Docker-transmission-openvpn: Inactivity timeout while connecting to Anonine

I edited out the password from your original post, just in case.

Did the IP/network range of your client change?
Can you access the actual transmission web interface with a browser from outside of the container? If not, does a curl call to localhost work from within the container?

Thanx for the password edit :)
My pc's still in the same network range, 192.168.1/24, cannot connect with the web interface from my pc on the same LAN.
When trying curl localhost or curl localhost:9091 from inside the container I get; _curl: (7) Failed to connect to localhost port 9091: Connection refused_ (and the container kicks me out after something like 10 seconds, which makes searching for errors and configs annyoing.

The Transmission UI is never available because it can't complete the connection. Transmission is only started when the tunnel goes up, and is killed when it goes down. That's the security feature.

I can't necessarily say why it ping-exits, but that's what's happening. You set

OPENVPN_OPTS=--inactive 3600 --ping 10 --ping-exit 60

And all your logs look something like:

Thu Mar  7 11:30:19 2019 UDP link local: (not bound),
Thu Mar  7 11:30:19 2019 UDP link remote: [AF_INET]103.194.171.157:443,
Thu Mar  7 11:31:19 2019 [UNDEF] Inactivity timeout (--ping-exit), exiting,
Thu Mar  7 11:31:19 2019 SIGTERM[soft,ping-exit] received, process exiting,

Note that it's exactly 1 minute after trying to connect to the remote, and it says that it's exiting because of the ping-exit. You can read more about that option here: https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/

The reason we use ping, ping-exit and inactivity flags is that we assume that if no communications happens over the tunnel for a period of time something is broken and the container should restart.
This looks to be connectivity problems. Check your host, networking in the container and the validity of the config you're using. Also try using another config file.

And FYI. GitHub has a revision-log for all edits, and I think there's more in there than you want. I'm probably drawing more attention to it by mentioning it. But if those are your real passwords, you need to change them :) Just click "edited by ..." on your post and you can see them all.

haugene is right.
I went off in a completely wrong direction because I assumed the reconnection loop stopped at the end of your log.
Yeah.. I know what they say about assumptions.. :)

Interesting stuff on the revision log, btw.
Transparency by design. I like it.
Always just assumed [I did it again -_-] it was access restricted to the specific user and collaborators+ of the specific repo.

Hah. Had to test it myself, went incognito and had a look before I posted. But yeah, very transparent.
Luckily we can delete our own blunders @h45rd ;) #evillaugh

Deleted the edits (I hope, changed password at anonine anyways :)
But back to the problem, can't seem to find anything wrong with the yml file, haven't changed anything on the server (a lot of other containers are happily running and are connectable),
tried to get some network info from within the container, but it's difficult since tools are not installed in it. Everything feels weird since it worked a few days ago, haven't change any settings on the server (that I can think of).

Anyone that can get any info from this? Commands ran from within the container.
``
_cat /etc/resolv_
nameserver 127.0.0.11

_cat /etc/hosts_
127.0.0.1 localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.19.0.24 abbbcfb2a2c9

_ip addr_
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
58631: eth0@if58632: mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:ac:13:00:18 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 172.19.0.24/16 brd 172.19.255.255 scope global eth0
valid_lft forever preferred_lft forever

_cat /etc/network/interfaces_
interfaces(5) file used by ifup(8) and ifdown(8)
Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

_cat /etc/resolv.conf_ nameserver 127.0.0.11
options ndots:0
``

Have you tried different OPENVPN_CONFIG values as I proposed?
Can you download the ovpn configs from Anonine and compare them to the ones in this repo?
https://github.com/haugene/docker-transmission-openvpn/tree/master/openvpn/anonine

I'll try that tomorrow, too tired right now to look into it. Thanx for all help and suggestions!

I'm having the exact same problem with PIA. It was working fine for days and just a few days ago I get a time-out over and over and over. Even tried swapping to different OPENVPN_CONFIG and getting nowhere. Did you ever figure out what was going wrong @b0red ?

I'm having the exact same problem with PIA. It was working fine for days and just a few days ago I get a time-out over and over and over. Even tried swapping to different OPENVPN_CONFIG and getting nowhere. Did you ever figure out what was going wrong @b0red ?

No, I never figured it out. It might have something to do with that my vpn (Anonine) changed their settings/configs.

Have you tried different OPENVPN_CONFIG values as I proposed?
Can you download the ovpn configs from Anonine and compare them to the ones in this repo?
https://github.com/haugene/docker-transmission-openvpn/tree/master/openvpn/anonvpn

Took a configfile from Anonine (exit in florida) and it looks like this `(OpenVPN):

client
dev tun
proto udp
; Cert
remote-cert-tls server
cipher AES-256-CBC
;Host
resolv-retry infinite
;auth
auth-user-pass
auth-nocache
keepalive 10 30

remote us-fl.anonine.net 1195
persist-key
persist-remote-ip
nobind

sndbuf 0
rcvbuf 0

comp-lzo

verb 2
<ca>
-----BEGIN CERTIFICATE-----
MIIEpDCCA4ygAwIBAgIJAOd5R0TxMVIKMA0GCSqGSIb3DQEBBQUAMIGSMQswCQYD
VQQGEwJHQjELMAkGA1UECBMCTE4xDzANBgNVBAcTBkxvbmRvbjEPMA0GA1UEChMG
dnBuc3ZjMQ8wDQYDVQQLEwZ2cG5zdmMxEzARBgNVBAMTCnZwbnN2Yy5jb20xDzAN
BgNVBCkTBnZwbnN2YzEdMBsGCSqGSIb3DQEJARYObm9jQHZwbnN2Yy5jb20wHhcN
MTQwNzE5MTkyODA1WhcNMjQwNzE2MTkyODA1WjCBkjELMAkGA1UEBhMCR0IxCzAJ
BgNVBAgTAkxOMQ8wDQYDVQQHEwZMb25kb24xDzANBgNVBAoTBnZwbnN2YzEPMA0G
A1UECxMGdnBuc3ZjMRMwEQYDVQQDEwp2cG5zdmMuY29tMQ8wDQYDVQQpEwZ2cG5z
dmMxHTAbBgkqhkiG9w0BCQEWDm5vY0B2cG5zdmMuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA2rEog9Wr5D3TRIkQUk5Tja0PT21cj2G9FMKzJRQW
YUwOlrcqjELDB3fvADOvC9tWYkS6K9HVRXbLexKhuPkWdoWbTGgoAWKzZhP600Vh
WEULr+hfCYxn4kgkN3b0vo3bUklAmV23t7jEMMsdZNLdhiEYXg0pIyEnDBLCeDtH
WxcgdyzqgbOolwhPm9v45MlBOePCjJFgzkI+8mYBeFmvsonBrkitb6FqXnniKrTU
xEfwTAnCN+Q1E0W0UI7NMpgXT0gpf0SdFnhvkc6duwtiZSBenBBthVTAxnALvj4I
jRQxGGNB6yzVx/LFZsFSi2WUDwqUJM1z3adDXC6ZOCavOwIDAQABo4H6MIH3MB0G
A1UdDgQWBBTER0fXSVgKnZ7aL3kgz25yi45x4jCBxwYDVR0jBIG/MIG8gBTER0fX
SVgKnZ7aL3kgz25yi45x4qGBmKSBlTCBkjELMAkGA1UEBhMCR0IxCzAJBgNVBAgT
AkxOMQ8wDQYDVQQHEwZMb25kb24xDzANBgNVBAoTBnZwbnN2YzEPMA0GA1UECxMG
dnBuc3ZjMRMwEQYDVQQDEwp2cG5zdmMuY29tMQ8wDQYDVQQpEwZ2cG5zdmMxHTAb
BgkqhkiG9w0BCQEWDm5vY0B2cG5zdmMuY29tggkA53lHRPExUgowDAYDVR0TBAUw
AwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAUhx6JtpLc3JEZXs2INJQrCnbaXDHxkw4
vPxbVWcCa3RB2fJ86ICjAjhqDChOChVm5mwuwxMZR6oqKHwT1R5yad/vxoYAh2nd
45Yc5l+ETtGUOEqxBiAWUqv7SkwtgqQO1yFnKu2EcUFoEWc9CUdwKzYSTDmF7hdD
C14AvXBjGWd52hOqd62/Yq3GyzJIJHmnbGGPIKYiNwkg/vfSsjpVlnL7gMGGSvlU
oUUEcbjkaGDhKwnl5PE4IR7axC96HNzzWdYnYoPLKY33QMbPzpnUne23Ntf3+5HB
LsIO/T4+Lj9xn5EfHy0t0ct4eO9QX3DC3PT4zL8LYqvXBLeK02J43g==
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
92fadba5205d257d7fc4e30f1537ff9d
0f0076151a9664b3816f0dcb4e6d8e1d
5dfb3bf2e6729692703389e6a4c3096f
39548990dbf103c23481ec28bd6f6514
a185507eac197efae1a7f0daacbfa077
7865f4a421bb9a49a5275aac14512327
3d4abd7329f8964985ca21323ec900a3
4aa1c33e9a61ac5422c8d0bf890f998a
13e1d9047df9ac1b103689de2b7eeb52
f817fbe6be062199ff92d380f35548b5
236aa77f928b707921909d9a8c8f8564
ac351ddce3548107fef11d9bc69fcc10
99e82cde204af796a20c8ccdccc4afed
c22ad9cc4539286b4894b00c2096a334
b9b8c68be4c5dd50723c506f39f35dc5
70d63e54348f1676715be7f7325658e8
-----END OpenVPN Static key V1-----
</tls-auth>

Compared to one from the suggestion; (anonvpn)

proto udp
remote chicago-ovpn.anonvpn.io 443
remote 196.52.21.193 443
script-security 2
client
dev tun
#proto udp
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-128-CBC
keysize 128
comp-lzo
verb 4
mute 5
tun-mtu 1500
mssfix 1450
auth-user-pass /config/openvpn-credentials.txt
reneg-sec 0
route-method exe
route-delay 1 10
route-metric 512
route 0.0.0.0 0.0.0.0
<ca>
-----BEGIN CERTIFICATE-----
          ... removed ...
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=WA, L=Seattle, O=AnonVPN, OU=anonvpn.io, CN=AnonVPN CA root/[email protected]
        Validity
            Not Before: Dec 22 17:34:59 2015 GMT
            Not After : Dec 19 17:34:59 2025 GMT
        Subject: C=US, ST=WA, L=Seattle, O=AnonVPN, OU=anonvpn.io, CN=client/[email protected]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:af:87:57:0f:b0:06:7a:4d:9d:e0:6e:b2:9f:3d:
                    00:6f:94:14:d5:79:f4:f2:90:b5:29:e4:3f:10:69:
                    f8:c4:79:1c:d4:29:1d:93:8a:8b:22:eb:28:21:04:
                    47:90:11:f3:d5:81:a4:00:0c:c6:83:f2:9f:cd:4d:
                    09:4c:81:b9:95:3e:65:54:eb:94:b6:ab:48:02:cd:
                    50:1f:90:e8:40:b9:e7:a5:46:23:af:1d:13:46:59:
                    13:bd:d9:9f:f3:55:08:03:a2:11:82:8c:23:9b:71:
                    bd:71:8a:8e:a9:fb:7a:41:2c:8e:72:93:0a:dc:56:
                    e8:63:df:ae:90:52:71:36:69:29:dc:d0:fd:e2:41:
                    f8:fb:98:d6:d9:36:fb:b4:4e:3b:d2:45:bd:18:ee:
                    bc:43:58:7d:fd:e6:99:84:87:63:36:b1:5a:7a:6b:
                    68:27:96:9e:f0:c4:91:97:32:82:5a:f5:19:93:fc:
                    d0:11:b3:4e:7d:f0:40:c5:1e:94:7a:ff:80:00:24:
                    71:f9:83:5f:f0:12:b6:9f:79:86:99:64:e2:d1:37:
                    90:84:42:93:3d:08:4b:ec:ca:eb:4a:a1:bb:b1:a1:
                    c5:73:2c:72:46:d6:30:f0:6c:8e:f3:66:12:d8:e6:
                    da:37:d0:33:b8:65:50:ae:50:4c:3f:04:9e:ce:f6:
                    07:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Key Identifier: 
                B8:26:E9:89:E8:A2:21:6F:80:60:D6:16:A4:88:6C:0F:DF:34:8C:AD
            X509v3 Authority Key Identifier: 
                keyid:CE:CB:A6:4A:7B:AB:DC:D3:5C:1B:F3:A9:99:89:93:15:63:1B:C9:96
                DirName:/C=US/ST=WA/L=Seattle/O=AnonVPN/OU=anonvpn.io/CN=AnonVPN CA root/[email protected]
                serial:F8:C1:6F:4A:52:FF:EE:AF

            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, 1.3.6.1.5.5.7.3.17
            X509v3 Key Usage: 
                Digital Signature
            X509v3 Subject Alternative Name: 
                DNS:client
    Signature Algorithm: sha256WithRSAEncryption
         9f:00:6c:e2:3f:1e:c4:e3:0d:4a:22:9e:b0:f2:22:63:7d:8a:
         e3:eb:6c:b9:52:f5:c4:07:21:ac:61:e8:31:43:ac:92:ee:fe:
         14:39:f5:29:a3:37:19:79:81:2a:9e:da:a0:05:f0:01:85:31:
         09:8f:5a:bd:bf:c5:1f:11:cf:c4:90:f2:d8:9d:32:06:12:15:
         01:ad:65:fb:2f:9c:39:d7:5d:8a:bf:7c:b4:4d:5a:e9:45:fa:
         f2:84:25:4e:c4:56:0f:32:ac:43:21:48:32:6c:4e:58:3d:62:
         9e:bf:f8:90:ff:78:03:1b:3d:ea:07:ba:ab:ff:41:00:6e:53:
         34:dc:cf:ba:b9:09:47:c0:c4:f5:71:75:39:a7:4b:fe:c5:34:
         b7:88:1e:28:73:32:73:92:e7:b0:31:9c:08:74:7b:03:d3:7a:
         dc:7d:09:52:79:23:ab:f5:9c:e7:f2:35:88:fc:b4:40:e0:3a:
         b5:a3:ab:a9:cf:3b:25:ee:03:94:0f:b4:ba:21:dd:1c:1b:cb:
         e4:7e:8e:23:6e:53:63:28:bb:26:91:ea:4a:5c:2d:8c:4a:13:
         3b:1e:f8:3a:09:65:f3:54:37:a8:a9:fd:7d:78:ed:07:19:7c:
         25:b4:6d:37:90:15:ab:84:1e:be:77:6c:e4:d7:d9:da:e1:68:
         a2:8a:35:14
-----BEGIN CERTIFICATE-----
          ... removed...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
          ... removed...
-----END PRIVATE KEY-----
</key>

I got similar problem with Anonine vpn service, tested Norway and Sweden, used to work ok.

@b0red Sorry. I must have misclicked and given you the wrong link. The point was to compare the config files that are checked in here, and the ones you download directly from Anonine. To see if they've changed. Not to compare it with another provider (anonvpn).

@gitsly Can you help check this? Are the config files here up to date with what you get from Anonine?

https://github.com/haugene/docker-transmission-openvpn/pull/741

Looking at that I think updated configs could be the issue. Made a few corrections and merged it to the dev branch. It will be built on the hub soon (could take a little time). So try pulling it again and running the image with the the "dev" tag and Sweden config.

Updated Sweden config is now built and pushed to the dev tag.

Ok, I just tested this one out, and it seems to work like a charm. Should I make an effort to add remaining sites (all the ovpn files) in the same fashion?

If you could, that would be great 👍 And just delete all the old ones.

https://github.com/haugene/docker-transmission-openvpn/pull/743

There are minor differences with the config file I downloaded from PIA, versus what's in the repo here.

client
dev tun
proto udp
remote ca-vancouver.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server

auth-user-pass
compress
verb 1
reneg-sec 0
<crl-verify>
-----BEGIN X509 CRL-----
MIICWDCCAUAwDQYJKoZIhvcNAQENBQAwgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI
EwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRl
cm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAw
HgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0
ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRl
aW50ZXJuZXRhY2Nlc3MuY29tFw0xNjA3MDgxOTAwNDZaFw0zNjA3MDMxOTAwNDZa
MCYwEQIBARcMMTYwNzA4MTkwMDQ2MBECAQYXDDE2MDcwODE5MDA0NjANBgkqhkiG
9w0BAQ0FAAOCAQEAQZo9X97ci8EcPYu/uK2HB152OZbeZCINmYyluLDOdcSvg6B5
jI+ffKN3laDvczsG6CxmY3jNyc79XVpEYUnq4rT3FfveW1+Ralf+Vf38HdpwB8EW
B4hZlQ205+21CALLvZvR8HcPxC9KEnev1mU46wkTiov0EKc+EdRxkj5yMgv0V2Re
ze7AP+NQ9ykvDScH4eYCsmufNpIjBLhpLE2cuZZXBLcPhuRzVoU3l7A9lvzG9mjA
5YijHJGHNjlWFqyrn1CfYS6koa4TGEPngBoAziWRbDGdhEgJABHrpoaFYaL61zqy
MR6jC0K2ps9qyZAN74LEBedEfK7tBOzWMwr58A==
-----END X509 CRL-----
</crl-verify>

<ca>
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIJAKZ7D5Yv87qDMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYD
VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNV
BAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIElu
dGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3Mx
IDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkB
FiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzM1
MThaFw0zNDA0MTIxNzM1MThaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
EzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQg
QWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UE
AxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50
ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVy
bmV0YWNjZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPXD
L1L9tX6DGf36liA7UBTy5I869z0UVo3lImfOs/GSiFKPtInlesP65577nd7UNzzX
lH/P/CnFPdBWlLp5ze3HRBCc/Avgr5CdMRkEsySL5GHBZsx6w2cayQ2EcRhVTwWp
cdldeNO+pPr9rIgPrtXqT4SWViTQRBeGM8CDxAyTopTsobjSiYZCF9Ta1gunl0G/
8Vfp+SXfYCC+ZzWvP+L1pFhPRqzQQ8k+wMZIovObK1s+nlwPaLyayzw9a8sUnvWB
/5rGPdIYnQWPgoNlLN9HpSmsAcw2z8DXI9pIxbr74cb3/HSfuYGOLkRqrOk6h4RC
OfuWoTrZup1uEOn+fw8CAwEAAaOCAVQwggFQMB0GA1UdDgQWBBQv63nQ/pJAt5tL
y8VJcbHe22ZOsjCCAR8GA1UdIwSCARYwggESgBQv63nQ/pJAt5tLy8VJcbHe22ZO
sqGB7qSB6zCB6DELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRMwEQYDVQQHEwpM
b3NBbmdlbGVzMSAwHgYDVQQKExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4G
A1UECxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAMTF1ByaXZhdGUg
SW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQpExdQcml2YXRlIEludGVybmV0IEFjY2Vz
czEvMC0GCSqGSIb3DQEJARYgc2VjdXJlQHByaXZhdGVpbnRlcm5ldGFjY2Vzcy5j
b22CCQCmew+WL/O6gzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBDQUAA4IBAQAn
a5PgrtxfwTumD4+3/SYvwoD66cB8IcK//h1mCzAduU8KgUXocLx7QgJWo9lnZ8xU
ryXvWab2usg4fqk7FPi00bED4f4qVQFVfGfPZIH9QQ7/48bPM9RyfzImZWUCenK3
7pdw4Bvgoys2rHLHbGen7f28knT2j/cbMxd78tQc20TIObGjo8+ISTRclSTRBtyC
GohseKYpTS9himFERpUgNtefvYHbn70mIOzfOJFTVqfrptf9jXa9N8Mpy3ayfodz
1wiqdteqFXkTYoSDctgKMiZ6GdocK9nMroQipIQtpnwd4yBDWIyC6Bvlkrq5TQUt
YDQ8z9v+DMO6iwyIDRiU
-----END CERTIFICATE-----
</ca>

disable-occ

Compare that to this:

https://github.com/haugene/docker-transmission-openvpn/blob/master/openvpn/pia/CA%20Vancouver.ovpn

Should I open a new issue?

Functionally there should be no difference from what I can tell on first glance.
But since comp-lzo is deprecated and should be replaced with compress, we could do a repo wide mass replace some time in the future. Would need to make sure the OpenVPN version on all bases already supports it, though.
Or were you hinting at something else and I missed it?

In my opinion the best approach - in the long run - would be to get away from curating config files in the repo (they will always be outdated), to automatically building our own on container creation.
E.g. by patching user-provided or auto-downloaded files.

@haugene
Should we open a dedicated issue to identify possible problems and brainstorm ideas regarding this?

Agree on the PIA configs. They are the same, just that the keys are inlined instead of referenced. And then the comp-lzo you mention. Let's leave it for now @jmcclellan

And yes, @h45rd, let's go forward with a discussion/issue on how to effectively maintain the configs in the future. It's been a long time coming :)

I just mention it (and I'm following this thread so closely) because I have the issue originally mentioned in the thread when I try to connect where I keep getting inactivity timeouts, and would love to get it resolved. Not sure where else to go here. Sorry to hijack this thread.

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Note: The stale bot was recently added to this project to help weed out outdated issues. This will help us to focus time and energy on issues that are important and move the others out of the way. There could however be many issues that are still relevant but have gotten old without ever being fixed. As this is the first round of cleaning it might have been too eager. Feel free to re-open this issue if you think it deserves another look.