Error: TLS handshake failed,
2037-06-12 06:01:44 Fatal TLS error (check_tls_errors_co), restarting,
2037-06-12 06:02:08 SIGUSR1[soft,tls-error] received, process restarting,
2037-06-12 05:59:36 Restart pause, 300 second(s),
2037-06-12 05:59:36 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-06-12 05:59:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-06-12 05:59:36 NOTE: --fast-io is disabled since we are not using UDP,
2037-06-12 05:38:48 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:38:48 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:56:08 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-06-12 05:55:20 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-06-12 05:56:16 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-06-12 05:56:16 TCP connection established with [AF_INET]138.199.16.209:443,
2037-06-12 05:57:28 TCP_CLIENT link local: (not bound),
2037-06-12 05:57:28 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-06-12 05:57:44 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=7fe68b15 68fedc68,
2037-06-12 05:42:16 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-06-12 05:55:04 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-06-12 05:55:28 TLS_ERROR: BIO read tls_read_plaintext error,
2037-06-12 05:56:00 TLS Error: TLS object -> incoming plaintext read error,
2037-06-12 05:56:00 TLS Error: TLS handshake failed,
2037-06-12 06:01:44 Fatal TLS error (check_tls_errors_co), restarting,
2037-06-12 06:02:08 SIGUSR1[soft,tls-error] received, process restarting,
2037-06-12 05:59:36 Restart pause, 300 second(s),
2037-06-12 05:59:36 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-06-12 05:59:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-06-12 05:59:36 NOTE: --fast-io is disabled since we are not using UDP,
2037-06-12 05:38:48 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:38:48 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:56:08 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-06-12 05:55:20 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-06-12 05:56:16 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-06-12 05:56:16 TCP connection established with [AF_INET]138.199.16.209:443,
2037-06-12 05:57:28 TCP_CLIENT link local: (not bound),
2037-06-12 05:57:28 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-06-12 05:57:44 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=330c655a 8e3e7542,
2037-06-12 05:42:16 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-06-12 05:55:04 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-06-12 05:55:28 TLS_ERROR: BIO read tls_read_plaintext error,
2037-06-12 05:56:00 TLS Error: TLS object -> incoming plaintext read error,
2037-06-12 05:56:00 TLS Error: TLS handshake failed,
2037-06-12 06:01:44 Fatal TLS error (check_tls_errors_co), restarting,
2037-06-12 06:02:08 SIGUSR1[soft,tls-error] received, process restarting,
2037-06-12 05:59:36 Restart pause, 300 second(s),
2037-06-12 05:59:36 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-06-12 05:59:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-06-12 05:59:36 NOTE: --fast-io is disabled since we are not using UDP,
2037-06-12 05:38:48 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:38:48 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:56:08 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-06-12 05:55:20 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-06-12 05:56:16 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-06-12 05:56:16 TCP connection established with [AF_INET]138.199.16.209:443,
2037-06-12 05:57:28 TCP_CLIENT link local: (not bound),
2037-06-12 05:57:28 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-06-12 05:57:44 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=fd573cf0 6664d263,
2037-06-12 05:42:16 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-06-12 05:55:04 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-06-12 05:55:28 TLS_ERROR: BIO read tls_read_plaintext error,
2037-06-12 05:56:00 TLS Error: TLS object -> incoming plaintext read error,
2037-06-12 05:56:00 TLS Error: TLS handshake failed,
2037-06-12 06:01:44 Fatal TLS error (check_tls_errors_co), restarting,
2037-06-12 06:02:08 SIGUSR1[soft,tls-error] received, process restarting,
2037-06-12 05:59:36 Restart pause, 300 second(s),
2037-06-12 05:59:36 WARNING: --ping should normally be used with --ping-restart or --ping-exit,
2037-06-12 05:59:36 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts,
2037-06-12 05:59:36 NOTE: --fast-io is disabled since we are not using UDP,
2037-06-12 05:38:48 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:38:48 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication,
2037-06-12 05:56:08 TCP/UDP: Preserving recently used remote address: [AF_INET]138.199.16.209:443,
2037-06-12 05:55:20 Socket Buffers: R=[131072->131072] S=[16384->16384],
2037-06-12 05:56:16 Attempting to establish TCP connection with [AF_INET]138.199.16.209:443 [nonblock],
2037-06-12 05:56:16 TCP connection established with [AF_INET]138.199.16.209:443,
2037-06-12 05:57:28 TCP_CLIENT link local: (not bound),
2037-06-12 05:57:28 TCP_CLIENT link remote: [AF_INET]138.199.16.209:443,
2037-06-12 05:57:44 TLS: Initial packet from [AF_INET]138.199.16.209:443, sid=858b7276 9b6cbb1c,
2037-06-12 05:42:16 VERIFY ERROR: depth=2, error=format error in certificate's notBefore field: C=PA, O=NordVPN, CN=NordVPN Root CA, serial=1,
2037-06-12 05:55:04 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed,
2037-06-12 05:55:28 TLS_ERROR: BIO read tls_read_plaintext error,
2037-06-12 05:56:00 TLS Error: TLS object -> incoming plaintext read error,
2037-06-12 05:56:00 TLS Error: TLS handshake failed,
2037-06-12 06:01:44 Fatal TLS error (check_tls_errors_co), restarting,
2037-06-12 06:02:08 SIGUSR1[soft,tls-error] received, process restarting,
2037-06-12 05:59:36 Restart pause, 300 second(s)