diff --git a/cmd/gluetun/main.go b/cmd/gluetun/main.go index 42129cc6..77e7769d 100644 --- a/cmd/gluetun/main.go +++ b/cmd/gluetun/main.go @@ -213,6 +213,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation, // set it for Unbound // TODO remove this when migrating to qdm12/dns v2 allSettings.DNS.Unbound.Username = nonRootUsername + allSettings.VPN.OpenVPN.ProcUser = nonRootUsername if err := os.Chown("/etc/unbound", puid, pgid); err != nil { return err @@ -352,10 +353,10 @@ func _main(ctx context.Context, buildInfo models.BuildInformation, tickersGroupHandler.Add(pubIPTickerHandler) openvpnLogger := logger.NewChild(logging.Settings{Prefix: "openvpn: "}) - openvpnLooper := openvpn.NewLoop(allSettings.VPN.OpenVPN, - allSettings.VPN.Provider, nonRootUsername, allServers, - ovpnConf, firewallConf, routingConf, portForwardLooper, publicIPLooper, unboundLooper, - openvpnLogger, httpClient, buildInfo, allSettings.VersionInformation) + openvpnLooper := openvpn.NewLoop(allSettings.VPN.OpenVPN, allSettings.VPN.Provider, + allServers, ovpnConf, firewallConf, routingConf, portForwardLooper, + publicIPLooper, unboundLooper, openvpnLogger, httpClient, + buildInfo, allSettings.VersionInformation) openvpnHandler, openvpnCtx, openvpnDone := goshutdown.NewGoRoutineHandler( "openvpn", goshutdown.GoRoutineSettings{Timeout: time.Second}) // wait for restartOpenvpn diff --git a/internal/cli/openvpnconfig.go b/internal/cli/openvpnconfig.go index db173a3c..7d154698 100644 --- a/internal/cli/openvpnconfig.go +++ b/internal/cli/openvpnconfig.go @@ -33,7 +33,7 @@ func (c *CLI) OpenvpnConfig(logger logging.Logger) error { if err != nil { return err } - lines := providerConf.BuildConf(connection, "nonrootuser", allSettings.VPN.OpenVPN) + lines := providerConf.BuildConf(connection, allSettings.VPN.OpenVPN) fmt.Println(strings.Join(lines, "\n")) return nil } diff --git a/internal/configuration/openvpn.go b/internal/configuration/openvpn.go index a33b37d8..3554a059 100644 --- a/internal/configuration/openvpn.go +++ b/internal/configuration/openvpn.go @@ -25,6 +25,7 @@ type OpenVPN struct { ClientKey string `json:"-"` // Cyberghost, VPNUnlimited EncPreset string `json:"encryption_preset"` // PIA IPv6 bool `json:"ipv6"` // Mullvad + ProcUser string `json:"procuser"` // Process username } func (settings *OpenVPN) String() string { diff --git a/internal/openvpn/custom.go b/internal/openvpn/custom.go index c2396cd5..56d3d5ae 100644 --- a/internal/openvpn/custom.go +++ b/internal/openvpn/custom.go @@ -24,7 +24,7 @@ func (l *Loop) processCustomConfig(settings configuration.OpenVPN) ( return nil, connection, fmt.Errorf("%w: %s", errProcessCustomConfig, err) } - lines = modifyCustomConfig(lines, l.username, settings) + lines = modifyCustomConfig(lines, settings) connection, err = extractConnectionFromLines(lines) if err != nil { @@ -55,7 +55,7 @@ func readCustomConfigLines(filepath string) ( return strings.Split(string(b), "\n"), nil } -func modifyCustomConfig(lines []string, username string, +func modifyCustomConfig(lines []string, settings configuration.OpenVPN) (modified []string) { // Remove some lines for _, line := range lines { @@ -98,7 +98,7 @@ func modifyCustomConfig(lines []string, username string, modified = append(modified, `pull-filter ignore "ifconfig-ipv6"`) } if !settings.Root { - modified = append(modified, "user "+username) + modified = append(modified, "user "+settings.ProcUser) } return modified diff --git a/internal/openvpn/loop.go b/internal/openvpn/loop.go index 7cb00c53..c3155e6a 100644 --- a/internal/openvpn/loop.go +++ b/internal/openvpn/loop.go @@ -31,7 +31,6 @@ type Loop struct { statusManager loopstate.Manager state state.Manager // Fixed parameters - username string buildInfo models.BuildInformation versionInfo bool // Configurators @@ -64,7 +63,7 @@ const ( ) func NewLoop(openVPNSettings configuration.OpenVPN, - providerSettings configuration.Provider, username string, + providerSettings configuration.Provider, allServers models.AllServers, conf Configurator, fw firewallConfigurer, routing routing.VPNGetter, portForward portforward.StartStopper, @@ -82,7 +81,6 @@ func NewLoop(openVPNSettings configuration.OpenVPN, return &Loop{ statusManager: statusManager, state: state, - username: username, buildInfo: buildInfo, versionInfo: versionInfo, conf: conf, diff --git a/internal/openvpn/run.go b/internal/openvpn/run.go index 26e01a77..28d2d996 100644 --- a/internal/openvpn/run.go +++ b/internal/openvpn/run.go @@ -33,7 +33,7 @@ func (l *Loop) Run(ctx context.Context, done chan<- struct{}) { if openVPNSettings.Config == "" { connection, err = providerConf.GetOpenVPNConnection(providerSettings.ServerSelection) if err == nil { - lines = providerConf.BuildConf(connection, l.username, openVPNSettings) + lines = providerConf.BuildConf(connection, openVPNSettings) } } else { lines, connection, err = l.processCustomConfig(openVPNSettings) diff --git a/internal/provider/cyberghost/openvpnconf.go b/internal/provider/cyberghost/openvpnconf.go index 63ffc83e..41b99295 100644 --- a/internal/provider/cyberghost/openvpnconf.go +++ b/internal/provider/cyberghost/openvpnconf.go @@ -11,7 +11,7 @@ import ( ) func (c *Cyberghost) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -64,7 +64,7 @@ func (c *Cyberghost) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.MSSFix > 0 { diff --git a/internal/provider/fastestvpn/openvpnconf.go b/internal/provider/fastestvpn/openvpnconf.go index ab2fab4f..03a90c40 100644 --- a/internal/provider/fastestvpn/openvpnconf.go +++ b/internal/provider/fastestvpn/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (f *Fastestvpn) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -59,7 +59,7 @@ func (f *Fastestvpn) BuildConf(connection models.OpenVPNConnection, lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...) if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/hidemyass/openvpnconf.go b/internal/provider/hidemyass/openvpnconf.go index 7677b555..ae834efd 100644 --- a/internal/provider/hidemyass/openvpnconf.go +++ b/internal/provider/hidemyass/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (h *HideMyAss) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -56,7 +56,7 @@ func (h *HideMyAss) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/ipvanish/openvpnconf.go b/internal/provider/ipvanish/openvpnconf.go index 630c9805..b6db96f2 100644 --- a/internal/provider/ipvanish/openvpnconf.go +++ b/internal/provider/ipvanish/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (i *Ipvanish) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -54,7 +54,7 @@ func (i *Ipvanish) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/ivpn/openvpnconf.go b/internal/provider/ivpn/openvpnconf.go index bdde4f4e..afd28681 100644 --- a/internal/provider/ivpn/openvpnconf.go +++ b/internal/provider/ivpn/openvpnconf.go @@ -11,7 +11,7 @@ import ( ) func (i *Ivpn) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -60,7 +60,7 @@ func (i *Ivpn) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/mullvad/openvpnconf.go b/internal/provider/mullvad/openvpnconf.go index 211e4810..7bfb3aca 100644 --- a/internal/provider/mullvad/openvpnconf.go +++ b/internal/provider/mullvad/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (m *Mullvad) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -64,7 +64,7 @@ func (m *Mullvad) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.MSSFix > 0 { diff --git a/internal/provider/nordvpn/openvpnconf.go b/internal/provider/nordvpn/openvpnconf.go index c1a40fb6..af080303 100644 --- a/internal/provider/nordvpn/openvpnconf.go +++ b/internal/provider/nordvpn/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (n *Nordvpn) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -64,7 +64,7 @@ func (n *Nordvpn) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/privado/openvpnconf.go b/internal/provider/privado/openvpnconf.go index a8af52b5..78b89a44 100644 --- a/internal/provider/privado/openvpnconf.go +++ b/internal/provider/privado/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (p *Privado) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -51,7 +51,7 @@ func (p *Privado) BuildConf(connection models.OpenVPNConnection, lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...) if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.MSSFix > 0 { diff --git a/internal/provider/privateinternetaccess/openvpnconf.go b/internal/provider/privateinternetaccess/openvpnconf.go index 5afe02db..2f1b105a 100644 --- a/internal/provider/privateinternetaccess/openvpnconf.go +++ b/internal/provider/privateinternetaccess/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (p *PIA) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { var defaultCipher, defaultAuth, X509CRL, certificate string switch settings.EncPreset { case constants.PIAEncryptionPresetNormal: @@ -74,7 +74,7 @@ func (p *PIA) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.MSSFix > 0 { diff --git a/internal/provider/privatevpn/openvpnconf.go b/internal/provider/privatevpn/openvpnconf.go index f0157f14..4aac81a6 100644 --- a/internal/provider/privatevpn/openvpnconf.go +++ b/internal/provider/privatevpn/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (p *Privatevpn) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES128gcm } @@ -52,7 +52,7 @@ func (p *Privatevpn) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.MSSFix > 0 { diff --git a/internal/provider/protonvpn/openvpnconf.go b/internal/provider/protonvpn/openvpnconf.go index 0b13d6d3..54a0e0ee 100644 --- a/internal/provider/protonvpn/openvpnconf.go +++ b/internal/provider/protonvpn/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (p *Protonvpn) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -63,7 +63,7 @@ func (p *Protonvpn) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 1ff11ff2..96153983 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -34,7 +34,7 @@ import ( // Provider contains methods to read and modify the openvpn configuration to connect as a client. type Provider interface { GetOpenVPNConnection(selection configuration.ServerSelection) (connection models.OpenVPNConnection, err error) - BuildConf(connection models.OpenVPNConnection, username string, settings configuration.OpenVPN) (lines []string) + BuildConf(connection models.OpenVPNConnection, settings configuration.OpenVPN) (lines []string) PortForwarder } diff --git a/internal/provider/purevpn/openvpnconf.go b/internal/provider/purevpn/openvpnconf.go index 9134b803..25fb227c 100644 --- a/internal/provider/purevpn/openvpnconf.go +++ b/internal/provider/purevpn/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (p *Purevpn) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256gcm } @@ -63,7 +63,7 @@ func (p *Purevpn) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/surfshark/openvpnconf.go b/internal/provider/surfshark/openvpnconf.go index 1a2814f6..296c5b62 100644 --- a/internal/provider/surfshark/openvpnconf.go +++ b/internal/provider/surfshark/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (s *Surfshark) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256gcm } @@ -61,7 +61,7 @@ func (s *Surfshark) BuildConf(connection models.OpenVPNConnection, lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...) if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/torguard/openvpnconf.go b/internal/provider/torguard/openvpnconf.go index b771bc21..c7d39eac 100644 --- a/internal/provider/torguard/openvpnconf.go +++ b/internal/provider/torguard/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (t *Torguard) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256gcm } @@ -63,7 +63,7 @@ func (t *Torguard) BuildConf(connection models.OpenVPNConnection, lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...) if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if connection.Protocol == constants.UDP { diff --git a/internal/provider/vpnunlimited/openvpnconf.go b/internal/provider/vpnunlimited/openvpnconf.go index c17f6d1b..06e2bf7c 100644 --- a/internal/provider/vpnunlimited/openvpnconf.go +++ b/internal/provider/vpnunlimited/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (p *Provider) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { lines = []string{ "client", "dev tun", @@ -52,7 +52,7 @@ func (p *Provider) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.IPv6 { diff --git a/internal/provider/vyprvpn/openvpnconf.go b/internal/provider/vyprvpn/openvpnconf.go index 88cf1a24..5a298c32 100644 --- a/internal/provider/vyprvpn/openvpnconf.go +++ b/internal/provider/vyprvpn/openvpnconf.go @@ -10,7 +10,7 @@ import ( ) func (v *Vyprvpn) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -53,7 +53,7 @@ func (v *Vyprvpn) BuildConf(connection models.OpenVPNConnection, lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...) if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.MSSFix > 0 { diff --git a/internal/provider/windscribe/openvpnconf.go b/internal/provider/windscribe/openvpnconf.go index 5c867c2e..7aeca03f 100644 --- a/internal/provider/windscribe/openvpnconf.go +++ b/internal/provider/windscribe/openvpnconf.go @@ -11,7 +11,7 @@ import ( ) func (w *Windscribe) BuildConf(connection models.OpenVPNConnection, - username string, settings configuration.OpenVPN) (lines []string) { + settings configuration.OpenVPN) (lines []string) { if settings.Cipher == "" { settings.Cipher = constants.AES256cbc } @@ -60,7 +60,7 @@ func (w *Windscribe) BuildConf(connection models.OpenVPNConnection, } if !settings.Root { - lines = append(lines, "user "+username) + lines = append(lines, "user "+settings.ProcUser) } if settings.MSSFix > 0 {