Maint: openvpn process user in Openvpn settings

2021-08-18 16:16:47 +00:00
parent bd110b960b
commit 14c3b6429b
24 changed files with 47 additions and 47 deletions
--- a/cmd/gluetun/main.go
+++ b/cmd/gluetun/main.go
@@ -213,6 +213,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 	// set it for Unbound
 	// TODO remove this when migrating to qdm12/dns v2
 	allSettings.DNS.Unbound.Username = nonRootUsername
+	allSettings.VPN.OpenVPN.ProcUser = nonRootUsername

 	if err := os.Chown("/etc/unbound", puid, pgid); err != nil {
 		return err
@@ -352,10 +353,10 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 	tickersGroupHandler.Add(pubIPTickerHandler)

 	openvpnLogger := logger.NewChild(logging.Settings{Prefix: "openvpn: "})
-	openvpnLooper := openvpn.NewLoop(allSettings.VPN.OpenVPN,
-		allSettings.VPN.Provider, nonRootUsername, allServers,
-		ovpnConf, firewallConf, routingConf, portForwardLooper, publicIPLooper, unboundLooper,
-		openvpnLogger, httpClient, buildInfo, allSettings.VersionInformation)
+	openvpnLooper := openvpn.NewLoop(allSettings.VPN.OpenVPN, allSettings.VPN.Provider,
+		allServers, ovpnConf, firewallConf, routingConf, portForwardLooper,
+		publicIPLooper, unboundLooper, openvpnLogger, httpClient,
+		buildInfo, allSettings.VersionInformation)
 	openvpnHandler, openvpnCtx, openvpnDone := goshutdown.NewGoRoutineHandler(
 		"openvpn", goshutdown.GoRoutineSettings{Timeout: time.Second})
 	// wait for restartOpenvpn
--- a/internal/cli/openvpnconfig.go
+++ b/internal/cli/openvpnconfig.go
@@ -33,7 +33,7 @@ func (c *CLI) OpenvpnConfig(logger logging.Logger) error {
 	if err != nil {
 		return err
 	}
-	lines := providerConf.BuildConf(connection, "nonrootuser", allSettings.VPN.OpenVPN)
+	lines := providerConf.BuildConf(connection, allSettings.VPN.OpenVPN)
 	fmt.Println(strings.Join(lines, "\n"))
 	return nil
 }
--- a/internal/configuration/openvpn.go
+++ b/internal/configuration/openvpn.go
@@ -25,6 +25,7 @@ type OpenVPN struct {
 	ClientKey string   `json:"-"`                 // Cyberghost, VPNUnlimited
 	EncPreset string   `json:"encryption_preset"` // PIA
 	IPv6      bool     `json:"ipv6"`              // Mullvad
+	ProcUser  string   `json:"procuser"`          // Process username
 }

 func (settings *OpenVPN) String() string {
--- a/internal/openvpn/custom.go
+++ b/internal/openvpn/custom.go
@@ -24,7 +24,7 @@ func (l *Loop) processCustomConfig(settings configuration.OpenVPN) (
 		return nil, connection, fmt.Errorf("%w: %s", errProcessCustomConfig, err)
 	}

-	lines = modifyCustomConfig(lines, l.username, settings)
+	lines = modifyCustomConfig(lines, settings)

 	connection, err = extractConnectionFromLines(lines)
 	if err != nil {
@@ -55,7 +55,7 @@ func readCustomConfigLines(filepath string) (
 	return strings.Split(string(b), "\n"), nil
 }

-func modifyCustomConfig(lines []string, username string,
+func modifyCustomConfig(lines []string,
 	settings configuration.OpenVPN) (modified []string) {
 	// Remove some lines
 	for _, line := range lines {
@@ -98,7 +98,7 @@ func modifyCustomConfig(lines []string, username string,
 		modified = append(modified, `pull-filter ignore "ifconfig-ipv6"`)
 	}
 	if !settings.Root {
-		modified = append(modified, "user "+username)
+		modified = append(modified, "user "+settings.ProcUser)
 	}

 	return modified
--- a/internal/openvpn/loop.go
+++ b/internal/openvpn/loop.go
@@ -31,7 +31,6 @@ type Loop struct {
 	statusManager loopstate.Manager
 	state         state.Manager
 	// Fixed parameters
-	username    string
 	buildInfo   models.BuildInformation
 	versionInfo bool
 	// Configurators
@@ -64,7 +63,7 @@ const (
 )

 func NewLoop(openVPNSettings configuration.OpenVPN,
-	providerSettings configuration.Provider, username string,
+	providerSettings configuration.Provider,
 	allServers models.AllServers, conf Configurator,
 	fw firewallConfigurer, routing routing.VPNGetter,
 	portForward portforward.StartStopper,
@@ -82,7 +81,6 @@ func NewLoop(openVPNSettings configuration.OpenVPN,
 	return &Loop{
 		statusManager: statusManager,
 		state:         state,
-		username:      username,
 		buildInfo:     buildInfo,
 		versionInfo:   versionInfo,
 		conf:          conf,
--- a/internal/openvpn/run.go
+++ b/internal/openvpn/run.go
@@ -33,7 +33,7 @@ func (l *Loop) Run(ctx context.Context, done chan<- struct{}) {
 		if openVPNSettings.Config == "" {
 			connection, err = providerConf.GetOpenVPNConnection(providerSettings.ServerSelection)
 			if err == nil {
-				lines = providerConf.BuildConf(connection, l.username, openVPNSettings)
+				lines = providerConf.BuildConf(connection, openVPNSettings)
 			}
 		} else {
 			lines, connection, err = l.processCustomConfig(openVPNSettings)
--- a/internal/provider/cyberghost/openvpnconf.go
+++ b/internal/provider/cyberghost/openvpnconf.go
@@ -11,7 +11,7 @@ import (
 )

 func (c *Cyberghost) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -64,7 +64,7 @@ func (c *Cyberghost) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.MSSFix > 0 {
--- a/internal/provider/fastestvpn/openvpnconf.go
+++ b/internal/provider/fastestvpn/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (f *Fastestvpn) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -59,7 +59,7 @@ func (f *Fastestvpn) BuildConf(connection models.OpenVPNConnection,
 	lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...)

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/hidemyass/openvpnconf.go
+++ b/internal/provider/hidemyass/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (h *HideMyAss) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -56,7 +56,7 @@ func (h *HideMyAss) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/ipvanish/openvpnconf.go
+++ b/internal/provider/ipvanish/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (i *Ipvanish) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -54,7 +54,7 @@ func (i *Ipvanish) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/ivpn/openvpnconf.go
+++ b/internal/provider/ivpn/openvpnconf.go
@@ -11,7 +11,7 @@ import (
 )

 func (i *Ivpn) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -60,7 +60,7 @@ func (i *Ivpn) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/mullvad/openvpnconf.go
+++ b/internal/provider/mullvad/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (m *Mullvad) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -64,7 +64,7 @@ func (m *Mullvad) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.MSSFix > 0 {
--- a/internal/provider/nordvpn/openvpnconf.go
+++ b/internal/provider/nordvpn/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (n *Nordvpn) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -64,7 +64,7 @@ func (n *Nordvpn) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/privado/openvpnconf.go
+++ b/internal/provider/privado/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Privado) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -51,7 +51,7 @@ func (p *Privado) BuildConf(connection models.OpenVPNConnection,
 	lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...)

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.MSSFix > 0 {
--- a/internal/provider/privateinternetaccess/openvpnconf.go
+++ b/internal/provider/privateinternetaccess/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *PIA) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	var defaultCipher, defaultAuth, X509CRL, certificate string
 	switch settings.EncPreset {
 	case constants.PIAEncryptionPresetNormal:
@@ -74,7 +74,7 @@ func (p *PIA) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.MSSFix > 0 {
--- a/internal/provider/privatevpn/openvpnconf.go
+++ b/internal/provider/privatevpn/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Privatevpn) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES128gcm
 	}
@@ -52,7 +52,7 @@ func (p *Privatevpn) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.MSSFix > 0 {
--- a/internal/provider/protonvpn/openvpnconf.go
+++ b/internal/provider/protonvpn/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Protonvpn) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -63,7 +63,7 @@ func (p *Protonvpn) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -34,7 +34,7 @@ import (
 // Provider contains methods to read and modify the openvpn configuration to connect as a client.
 type Provider interface {
 	GetOpenVPNConnection(selection configuration.ServerSelection) (connection models.OpenVPNConnection, err error)
-	BuildConf(connection models.OpenVPNConnection, username string, settings configuration.OpenVPN) (lines []string)
+	BuildConf(connection models.OpenVPNConnection, settings configuration.OpenVPN) (lines []string)
 	PortForwarder
 }

--- a/internal/provider/purevpn/openvpnconf.go
+++ b/internal/provider/purevpn/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Purevpn) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256gcm
 	}
@@ -63,7 +63,7 @@ func (p *Purevpn) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/surfshark/openvpnconf.go
+++ b/internal/provider/surfshark/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (s *Surfshark) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256gcm
 	}
@@ -61,7 +61,7 @@ func (s *Surfshark) BuildConf(connection models.OpenVPNConnection,
 	lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...)

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/torguard/openvpnconf.go
+++ b/internal/provider/torguard/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (t *Torguard) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256gcm
 	}
@@ -63,7 +63,7 @@ func (t *Torguard) BuildConf(connection models.OpenVPNConnection,
 	lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...)

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if connection.Protocol == constants.UDP {
--- a/internal/provider/vpnunlimited/openvpnconf.go
+++ b/internal/provider/vpnunlimited/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (p *Provider) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	lines = []string{
 		"client",
 		"dev tun",
@@ -52,7 +52,7 @@ func (p *Provider) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.IPv6 {
--- a/internal/provider/vyprvpn/openvpnconf.go
+++ b/internal/provider/vyprvpn/openvpnconf.go
@@ -10,7 +10,7 @@ import (
 )

 func (v *Vyprvpn) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -53,7 +53,7 @@ func (v *Vyprvpn) BuildConf(connection models.OpenVPNConnection,
 	lines = append(lines, utils.CipherLines(settings.Cipher, settings.Version)...)

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.MSSFix > 0 {
--- a/internal/provider/windscribe/openvpnconf.go
+++ b/internal/provider/windscribe/openvpnconf.go
@@ -11,7 +11,7 @@ import (
 )

 func (w *Windscribe) BuildConf(connection models.OpenVPNConnection,
-	username string, settings configuration.OpenVPN) (lines []string) {
+	settings configuration.OpenVPN) (lines []string) {
 	if settings.Cipher == "" {
 		settings.Cipher = constants.AES256cbc
 	}
@@ -60,7 +60,7 @@ func (w *Windscribe) BuildConf(connection models.OpenVPNConnection,
 	}

 	if !settings.Root {
-		lines = append(lines, "user "+username)
+		lines = append(lines, "user "+settings.ProcUser)
 	}

 	if settings.MSSFix > 0 {