Skip to content
This repository has been archived by the owner on Mar 16, 2024. It is now read-only.

Container with network_mode set on vpn client not starting #86

Open
HDebeuf opened this issue Oct 23, 2022 · 2 comments
Open

Container with network_mode set on vpn client not starting #86

HDebeuf opened this issue Oct 23, 2022 · 2 comments

Comments

@HDebeuf
Copy link

HDebeuf commented Oct 23, 2022
edited
Loading

I'm trying to setup a VPN client on a balena.io powered Raspberry Pi 4 from my local network to a remote network who has an OpenVPN server container set.
The aim is to set an eclipse-mosquitto mqtt in my local network and let is subscribe to a remote eclipse-mosquitto mqtt instance to get securely remote Unraid server statistics and display results in my local Home Assistant dashboard.

The issue I encounter, is that my local mqtt instance doesn't start when I add the network_mode: service:openvpn. I've also tried with network_mode: container:openvpn. No logs are thrown helping me to discover the root cause.
Trying with another container like nginx seems to result with the same issue.
The OpenVPN client seem to correctly connect to the remote network as I am able to SSH into the container and ping my remote mqtt instance or other devices.
When I remove the network_mode on the container, it starts as expected.

My compose file:

version: "2.1"

volumes:
    mqtt_config:
    vpn_config:

services:
  openvpn:
    image: ghcr.io/wfg/openvpn-client:latest
    cap_add:
      - net_admin
    restart: unless-stopped
    environment:
      - KILL_SWITCH= iptables
      - HTTP_PROXY=on
      - SOCKS_PROXY=on
      - SUBNETS=192.168.178.0/24 
      - VPN_CONFIG_FILE=configfilename.ovpn
    ports:
      - 11883:1883
      - 19001:9001
    devices:
      - "/dev/net/tun:/dev/net/tun"
    volumes:
      - vpn_config:/data/vpn
    sysctls:
      - net.ipv6.conf.all.disable_ipv6=0

  mqtt:
    image: eclipse-mosquitto
    network_mode: container:openvpn
    volumes:
      - mqtt_config:/mosquitto/config
    restart: unless-stopped
    depends_on:
      - openvpn

Have you got any advice for this kind of setup?

Thank you.

Best regards,
@ungerrj
Copy link

ungerrj commented Nov 9, 2022

The particular syntax I'm using for the same approach (successfully) is
network_mode: "service: openvpn"

I believe using service in compose means you're referencing another container started within this compose (composition?) whereas container would refer to something started independently.

I haven't done any testing with your approach, but I am using double quotes on mine, which could play a role if it's looking for a string value on that key.

@HDebeuf
Copy link
Author

HDebeuf commented Nov 10, 2022

@ungerrj
Thank you for the tip.
I gave it a try by testing service and container mode, but unfortunately the same issue occurs.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ungerrj @HDebeuf