Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Would you be interested in documentation for systemd integration? #69

Closed
d5ve opened this issue Apr 28, 2016 · 9 comments
Closed

Would you be interested in documentation for systemd integration? #69

d5ve opened this issue Apr 28, 2016 · 9 comments

Comments

@d5ve
Copy link
Contributor

d5ve commented Apr 28, 2016

Hi,

Thanks for this very useful piece of software.

I've set up docker-transmission-openvpn as a systemd service so that it starts at boot time, and restarts if it fails.

Would it be useful for me to document this for addition to the README? If so, I'll raise a pull request.

Cheers,

Dave

@haugene
Copy link
Owner

haugene commented Apr 28, 2016

Hey Dave, and thanks.

Yeah, that would be a great addition for the README. Just out of curiosity, how are you doing the restart on fail thing? Are you checking if the connection is working, or restart the container if it exits?

Looking forward to your PR

Kristian

@d5ve
Copy link
Contributor Author

d5ve commented Apr 28, 2016

Currently it is just triggered by the container not being running, so won't pick up the case where the VPN isn't active inside the running container.

@haugene
Copy link
Owner

haugene commented Apr 28, 2016

Allright. Then you might be able to combine it with the --ping-exit option for OpenVPN. If you set openvpn to exit when ping fails, then the container will stop. Then if you run the container with --restart=always, it should be restarted every time it goes down. See #61.

Was also thought to go into the README at some point :)

@d5ve
Copy link
Contributor Author

d5ve commented Apr 29, 2016

The following /etc/systemd/system/transmission-openvpn.service appears to work pretty well in testing. It does leak occasional zombie processes, depending on how I kill the container or things running on the container. My VPN connection is quite stable, so I've not yet had a real instance of --ping-exit triggering.

Do you have any suggestions on the zombie process issue?

[Unit]
Description=haugene/transmission-openvpn docker container
After=docker.service
Requires=docker.service

[Service]
User=bittorrent
TimeoutStartSec=0
ExecStartPre=-/usr/bin/docker kill transmission-openvpn
ExecStartPre=-/usr/bin/docker rm transmission-openvpn
ExecStartPre=/usr/bin/docker pull haugene/transmission-openvpn
ExecStart=/usr/bin/docker run \
        --name transmission-openvpn \
        --privileged \
        -v /home/bittorrent/data/:/data \
        -e "OPENVPN_CONFIG=Netherlands" \
        -e "OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60" \
        -e "OPENVPN_PASSWORD=hunter2" \
        -e "OPENVPN_PROVIDER=TORGUARD" \
        -e "[email protected]" \
        -e "TRANSMISSION_RATIO_LIMIT=5" \
        -e "TRANSMISSION_RATIO_LIMIT_ENABLED=true" \
        -e "TRANSMISSION_UMASK=0" \
        -p 9091:9091 \
        --dns 8.8.8.8 \
        --dns 8.8.4.4 \
        haugene/transmission-openvpn
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target

@d5ve
Copy link
Contributor Author

d5ve commented May 1, 2016

I tried switching the base image to https://github.com/phusion/baseimage-docker in the Dockerfile as that claimed to prevent zombie processes, but that didn't appear to work - looking back I think I missed the most important step with this however.

Then I used https://github.com/Yelp/dumb-init in the Dockerfile, and that has worked so far. See the commit at d5ve@7fb222e

@haugene
Copy link
Owner

haugene commented May 9, 2016

Hey again! Sorry for the late reply, I've had an AFK week :)

But cool, this looks good! I've seen people use the tini init system but had to read up on the dumb-init. Looks to be much of the same and it's probably a good idea to have a small init running to deal with some issues. I assume it's been running smoothly since you introduced dumb-init?

If you could open a PR to the dev branch with this plus a readme section for the systemd service that would be awesome :)

@aaronblair
Copy link
Contributor

I have been having a lot of success running the container with --restart=always (as haugene mentioned). Is the purpose of the systemd script to catch the circumstance where the container is running, but not connected to the VPN?

@d5ve
Copy link
Contributor Author

d5ve commented May 13, 2016

The container has been running reliably since I switched to dumb-init, and came up well and without zombies when I last restarted the box.
I'll work on a PR now.

@aaronblair The OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60 bit in the docker command should have the container exit when the VPN connection is closed for any reason. Then the --restart=always bit should have things restarted automatically.

@haugene
Copy link
Owner

haugene commented May 13, 2016

Documentation merged, closing this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants