ANSWERED How can I run Bluetit while still being able to access my services remotely via my regular public IP?

[Dunmer1E700 0]

Hi,

I have a home server running Ubuntu that runs a few services that I access remotely. The way I access my services is via some domains that resolve to my home IP address. My router then port-forwards 443 to my server, where I have a Caddy instance that reverse proxies to each service based on the exact domain used in the request. The problem is that when Bluetit is connected, it seems to block access to those services. I really only want a VPN connection for my torrent client (qBittorrent), so is there any way to have it so that only qBittorrent goes through the VPN, and everything else operates normally? I know I can select the `tun0` interface in qBittorrent so it only uses that interface, but that doesn't help me make it so that Caddy doesn't use the VPN.

Any advice would be appreciated
Thanks!

[Staff 10142]

@Dunmer1E700

Hello!
 

3 hours ago, Dunmer1E700 said:

that doesn't help me make it so that Caddy doesn't use the VPN.

You can consider AirVPN Suite 2.0.0 RC 1 and have Caddy traffic (and if necessary any other application you wish) flow outside the VPN tunnel, since Bluetit 2.0.0 supports per app reverse traffic splitting. In this way only Caddy traffic will flow outside the VPN tunnel. Please see here:
https://airvpn.org/forums/topic/66706-linux-airvpn-suite-200-preview-available

Inside the package you will find the updated README.md which is a thorough user's manual. Release Candidate 1 has reached a very remarkable stability and reliability according to long and thorough internal and public testing. Release Candidate 2 is due to be out during the next week and the stable release will follow shortly.

Please note that the namespace which Caddy (and any "outside the tunnel" process) lives in will have a different private IP address (consider this when you forward port 443 from the router).

Kind regards
 

[Dunmer1E700 0]

Thanks for the response, I will try upgrading to AirVPN suite 2.0.0 RC1

[Dunmer1E700 0]

Hi, I have tried using Cuckoo to run programs outside the VPN tunnel. I have had success when using the desktop terminal (e.g. `cuckoo --run "curl ifconfig.me"` prints my public IP address), but I get "ERROR: No display mode has been detected" when I try to run something with Cuckoo from an SSH session. I assume that once I solve this error, I can adjust my Caddy systemd file to launch with Cuckoo (and update my router's port forwarding to the new internal IP) and I should be ready to go.

Any advice is appreciated, thanks!

Edit: For fun I tried editing my `caddy.service` file to use Cuckoo anyways, and the service fails to start due to the same "No display mode has been detected" error.

Edited ... by Dunmer1E700

[Staff 10142]

10 hours ago, Dunmer1E700 said:

I get "ERROR: No display mode has been detected" when I try to run something with Cuckoo from an SSH session.

Hello!

It could be related to environment variables. Please run airsu first to prepare the environment and swich to airvpn user. airsu is a Suite tool that prepares the user environment for the X.Org or Wayland based ecosystem. Feel free to keep us posted.

Kind regards
 

[Dunmer1E700 0]

Hi, I get the following error when trying to run `airsu`:

ERROR: current user does not have a graphic desktop or environment defined. Use 'su' command. Graphic applications will not however run.

Edited ... by Dunmer1E700

[Staff 10142]

11 minutes ago, Dunmer1E700 said:

Hi, I get the following error when trying to run `airsu`:

ERROR: current user does not have a graphic desktop or environment defined. Use 'su' command. Graphic applications will not however run.

Hello!

We don't understand, if you don't have any graphic environment for the user connecting via SSH how can you manage to run an application that needs it, with or without Bluetit and Cuckoo? Can you clarify the system setup to let us focus on the issue? Thanks in advance!

Kind regards
 

[Dunmer1E700 0]

Hello,

My home server is running Ubuntu Desktop (as opposed to Ubuntu Server), so it is technically using Wayland. However, none of the apps I'm trying to run have a GUI, they should be 100% CLI-based. The programs I'm running are Caddy, qBittorent-nox (webui-only version of qBittorrent), Jellyfin server, and of course AirVPN Suite. With the exception of Jellyfin and qBittorrent (which both have Web UIs) I manage all of these via SSH from my personal computer.

Usually I don't have any issues, but for example, even curl was giving this display error when trying to use it through Cuckoo. If I run `cuckoo --run "curl ifconfig.me"` in my SSH session it would give the error, but if I run it from the desktop terminal application, then it outputs an IP address to stdout as expected.

I hope this is the info you were looking for, I'm not 100% familiar with all the terminology.

Thanks!

[Staff 10142]

@Dunmer1E700

Thank you! Understood.

This a conceptual error in cuckoo which exits if it does not find any graphic environment, for example when launched from a pure TTY. cuckoo will be modified accordingly to allow correct usage even in cases like yours. It's not a trivial matter but we should be able to deliver the patch already in RC 2.

About airsu, it can work only from a terminal emulator run by X or some Wayland compositor, and this is correct. You won't need airsu to run Caddy via cuckoo if Caddy does not need any graphic environment.

Thank you again, your report has been instrumental to make us realize of this conceptual error. Stay tuned for Release Candidate 2.

Kind regards
  Edited ... by Staff

[Dunmer1E700 0]

Thank you for looking into this! I will watch the News and Announcements sub-forum for the release of Release Candidate 2