outline-server icon indicating copy to clipboard operation
outline-server copied to clipboard
verified publisher icon Jigsaw-Code

IPv6 toggle or specifying distinct listening address

Open noctuum opened this issue 1 year ago • 14 comments

Since today, Outline server docker image enforce using IPv6 for some reason. IPv6 is disabled in my kernel, so enforcing IPv6 does not let server to start with the following error:

ERR Server failed to start. Aborting. err="failed to configure server: unable to create stream listener for [::]:11111: listen tcp [::]:11111: socket: address family not supported by protocol"

Currently I have to downgrade to this image, which has no IPv6 enforcing: quay.io/outline/shadowbox:v1.9.0

It would be nice to have an ability to specify desired listening address which will determine protocol to use. This will allow to leave both protocols enabled by default. Or whatever else to toggle IPv6.

noctuum avatar Sep 26 '24 20:09 noctuum

How do you downgrade the server version?

FAR747 avatar Sep 26 '24 20:09 FAR747

Recreate server container with same properties, but edit the image tag. From quay.io/outline/shadowbox:stable to quay.io/outline/shadowbox:v1.9.0

noctuum avatar Sep 26 '24 20:09 noctuum

It's work for me too. I edited script /opt/outline/persisted-state/start_container.sh. Replaced quay.io/outline/shadowbox:stable to quay.io/outline/shadowbox:v1.9.0 how wrote @krangm It seems like the latest release broke

NosikovSergey avatar Sep 26 '24 20:09 NosikovSergey

I created a bash script

#!/bin/bash

export SB_IMAGE=quay.io/outline/shadowbox:v1.9.0 # version 
export WATCHTOWER_REFRESH_SECONDS=2592000 # Watchtower refresh 90 days

curl -sSL https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/server_manager/install_scripts/install_server.sh | bash

I didn't have a file /opt/outline/persisted-state/start_container.sh The downside is that you actually reinstall outline, but the old access keys are saved, except for the manager.

FAR747 avatar Sep 26 '24 20:09 FAR747

Same thing here. I have ipv6 completely disabled on my machine and found this issue only after rolling back to v1.9.0 manually.

koshelevdk avatar Sep 26 '24 21:09 koshelevdk

@NosikovSergey would you mind sharing /opt/outline/persisted-state/start_container.sh ? as @FAR747 mentioned, start_container.sh is not available in my installation, and I'm curious what options are specified there for running the container?

behrouzamiri avatar Sep 26 '24 23:09 behrouzamiri

@behrouzamiri here it is

https://github.com/Jigsaw-Code/outline-server/blob/master/src/server_manager/install_scripts/install_server.sh#L303

Image is controlled by watchtower, that's why it was updated without user interaction https://github.com/Jigsaw-Code/outline-server/blob/master/src/server_manager/install_scripts/install_server.sh#L367

koshelevdk avatar Sep 26 '24 23:09 koshelevdk

Thanks, @koshelevdk ! That did the trick!

I saw in the Watchtower logs that it updated the Shadowbox image 4 hours ago, which led me here. The part of the install_server.sh script (start_shadowbox() function) that you pointed me to shed light on the issue and helped me. It actually generates the start_container.sh script and runs it.

I was able to simply downgrade the image to 1.9.0 and run a Docker command with the required arguments. It’s all good now!

I also set Watchtower to update every month for safety, thanks to @FAR747 for pointing that out.

notice that for outline manager to work, SB_API_PREFIX parameter must be set from the access file.

export SB_API_PREFIX=$(grep 'apiUrl' /opt/outline/access.txt | cut -d'/' -f4)

behrouzamiri avatar Sep 26 '24 23:09 behrouzamiri

Thanks for the report, folks. We're investigating and in the meantime are rolling back to v.1.9.0.

sbruens avatar Sep 30 '24 16:09 sbruens

This is the culprit: https://github.com/Jigsaw-Code/outline-ss-server/blob/cb5965fd1a6982b641c640067b55bcdb1ccca8eb/cmd/outline-ss-server/main.go#L215

Probably solvable by using an empty host instead so the address reads as :$PORT.

fortuna avatar Sep 30 '24 17:09 fortuna

Just a quick update that we believe we have fixed the regression, but have been having trouble reliably reproducing the original problem.

If anyone that ran into this issue on the previous version (the image with the bug is quay.io/outline/shadowbox:v1.10.0) is able to do a test run with the new release candidate to see if they are still running into the issue on the machines that have IPv6 disabled, that would help give us more confidence before releasing to a wider audience.

New release candidate image:

quay.io/outline/shadowbox:v1.10.1-rc1

Thanks for your help!

sbruens avatar Oct 03 '24 15:10 sbruens 

quay.io/outline/shadowbox:v1.10.1-rc1

Works for me. Server starts fine. IPv6 was disabled by booting with kernel parameter ipv6.disable=1

Thank you!

noctuum avatar Oct 04 '24 01:10 noctuum 

quay.io/outline/shadowbox:v1.10.1-rc1

Works for me. Thank you!

est0n14n avatar Oct 04 '24 06:10 est0n14n

We have released v1.10.1 that has the fix. Please do let us know if you run into further issues with this.

I'll leave this issue open to reflect the feature request to be able toggle it or specify distinct addresses.

sbruens avatar Oct 09 '24 17:10 sbruens