diff --git a/Dockerfile b/Dockerfile index 1f9f145d..4ebea9af 100644 --- a/Dockerfile +++ b/Dockerfile @@ -197,7 +197,7 @@ ENTRYPOINT ["/gluetun-entrypoint"] EXPOSE 8000/tcp 8888/tcp 8388/tcp 8388/udp HEALTHCHECK --interval=5s --timeout=5s --start-period=10s --retries=1 CMD /gluetun-entrypoint healthcheck ARG TARGETPLATFORM -RUN apk add --no-cache --update -l apk-tools && \ +RUN apk add --no-cache --update -l apk-tools wget && \ apk add --no-cache --update -X "https://dl-cdn.alpinelinux.org/alpine/v3.12/main" openvpn==2.4.12-r0 && \ apk add --no-cache --update -X "https://dl-cdn.alpinelinux.org/alpine/v3.16/main" openssl==1.1.1t-r2 && \ mv /usr/sbin/openvpn /usr/sbin/openvpn2.4 && \ diff --git a/README.md b/README.md index 5700881f..d35b6423 100644 --- a/README.md +++ b/README.md @@ -1,130 +1,130 @@ -# Gluetun VPN client - -Lightweight swiss-knife-like VPN client to multiple VPN service providers - -![Title image](https://raw.githubusercontent.com/qdm12/gluetun/master/title.svg) - -[![Build status](https://github.com/qdm12/gluetun/actions/workflows/ci.yml/badge.svg)](https://github.com/qdm12/gluetun/actions/workflows/ci.yml) - -[![Docker pulls qmcgaw/gluetun](https://img.shields.io/docker/pulls/qmcgaw/gluetun.svg)](https://hub.docker.com/r/qmcgaw/gluetun) -[![Docker pulls qmcgaw/private-internet-access](https://img.shields.io/docker/pulls/qmcgaw/private-internet-access.svg)](https://hub.docker.com/r/qmcgaw/gluetun) - -[![Docker stars qmcgaw/gluetun](https://img.shields.io/docker/stars/qmcgaw/gluetun.svg)](https://hub.docker.com/r/qmcgaw/gluetun) -[![Docker stars qmcgaw/private-internet-access](https://img.shields.io/docker/stars/qmcgaw/private-internet-access.svg)](https://hub.docker.com/r/qmcgaw/gluetun) - -![Last release](https://img.shields.io/github/release/qdm12/gluetun?label=Last%20release) -![Last Docker tag](https://img.shields.io/docker/v/qmcgaw/gluetun?sort=semver&label=Last%20Docker%20tag) -[![Last release size](https://img.shields.io/docker/image-size/qmcgaw/gluetun?sort=semver&label=Last%20released%20image)](https://hub.docker.com/r/qmcgaw/gluetun/tags?page=1&ordering=last_updated) -![GitHub last release date](https://img.shields.io/github/release-date/qdm12/gluetun?label=Last%20release%20date) -![Commits since release](https://img.shields.io/github/commits-since/qdm12/gluetun/latest?sort=semver) - -[![Latest size](https://img.shields.io/docker/image-size/qmcgaw/gluetun/latest?label=Latest%20image)](https://hub.docker.com/r/qmcgaw/gluetun/tags) - -[![GitHub last commit](https://img.shields.io/github/last-commit/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/commits/master) -[![GitHub commit activity](https://img.shields.io/github/commit-activity/y/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/graphs/contributors) -[![GitHub closed PRs](https://img.shields.io/github/issues-pr-closed/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/pulls?q=is%3Apr+is%3Aclosed) -[![GitHub issues](https://img.shields.io/github/issues/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/issues) -[![GitHub closed issues](https://img.shields.io/github/issues-closed/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/issues?q=is%3Aissue+is%3Aclosed) - -[![Lines of code](https://img.shields.io/tokei/lines/github/qdm12/gluetun)](https://github.com/qdm12/gluetun) -![Code size](https://img.shields.io/github/languages/code-size/qdm12/gluetun) -![GitHub repo size](https://img.shields.io/github/repo-size/qdm12/gluetun) -![Go version](https://img.shields.io/github/go-mod/go-version/qdm12/gluetun) - -![Visitors count](https://visitor-badge.laobi.icu/badge?page_id=gluetun.readme) - -## Quick links - -- [Setup](#Setup) -- [Features](#Features) -- Problem? - - [Check the Wiki](https://github.com/qdm12/gluetun/wiki) - - [Start a discussion](https://github.com/qdm12/gluetun/discussions) - - [Fix the Unraid template](https://github.com/qdm12/gluetun/discussions/550) -- Suggestion? - - [Create an issue](https://github.com/qdm12/gluetun/issues) - - [Join the Slack channel](https://join.slack.com/t/qdm12/shared_invite/enQtOTE0NjcxNTM1ODc5LTYyZmVlOTM3MGI4ZWU0YmJkMjUxNmQ4ODQ2OTAwYzMxMTlhY2Q1MWQyOWUyNjc2ODliNjFjMDUxNWNmNzk5MDk) -- Happy? - - Sponsor me on [github.com/sponsors/qdm12](https://github.com/sponsors/qdm12) - - Donate to [paypal.me/qmcgaw](https://www.paypal.me/qmcgaw) - - Drop me [an email](mailto:quentin.mcgaw@gmail.com) -- **Want to add a VPN provider?** check [Development](https://github.com/qdm12/gluetun/wiki/Development) and [Add a provider](https://github.com/qdm12/gluetun/wiki/Add-a-provider) -- Video: - - [![Video Gif](https://i.imgur.com/CetWunc.gif)](https://youtu.be/0F6I03LQcI4) - -- [Substack Console interview](https://console.substack.com/p/console-72) - -## Features - -- Based on Alpine 3.17 for a small Docker image of 30MB -- Supports: **AirVPN**, **Cyberghost**, **ExpressVPN**, **FastestVPN**, **HideMyAss**, **IPVanish**, **IVPN**, **Mullvad**, **NordVPN**, **Perfect Privacy**, **Privado**, **Private Internet Access**, **PrivateVPN**, **ProtonVPN**, **PureVPN**, **SlickVPN**, **Surfshark**, **TorGuard**, **VPNSecure.me**, **VPNUnlimited**, **Vyprvpn**, **WeVPN**, **Windscribe** servers -- Supports OpenVPN for all providers listed -- Supports Wireguard both kernelspace and userspace - - For **Mullvad**, **Ivpn**, **Surfshark** and **Windscribe** - - For **ProtonVPN**, **PureVPN**, **Torguard**, **VPN Unlimited** and **WeVPN** using [the custom provider](https://github.com/qdm12/gluetun/wiki/Custom-provider) - - For custom Wireguard configurations using [the custom provider](https://github.com/qdm12/gluetun/wiki/Custom-provider) - - More in progress, see [#134](https://github.com/qdm12/gluetun/issues/134) -- DNS over TLS baked in with service provider(s) of your choice -- DNS fine blocking of malicious/ads/surveillance hostnames and IP addresses, with live update every 24 hours -- Choose the vpn network protocol, `udp` or `tcp` -- Built in firewall kill switch to allow traffic only with needed the VPN servers and LAN devices -- Built in Shadowsocks proxy (protocol based on SOCKS5 with an encryption layer, tunnels TCP+UDP) -- Built in HTTP proxy (tunnels HTTP and HTTPS through TCP) -- [Connect other containers to it](https://github.com/qdm12/gluetun/wiki/Connect-a-container-to-gluetun) -- [Connect LAN devices to it](https://github.com/qdm12/gluetun/wiki/Connect-a-LAN-device-to-gluetun) -- Compatible with amd64, i686 (32 bit), **ARM** 64 bit, ARM 32 bit v6 and v7, and even ppc64le 🎆 -- [Custom VPN server side port forwarding for Private Internet Access](https://github.com/qdm12/gluetun/wiki/Private-internet-access#vpn-server-port-forwarding) -- Possibility of split horizon DNS by selecting multiple DNS over TLS providers -- Unbound subprogram drops root privileges once launched -- Can work as a Kubernetes sidecar container, thanks @rorph - -## Setup - -🎉 There are now instructions specific to each VPN provider with examples to help you get started as quickly as possible! - -Go to the [Wiki](https://github.com/qdm12/gluetun/wiki)! - -[🐛 Found a bug in the Wiki?!](https://github.com/qdm12/gluetun/issues/new?assignees=&labels=%F0%9F%93%84+Wiki+issue&template=wiki+issue.yml&title=Wiki+issue%3A+) - -Here's a docker-compose.yml for the laziest: - -```yml -version: "3" -services: - gluetun: - image: qmcgaw/gluetun - # container_name: gluetun - # line above must be uncommented to allow external containers to connect. See https://github.com/qdm12/gluetun/wiki/Connect-a-container-to-gluetun#external-container-to-gluetun - cap_add: - - NET_ADMIN - devices: - - /dev/net/tun:/dev/net/tun - ports: - - 8888:8888/tcp # HTTP proxy - - 8388:8388/tcp # Shadowsocks - - 8388:8388/udp # Shadowsocks - volumes: - - /yourpath:/gluetun - environment: - # See https://github.com/qdm12/gluetun/wiki - - VPN_SERVICE_PROVIDER=ivpn - - VPN_TYPE=openvpn - # OpenVPN: - - OPENVPN_USER= - - OPENVPN_PASSWORD= - # Wireguard: - # - WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU= - # - WIREGUARD_ADDRESSES=10.64.222.21/32 - # Timezone for accurate log times - - TZ= - # Server list updater. See https://github.com/qdm12/gluetun/wiki/Updating-Servers#periodic-update - - UPDATER_PERIOD= - - UPDATER_VPN_SERVICE_PROVIDERS= -``` - -🆕 Image also available as `ghcr.io/qdm12/gluetun` - -## License - -[![MIT](https://img.shields.io/github/license/qdm12/gluetun)](https://github.com/qdm12/gluetun/master/LICENSE) +# Gluetun VPN client + +Lightweight swiss-knife-like VPN client to multiple VPN service providers + +![Title image](https://raw.githubusercontent.com/qdm12/gluetun/master/title.svg) + +[![Build status](https://github.com/qdm12/gluetun/actions/workflows/ci.yml/badge.svg)](https://github.com/qdm12/gluetun/actions/workflows/ci.yml) + +[![Docker pulls qmcgaw/gluetun](https://img.shields.io/docker/pulls/qmcgaw/gluetun.svg)](https://hub.docker.com/r/qmcgaw/gluetun) +[![Docker pulls qmcgaw/private-internet-access](https://img.shields.io/docker/pulls/qmcgaw/private-internet-access.svg)](https://hub.docker.com/r/qmcgaw/gluetun) + +[![Docker stars qmcgaw/gluetun](https://img.shields.io/docker/stars/qmcgaw/gluetun.svg)](https://hub.docker.com/r/qmcgaw/gluetun) +[![Docker stars qmcgaw/private-internet-access](https://img.shields.io/docker/stars/qmcgaw/private-internet-access.svg)](https://hub.docker.com/r/qmcgaw/gluetun) + +![Last release](https://img.shields.io/github/release/qdm12/gluetun?label=Last%20release) +![Last Docker tag](https://img.shields.io/docker/v/qmcgaw/gluetun?sort=semver&label=Last%20Docker%20tag) +[![Last release size](https://img.shields.io/docker/image-size/qmcgaw/gluetun?sort=semver&label=Last%20released%20image)](https://hub.docker.com/r/qmcgaw/gluetun/tags?page=1&ordering=last_updated) +![GitHub last release date](https://img.shields.io/github/release-date/qdm12/gluetun?label=Last%20release%20date) +![Commits since release](https://img.shields.io/github/commits-since/qdm12/gluetun/latest?sort=semver) + +[![Latest size](https://img.shields.io/docker/image-size/qmcgaw/gluetun/latest?label=Latest%20image)](https://hub.docker.com/r/qmcgaw/gluetun/tags) + +[![GitHub last commit](https://img.shields.io/github/last-commit/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/commits/master) +[![GitHub commit activity](https://img.shields.io/github/commit-activity/y/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/graphs/contributors) +[![GitHub closed PRs](https://img.shields.io/github/issues-pr-closed/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/pulls?q=is%3Apr+is%3Aclosed) +[![GitHub issues](https://img.shields.io/github/issues/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/issues) +[![GitHub closed issues](https://img.shields.io/github/issues-closed/qdm12/gluetun.svg)](https://github.com/qdm12/gluetun/issues?q=is%3Aissue+is%3Aclosed) + +[![Lines of code](https://img.shields.io/tokei/lines/github/qdm12/gluetun)](https://github.com/qdm12/gluetun) +![Code size](https://img.shields.io/github/languages/code-size/qdm12/gluetun) +![GitHub repo size](https://img.shields.io/github/repo-size/qdm12/gluetun) +![Go version](https://img.shields.io/github/go-mod/go-version/qdm12/gluetun) + +![Visitors count](https://visitor-badge.laobi.icu/badge?page_id=gluetun.readme) + +## Quick links + +- [Setup](#Setup) +- [Features](#Features) +- Problem? + - [Check the Wiki](https://github.com/qdm12/gluetun/wiki) + - [Start a discussion](https://github.com/qdm12/gluetun/discussions) + - [Fix the Unraid template](https://github.com/qdm12/gluetun/discussions/550) +- Suggestion? + - [Create an issue](https://github.com/qdm12/gluetun/issues) + - [Join the Slack channel](https://join.slack.com/t/qdm12/shared_invite/enQtOTE0NjcxNTM1ODc5LTYyZmVlOTM3MGI4ZWU0YmJkMjUxNmQ4ODQ2OTAwYzMxMTlhY2Q1MWQyOWUyNjc2ODliNjFjMDUxNWNmNzk5MDk) +- Happy? + - Sponsor me on [github.com/sponsors/qdm12](https://github.com/sponsors/qdm12) + - Donate to [paypal.me/qmcgaw](https://www.paypal.me/qmcgaw) + - Drop me [an email](mailto:quentin.mcgaw@gmail.com) +- **Want to add a VPN provider?** check [Development](https://github.com/qdm12/gluetun/wiki/Development) and [Add a provider](https://github.com/qdm12/gluetun/wiki/Add-a-provider) +- Video: + + [![Video Gif](https://i.imgur.com/CetWunc.gif)](https://youtu.be/0F6I03LQcI4) + +- [Substack Console interview](https://console.substack.com/p/console-72) + +## Features + +- Based on Alpine 3.17 for a small Docker image of 42MB +- Supports: **AirVPN**, **Cyberghost**, **ExpressVPN**, **FastestVPN**, **HideMyAss**, **IPVanish**, **IVPN**, **Mullvad**, **NordVPN**, **Perfect Privacy**, **Privado**, **Private Internet Access**, **PrivateVPN**, **ProtonVPN**, **PureVPN**, **SlickVPN**, **Surfshark**, **TorGuard**, **VPNSecure.me**, **VPNUnlimited**, **Vyprvpn**, **WeVPN**, **Windscribe** servers +- Supports OpenVPN for all providers listed +- Supports Wireguard both kernelspace and userspace + - For **Mullvad**, **Ivpn**, **Surfshark** and **Windscribe** + - For **ProtonVPN**, **PureVPN**, **Torguard**, **VPN Unlimited** and **WeVPN** using [the custom provider](https://github.com/qdm12/gluetun/wiki/Custom-provider) + - For custom Wireguard configurations using [the custom provider](https://github.com/qdm12/gluetun/wiki/Custom-provider) + - More in progress, see [#134](https://github.com/qdm12/gluetun/issues/134) +- DNS over TLS baked in with service provider(s) of your choice +- DNS fine blocking of malicious/ads/surveillance hostnames and IP addresses, with live update every 24 hours +- Choose the vpn network protocol, `udp` or `tcp` +- Built in firewall kill switch to allow traffic only with needed the VPN servers and LAN devices +- Built in Shadowsocks proxy (protocol based on SOCKS5 with an encryption layer, tunnels TCP+UDP) +- Built in HTTP proxy (tunnels HTTP and HTTPS through TCP) +- [Connect other containers to it](https://github.com/qdm12/gluetun/wiki/Connect-a-container-to-gluetun) +- [Connect LAN devices to it](https://github.com/qdm12/gluetun/wiki/Connect-a-LAN-device-to-gluetun) +- Compatible with amd64, i686 (32 bit), **ARM** 64 bit, ARM 32 bit v6 and v7, and even ppc64le 🎆 +- [Custom VPN server side port forwarding for Private Internet Access](https://github.com/qdm12/gluetun/wiki/Private-internet-access#vpn-server-port-forwarding) +- Possibility of split horizon DNS by selecting multiple DNS over TLS providers +- Unbound subprogram drops root privileges once launched +- Can work as a Kubernetes sidecar container, thanks @rorph + +## Setup + +🎉 There are now instructions specific to each VPN provider with examples to help you get started as quickly as possible! + +Go to the [Wiki](https://github.com/qdm12/gluetun/wiki)! + +[🐛 Found a bug in the Wiki?!](https://github.com/qdm12/gluetun/issues/new?assignees=&labels=%F0%9F%93%84+Wiki+issue&template=wiki+issue.yml&title=Wiki+issue%3A+) + +Here's a docker-compose.yml for the laziest: + +```yml +version: "3" +services: + gluetun: + image: qmcgaw/gluetun + # container_name: gluetun + # line above must be uncommented to allow external containers to connect. See https://github.com/qdm12/gluetun/wiki/Connect-a-container-to-gluetun#external-container-to-gluetun + cap_add: + - NET_ADMIN + devices: + - /dev/net/tun:/dev/net/tun + ports: + - 8888:8888/tcp # HTTP proxy + - 8388:8388/tcp # Shadowsocks + - 8388:8388/udp # Shadowsocks + volumes: + - /yourpath:/gluetun + environment: + # See https://github.com/qdm12/gluetun/wiki + - VPN_SERVICE_PROVIDER=ivpn + - VPN_TYPE=openvpn + # OpenVPN: + - OPENVPN_USER= + - OPENVPN_PASSWORD= + # Wireguard: + # - WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU= + # - WIREGUARD_ADDRESSES=10.64.222.21/32 + # Timezone for accurate log times + - TZ= + # Server list updater. See https://github.com/qdm12/gluetun/wiki/Updating-Servers#periodic-update + - UPDATER_PERIOD= + - UPDATER_VPN_SERVICE_PROVIDERS= +``` + +🆕 Image also available as `ghcr.io/qdm12/gluetun` + +## License + +[![MIT](https://img.shields.io/github/license/qdm12/gluetun)](https://github.com/qdm12/gluetun/master/LICENSE)