chore(env): bump qdm12/gosettings to v0.3.0-rc11

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/golang/mock v1.6.0
 	github.com/qdm12/dns v1.11.0
 	github.com/qdm12/golibs v0.0.0-20210822203818-5c568b0777b6
-	github.com/qdm12/gosettings v0.3.0-rc9
+	github.com/qdm12/gosettings v0.3.0-rc11
 	github.com/qdm12/goshutdown v0.3.0
 	github.com/qdm12/gosplash v0.1.0
 	github.com/qdm12/gotree v0.2.0

go.sum

@@ -91,6 +91,8 @@ github.com/qdm12/golibs v0.0.0-20210603202746-e5494e9c2ebb/go.mod h1:15RBzkun0i8
 github.com/qdm12/golibs v0.0.0-20210723175634-a75ca7fd74c2/go.mod h1:6aRbg4Z/bTbm9JfxsGXfWKHi7zsOvPfUTK1S5HuAFKg=
 github.com/qdm12/golibs v0.0.0-20210822203818-5c568b0777b6 h1:bge5AL7cjHJMPz+5IOz5yF01q/l8No6+lIEBieA8gMg=
 github.com/qdm12/golibs v0.0.0-20210822203818-5c568b0777b6/go.mod h1:6aRbg4Z/bTbm9JfxsGXfWKHi7zsOvPfUTK1S5HuAFKg=
+github.com/qdm12/gosettings v0.3.0-rc11 h1:zbH+TiimUdZTzOTMuFqCCC0XFKr3KGC6sZDyuw6y65A=
+github.com/qdm12/gosettings v0.3.0-rc11/go.mod h1:+hHzN8lsE63T01t6SruGzc6xkpvfsZFod/ooDs8FWnQ=
 github.com/qdm12/gosettings v0.3.0-rc9 h1:/Hr+lXjAeZFQ5LiEX+sKgMyWSckmhvTSs9iGo/Ch+q0=
 github.com/qdm12/gosettings v0.3.0-rc9/go.mod h1:+hHzN8lsE63T01t6SruGzc6xkpvfsZFod/ooDs8FWnQ=
 github.com/qdm12/goshutdown v0.3.0 h1:pqBpJkdwlZlfTEx4QHtS8u8CXx6pG0fVo6S1N0MpSEM=

internal/configuration/sources/env/dns.go

@@ -5,7 +5,6 @@ import (
 	"net/netip"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) readDNS() (dns settings.DNS, err error) {
@@ -14,7 +13,7 @@ func (s *Source) readDNS() (dns settings.DNS, err error) {
 		return dns, err
 	}
 
-	dns.KeepNameserver, err = env.BoolPtr("DNS_KEEP_NAMESERVER")
+	dns.KeepNameserver, err = s.env.BoolPtr("DNS_KEEP_NAMESERVER")
 	if err != nil {
 		return dns, err
 	}

internal/configuration/sources/env/dnsblacklist.go

@@ -6,11 +6,10 @@ import (
 	"net/netip"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) readDNSBlacklist() (blacklist settings.DNSBlacklist, err error) {
-	blacklist.BlockMalicious, err = env.BoolPtr("BLOCK_MALICIOUS")
+	blacklist.BlockMalicious, err = s.env.BoolPtr("BLOCK_MALICIOUS")
 	if err != nil {
 		return blacklist, err
 	}
@@ -20,34 +19,34 @@ func (s *Source) readDNSBlacklist() (blacklist settings.DNSBlacklist, err error)
 		return blacklist, err
 	}
 
-	blacklist.BlockAds, err = env.BoolPtr("BLOCK_ADS")
+	blacklist.BlockAds, err = s.env.BoolPtr("BLOCK_ADS")
 	if err != nil {
 		return blacklist, err
 	}
 
 	blacklist.AddBlockedIPs, blacklist.AddBlockedIPPrefixes,
-		err = readDoTPrivateAddresses() // TODO v4 split in 2
+		err = s.readDoTPrivateAddresses() // TODO v4 split in 2
 	if err != nil {
 		return blacklist, err
 	}
 
-	blacklist.AllowedHosts = env.CSV("UNBLOCK") // TODO v4 change name
+	blacklist.AllowedHosts = s.env.CSV("UNBLOCK") // TODO v4 change name
 
 	return blacklist, nil
 }
 
 func (s *Source) readBlockSurveillance() (blocked *bool, err error) {
 	key, _ := s.getEnvWithRetro("BLOCK_SURVEILLANCE", []string{"BLOCK_NSA"})
-	return env.BoolPtr(key)
+	return s.env.BoolPtr(key)
 }
 
 var (
 	ErrPrivateAddressNotValid = errors.New("private address is not a valid IP or CIDR range")
 )
 
-func readDoTPrivateAddresses() (ips []netip.Addr,
+func (s *Source) readDoTPrivateAddresses() (ips []netip.Addr,
 	ipPrefixes []netip.Prefix, err error) {
-	privateAddresses := env.CSV("DOT_PRIVATE_ADDRESS")
+	privateAddresses := s.env.CSV("DOT_PRIVATE_ADDRESS")
 	if len(privateAddresses) == 0 {
 		return nil, nil, nil
 	}

internal/configuration/sources/env/dot.go

@@ -2,21 +2,20 @@ package env
 
 import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) readDoT() (dot settings.DoT, err error) {
-	dot.Enabled, err = env.BoolPtr("DOT")
+	dot.Enabled, err = s.env.BoolPtr("DOT")
 	if err != nil {
 		return dot, err
 	}
 
-	dot.UpdatePeriod, err = env.DurationPtr("DNS_UPDATE_PERIOD")
+	dot.UpdatePeriod, err = s.env.DurationPtr("DNS_UPDATE_PERIOD")
 	if err != nil {
 		return dot, err
 	}
 
-	dot.Unbound, err = readUnbound()
+	dot.Unbound, err = s.readUnbound()
 	if err != nil {
 		return dot, err
 	}

internal/configuration/sources/env/firewall.go

@@ -7,35 +7,34 @@ import (
 	"strconv"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) readFirewall() (firewall settings.Firewall, err error) {
-	vpnInputPortStrings := env.CSV("FIREWALL_VPN_INPUT_PORTS")
+	vpnInputPortStrings := s.env.CSV("FIREWALL_VPN_INPUT_PORTS")
 	firewall.VPNInputPorts, err = stringsToPorts(vpnInputPortStrings)
 	if err != nil {
 		return firewall, fmt.Errorf("environment variable FIREWALL_VPN_INPUT_PORTS: %w", err)
 	}
 
-	inputPortStrings := env.CSV("FIREWALL_INPUT_PORTS")
+	inputPortStrings := s.env.CSV("FIREWALL_INPUT_PORTS")
 	firewall.InputPorts, err = stringsToPorts(inputPortStrings)
 	if err != nil {
 		return firewall, fmt.Errorf("environment variable FIREWALL_INPUT_PORTS: %w", err)
 	}
 
 	outboundSubnetsKey, _ := s.getEnvWithRetro("FIREWALL_OUTBOUND_SUBNETS", []string{"EXTRA_SUBNETS"})
-	outboundSubnetStrings := env.CSV(outboundSubnetsKey)
+	outboundSubnetStrings := s.env.CSV(outboundSubnetsKey)
 	firewall.OutboundSubnets, err = stringsToNetipPrefixes(outboundSubnetStrings)
 	if err != nil {
 		return firewall, fmt.Errorf("environment variable %s: %w", outboundSubnetsKey, err)
 	}
 
-	firewall.Enabled, err = env.BoolPtr("FIREWALL")
+	firewall.Enabled, err = s.env.BoolPtr("FIREWALL")
 	if err != nil {
 		return firewall, err
 	}
 
-	firewall.Debug, err = env.BoolPtr("FIREWALL_DEBUG")
+	firewall.Debug, err = s.env.BoolPtr("FIREWALL_DEBUG")
 	if err != nil {
 		return firewall, err
 	}

internal/configuration/sources/env/health.go

@@ -4,15 +4,14 @@ import (
 	"time"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) ReadHealth() (health settings.Health, err error) {
-	health.ServerAddress = env.String("HEALTH_SERVER_ADDRESS")
+	health.ServerAddress = s.env.String("HEALTH_SERVER_ADDRESS")
 	targetAddressEnvKey, _ := s.getEnvWithRetro("HEALTH_TARGET_ADDRESS", []string{"HEALTH_ADDRESS_TO_PING"})
-	health.TargetAddress = env.String(targetAddressEnvKey)
+	health.TargetAddress = s.env.String(targetAddressEnvKey)
 
-	successWaitPtr, err := env.DurationPtr("HEALTH_SUCCESS_WAIT_DURATION")
+	successWaitPtr, err := s.env.DurationPtr("HEALTH_SUCCESS_WAIT_DURATION")
 	if err != nil {
 		return health, err
 	} else if successWaitPtr != nil {
@@ -38,5 +37,5 @@ func (s *Source) ReadHealth() (health settings.Health, err error) {
 
 func (s *Source) readDurationWithRetro(envKey, retroEnvKey string) (d *time.Duration, err error) {
 	envKey, _ = s.getEnvWithRetro(envKey, []string{retroEnvKey})
-	return env.DurationPtr(envKey)
+	return s.env.DurationPtr(envKey)
 }

internal/configuration/sources/env/helpers_test.go

@@ -1,22 +0,0 @@
-package env
-
-import (
-	"os"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-// setTestEnv is used to set environment variables in
-// parallel tests.
-func setTestEnv(t *testing.T, key, value string) {
-	t.Helper()
-	existing := os.Getenv(key)
-	err := os.Setenv(key, value) //nolint:tenv
-	t.Cleanup(func() {
-		err = os.Setenv(key, existing)
-		assert.NoError(t, err)
-	})
-	require.NoError(t, err)
-}

internal/configuration/sources/env/httproxy.go

@@ -22,7 +22,7 @@ func (s *Source) readHTTPProxy() (httpProxy settings.HTTPProxy, err error) {
 		return httpProxy, err
 	}
 
-	httpProxy.Stealth, err = env.BoolPtr("HTTPPROXY_STEALTH")
+	httpProxy.Stealth, err = s.env.BoolPtr("HTTPPROXY_STEALTH")
 	if err != nil {
 		return httpProxy, err
 	}
@@ -49,7 +49,7 @@ func (s *Source) readHTTProxyListeningAddress() (listeningAddress string) {
 func (s *Source) readHTTProxyEnabled() (enabled *bool, err error) {
 	key, _ := s.getEnvWithRetro("HTTPPROXY",
 		[]string{"PROXY", "TINYPROXY"})
-	return env.BoolPtr(key)
+	return s.env.BoolPtr(key)
 }
 
 func (s *Source) readHTTProxyLog() (enabled *bool, err error) {

internal/configuration/sources/env/log.go

@@ -6,12 +6,11 @@ import (
 	"strings"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 	"github.com/qdm12/log"
 )
 
-func readLog() (log settings.Log, err error) {
+func (s *Source) readLog() (log settings.Log, err error) {
-	log.Level, err = readLogLevel()
+	log.Level, err = s.readLogLevel()
 	if err != nil {
 		return log, err
 	}
@@ -19,14 +18,14 @@ func readLog() (log settings.Log, err error) {
 	return log, nil
 }
 
-func readLogLevel() (level *log.Level, err error) {
+func (s *Source) readLogLevel() (level *log.Level, err error) {
-	s := env.String("LOG_LEVEL")
+	value := s.env.String("LOG_LEVEL")
-	if s == "" {
+	if value == "" {
 		return nil, nil //nolint:nilnil
 	}
 
 	level = new(log.Level)
-	*level, err = parseLogLevel(s)
+	*level, err = parseLogLevel(value)
 	if err != nil {
 		return nil, fmt.Errorf("environment variable LOG_LEVEL: %w", err)
 	}

internal/configuration/sources/env/openvpn.go

@@ -16,25 +16,25 @@ func (s *Source) readOpenVPN() (
 			"OPENVPN_KEY_PASSPHRASE", "OPENVPN_ENCRYPTED_KEY"}, err)
 	}()
 
-	openVPN.Version = env.String("OPENVPN_VERSION")
+	openVPN.Version = s.env.String("OPENVPN_VERSION")
 	_, openVPN.User = s.getEnvWithRetro("OPENVPN_USER",
 		[]string{"USER"}, env.ForceLowercase(false))
 	_, openVPN.Password = s.getEnvWithRetro("OPENVPN_PASSWORD",
 		[]string{"PASSWORD"}, env.ForceLowercase(false))
-	openVPN.ConfFile = env.Get("OPENVPN_CUSTOM_CONFIG")
+	openVPN.ConfFile = s.env.Get("OPENVPN_CUSTOM_CONFIG")
 
 	ciphersKey, _ := s.getEnvWithRetro("OPENVPN_CIPHERS", []string{"OPENVPN_CIPHER"})
-	openVPN.Ciphers = env.CSV(ciphersKey)
+	openVPN.Ciphers = s.env.CSV(ciphersKey)
 
-	openVPN.Auth = env.Get("OPENVPN_AUTH")
+	openVPN.Auth = s.env.Get("OPENVPN_AUTH")
-	openVPN.Cert = env.Get("OPENVPN_CERT", env.ForceLowercase(false))
+	openVPN.Cert = s.env.Get("OPENVPN_CERT", env.ForceLowercase(false))
-	openVPN.Key = env.Get("OPENVPN_KEY", env.ForceLowercase(false))
+	openVPN.Key = s.env.Get("OPENVPN_KEY", env.ForceLowercase(false))
-	openVPN.EncryptedKey = env.Get("OPENVPN_ENCRYPTED_KEY", env.ForceLowercase(false))
+	openVPN.EncryptedKey = s.env.Get("OPENVPN_ENCRYPTED_KEY", env.ForceLowercase(false))
-	openVPN.KeyPassphrase = env.Get("OPENVPN_KEY_PASSPHRASE", env.ForceLowercase(false))
+	openVPN.KeyPassphrase = s.env.Get("OPENVPN_KEY_PASSPHRASE", env.ForceLowercase(false))
 
 	openVPN.PIAEncPreset = s.readPIAEncryptionPreset()
 
-	openVPN.MSSFix, err = env.Uint16Ptr("OPENVPN_MSSFIX")
+	openVPN.MSSFix, err = s.env.Uint16Ptr("OPENVPN_MSSFIX")
 	if err != nil {
 		return openVPN, err
 	}
@@ -50,12 +50,12 @@ func (s *Source) readOpenVPN() (
 		return openVPN, err
 	}
 
-	openVPN.Verbosity, err = env.IntPtr("OPENVPN_VERBOSITY")
+	openVPN.Verbosity, err = s.env.IntPtr("OPENVPN_VERBOSITY")
 	if err != nil {
 		return openVPN, err
 	}
 
-	flagsPtr := env.Get("OPENVPN_FLAGS", env.ForceLowercase(false))
+	flagsPtr := s.env.Get("OPENVPN_FLAGS", env.ForceLowercase(false))
 	if flagsPtr != nil {
 		openVPN.Flags = strings.Fields(*flagsPtr)
 	}

internal/configuration/sources/env/openvpnselection.go

@@ -12,7 +12,7 @@ import (
 
 func (s *Source) readOpenVPNSelection() (
 	selection settings.OpenVPNSelection, err error) {
-	selection.ConfFile = env.Get("OPENVPN_CUSTOM_CONFIG", env.ForceLowercase(false))
+	selection.ConfFile = s.env.Get("OPENVPN_CUSTOM_CONFIG", env.ForceLowercase(false))
 
 	selection.TCP, err = s.readOpenVPNProtocol()
 	if err != nil {
@@ -53,5 +53,5 @@ func (s *Source) readOpenVPNProtocol() (tcp *bool, err error) {
 
 func (s *Source) readOpenVPNCustomPort() (customPort *uint16, err error) {
 	key, _ := s.getEnvWithRetro("VPN_ENDPOINT_PORT", []string{"PORT", "OPENVPN_PORT"})
-	return env.Uint16Ptr(key)
+	return s.env.Uint16Ptr(key)
 }

internal/configuration/sources/env/portforward.go

@@ -12,7 +12,7 @@ func (s *Source) readPortForward() (
 			"PRIVATE_INTERNET_ACCESS_VPN_PORT_FORWARDING",
 			"PORT_FORWARDING",
 		})
-	portForwarding.Enabled, err = env.BoolPtr(key)
+	portForwarding.Enabled, err = s.env.BoolPtr(key)
 	if err != nil {
 		return portForwarding, err
 	}

internal/configuration/sources/env/pprof.go

@@ -2,26 +2,25 @@ package env
 
 import (
 	"github.com/qdm12/gluetun/internal/pprof"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
-func readPprof() (settings pprof.Settings, err error) {
+func (s *Source) readPprof() (settings pprof.Settings, err error) {
-	settings.Enabled, err = env.BoolPtr("PPROF_ENABLED")
+	settings.Enabled, err = s.env.BoolPtr("PPROF_ENABLED")
 	if err != nil {
 		return settings, err
 	}
 
-	settings.BlockProfileRate, err = env.IntPtr("PPROF_BLOCK_PROFILE_RATE")
+	settings.BlockProfileRate, err = s.env.IntPtr("PPROF_BLOCK_PROFILE_RATE")
 	if err != nil {
 		return settings, err
 	}
 
-	settings.MutexProfileRate, err = env.IntPtr("PPROF_MUTEX_PROFILE_RATE")
+	settings.MutexProfileRate, err = s.env.IntPtr("PPROF_MUTEX_PROFILE_RATE")
 	if err != nil {
 		return settings, err
 	}
 
-	settings.HTTPServer.Address = env.String("PPROF_HTTP_SERVER_ADDRESS")
+	settings.HTTPServer.Address = s.env.String("PPROF_HTTP_SERVER_ADDRESS")
 
 	return settings, nil
 }

internal/configuration/sources/env/provider.go

@@ -7,7 +7,6 @@ import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
 	"github.com/qdm12/gluetun/internal/constants/providers"
 	"github.com/qdm12/gluetun/internal/constants/vpn"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) readProvider(vpnType string) (provider settings.Provider, err error) {
@@ -33,7 +32,7 @@ func (s *Source) readProvider(vpnType string) (provider settings.Provider, err e
 func (s *Source) readVPNServiceProvider(vpnType string) (vpnProviderPtr *string) {
 	_, valuePtr := s.getEnvWithRetro("VPN_SERVICE_PROVIDER", []string{"VPNSP"})
 	if valuePtr == nil {
-		if vpnType != vpn.Wireguard && env.Get("OPENVPN_CUSTOM_CONFIG") != nil {
+		if vpnType != vpn.Wireguard && s.env.Get("OPENVPN_CUSTOM_CONFIG") != nil {
 			// retro compatibility
 			return ptrTo(providers.Custom)
 		}

internal/configuration/sources/env/publicip.go

@@ -6,7 +6,7 @@ import (
 )
 
 func (s *Source) readPublicIP() (publicIP settings.PublicIP, err error) {
-	publicIP.Period, err = env.DurationPtr("PUBLICIP_PERIOD")
+	publicIP.Period, err = s.env.DurationPtr("PUBLICIP_PERIOD")
 	if err != nil {
 		return publicIP, err
 	}

internal/configuration/sources/env/reader.go

@@ -1,11 +1,14 @@
 package env
 
 import (
+	"os"
+
 	"github.com/qdm12/gluetun/internal/configuration/settings"
 	"github.com/qdm12/gosettings/sources/env"
 )
 
 type Source struct {
+	env    env.Env
 	warner Warner
 }
 
@@ -15,6 +18,7 @@ type Warner interface {
 
 func New(warner Warner) *Source {
 	return &Source{
+		env:    *env.New(os.Environ()),
 		warner: warner,
 	}
 }
@@ -47,7 +51,7 @@ func (s *Source) Read() (settings settings.Settings, err error) {
 		return settings, err
 	}
 
-	settings.Log, err = readLog()
+	settings.Log, err = s.readLog()
 	if err != nil {
 		return settings, err
 	}
@@ -57,12 +61,12 @@ func (s *Source) Read() (settings settings.Settings, err error) {
 		return settings, err
 	}
 
-	settings.Updater, err = readUpdater()
+	settings.Updater, err = s.readUpdater()
 	if err != nil {
 		return settings, err
 	}
 
-	settings.Version, err = readVersion()
+	settings.Version, err = s.readVersion()
 	if err != nil {
 		return settings, err
 	}
@@ -82,7 +86,7 @@ func (s *Source) Read() (settings settings.Settings, err error) {
 		return settings, err
 	}
 
-	settings.Pprof, err = readPprof()
+	settings.Pprof, err = s.readPprof()
 	if err != nil {
 		return settings, err
 	}
@@ -107,12 +111,12 @@ func (s *Source) getEnvWithRetro(currentKey string,
 	// We check retro-compatibility keys first since
 	// the current key might be set in the Dockerfile.
 	for _, key = range retroKeys {
-		value = env.Get(key, options...)
+		value = s.env.Get(key, options...)
 		if value != nil {
 			s.onRetroActive(key, currentKey)
 			return key, value
 		}
 	}
 
-	return currentKey, env.Get(currentKey, options...)
+	return currentKey, s.env.Get(currentKey, options...)
 }

internal/configuration/sources/env/server.go

@@ -2,11 +2,10 @@ package env
 
 import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) readControlServer() (controlServer settings.ControlServer, err error) {
-	controlServer.Log, err = env.BoolPtr("HTTP_CONTROL_SERVER_LOG")
+	controlServer.Log, err = s.env.BoolPtr("HTTP_CONTROL_SERVER_LOG")
 	if err != nil {
 		return controlServer, err
 	}

internal/configuration/sources/env/serverselection.go

@@ -9,7 +9,6 @@ import (
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
 	"github.com/qdm12/gluetun/internal/constants/providers"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 var (
@@ -26,30 +25,30 @@ func (s *Source) readServerSelection(vpnProvider, vpnType string) (
 	}
 
 	countriesKey, _ := s.getEnvWithRetro("SERVER_COUNTRIES", []string{"COUNTRY"})
-	ss.Countries = env.CSV(countriesKey)
+	ss.Countries = s.env.CSV(countriesKey)
 	if vpnProvider == providers.Cyberghost && len(ss.Countries) == 0 {
 		// Retro-compatibility for Cyberghost using the REGION variable
-		ss.Countries = env.CSV("REGION")
+		ss.Countries = s.env.CSV("REGION")
 		if len(ss.Countries) > 0 {
 			s.onRetroActive("REGION", "SERVER_COUNTRIES")
 		}
 	}
 
 	regionsKey, _ := s.getEnvWithRetro("SERVER_REGIONS", []string{"REGION"})
-	ss.Regions = env.CSV(regionsKey)
+	ss.Regions = s.env.CSV(regionsKey)
 
 	citiesKey, _ := s.getEnvWithRetro("SERVER_CITIES", []string{"CITY"})
-	ss.Cities = env.CSV(citiesKey)
+	ss.Cities = s.env.CSV(citiesKey)
 
-	ss.ISPs = env.CSV("ISP")
+	ss.ISPs = s.env.CSV("ISP")
 
 	hostnamesKey, _ := s.getEnvWithRetro("SERVER_HOSTNAMES", []string{"SERVER_HOSTNAME"})
-	ss.Hostnames = env.CSV(hostnamesKey)
+	ss.Hostnames = s.env.CSV(hostnamesKey)
 
 	serverNamesKey, _ := s.getEnvWithRetro("SERVER_NAMES", []string{"SERVER_NAME"})
-	ss.Names = env.CSV(serverNamesKey)
+	ss.Names = s.env.CSV(serverNamesKey)
 
-	if csv := env.Get("SERVER_NUMBER"); csv != nil {
+	if csv := s.env.Get("SERVER_NUMBER"); csv != nil {
 		numbersStrings := strings.Split(*csv, ",")
 		numbers := make([]uint16, len(numbersStrings))
 		for i, numberString := range numbersStrings {
@@ -74,25 +73,25 @@ func (s *Source) readServerSelection(vpnProvider, vpnType string) (
 	}
 
 	// VPNUnlimited and ProtonVPN only
-	ss.FreeOnly, err = env.BoolPtr("FREE_ONLY")
+	ss.FreeOnly, err = s.env.BoolPtr("FREE_ONLY")
 	if err != nil {
 		return ss, err
 	}
 
 	// VPNSecure only
-	ss.PremiumOnly, err = env.BoolPtr("PREMIUM_ONLY")
+	ss.PremiumOnly, err = s.env.BoolPtr("PREMIUM_ONLY")
 	if err != nil {
 		return ss, err
 	}
 
 	// VPNUnlimited only
-	ss.MultiHopOnly, err = env.BoolPtr("MULTIHOP_ONLY")
+	ss.MultiHopOnly, err = s.env.BoolPtr("MULTIHOP_ONLY")
 	if err != nil {
 		return ss, err
 	}
 
 	// VPNUnlimited only
-	ss.MultiHopOnly, err = env.BoolPtr("STREAM_ONLY")
+	ss.MultiHopOnly, err = s.env.BoolPtr("STREAM_ONLY")
 	if err != nil {
 		return ss, err
 	}
@@ -130,5 +129,5 @@ func (s *Source) readOpenVPNTargetIP() (ip netip.Addr, err error) {
 
 func (s *Source) readOwnedOnly() (ownedOnly *bool, err error) {
 	envKey, _ := s.getEnvWithRetro("OWNED_ONLY", []string{"OWNED"})
-	return env.BoolPtr(envKey)
+	return s.env.BoolPtr(envKey)
 }

internal/configuration/sources/env/shadowsocks.go

@@ -6,18 +6,18 @@ import (
 )
 
 func (s *Source) readShadowsocks() (shadowsocks settings.Shadowsocks, err error) {
-	shadowsocks.Enabled, err = env.BoolPtr("SHADOWSOCKS")
+	shadowsocks.Enabled, err = s.env.BoolPtr("SHADOWSOCKS")
 	if err != nil {
 		return shadowsocks, err
 	}
 
 	shadowsocks.Address = s.readShadowsocksAddress()
-	shadowsocks.LogAddresses, err = env.BoolPtr("SHADOWSOCKS_LOG")
+	shadowsocks.LogAddresses, err = s.env.BoolPtr("SHADOWSOCKS_LOG")
 	if err != nil {
 		return shadowsocks, err
 	}
 	shadowsocks.CipherName = s.readShadowsocksCipher()
-	shadowsocks.Password = env.Get("SHADOWSOCKS_PASSWORD", env.ForceLowercase(false))
+	shadowsocks.Password = s.env.Get("SHADOWSOCKS_PASSWORD", env.ForceLowercase(false))
 
 	return shadowsocks, nil
 }
@@ -41,5 +41,5 @@ func (s *Source) readShadowsocksAddress() (address *string) {
 func (s *Source) readShadowsocksCipher() (cipher string) {
 	envKey, _ := s.getEnvWithRetro("SHADOWSOCKS_CIPHER",
 		[]string{"SHADOWSOCKS_METHOD"})
-	return env.String(envKey)
+	return s.env.String(envKey)
 }

internal/configuration/sources/env/system.go

@@ -6,7 +6,6 @@ import (
 	"strconv"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 var (
@@ -26,7 +25,7 @@ func (s *Source) readSystem() (system settings.System, err error) {
 		return system, err
 	}
 
-	system.Timezone = env.String("TZ")
+	system.Timezone = s.env.String("TZ")
 
 	return system, nil
 }

internal/configuration/sources/env/system_test.go

@@ -3,6 +3,7 @@ package env
 import (
 	"testing"
 
+	"github.com/qdm12/gosettings/sources/env"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -10,54 +11,78 @@ func Test_Reader_readID(t *testing.T) {
 	t.Parallel()
 
 	testCases := map[string]struct {
-		keyPrefix      string
+		source     Source
-		keyValue       string
+		key        string
-		retroKeyPrefix string
+		retroKey   string
-		retroValue     string
+		id         *uint32
-		id             *uint32
+		errWrapped error
-		errWrapped     error
+		errMessage string
-		errMessage     string
 	}{
 		"empty string": {
-			keyPrefix:      "ID",
+			source: Source{
-			retroKeyPrefix: "RETRO_ID",
+				env: *env.New([]string{
+					"ID=",
+				}),
+			},
+			key:      "ID",
+			retroKey: "RETRO_ID",
 		},
 		"invalid string": {
-			keyPrefix:      "ID",
+			source: Source{
-			keyValue:       "invalid",
+				env: *env.New([]string{
-			retroKeyPrefix: "RETRO_ID",
+					"ID=invalid",
-			errWrapped:     ErrSystemIDNotValid,
+				}),
-			errMessage: `environment variable IDTest_Reader_readID/invalid_string: ` +
+			},
+			key:        "ID",
+			retroKey:   "RETRO_ID",
+			errWrapped: ErrSystemIDNotValid,
+			errMessage: `environment variable ID: ` +
 				`system ID is not valid: ` +
 				`strconv.ParseUint: parsing "invalid": invalid syntax`,
 		},
 		"negative number": {
-			keyPrefix:      "ID",
+			source: Source{
-			keyValue:       "-1",
+				env: *env.New([]string{
-			retroKeyPrefix: "RETRO_ID",
+					"ID=-1",
-			errWrapped:     ErrSystemIDNotValid,
+				}),
-			errMessage: `environment variable IDTest_Reader_readID/negative_number: ` +
+			},
+			key:        "ID",
+			retroKey:   "RETRO_ID",
+			errWrapped: ErrSystemIDNotValid,
+			errMessage: `environment variable ID: ` +
 				`system ID is not valid: ` +
 				`strconv.ParseUint: parsing "-1": invalid syntax`,
 		},
 		"id 1000": {
-			keyPrefix:      "ID",
+			source: Source{
-			keyValue:       "1000",
+				env: *env.New([]string{
-			retroKeyPrefix: "RETRO_ID",
+					"ID=1000",
-			id:             ptrTo(uint32(1000)),
+				}),
+			},
+			key:      "ID",
+			retroKey: "RETRO_ID",
+			id:       ptrTo(uint32(1000)),
 		},
 		"max id": {
-			keyPrefix:      "ID",
+			source: Source{
-			keyValue:       "4294967295",
+				env: *env.New([]string{
-			retroKeyPrefix: "RETRO_ID",
+					"ID=4294967295",
-			id:             ptrTo(uint32(4294967295)),
+				}),
+			},
+			key:      "ID",
+			retroKey: "RETRO_ID",
+			id:       ptrTo(uint32(4294967295)),
 		},
 		"above max id": {
-			keyPrefix:      "ID",
+			source: Source{
-			keyValue:       "4294967296",
+				env: *env.New([]string{
-			retroKeyPrefix: "RETRO_ID",
+					"ID=4294967296",
-			errWrapped:     ErrSystemIDNotValid,
+				}),
-			errMessage: `environment variable IDTest_Reader_readID/above_max_id: ` +
+			},
+			key:        "ID",
+			retroKey:   "RETRO_ID",
+			errWrapped: ErrSystemIDNotValid,
+			errMessage: `environment variable ID: ` +
 				`system ID is not valid: 4294967296: must be between 0 and 4294967295`,
 		},
 	}
@@ -67,15 +92,7 @@ func Test_Reader_readID(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
 
-			suffix := t.Name()
+			id, err := testCase.source.readID(testCase.key, testCase.retroKey)
-			key := testCase.keyPrefix + suffix
-			retroKey := testCase.retroKeyPrefix + suffix
-
-			setTestEnv(t, key, testCase.keyValue)
-			setTestEnv(t, retroKey, testCase.retroValue)
-
-			source := &Source{}
-			id, err := source.readID(key, retroKey)
 
 			assert.ErrorIs(t, err, testCase.errWrapped)
 			if err != nil {

internal/configuration/sources/env/unbound.go

@@ -2,33 +2,32 @@ package env
 
 import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
-func readUnbound() (unbound settings.Unbound, err error) {
+func (s *Source) readUnbound() (unbound settings.Unbound, err error) {
-	unbound.Providers = env.CSV("DOT_PROVIDERS")
+	unbound.Providers = s.env.CSV("DOT_PROVIDERS")
 
-	unbound.Caching, err = env.BoolPtr("DOT_CACHING")
+	unbound.Caching, err = s.env.BoolPtr("DOT_CACHING")
 	if err != nil {
 		return unbound, err
 	}
 
-	unbound.IPv6, err = env.BoolPtr("DOT_IPV6")
+	unbound.IPv6, err = s.env.BoolPtr("DOT_IPV6")
 	if err != nil {
 		return unbound, err
 	}
 
-	unbound.VerbosityLevel, err = env.Uint8Ptr("DOT_VERBOSITY")
+	unbound.VerbosityLevel, err = s.env.Uint8Ptr("DOT_VERBOSITY")
 	if err != nil {
 		return unbound, err
 	}
 
-	unbound.VerbosityDetailsLevel, err = env.Uint8Ptr("DOT_VERBOSITY_DETAILS")
+	unbound.VerbosityDetailsLevel, err = s.env.Uint8Ptr("DOT_VERBOSITY_DETAILS")
 	if err != nil {
 		return unbound, err
 	}
 
-	unbound.ValidationLogLevel, err = env.Uint8Ptr("DOT_VALIDATION_LOGLEVEL")
+	unbound.ValidationLogLevel, err = s.env.Uint8Ptr("DOT_VALIDATION_LOGLEVEL")
 	if err != nil {
 		return unbound, err
 	}

internal/configuration/sources/env/updater.go

@@ -2,11 +2,10 @@ package env
 
 import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
-func readUpdater() (updater settings.Updater, err error) {
+func (s *Source) readUpdater() (updater settings.Updater, err error) {
-	updater.Period, err = env.DurationPtr("UPDATER_PERIOD")
+	updater.Period, err = s.env.DurationPtr("UPDATER_PERIOD")
 	if err != nil {
 		return updater, err
 	}
@@ -16,12 +15,12 @@ func readUpdater() (updater settings.Updater, err error) {
 		return updater, err
 	}
 
-	updater.MinRatio, err = env.Float64("UPDATER_MIN_RATIO")
+	updater.MinRatio, err = s.env.Float64("UPDATER_MIN_RATIO")
 	if err != nil {
 		return updater, err
 	}
 
-	updater.Providers = env.CSV("UPDATER_VPN_SERVICE_PROVIDERS")
+	updater.Providers = s.env.CSV("UPDATER_VPN_SERVICE_PROVIDERS")
 
 	return updater, nil
 }

internal/configuration/sources/env/version.go

@@ -2,11 +2,10 @@ package env
 
 import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
-func readVersion() (version settings.Version, err error) {
+func (s *Source) readVersion() (version settings.Version, err error) {
-	version.Enabled, err = env.BoolPtr("VERSION_INFORMATION")
+	version.Enabled, err = s.env.BoolPtr("VERSION_INFORMATION")
 	if err != nil {
 		return version, err
 	}

internal/configuration/sources/env/vpn.go

@@ -4,11 +4,10 @@ import (
 	"fmt"
 
 	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gosettings/sources/env"
 )
 
 func (s *Source) readVPN() (vpn settings.VPN, err error) {
-	vpn.Type = env.String("VPN_TYPE")
+	vpn.Type = s.env.String("VPN_TYPE")
 
 	vpn.Provider, err = s.readProvider(vpn.Type)
 	if err != nil {

internal/configuration/sources/env/wireguard.go

@@ -13,17 +13,17 @@ func (s *Source) readWireguard() (wireguard settings.Wireguard, err error) {
 	defer func() {
 		err = unsetEnvKeys([]string{"WIREGUARD_PRIVATE_KEY", "WIREGUARD_PRESHARED_KEY"}, err)
 	}()
-	wireguard.PrivateKey = env.Get("WIREGUARD_PRIVATE_KEY", env.ForceLowercase(false))
+	wireguard.PrivateKey = s.env.Get("WIREGUARD_PRIVATE_KEY", env.ForceLowercase(false))
-	wireguard.PreSharedKey = env.Get("WIREGUARD_PRESHARED_KEY", env.ForceLowercase(false))
+	wireguard.PreSharedKey = s.env.Get("WIREGUARD_PRESHARED_KEY", env.ForceLowercase(false))
 	envKey, _ := s.getEnvWithRetro("VPN_INTERFACE",
 		[]string{"WIREGUARD_INTERFACE"}, env.ForceLowercase(false))
-	wireguard.Interface = env.String(envKey)
+	wireguard.Interface = s.env.String(envKey)
-	wireguard.Implementation = env.String("WIREGUARD_IMPLEMENTATION")
+	wireguard.Implementation = s.env.String("WIREGUARD_IMPLEMENTATION")
 	wireguard.Addresses, err = s.readWireguardAddresses()
 	if err != nil {
 		return wireguard, err // already wrapped
 	}
-	mtuPtr, err := env.Uint16Ptr("WIREGUARD_MTU")
+	mtuPtr, err := s.env.Uint16Ptr("WIREGUARD_MTU")
 	if err != nil {
 		return wireguard, err
 	} else if mtuPtr != nil {

internal/configuration/sources/env/wireguardselection.go

@@ -20,7 +20,7 @@ func (s *Source) readWireguardSelection() (
 		return selection, err
 	}
 
-	selection.PublicKey = env.String("WIREGUARD_PUBLIC_KEY", env.ForceLowercase(false))
+	selection.PublicKey = s.env.String("WIREGUARD_PUBLIC_KEY", env.ForceLowercase(false))
 
 	return selection, nil
 }
@@ -41,5 +41,5 @@ func (s *Source) readWireguardEndpointIP() (endpointIP netip.Addr, err error) {
 
 func (s *Source) readWireguardCustomPort() (customPort *uint16, err error) {
 	envKey, _ := s.getEnvWithRetro("VPN_ENDPOINT_PORT", []string{"WIREGUARD_ENDPOINT_PORT"})
-	return env.Uint16Ptr(envKey)
+	return s.env.Uint16Ptr(envKey)
 }

internal/configuration/sources/secrets/helpers.go

@@ -8,18 +8,18 @@ import (
 	"github.com/qdm12/gosettings/sources/env"
 )
 
-func readSecretFileAsStringPtr(secretPathEnvKey, defaultSecretPath string) (
+func (s *Source) readSecretFileAsStringPtr(secretPathEnvKey, defaultSecretPath string) (
 	stringPtr *string, err error) {
-	path := env.String(secretPathEnvKey, env.ForceLowercase(false))
+	path := s.env.String(secretPathEnvKey, env.ForceLowercase(false))
 	if path == "" {
 		path = defaultSecretPath
 	}
 	return files.ReadFromFile(path)
 }
 
-func readPEMSecretFile(secretPathEnvKey, defaultSecretPath string) (
+func (s *Source) readPEMSecretFile(secretPathEnvKey, defaultSecretPath string) (
 	base64Ptr *string, err error) {
-	pemData, err := readSecretFileAsStringPtr(secretPathEnvKey, defaultSecretPath)
+	pemData, err := s.readSecretFileAsStringPtr(secretPathEnvKey, defaultSecretPath)
 	if err != nil {
 		return nil, fmt.Errorf("reading secret file: %w", err)
 	}

internal/configuration/sources/secrets/httpproxy.go

@@ -6,8 +6,8 @@ import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
 )
 
-func readHTTPProxy() (settings settings.HTTPProxy, err error) {
+func (s *Source) readHTTPProxy() (settings settings.HTTPProxy, err error) {
-	settings.User, err = readSecretFileAsStringPtr(
+	settings.User, err = s.readSecretFileAsStringPtr(
 		"HTTPPROXY_USER_SECRETFILE",
 		"/run/secrets/httpproxy_user",
 	)
@@ -15,7 +15,7 @@ func readHTTPProxy() (settings settings.HTTPProxy, err error) {
 		return settings, fmt.Errorf("reading HTTP proxy user secret file: %w", err)
 	}
 
-	settings.Password, err = readSecretFileAsStringPtr(
+	settings.Password, err = s.readSecretFileAsStringPtr(
 		"HTTPPROXY_PASSWORD_SECRETFILE",
 		"/run/secrets/httpproxy_password",
 	)

internal/configuration/sources/secrets/openvpn.go

@@ -6,9 +6,9 @@ import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
 )
 
-func readOpenVPN() (
+func (s *Source) readOpenVPN() (
 	settings settings.OpenVPN, err error) {
-	settings.User, err = readSecretFileAsStringPtr(
+	settings.User, err = s.readSecretFileAsStringPtr(
 		"OPENVPN_USER_SECRETFILE",
 		"/run/secrets/openvpn_user",
 	)
@@ -16,7 +16,7 @@ func readOpenVPN() (
 		return settings, fmt.Errorf("reading user file: %w", err)
 	}
 
-	settings.Password, err = readSecretFileAsStringPtr(
+	settings.Password, err = s.readSecretFileAsStringPtr(
 		"OPENVPN_PASSWORD_SECRETFILE",
 		"/run/secrets/openvpn_password",
 	)
@@ -24,7 +24,7 @@ func readOpenVPN() (
 		return settings, fmt.Errorf("reading password file: %w", err)
 	}
 
-	settings.Key, err = readPEMSecretFile(
+	settings.Key, err = s.readPEMSecretFile(
 		"OPENVPN_CLIENTKEY_SECRETFILE",
 		"/run/secrets/openvpn_clientkey",
 	)
@@ -32,7 +32,7 @@ func readOpenVPN() (
 		return settings, fmt.Errorf("reading client key file: %w", err)
 	}
 
-	settings.EncryptedKey, err = readPEMSecretFile(
+	settings.EncryptedKey, err = s.readPEMSecretFile(
 		"OPENVPN_ENCRYPTED_KEY_SECRETFILE",
 		"/run/secrets/openvpn_encrypted_key",
 	)
@@ -40,7 +40,7 @@ func readOpenVPN() (
 		return settings, fmt.Errorf("reading encrypted key file: %w", err)
 	}
 
-	settings.KeyPassphrase, err = readSecretFileAsStringPtr(
+	settings.KeyPassphrase, err = s.readSecretFileAsStringPtr(
 		"OPENVPN_KEY_PASSPHRASE_SECRETFILE",
 		"/run/secrets/openvpn_key_passphrase",
 	)
@@ -48,7 +48,7 @@ func readOpenVPN() (
 		return settings, fmt.Errorf("reading key passphrase file: %w", err)
 	}
 
-	settings.Cert, err = readPEMSecretFile(
+	settings.Cert, err = s.readPEMSecretFile(
 		"OPENVPN_CLIENTCRT_SECRETFILE",
 		"/run/secrets/openvpn_clientcrt",
 	)

internal/configuration/sources/secrets/reader.go

@@ -1,29 +1,36 @@
 package secrets
 
 import (
+	"os"
+
 	"github.com/qdm12/gluetun/internal/configuration/settings"
+	"github.com/qdm12/gosettings/sources/env"
 )
 
-type Source struct{}
+type Source struct {
+	env env.Env
+}
 
 func New() *Source {
-	return &Source{}
+	return &Source{
+		env: *env.New(os.Environ()),
+	}
 }
 
 func (s *Source) String() string { return "secret files" }
 
 func (s *Source) Read() (settings settings.Settings, err error) {
-	settings.VPN, err = readVPN()
+	settings.VPN, err = s.readVPN()
 	if err != nil {
 		return settings, err
 	}
 
-	settings.HTTPProxy, err = readHTTPProxy()
+	settings.HTTPProxy, err = s.readHTTPProxy()
 	if err != nil {
 		return settings, err
 	}
 
-	settings.Shadowsocks, err = readShadowsocks()
+	settings.Shadowsocks, err = s.readShadowsocks()
 	if err != nil {
 		return settings, err
 	}

internal/configuration/sources/secrets/shadowsocks.go

@@ -6,8 +6,8 @@ import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
 )
 
-func readShadowsocks() (settings settings.Shadowsocks, err error) {
+func (s *Source) readShadowsocks() (settings settings.Shadowsocks, err error) {
-	settings.Password, err = readSecretFileAsStringPtr(
+	settings.Password, err = s.readSecretFileAsStringPtr(
 		"SHADOWSOCKS_PASSWORD_SECRETFILE",
 		"/run/secrets/shadowsocks_password",
 	)

internal/configuration/sources/secrets/vpn.go

@@ -6,8 +6,8 @@ import (
 	"github.com/qdm12/gluetun/internal/configuration/settings"
 )
 
-func readVPN() (vpn settings.VPN, err error) {
+func (s *Source) readVPN() (vpn settings.VPN, err error) {
-	vpn.OpenVPN, err = readOpenVPN()
+	vpn.OpenVPN, err = s.readOpenVPN()
 	if err != nil {
 		return vpn, fmt.Errorf("reading OpenVPN settings: %w", err)
 	}