Maintenance: OpenVPN BuildConf arity reduced

2021-01-19 02:42:16 +00:00
parent 072528af83
commit 4530dd4fea
12 changed files with 105 additions and 112 deletions
--- a/internal/cli/openvpnconfig.go
+++ b/internal/cli/openvpnconfig.go
@@ -34,15 +34,7 @@ func (c *cli) OpenvpnConfig(os os.OS) error {
 	if err != nil {
 		return err
 	}
-	lines := providerConf.BuildConf(
-		connection,
-		allSettings.OpenVPN.Verbosity,
-		"nonroortuser",
-		allSettings.OpenVPN.Root,
-		allSettings.OpenVPN.Cipher,
-		allSettings.OpenVPN.Auth,
-		allSettings.OpenVPN.Provider.ExtraConfigOptions,
-	)
+	lines := providerConf.BuildConf(connection, "nonroortuser", allSettings.OpenVPN)
 	fmt.Println(strings.Join(lines, "\n"))
 	return nil
 }
--- a/internal/openvpn/loop.go
+++ b/internal/openvpn/loop.go
@@ -119,15 +119,7 @@ func (l *looper) Run(ctx context.Context, wg *sync.WaitGroup) {
 			l.cancel()
 			return
 		}
-		lines := providerConf.BuildConf(
-			connection,
-			settings.Verbosity,
-			l.username,
-			settings.Root,
-			settings.Cipher,
-			settings.Auth,
-			settings.Provider.ExtraConfigOptions,
-		)
+		lines := providerConf.BuildConf(connection, l.username, settings)

 		if err := writeOpenvpnConf(lines, l.openFile); err != nil {
 			l.logger.Error(err)
--- a/internal/provider/cyberghost.go
+++ b/internal/provider/cyberghost.go
@@ -11,6 +11,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -62,13 +63,13 @@ func (c *cyberghost) GetOpenVPNConnection(selection models.ServerSelection) (
 	return pickRandomConnection(connections, c.randSource), nil
 }

-func (c *cyberghost) BuildConf(connection models.OpenVPNConnection, verbosity int,
-	username string, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+func (c *cyberghost) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
-	if len(auth) == 0 {
-		auth = sha256
+	if len(settings.Auth) == 0 {
+		settings.Auth = sha256
 	}
 	lines = []string{
 		"client",
@@ -94,17 +95,17 @@ func (c *cyberghost) BuildConf(connection models.OpenVPNConnection, verbosity in
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
-		fmt.Sprintf("auth %s", auth),
+		fmt.Sprintf("cipher %s", settings.Cipher),
+		fmt.Sprintf("auth %s", settings.Auth),
 	}
-	if strings.HasSuffix(cipher, "-gcm") {
+	if strings.HasSuffix(settings.Cipher, "-gcm") {
 		lines = append(lines, "ncp-ciphers AES-256-GCM:AES-256-CBC:AES-128-GCM")
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
@@ -117,14 +118,14 @@ func (c *cyberghost) BuildConf(connection models.OpenVPNConnection, verbosity in
 	lines = append(lines, []string{
 		"<cert>",
 		"-----BEGIN CERTIFICATE-----",
-		extras.ClientCertificate,
+		settings.Provider.ExtraConfigOptions.ClientCertificate,
 		"-----END CERTIFICATE-----",
 		"</cert>",
 	}...)
 	lines = append(lines, []string{
 		"<key>",
 		"-----BEGIN PRIVATE KEY-----",
-		extras.ClientKey,
+		settings.Provider.ExtraConfigOptions.ClientKey,
 		"-----END PRIVATE KEY-----",
 		"</key>",
 		"",
--- a/internal/provider/mullvad.go
+++ b/internal/provider/mullvad.go
@@ -10,6 +10,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -73,9 +74,9 @@ func (m *mullvad) GetOpenVPNConnection(selection models.ServerSelection) (
 }

 func (m *mullvad) BuildConf(connection models.OpenVPNConnection,
-	verbosity int, username string, root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
 	lines = []string{
 		"client",
@@ -101,19 +102,19 @@ func (m *mullvad) BuildConf(connection models.OpenVPNConnection,
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
+		fmt.Sprintf("cipher %s", settings.Cipher),
 	}
-	if extras.OpenVPNIPv6 {
+	if settings.Provider.ExtraConfigOptions.OpenVPNIPv6 {
 		lines = append(lines, "tun-ipv6")
 	} else {
 		lines = append(lines, `pull-filter ignore "route-ipv6"`)
 		lines = append(lines, `pull-filter ignore "ifconfig-ipv6"`)
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
--- a/internal/provider/nordvpn.go
+++ b/internal/provider/nordvpn.go
@@ -10,6 +10,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -78,13 +79,13 @@ func (n *nordvpn) GetOpenVPNConnection(selection models.ServerSelection) (
 	return pickRandomConnection(connections, n.randSource), nil
 }

-func (n *nordvpn) BuildConf(connection models.OpenVPNConnection, verbosity int, username string, root bool,
-	cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+func (n *nordvpn) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
-	if len(auth) == 0 {
-		auth = "sha512"
+	if len(settings.Auth) == 0 {
+		settings.Auth = "sha512"
 	}
 	lines = []string{
 		"client",
@@ -113,14 +114,14 @@ func (n *nordvpn) BuildConf(connection models.OpenVPNConnection, verbosity int,
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP.String(), connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
-		fmt.Sprintf("auth %s", auth),
+		fmt.Sprintf("cipher %s", settings.Cipher),
+		fmt.Sprintf("auth %s", settings.Auth),
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
--- a/internal/provider/piav4.go
+++ b/internal/provider/piav4.go
@@ -19,6 +19,7 @@ import (
 	"github.com/qdm12/gluetun/internal/firewall"
 	gluetunLog "github.com/qdm12/gluetun/internal/logging"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -109,11 +110,11 @@ func (p *pia) GetOpenVPNConnection(selection models.ServerSelection) (
 	return connection, nil
 }

-func (p *pia) BuildConf(connection models.OpenVPNConnection, verbosity int, username string, root bool,
-	cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
+func (p *pia) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
 	var X509CRL, certificate string
 	var defaultCipher, defaultAuth string
-	if extras.EncryptionPreset == constants.PIAEncryptionPresetNormal {
+	if settings.Provider.ExtraConfigOptions.EncryptionPreset == constants.PIAEncryptionPresetNormal {
 		defaultCipher = "aes-128-cbc"
 		defaultAuth = "sha1"
 		X509CRL = constants.PiaX509CRLNormal
@@ -124,11 +125,11 @@ func (p *pia) BuildConf(connection models.OpenVPNConnection, verbosity int, user
 		X509CRL = constants.PiaX509CRLStrong
 		certificate = constants.PIACertificateStrong
 	}
-	if len(cipher) == 0 {
-		cipher = defaultCipher
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = defaultCipher
 	}
-	if len(auth) == 0 {
-		auth = defaultAuth
+	if len(settings.Auth) == 0 {
+		settings.Auth = defaultAuth
 	}
 	lines = []string{
 		"client",
@@ -150,17 +151,17 @@ func (p *pia) BuildConf(connection models.OpenVPNConnection, verbosity int, user
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
-		fmt.Sprintf("auth %s", auth),
+		fmt.Sprintf("cipher %s", settings.Cipher),
+		fmt.Sprintf("auth %s", settings.Auth),
 	}
-	if strings.HasSuffix(cipher, "-gcm") {
+	if strings.HasSuffix(settings.Cipher, "-gcm") {
 		lines = append(lines, "ncp-disable")
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
--- a/internal/provider/privado.go
+++ b/internal/provider/privado.go
@@ -10,6 +10,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -70,13 +71,13 @@ func (s *privado) GetOpenVPNConnection(selection models.ServerSelection) (
 	return pickRandomConnection(connections, s.randSource), nil
 }

-func (s *privado) BuildConf(connection models.OpenVPNConnection, verbosity int, username string, root bool,
-	cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+func (s *privado) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
-	if len(auth) == 0 {
-		auth = sha256
+	if len(settings.Auth) == 0 {
+		settings.Auth = sha256
 	}
 	lines = []string{
 		"client",
@@ -96,14 +97,14 @@ func (s *privado) BuildConf(connection models.OpenVPNConnection, verbosity int,
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
-		fmt.Sprintf("auth %s", auth),
+		fmt.Sprintf("cipher %s", settings.Cipher),
+		fmt.Sprintf("auth %s", settings.Auth),
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
--- a/internal/provider/provider.go
+++ b/internal/provider/provider.go
@@ -8,6 +8,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -15,8 +16,7 @@ import (
 // Provider contains methods to read and modify the openvpn configuration to connect as a client.
 type Provider interface {
 	GetOpenVPNConnection(selection models.ServerSelection) (connection models.OpenVPNConnection, err error)
-	BuildConf(connection models.OpenVPNConnection, verbosity int, username string,
-		root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string)
+	BuildConf(connection models.OpenVPNConnection, username string, settings settings.OpenVPN) (lines []string)
 	PortForward(ctx context.Context, client *http.Client,
 		openFile os.OpenFileFunc, pfLogger logging.Logger, gateway net.IP, fw firewall.Configurator,
 		syncState func(port uint16) (pfFilepath models.Filepath))
--- a/internal/provider/purevpn.go
+++ b/internal/provider/purevpn.go
@@ -10,6 +10,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -72,10 +73,10 @@ func (p *purevpn) GetOpenVPNConnection(selection models.ServerSelection) (
 	return pickRandomConnection(connections, p.randSource), nil
 }

-func (p *purevpn) BuildConf(connection models.OpenVPNConnection, verbosity int, username string, root bool,
-	cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+func (p *purevpn) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
 	lines = []string{
 		"client",
@@ -101,13 +102,13 @@ func (p *purevpn) BuildConf(connection models.OpenVPNConnection, verbosity int,
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP.String(), connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
+		fmt.Sprintf("cipher %s", settings.Cipher),
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
@@ -140,8 +141,8 @@ func (p *purevpn) BuildConf(connection models.OpenVPNConnection, verbosity int,
 		"</tls-auth>",
 		"",
 	}...)
-	if len(auth) > 0 {
-		lines = append(lines, "auth "+auth)
+	if len(settings.Auth) > 0 {
+		lines = append(lines, "auth "+settings.Auth)
 	}
 	if connection.Protocol == constants.UDP {
 		lines = append(lines, "explicit-exit-notify")
--- a/internal/provider/surfshark.go
+++ b/internal/provider/surfshark.go
@@ -10,6 +10,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -73,13 +74,13 @@ func (s *surfshark) GetOpenVPNConnection(selection models.ServerSelection) (
 	return pickRandomConnection(connections, s.randSource), nil
 }

-func (s *surfshark) BuildConf(connection models.OpenVPNConnection, verbosity int, username string, root bool,
-	cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+func (s *surfshark) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
-	if len(auth) == 0 {
-		auth = "SHA512"
+	if len(settings.Auth) == 0 {
+		settings.Auth = "SHA512"
 	}
 	lines = []string{
 		"client",
@@ -109,14 +110,14 @@ func (s *surfshark) BuildConf(connection models.OpenVPNConnection, verbosity int
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
-		fmt.Sprintf("auth %s", auth),
+		fmt.Sprintf("cipher %s", settings.Cipher),
+		fmt.Sprintf("auth %s", settings.Auth),
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
--- a/internal/provider/vyprvpn.go
+++ b/internal/provider/vyprvpn.go
@@ -10,6 +10,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -69,13 +70,13 @@ func (v *vyprvpn) GetOpenVPNConnection(selection models.ServerSelection) (
 	return pickRandomConnection(connections, v.randSource), nil
 }

-func (v *vyprvpn) BuildConf(connection models.OpenVPNConnection, verbosity int, username string,
-	root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+func (v *vyprvpn) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
-	if len(auth) == 0 {
-		auth = "SHA256"
+	if len(settings.Auth) == 0 {
+		settings.Auth = "SHA256"
 	}
 	lines = []string{
 		"client",
@@ -98,14 +99,14 @@ func (v *vyprvpn) BuildConf(connection models.OpenVPNConnection, verbosity int,
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
-		fmt.Sprintf("auth %s", auth),
+		fmt.Sprintf("cipher %s", settings.Cipher),
+		fmt.Sprintf("auth %s", settings.Auth),
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{
--- a/internal/provider/windscribe.go
+++ b/internal/provider/windscribe.go
@@ -11,6 +11,7 @@ import (
 	"github.com/qdm12/gluetun/internal/constants"
 	"github.com/qdm12/gluetun/internal/firewall"
 	"github.com/qdm12/gluetun/internal/models"
+	"github.com/qdm12/gluetun/internal/settings"
 	"github.com/qdm12/golibs/logging"
 	"github.com/qdm12/golibs/os"
 )
@@ -72,13 +73,13 @@ func (w *windscribe) GetOpenVPNConnection(selection models.ServerSelection) (con
 	return pickRandomConnection(connections, w.randSource), nil
 }

-func (w *windscribe) BuildConf(connection models.OpenVPNConnection, verbosity int, username string,
-	root bool, cipher, auth string, extras models.ExtraConfigOptions) (lines []string) {
-	if len(cipher) == 0 {
-		cipher = aes256cbc
+func (w *windscribe) BuildConf(connection models.OpenVPNConnection,
+	username string, settings settings.OpenVPN) (lines []string) {
+	if len(settings.Cipher) == 0 {
+		settings.Cipher = aes256cbc
 	}
-	if len(auth) == 0 {
-		auth = "sha512"
+	if len(settings.Auth) == 0 {
+		settings.Auth = "sha512"
 	}
 	lines = []string{
 		"client",
@@ -100,17 +101,17 @@ func (w *windscribe) BuildConf(connection models.OpenVPNConnection, verbosity in
 		"suppress-timestamps",

 		// Modified variables
-		fmt.Sprintf("verb %d", verbosity),
+		fmt.Sprintf("verb %d", settings.Verbosity),
 		fmt.Sprintf("auth-user-pass %s", constants.OpenVPNAuthConf),
 		fmt.Sprintf("proto %s", connection.Protocol),
 		fmt.Sprintf("remote %s %d", connection.IP, connection.Port),
-		fmt.Sprintf("cipher %s", cipher),
-		fmt.Sprintf("auth %s", auth),
+		fmt.Sprintf("cipher %s", settings.Cipher),
+		fmt.Sprintf("auth %s", settings.Auth),
 	}
-	if strings.HasSuffix(cipher, "-gcm") {
+	if strings.HasSuffix(settings.Cipher, "-gcm") {
 		lines = append(lines, "ncp-ciphers AES-256-GCM:AES-256-CBC:AES-128-GCM")
 	}
-	if !root {
+	if !settings.Root {
 		lines = append(lines, "user "+username)
 	}
 	lines = append(lines, []string{