Rename ENCRYPTION to PIA_ENCRYPTION (#98)
This commit is contained in:
Quentin McGaw
2
.github/workflows/buildx-branch.yml
vendored
2
.github/workflows/buildx-branch.yml
vendored
@@ -1,4 +1,4 @@
|
|||||||
name: Buildx latest
|
name: Buildx branch
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
branches:
|
branches:
|
||||||
|
|||||||
@@ -39,7 +39,7 @@ ENV VPNSP=pia \
|
|||||||
# PIA only
|
# PIA only
|
||||||
PASSWORD= \
|
PASSWORD= \
|
||||||
REGION="CA Montreal" \
|
REGION="CA Montreal" \
|
||||||
ENCRYPTION=strong \
|
PIA_ENCRYPTION=strong \
|
||||||
PORT_FORWARDING=off \
|
PORT_FORWARDING=off \
|
||||||
PORT_FORWARDING_STATUS_FILE="/forwarded_port" \
|
PORT_FORWARDING_STATUS_FILE="/forwarded_port" \
|
||||||
# Mullvad only
|
# Mullvad only
|
||||||
|
|||||||
10
README.md
10
README.md
@@ -73,10 +73,10 @@
|
|||||||
- Allow outbound TCP 443 to github.com
|
- Allow outbound TCP 443 to github.com
|
||||||
- If `DOT=on`, allow outbound TCP 853 to allow Unbound to resolve github.com and the PIA subdomain name if you use PIA.
|
- If `DOT=on`, allow outbound TCP 853 to allow Unbound to resolve github.com and the PIA subdomain name if you use PIA.
|
||||||
- If `DOT=off` and `VPNSP=pia`, allow outbound UDP 53 to your DNS provider to resolve the PIA subdomain name.
|
- If `DOT=off` and `VPNSP=pia`, allow outbound UDP 53 to your DNS provider to resolve the PIA subdomain name.
|
||||||
- If `VPNSP=pia`, `ENCRYPTION=strong` and `PROTOCOL=udp`: allow outbound UDP 1197 to the corresponding VPN server IPs
|
- If `VPNSP=pia`, `PIA_ENCRYPTION=strong` and `PROTOCOL=udp`: allow outbound UDP 1197 to the corresponding VPN server IPs
|
||||||
- If `VPNSP=pia`, `ENCRYPTION=normal` and `PROTOCOL=udp`: allow outbound UDP 1198 to the corresponding VPN server IPs
|
- If `VPNSP=pia`, `PIA_ENCRYPTION=normal` and `PROTOCOL=udp`: allow outbound UDP 1198 to the corresponding VPN server IPs
|
||||||
- If `VPNSP=pia`, `ENCRYPTION=strong` and `PROTOCOL=tcp`: allow outbound TCP 501 to the corresponding VPN server IPs
|
- If `VPNSP=pia`, `PIA_ENCRYPTION=strong` and `PROTOCOL=tcp`: allow outbound TCP 501 to the corresponding VPN server IPs
|
||||||
- If `VPNSP=pia`, `ENCRYPTION=normal` and `PROTOCOL=tcp`: allow outbound TCP 502 to the corresponding VPN server IPs
|
- If `VPNSP=pia`, `PIA_ENCRYPTION=normal` and `PROTOCOL=tcp`: allow outbound TCP 502 to the corresponding VPN server IPs
|
||||||
- If `VPNSP=mullvad` and `PORT=`, please refer to the mapping of Mullvad servers in [these source code lines](https://github.com/qdm12/private-internet-access-docker/blob/master/internal/constants/mullvad.go#L64-L667) to find the corresponding UDP port number and IP address(es) of your choice
|
- If `VPNSP=mullvad` and `PORT=`, please refer to the mapping of Mullvad servers in [these source code lines](https://github.com/qdm12/private-internet-access-docker/blob/master/internal/constants/mullvad.go#L64-L667) to find the corresponding UDP port number and IP address(es) of your choice
|
||||||
- If `VPNSP=mullvad` and `PORT=53`, allow outbound UDP 53 to the corresponding VPN server IPs, which you can fine in [the mapping of Mullvad servers](https://github.com/qdm12/private-internet-access-docker/blob/master/internal/constants/mullvad.go#L64-L667)
|
- If `VPNSP=mullvad` and `PORT=53`, allow outbound UDP 53 to the corresponding VPN server IPs, which you can fine in [the mapping of Mullvad servers](https://github.com/qdm12/private-internet-access-docker/blob/master/internal/constants/mullvad.go#L64-L667)
|
||||||
- If `VPNSP=mullvad` and `PORT=80`, allow outbound TCP 80 to the corresponding VPN server IPs, which you can fine in [the mapping of Mullvad servers](https://github.com/qdm12/private-internet-access-docker/blob/master/internal/constants/mullvad.go#L64-L667)
|
- If `VPNSP=mullvad` and `PORT=80`, allow outbound TCP 80 to the corresponding VPN server IPs, which you can fine in [the mapping of Mullvad servers](https://github.com/qdm12/private-internet-access-docker/blob/master/internal/constants/mullvad.go#L64-L667)
|
||||||
@@ -131,7 +131,7 @@ docker run --rm --network=container:pia alpine:3.11 wget -qO- https://ipinfo.io
|
|||||||
| `ISP` | | (Mullvad only, *optional*) one of the [Mullvad ISP](https://mullvad.net/en/servers/#openvpn) |
|
| `ISP` | | (Mullvad only, *optional*) one of the [Mullvad ISP](https://mullvad.net/en/servers/#openvpn) |
|
||||||
| `PORT` | | (Mullvad only, *optional*) For TCP, `80` or `443`, or `53` for UDP. Leave blank for default Mullvad server port |
|
| `PORT` | | (Mullvad only, *optional*) For TCP, `80` or `443`, or `53` for UDP. Leave blank for default Mullvad server port |
|
||||||
| `PROTOCOL` | `udp` | `tcp` or `udp` |
|
| `PROTOCOL` | `udp` | `tcp` or `udp` |
|
||||||
| `ENCRYPTION` | `strong` | (PIA only) `normal` or `strong` |
|
| `PIA_ENCRYPTION` | `strong` | (PIA only) `normal` or `strong` or `custom` |
|
||||||
| `USER` | | PIA username **or** Mullvad user ID |
|
| `USER` | | PIA username **or** Mullvad user ID |
|
||||||
| `PASSWORD` | | Your PIA password |
|
| `PASSWORD` | | Your PIA password |
|
||||||
| `DOT` | `on` | `on` or `off`, to activate DNS over TLS to 1.1.1.1 |
|
| `DOT` | `on` | `on` or `off`, to activate DNS over TLS to 1.1.1.1 |
|
||||||
|
|||||||
@@ -25,7 +25,7 @@ services:
|
|||||||
# PIA only
|
# PIA only
|
||||||
- REGION=CA Montreal
|
- REGION=CA Montreal
|
||||||
- PASSWORD=8fd9s239G
|
- PASSWORD=8fd9s239G
|
||||||
- ENCRYPTION=strong
|
- PIA_ENCRYPTION=strong
|
||||||
- PORT_FORWARDING=off
|
- PORT_FORWARDING=off
|
||||||
|
|
||||||
# Mullvad only
|
# Mullvad only
|
||||||
|
|||||||
@@ -33,9 +33,18 @@ func (p *paramsReader) GetPortForwardingStatusFilepath() (filepath models.Filepa
|
|||||||
}
|
}
|
||||||
|
|
||||||
// GetPIAEncryption obtains the encryption level for the PIA connection
|
// GetPIAEncryption obtains the encryption level for the PIA connection
|
||||||
// from the environment variable ENCRYPTION
|
// from the environment variable PIA_ENCRYPTION, and using ENCRYPTION for
|
||||||
|
// retro compatibility
|
||||||
func (p *paramsReader) GetPIAEncryption() (models.PIAEncryption, error) {
|
func (p *paramsReader) GetPIAEncryption() (models.PIAEncryption, error) {
|
||||||
s, err := p.envParams.GetValueIfInside("ENCRYPTION", []string{"normal", "strong"}, libparams.Default("strong"))
|
// Retro-compatibility
|
||||||
|
s, err := p.envParams.GetValueIfInside("ENCRYPTION", []string{"normal", "strong", ""})
|
||||||
|
if err != nil {
|
||||||
|
return "", err
|
||||||
|
} else if len(s) != 0 {
|
||||||
|
p.logger.Warn("You are using the old environment variable ENCRYPTION, please consider changing it to PIA_ENCRYPTION")
|
||||||
|
return models.PIAEncryption(s), nil
|
||||||
|
}
|
||||||
|
s, err = p.envParams.GetValueIfInside("PIA_ENCRYPTION", []string{"normal", "strong"}, libparams.Default("strong"))
|
||||||
return models.PIAEncryption(s), err
|
return models.PIAEncryption(s), err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user