s6-sudoc: fatal: unable to get exit status from server: Operation timed out about docker-openvpn-client HOT 14 CLOSED

Glad this is working now with the variable S6_CMD_WAIT_FOR_SERVICES_MAXTIME, I'll update the docs & image with this as well.

The custom provider code needs more work, it's pretty messy right now.

I'm gonna close this issue, please reopen it if needed, and really appreciate your help jumping through hoops to test this.

from docker-openvpn-client.

Hey,

I ran into this once as well yesterday. I shutdown the container, and redeployed (I use compose). Can you please try doing that, and let me know if the issue persists?

from docker-openvpn-client.

I tried it several times with docker run and now also with docker-compose, every time with the same outcome.

from docker-openvpn-client.

A few things I don't use Synology so some questions may be silly :

• Are you invoking the docker run command as root? Or "high privilege" in the Synology UI? - If you're not root you should be. sudo su to become root.
• Why are you mounting docker.sock?
• While the container is not working correctly, is it still up/running? Can you docker exec -it container_name bash to it?
  • if so provide the output of the following commands: ps aux and pstree -p
• can you try using the below docker run command instead (as root).
• provide output of docker logs container_name again

docker run --cap-add=NET_ADMIN -d --name vpn_test \
-e OPENVPN_PROVIDER='VPNUNLIMITED' \
-e OPENVPN_CONFIG='fr' \
-e OPENVPN_USERNAME='user' \
-e OPENVPN_PASSWORD='password' \
--dns 1.1.1.1 --dns 1.0.0.1 \
jsloan117/docker-openvpn-client

from docker-openvpn-client.

A few things I don't use Synology so some questions may be silly :

No problem

* Are you invoking the `docker run` command as root? Or "high privilege" in the Synology UI? - If you're not root you should be. `sudo su` to become root.

Yes, I'm becoming root with sudo -i

* Why are you mounting `docker.sock`?

Yes, with -v /var/run/docker.sock:/var/run/docker.sock \

* While the container is not working correctly, is it still up/running? Can you `docker exec -it container_name bash` to it?

To test that I was running docker run again, and now it is running. Really strange. 😕

Thanks again.

When I'm having this problem again, I will add the wanted information.

👍

from docker-openvpn-client.

And just I finished the post, watchtower updated my OpenVPN to version 3.1.1 and the error is back. I will add the information as soon as possible.

from docker-openvpn-client.

• While the container is not working correctly, is it still up/running? Can you docker exec -it container_name bash to it?

Yes

  * if so provide the output of the following commands: `ps aux` and `pstree -p`

ps aux

PID   USER     TIME  COMMAND
    1 root      0:00 /package/admin/s6/command/s6-svscan -d4 -- /run/service
   14 root      0:00 s6-supervise s6-linux-init-shutdownd
   18 root      0:00 /package/admin/s6-linux-init/command/s6-linux-init-shutdow
   21 root      0:00 s6-supervise s6rc-oneshot-runner
   22 root      0:00 s6-supervise s6rc-fdholder
   23 root      0:00 s6-supervise openvpn
   29 root      0:00 /package/admin/s6/command/s6-ipcserverd -1 -- /package/adm
  108 root      0:00 bash
  133 root      0:00 ps aux

pstree -p

s6-svscan(1)-+-s6-supervise(14)---s6-linux-init-s(18)
             |-s6-supervise(21)---s6-ipcserverd(29)
             |-s6-supervise(22)
             `-s6-supervise(23)

* can you try using the below `docker  run` command instead (as root).

* provide output of `docker logs container_name` again

docker run --cap-add=NET_ADMIN -d --name vpn_test \
-e OPENVPN_PROVIDER='VPNUNLIMITED' \
-e OPENVPN_CONFIG='fr' \
-e OPENVPN_USERNAME='user' \
-e OPENVPN_PASSWORD='password' \
--dns 1.1.1.1 --dns 1.0.0.1 \
jsloan117/docker-openvpn-client

docker logs vpn_test

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service setup-openvpn: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
Using OpenVPN provider: VPNUNLIMITED
Starting container with revision: 64794a391a9f7832561a5354194a1383a539b077
Creating TUN device /dev/net/tun
Downloading configs from https://github.com/haugene/vpn-configs-contrib/archive/main.zip into /tmp/tmp.DfnkKc
Extracting configs to /tmp/tmp.FJkdaI
s6-rc: fatal: timed out
s6-sudoc: fatal: unable to get exit status from server: Operation timed out
Found configs for VPNUNLIMITED in /tmp/tmp.FJkdaI/vpn-configs-contrib-main/openvpn/vpnunlimited, will replace current content in /etc/openvpn/vpnunlimited
Cleanup: deleting /tmp/tmp.DfnkKc and /tmp/tmp.FJkdaI

Hopefully you'll find a solution
Greetings Fischy

from docker-openvpn-client.

Fischy - I really appreciate your help here!

So my working theory here is that the s6 oneshot script setup-openvpn is taking "too long" to complete, thus timing out.

I believe per the s6 docs there is a timeout-up file I can create in the services directory, that may help.

While I start doing more research into the timeout-up file and other things. Can you try the below, I think this should be able to test of my theory.

First test case:

• create a file called timeout-up that contains 0. Zero means wait forever. You could try 60000 or greater if you wish.

   cat timeout-up
   0

• mount that file into the openvpn s6-rc folder. e.g. -v ~/timeout-up:/etc/s6-overlay/s6-rc.d/openvpn/timeout-up

Second test case:

Unfortunately, I don't have it documented you may be able to try using a custom OPENVPN_PROVIDER and directly mount your fr ovpn file. This is likely to be still problematic since even when I did this it still wanted to download the ZIP file from GitHub. This makes me think I've got some code cleanup/fixing to do, to prevent that from occurring when using a custom provider. As well as IMO if the configs are already downloaded, don't re-download them.

e.g.

docker run....
-v ~/test.ovpn:/etc/openvpn/custom/default.ovpn
-e OPENVPN_PROVIDER='custom'
....
...

Third test case:

I don't think this will make a difference, but an easy test.

• set a environment variable called S6_CMD_WAIT_FOR_SERVICES_MAXTIME to 60000.

from docker-openvpn-client.

I've also opened an issue with the s6-overlay team since I still really don't know a whole lot about the s6 setup. Just enough to get the job done or I thought lol.

just-containers/s6-overlay#433

from docker-openvpn-client.

The added the file timeout-up as volume but this unfortunately changed nothing. I tried both proposed values (0 and 60000)
Although with v3.1.1 I noticed, that only the first start of a new created container fails. Every start after that works fine.

from docker-openvpn-client.

• Why are you mounting docker.sock?

Sorry, I misread this question. I'm mounting docker.sock so that other containers can connect trough this container using:

--net=container:OpenVPN \

You're probably asking this because it's not necessary, correct?

from docker-openvpn-client.

I remember now: I tried to restart the qBittorrent-container from within the OpenVPN-container.

from docker-openvpn-client.

• Why are you mounting docker.sock?

Sorry, I misread this question. I'm mounting docker.sock so that other containers can connect trough this container using:

--net=container:OpenVPN \

You're probably asking this because it's not necessary, correct?

That is correct it shouldn't be necessary. I have two other containers attached to my VPN without this. But I don't try to stop/start containers from within the OpenVPN container either. Either way, this is not related to the issue I was just curious and tested it on the off chance that it was a factor.

Were you able to test setting the S6_CMD_WAIT_FOR_SERVICES_MAXTIME env variable? e.g. -e S6_CMD_WAIT_FOR_SERVICES_MAXTIME=60000

from docker-openvpn-client.

I totally forgot to test this. Seems to work fine. I tried several times with and without this env variable.
With it, it worked every time, without it only very rare.

Thanks.

ps. I did not get it to work with OPENVPN_PROVIDER='custom'

from docker-openvpn-client.