Posts by Rothchild

Thanks for the help chewitt.

I've been banging around it a bit further and have (eventually) realised that it's actually a permissions issue.

I reinstalled Dietpi (as that was the last place I had it working) but then ran in to the same problem. After going around it a few more times I got the hint that there were issues around permissions in the messages I was getting (and I'd set up as root) when I switched to loading Kodi as the user account the VPN addon works again.

I'd like to go back to using libreelec - is there a way to make sure I'm running with user rather than root privileges?

EDIT: Sorry I should have done more reading: https://wiki.libreelec.tv/installation/security 'Single Root User'

so, instead, I need to work out what permissions to set which folders to in order to make OpenVPN happy.

I started out thinking that NordVPN are misrepresenting themselves in their marketing bumph

"To guarantee the protection of your sensitive data, NordVPN uses AES-256-GCM encryption algorithm with a 4096-bit DH key."

I've just randomly selected a range of UDP .ovpn config files from the 'set up your own' area of my account and they all feature

auth-user-pass
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512

But then I found this page: https://community.openvpn.net/openvpn/wiki/DeprecatedOptions which seems to suggest that the --data-ciphers tag is part of the server deployment (which seems to fit my notion that it's not just a config file issue) the section called 'Policy: Migrate away from deprecated ciphers. Status: In progress' it says:

If both client and server runs OpenVPN v2.4, the tunnel will automatically be upgraded to AES-256-GCM. If the environment also uses clients older than OpenVPN v2.4, the server can deploy:

--data-ciphers AES-256-GCM:AES-256-CBC:BF-CBC

Which seems to suggest that if --data-ciphers is set to include 'CBC' at deployment then it'll accept a CBC definition and switch ('upgrade') it to GCM? (maybe NordVPN are telling the truth?)

It's the Zomboided add on, I had the impression he used to be of this parish? (I also understand he has subsequently abandoned the add on (https://github.com/Zomboided/service.vpn.manager))

It works in Kodi running on Debian (well DietPi), fwiw

It seems odd that NordVPN would be using config files that use depreciated security cipher settings, rather than up-to-date ones.

Is there a correct/better way to handle switching between multiple country confs, without using the add on?

Thanks,

The bit I'm missing is where to add this line?

I edited the ovpn that had pulled in to /.kodi/addons/service.vpn.manager/NordVPN and replaced the line you've mentioned, but when I went back through VPN manager it re-pulled the ovpn and wrote over my edit.

The error seems to suggest that it's a parameter/switch that can be set when openvpn gets run (hence me thinking it was a 'boot' switch).

Or, is it that I can't use VPNManager as designed and I need to get all the various ovpns I need, edit them, and then do some sort of manual setup (so it doesn't re-download them from Nord?

I'm trying to get VPN Manager working (with NordVPN) and I'm getting the following error after it fails to connect (it's drawing down the OVPN file from Nord ok):

DEPRECIATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers

How do I add that switch/setting to OpenVPN?

I've tried making /storage/.config/openvpn.config and adding a line to it: --data-ciphers 'AES-256-CBC'

But no dice.

If I run: openvpn --data-ciphers AES-256-CBC

I get a message about needing to define TUN/TAP and with that I'm rapidly moving out of my depth.

Any and all help gratefully received.

Quote from balbes150

Ver 20200826 kernel 5.8.4

Pay attention. Starting from version (20200826), the configuration order for the used DTB changes.

Please note that the algorithm for initial configuration of the system for startup has changed. Instead of a file "uEnv.txt", the file "/extlinux/extlinux.conf " is now used. The rules for editing a file remain the same.

I will try this as the last few builds haven't worked for me (blank screen no ssh)

I wonder if I'm doing something wrong though, do I still have to replace the U-boot (as per the instructions in the first post of this thread)?

EDIT: Answering my own question. DL'd the latest version (for M4) flashed it and nothing happened. Went through the Uboot routine and it's now working (albeit no sound and lots of add ons from the kodi repository report dependency failures, I managed to install 'films for action from the kodi repo, but all the videos stop a few seconds in).

Quote from balbes150

I added images for NanoPI M4 and ROC-PC (Renegade Elite) to the 20200815-aarch64 on my site. Can you check the overall image launch for M4 ? I am interested in the work of u-boot (so that the system would start) and the General work of DTB from the image.

I've downloaded this version, do I still need to do the uboot replacement thing or is this supposed to be a standalone version? (If it's meant to be standalone it doesn't boot, it worked similarly to the previous version when I did the u-boot replacement with the armbian bullseye u-boot (as in it works but there are issues with the sound).

Also, just to note, I have the M4v2 not just the M4 (not sure if this makes much difference?)

Quote from balbes150

I don't know which videos you run, but on all the rk3399 I have, almost all the videos work. You should only use DTB from the LE image. Only u-boot is used from Armbian.

Thanks Balbes150 I hadn't realised this, I was using the Armbian .DTB will have a play with the other ones (I didn't see a specific M4V2 version?)

EDIT: Confirmed video now working, just now trying to address no sound (well high level white noise).

I followed the instructions in the first post here. Flashed armbian to sd and got it up and running (did upgrade / dist upgrade) then extracted the u-boot and took the .dtb from it. Flashed the LE version on to the card and dd'd the u-boot back to it, put the .dtb in the folder and edited the txt file to point at it.

Kodi runs ok (although the machine gets ferociously hot) but it won't play video from files or add ons, so I've got a decent interface but no content.

I went on and added a bunch of video add ons from the included repositories and none of them work (crackle, cooking network, a range of the other various channels) some give an error saying I should check the log (but when I go to settings/log in the control panel there doesn't seem to be anything relevant) some just fail quietly. The only one I've tried so far that does work is the radio one.

Sorry to be a dumb newb but am I missing something really obvious about this install, are the add-ons meant to work? I was delighted that the image worked with the right dtb etc but a media player that doesn't play media ain't a lot of cop!

Any assistance gratefully received.

Hi, thanks for these images and setup guide.

I've managed to get things sort of working on NanoPi M4v2 using Armbian Bullseye as the base and the LibreELEC-ARMv8.arm-9.80-devel-20200810142955-569f834-rk3399.img (interface is up, CEC working)

However, I can't find the BBC IplayerWWW plugin (the main thing I want to use) and also the small selection of video files I have (some OGV and AVIs) only play sound (no image).

I think the BBC thing is something to do with Python (I grabbed the zip from git and it gave an error about python version)?

Not sure where to start troubleshooting from here, any further pointers gratefully received