Per the instructions for the ansible-base:
"Then get the SSH IP address and port from::

# docker inspect ansible-base | grep IPAddress"

There is no IPADDRESS field in that output in my release:
Docker version 1.0.1, build 990021a

I see from the ps that it is redirecting port 22
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
723e5364ce74 ansible-base:latest /usr/sbin/sshd -D 2 hours ago Up 2 hours 0.0.0.0:49153->22/tcp ansible_test

I'm unclear what I am looking for and how to proceed. It would be helpful if you could explain a little more in the main readme how the final setup works and if there is a preferred order in building these containers. I thought you'd build ansible first then the rest would become self explanatory.

Thanks

@firecat53 Apologies in advance, I'm not particularly knowledgable about docker, but figured setting up a dockerised home server would be a good way to learn, and came across your pretty thorough repo.

I'm having trouble trying to use your openvpn-client-pia docker container.
In the build/configure stage of your readme, the image builds fine amd the pia_port volume works. (I didn't create the volume for the pia_config as figured I'd just bind-mount the config into the container as you said).

To run the container, I use: docker run -d --cap-add=NET_ADMIN -e LOCAL_NETWORKS=192.168.0.0/24 -v /"$(pwd)":/config -v pia_port:/var/run/pia/ -p 2222:22 -p 9091:9091 --name=openvpn_run openvpn-client, which I run from within my file containing the config.

(I removed the --device argument as that caused an Error response from daemon: linux runtime spec devices: error gathering device information while adding custom device "C": no such file or directory..)

However, the container immediately stops, and when running docker logs openvpn_run I have the error In [CMD-LINE]:1: Error opening configuration file: /config/pia.ovpn which suggests to me I'm doing something wrong with the volume?

Any help would be appreciated, and thanks in advance!

Hello, I'm trying to use your setup for transmission+vpn. The README for the transmission dir gives some example command lines for docker run, but I am confused by --net=False. My docker (tried 1.2 and 1.3) says that this is an "invalid net mode". Looking at the documentation for --net, the closest one seems like --net=none, and this is what people in freenode #docker thought.

How are you able to use --net=False, or is this just a typo?

I'm running your docker image of syncthing_discovery. It works :) , and now I want to add this discovery server to syncthing instance. But for that I need the ID from host to add it like this :
https://MYIP/v2/?id=IFQH6L5-SJGJKDU-47ZGXXK-LAK76BJ-4VSEN73-SDHGJDU-XXXXXXX-XXXXXXX

I am trying to understand the bridging/pipework part of your solution.

You have this as a startup:
pipework br0 transmission_run 192.168.0.123/[email protected]

Is the bridge bound to the host interface?
Is 192.168.0.x the same subnet as the host?
Is anything required besides brctl add br0 ?

My setup is: Host=192.168.1.x, Docker=192.168.5.x
I see how docker routing works via iptables rules, just not sure about the pipeline part.

Thanks

The command docker run --rm --volumes-from syncthing_config --user root syncthing chown -R syncthing:users /config given in the README does not work. It only makes the syncthing command show its usage. According to the docker-run man page, the ENTRYPOINT is purposely more difficult to override. When I add a --entrypoint= option, it works.

% docker run --rm --volumes-from syncthing_config --user root --entrypoint= syncthing chown -R syncthing:users /config
% docker --version
Docker version 18.06.1-ce, build e68fc7a

The remainder of the instructions work, my dockerized syncthing is syncing fine with my other peers.

The last step in the README:

    # pipework br0 transmission_run <ip address>/24@<gateway ip>

doesn't specify what the requirements for IP address selection are. It's pretty easy to guess it should be an address that's not already assigned on the network - but does it need to be an address from the same range as the host's address? Or does it need to be in a different range? Or is it irrelevant?

Similarly, is the gateway IP that is required a gateway address that's configured on the host already? Or is it the Docker interface address?

The answers might be simple and obvious to someone with the right experience but they're pretty mysterious to someone who isn't quite sure how networking is set up inside the container or what exactly the pipework command is supposed to do.

The docker run commands for starting the transmission daemon container given in the README include:

--volumes-from media_data

The README doesn't give an explanation of what media_data is, what requirements there are of it, or how to create it.

So i'm trying to figure out the purpose of the below code. I'm gonna state a couple of assumptions, and hopefully you can point out anything I get wrong.

1. you've already setup your port forwarding through PIA's interface somewhere on their site.
2. This code is just a clever way to dynamically pull the current forwarded ports so that you can pass that along to other containers via the var/run/pia/pia_port file.

Did I get that correct?

client_id=$(head -n 100 /dev/urandom | sha256sum | tr -d " -")
json=$(curl "http://209.222.18.222:2000/?client_id=$client_id" 2>/dev/null)

Thanks!
P.S. Really like your setup here, and i'm entirely jealous. I may attempt a similar strategy soon.

I've been having problems getting the firecat53/openvpn-client-pia service to play nicely with any other service that connects to its container network. The firecat53/transmission service on port 9091 becomes inaccessible when the container is connected to the VPN container's network stack but is accessible when started in its own stack. The images were built without issue and the containers seem to be running fine either in the vpn container network or outside of it judging by the docker logs command output. Just to make sure it wasn't a volume mapping issue I tried creating volumes for each service and also bind mounting them to corresponding directories with no joy. I tried proxying the exposed port through a separate service and docker network connect to join the vpn containers network too. I've attached my docker run commands and log outputs below, any help with this issue would be greatly appreciated.

commands:

docker run -d --rm \
--cap-add=NET_ADMIN \
--device=/dev/net/tun \
--net=vpn \ # created this network in attempt to proxy into the webservice
-v /path/to/vpn/config:/config \
-v pia_port:/var/run/pia/ \
-p 9091:9091 \
--name=openvpn_run \
openvpn-client

docker run -d --rm \
--net=container:openvpn_run \
-v /path/to/transmission/config:/config \
-v pia_port:/var/run/pia \
-v /path/to/torrent/data:/data \
-v /etc/localtime:/etc/localtime:ro \
--name transmission_run \
transmission

logs for vpn

Fri Jan  4 11:18:27 2019 OpenVPN 2.4.6 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4 [EPOLL] [MH/PKTINFO] [AEAD] built on Jul  8 2018
Fri Jan  4 11:18:27 2019 library versions: LibreSSL 2.7.4, LZO 2.10
Fri Jan  4 11:18:27 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Fri Jan  4 11:18:27 2019 TCP/UDP: Preserving recently used remote address [AF_INET]172.98.67.90:1198
Fri Jan  4 11:18:27 2019 UDP link local: (not bound)
Fri Jan  4 11:18:27 2019 UDP link remote: [AF_INET]172.98.67.90:1198
Fri Jan  4 11:18:27 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jan  4 11:18:27 2019 [3587aa6b4db509fb071d1fc99096531a] Peer Connection Initiated with [AF_INET]172.98.67.90:1198
Fri Jan  4 11:18:28 2019 TUN/TAP device tun0 opened
Fri Jan  4 11:18:28 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Jan  4 11:18:28 2019 /sbin/ip link set dev tun0 up mtu 1500
Fri Jan  4 11:18:28 2019 /sbin/ip addr add dev tun0 local 10.45.10.6 peer 10.45.10.5
Fri Jan  4 11:18:28 2019 /usr/local/bin/up.sh tun0 1500 1558 10.45.10.6 10.45.10.5 init
Fri Jan  4 11:18:30 2019 Initialization Sequence Completed

logs for torrent

[2019-01-04 11:32:39.301] Transmission 2.94 (d8e60ee44f) started (session.c:740)
[2019-01-04 11:32:39.301] RPC Server Adding address to whitelist: 127.0.0.1 (rpc-server.c:971)
[2019-01-04 11:32:39.301] RPC Server Serving RPC and Web requests on port 127.0.0.1:9091/transmission/ (rpc-server.c:1213)
[2019-01-04 11:32:39.301] UDP Failed to set receive buffer: requested 4194304, got 425984 (tr-udp.c:84)
[2019-01-04 11:32:39.301] UDP Please add the line "net.core.rmem_max = 4194304" to /etc/sysctl.conf (tr-udp.c:89)
[2019-01-04 11:32:39.301] UDP Failed to set send buffer: requested 1048576, got 425984 (tr-udp.c:95)
[2019-01-04 11:32:39.301] UDP Please add the line "net.core.wmem_max = 1048576" to /etc/sysctl.conf (tr-udp.c:100)
[2019-01-04 11:32:39.301] DHT Reusing old id (tr-dht.c:307)
[2019-01-04 11:32:39.301] DHT Bootstrapping from 112 IPv4 nodes (tr-dht.c:156)
[2019-01-04 11:32:39.301] Using settings from "/config" (daemon.c:528)
[2019-01-04 11:32:39.301] Saved "/config/settings.json" (variant.c:1266)
[2019-01-04 11:32:39.301] Transmission 2.94 (d8e60ee44f) started (session.c:740)
[2019-01-04 11:32:39.301] RPC Server Adding address to whitelist: 127.0.0.1 (rpc-server.c:971)
[2019-01-04 11:32:39.301] RPC Server Serving RPC and Web requests on port 127.0.0.1:9091/transmission/ (rpc-server.c:1213)
[2019-01-04 11:32:39.301] UDP Failed to set receive buffer: requested 4194304, got 425984 (tr-udp.c:84)
[2019-01-04 11:32:39.301] UDP Please add the line "net.core.rmem_max = 4194304" to /etc/sysctl.conf (tr-udp.c:89)
[2019-01-04 11:32:39.301] UDP Failed to set send buffer: requested 1048576, got 425984 (tr-udp.c:95)
[2019-01-04 11:32:39.301] UDP Please add the line "net.core.wmem_max = 1048576" to /etc/sysctl.conf (tr-udp.c:100)
[2019-01-04 11:32:39.301] DHT Reusing old id (tr-dht.c:307)
[2019-01-04 11:32:39.301] DHT Bootstrapping from 112 IPv4 nodes (tr-dht.c:156)
[2019-01-04 11:32:39.301] Using settings from "/config" (daemon.c:528)
[2019-01-04 11:32:39.301] Saved "/config/settings.json" (variant.c:1266)

Although it may be unrelated, the failure manifests as the webservice page continuing to load indefinitely instead of an immediate ERR_CONNECTION_REFUSED.

EDIT: Not relevant since the same error is produced when the web interface is working.
Attempting to curl the localhost:9091 results in <h1>301: Moved Permanently</h1>

Running Syncthing from the dockercontainer does not appear to allow for local discovery.
Each node appears as Offline.
Nodes cannot communicate with the container.

  -p 22000:22000 \
  -p 8080:8080 \
  -p 21025:21025/udp \

The following command is executed within the following files:
dockerfiles / syncthing / Dockerfile
dockerfiles / syncthing / Dockerfile.supervisord

Had to change the following line

RUN useradd --no-create-home -g users -uid 22000 syncthing

to

RUN useradd --no-create-home -g users -u 22000 syncthing

to fix the follwing error.

useradd: invalid user ID 'id'
The command [/bin/sh -c useradd --no-create-home -g users -uid 22000 syncthing] returned a non-zero code: 3

Im trying to set this up because i want to isolate my torrents to VPN but allow my other services to run on regular lan...Just came accross this and it looks like exactly what i need. I have never used docker before, is there any pointers you can give?

Thanks

Following the instructions in the README I get to the second step but get the following error when running the docker run command - docker run --volumes-from omd_config -v $(pwd):/home -it ubuntu /bin/bash.

FATA[0000] Error response from daemon: container omd_config not found, impossible to mount its volumes

The container seems to have built okay and the first docker run command looks like it was okay also.

Docker version is 1.5 on Ubuntu 14.04.

Thanks for creating these Dockerfiles, it's so interesting to see you making your own. I've had a hard time getting a config working for the RaspberryPi4 (well a reliable one at least!)

I followed the instructions for OpenVpn, but in the logs, it looks like there's an inactivity timeout, could it be related to PIA deprecating and launching the nextgen servers?

Sun Nov 22 18:17:32 2020 OpenVPN 2.4.9 armv7-alpine-linux-musleabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Apr 20 2020
Sun Nov 22 18:17:32 2020 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10
Sun Nov 22 18:17:32 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Nov 22 18:17:32 2020 CRL: loaded 1 CRLs from file [[INLINE]]
Sun Nov 22 18:17:32 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]156.146.63.1:1198
Sun Nov 22 18:17:32 2020 UDP link local: (not bound)
Sun Nov 22 18:17:32 2020 UDP link remote: [AF_INET]156.146.63.1:1198
Sun Nov 22 18:18:32 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting
Sun Nov 22 18:18:32 2020 SIGUSR1[soft,ping-restart] received, process restarting
Sun Nov 22 18:18:37 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Nov 22 18:18:37 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]156.146.63.65:1198
Sun Nov 22 18:18:37 2020 UDP link local: (not bound)
Sun Nov 22 18:18:37 2020 UDP link remote: [AF_INET]156.146.63.65:1198
Sun Nov 22 18:19:37 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting
Sun Nov 22 18:19:37 2020 SIGUSR1[soft,ping-restart] received, process restarting
Sun Nov 22 18:19:42 2020 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Nov 22 18:19:42 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]156.146.63.1:1198
Sun Nov 22 18:19:42 2020 UDP link local: (not bound)
Sun Nov 22 18:19:42 2020 UDP link remote: [AF_INET]156.146.63.1:1198

2016-03-04 11:25:21 Starting the build
2016-03-04 11:25:24 Cloning code source from repo https://github.com/firecat53/dockerfiles.git on branch:master
2016-03-04 11:25:24 Cloning into '/tmp/tmpds1qcd'...
2016-03-04 11:25:28 Submodule 'docker-gen' (https://github.com/jwilder/docker-gen.git) registered for path 'docker-gen'
2016-03-04 11:25:28 Submodule 'docker-letsencrypt-nginx-proxy-companion' (https://github.com/JrCs/docker-letsencrypt-nginx-proxy-companion) registered for path 'docker-letsencrypt-nginx-proxy-companion'
2016-03-04 11:25:28 Cloning into 'docker-gen'...
2016-03-04 11:25:34 Submodule path 'docker-gen': checked out 'f27f281b1340654435c4912ff9927409481d67c2'
2016-03-04 11:25:34 Cloning into 'docker-letsencrypt-nginx-proxy-companion'...
2016-03-04 11:25:39 Submodule path 'docker-letsencrypt-nginx-proxy-companion': checked out '56e4b43d35526ebdd584d1b87c983a789ea4d3a7'
2016-03-04 11:25:44 Looking for old image. Please wait
2016-03-04 11:26:01 Dockerfile path: /tmp/tmpds1qcd/syncthing_discovery/Dockerfile. Build context path: /tmp/tmpds1qcd/syncthing_discovery
2016-03-04 11:26:01 Sending build context to Docker daemon 7.68 kB
Sending build context to Docker daemon 7.68 kB
2016-03-04 11:26:01 Step 1 : FROM ubuntu:trusty
2016-03-04 11:26:05 trusty: Pulling from library/ubuntu
2016-03-04 11:26:05 Digest: sha256:641d8c5895f973eda85a3c0f649cd81b86fe46a151281ff23dce4a51707a0aad
2016-03-04 11:26:05 Status: Image is up to date for ubuntu:trusty
2016-03-04 11:26:05 ---> 8ed581e3fa7a
2016-03-04 11:26:05 Step 2 : MAINTAINER Scott Hansen [email protected]
2016-03-04 11:26:05 ---> Using cache
2016-03-04 11:26:05 ---> 8c27bd75a8cf
2016-03-04 11:26:05 Step 3 : ADD http://build.syncthing.net/job/discosrv/lastSuccessfulBuild/artifact/discosrv-linux-amd64.tar.gz /discosrv.tar.gz
2016-03-04 11:26:09 ---> Using cache
2016-03-04 11:26:09 ---> 07fd837456c1
2016-03-04 11:26:09 Step 4 : RUN tar -xzvf discosrv.tar.gz && rm discosrv.tar.gz && mv discosrv* discosrv
2016-03-04 11:26:10 ---> Using cache
2016-03-04 11:26:10 ---> a40bf0ed85b5
2016-03-04 11:26:10 Step 5 : ADD cert.pem /discosrv/
2016-03-04 11:26:10 lstat cert.pem: no such file or directory
2016-03-04 11:26:15 Sending build context to Docker daemon 7.68 kB
Sending build context to Docker daemon 7.68 kB
2016-03-04 11:26:15 Step 1 : FROM ubuntu:trusty
2016-03-04 11:26:18 trusty: Pulling from library/ubuntu
2016-03-04 11:26:18 Digest: sha256:641d8c5895f973eda85a3c0f649cd81b86fe46a151281ff23dce4a51707a0aad
2016-03-04 11:26:18 Status: Image is up to date for ubuntu:trusty
2016-03-04 11:26:18 ---> 8ed581e3fa7a
2016-03-04 11:26:18 Step 2 : MAINTAINER Scott Hansen [email protected]
2016-03-04 11:26:19 ---> Using cache
2016-03-04 11:26:19 ---> 8c27bd75a8cf
2016-03-04 11:26:19 Step 3 : ADD http://build.syncthing.net/job/discosrv/lastSuccessfulBuild/artifact/discosrv-linux-amd64.tar.gz /discosrv.tar.gz
2016-03-04 11:26:21 ---> Using cache
2016-03-04 11:26:21 ---> 07fd837456c1
2016-03-04 11:26:21 Step 4 : RUN tar -xzvf discosrv.tar.gz && rm discosrv.tar.gz && mv discosrv* discosrv
2016-03-04 11:26:22 ---> Using cache
2016-03-04 11:26:22 ---> a40bf0ed85b5
2016-03-04 11:26:22 Step 5 : ADD cert.pem /discosrv/

**2016-03-04 11:26:22 lstat cert.pem: no such file or directory

2016-03-04 11:26:22 Build failed! Please check errors in the log. If you need help, please cut a ticket to us**

The docker create command given in the syncthing/README.md does not work:

% docker create -v /config --name syncthing_config myscratch true
Unable to find image 'myscratch:latest' locally
Error response from daemon: pull access denied for myscratch, repository does not exist or may require 'docker login'

It is unclear to me what's supposed to look like...

Thanks!