admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(env): Retro-compatible precedence order for variables with defaults set in Dockerfile

Browse Source 
- `BLOCK_NSA` has precedence over `BLOCK_SURVEILLANCE`
- `HEALTH_OPENVPN_DURATION_ADDITION` has precedence over `HEALTH_VPN_DURATION_ADDITION`
- `HEALTH_OPENVPN_DURATION_INITIAL` has precendence over `HEALTH_VPN_DURATION_INITIAL`
- Chain of precedence: `PROXY` > `TINYPROXY` > `HTTPPROXY`
- Chain of precedence: `PROXY_LOG_LEVEL` > `TINYPROXY_LOG` > `HTTPPROXY_LOG`
- `PROTOCOL` has precendence over `OPENVPN_PROTOCOL`
- `IP_STATUS_FILE` has precendence over `PUBLICIP_FILE`
- `SHADOWSOCKS_PORT` has precedence over `SHADOWSOCKS_LISTENING_ADDRESS`
- `SHADOWSOCKS_METHOD` has precedence over `SHADOWSOCKS_CIPHER`
This commit is contained in:
Quentin McGaw
2022-01-29 14:54:47 +00:00
parent fd23f1a29b
commit e7e4cfca4c
6 changed files with 43 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
internal/configuration/sources/env/dnsblacklist.go vendored
View File

@@ -36,21 +36,22 @@ func (r *Reader) readDNSBlacklist() (blacklist settings.DNSBlacklist, err error)
} }
func (r *Reader) readBlockSurveillance() (blocked *bool, err error) { func (r *Reader) readBlockSurveillance() (blocked *bool, err error) {
blocked, err = envToBoolPtr("BLOCK_SURVEILLANCE")
if err != nil {
return nil, fmt.Errorf("environment variable BLOCK_SURVEILLANCE: %w", err)
} else if blocked != nil {
return blocked, nil
}
blocked, err = envToBoolPtr("BLOCK_NSA") blocked, err = envToBoolPtr("BLOCK_NSA")
if err != nil { if err != nil {
r.onRetroActive("BLOCK_NSA", "BLOCK_SURVEILLANCE")
return nil, fmt.Errorf("environment variable BLOCK_NSA: %w", err) return nil, fmt.Errorf("environment variable BLOCK_NSA: %w", err)
} else if blocked != nil { } else if blocked != nil {
r.onRetroActive("BLOCK_NSA", "BLOCK_SURVEILLANCE") r.onRetroActive("BLOCK_NSA", "BLOCK_SURVEILLANCE")
return blocked, nil return blocked, nil
} }
blocked, err = envToBoolPtr("BLOCK_SURVEILLANCE")
if err != nil {
return nil, fmt.Errorf("environment variable BLOCK_SURVEILLANCE: %w", err)
}
return blocked, nil
}
return nil, nil //nolint:nilnil return nil, nil //nolint:nilnil
} }

5
internal/configuration/sources/env/health.go vendored
View File

@@ -30,12 +30,13 @@ func (r *Reader) ReadHealth() (health settings.Health, err error) {
} }
func (r *Reader) readDurationWithRetro(envKey, retroEnvKey string) (d *time.Duration, err error) { func (r *Reader) readDurationWithRetro(envKey, retroEnvKey string) (d *time.Duration, err error) {
s := os.Getenv(envKey) s := os.Getenv(retroEnvKey)
if s == "" { if s == "" {
s = os.Getenv(retroEnvKey) s = os.Getenv(envKey)
if s == "" { if s == "" {
return nil, nil //nolint:nilnil return nil, nil //nolint:nilnil
} }
} else {
r.onRetroActive(envKey, retroEnvKey) r.onRetroActive(envKey, retroEnvKey)
envKey = retroEnvKey envKey = retroEnvKey
} }

30
internal/configuration/sources/env/httproxy.go vendored
View File

@@ -93,12 +93,14 @@ func (r *Reader) readHTTProxyListeningAddress() (listeningAddress string) {
} }
func (r *Reader) readHTTProxyEnabled() (enabled *bool, err error) { func (r *Reader) readHTTProxyEnabled() (enabled *bool, err error) {
s := strings.ToLower(os.Getenv("HTTPPROXY")) // Retro-compatibility
s := strings.ToLower(os.Getenv("PROXY"))
if s != "" { if s != "" {
r.onRetroActive("PROXY", "HTTPPROXY")
enabled = new(bool) enabled = new(bool)
*enabled, err = binary.Validate(s) *enabled, err = binary.Validate(s)
if err != nil { if err != nil {
return nil, fmt.Errorf("environment variable HTTPPROXY: %w", err) return nil, fmt.Errorf("environment variable PROXY: %w", err)
} }
return enabled, nil return enabled, nil
} }
@@ -115,14 +117,12 @@ func (r *Reader) readHTTProxyEnabled() (enabled *bool, err error) {
return enabled, nil return enabled, nil
} }
// Retro-compatibility s = strings.ToLower(os.Getenv("HTTPPROXY"))
s = strings.ToLower(os.Getenv("PROXY"))
if s != "" { if s != "" {
r.onRetroActive("PROXY", "HTTPPROXY")
enabled = new(bool) enabled = new(bool)
*enabled, err = binary.Validate(s) *enabled, err = binary.Validate(s)
if err != nil { if err != nil {
return nil, fmt.Errorf("environment variable PROXY: %w", err) return nil, fmt.Errorf("environment variable HTTPPROXY: %w", err)
} }
return enabled, nil return enabled, nil
} }
@@ -131,18 +131,20 @@ func (r *Reader) readHTTProxyEnabled() (enabled *bool, err error) {
} }
func (r *Reader) readHTTProxyLog() (enabled *bool, err error) { func (r *Reader) readHTTProxyLog() (enabled *bool, err error) {
s := strings.ToLower(os.Getenv("HTTPPROXY_LOG")) // Retro-compatibility
retroOption := binary.OptionEnabled("on", "info", "connect", "notice")
s := strings.ToLower(os.Getenv("PROXY_LOG_LEVEL"))
if s != "" { if s != "" {
r.onRetroActive("PROXY_LOG_LEVEL", "HTTPPROXY_LOG")
enabled = new(bool) enabled = new(bool)
*enabled, err = binary.Validate(s) *enabled, err = binary.Validate(s, retroOption)
if err != nil { if err != nil {
return nil, fmt.Errorf("environment variable HTTPPROXY_LOG: %w", err) return nil, fmt.Errorf("environment variable PROXY_LOG_LEVEL: %w", err)
} }
return enabled, nil return enabled, nil
} }
// Retro-compatibility // Retro-compatibility
retroOption := binary.OptionEnabled("on", "info", "connect", "notice")
s = strings.ToLower(os.Getenv("TINYPROXY_LOG")) s = strings.ToLower(os.Getenv("TINYPROXY_LOG"))
if s != "" { if s != "" {
r.onRetroActive("TINYPROXY_LOG", "HTTPPROXY_LOG") r.onRetroActive("TINYPROXY_LOG", "HTTPPROXY_LOG")
@@ -154,14 +156,12 @@ func (r *Reader) readHTTProxyLog() (enabled *bool, err error) {
return enabled, nil return enabled, nil
} }
// Retro-compatibility s = strings.ToLower(os.Getenv("HTTPPROXY_LOG"))
s = strings.ToLower(os.Getenv("PROXY_LOG_LEVEL"))
if s != "" { if s != "" {
r.onRetroActive("PROXY_LOG_LEVEL", "HTTPPROXY_LOG")
enabled = new(bool) enabled = new(bool)
*enabled, err = binary.Validate(s, retroOption) *enabled, err = binary.Validate(s)
if err != nil { if err != nil {
return nil, fmt.Errorf("environment variable PROXY_LOG_LEVEL: %w", err) return nil, fmt.Errorf("environment variable HTTPPROXY_LOG: %w", err)
} }
return enabled, nil return enabled, nil
} }

13
internal/configuration/sources/env/openvpnselection.go vendored
View File

@@ -36,16 +36,17 @@ func (r *Reader) readOpenVPNSelection() (
var ErrOpenVPNProtocolNotValid = errors.New("OpenVPN protocol is not valid") var ErrOpenVPNProtocolNotValid = errors.New("OpenVPN protocol is not valid")
func (r *Reader) readOpenVPNProtocol() (tcp *bool, err error) { func (r *Reader) readOpenVPNProtocol() (tcp *bool, err error) {
envKey := "OPENVPN_PROTOCOL"
protocol := strings.ToLower(os.Getenv("OPENVPN_PROTOCOL"))
if protocol == "" {
// Retro-compatibility // Retro-compatibility
protocol = strings.ToLower(os.Getenv("PROTOCOL")) envKey := "PROTOCOL"
protocol := strings.ToLower(os.Getenv("PROTOCOL"))
if protocol == "" {
protocol = strings.ToLower(os.Getenv("OPENVPN_PROTOCOL"))
if protocol != "" { if protocol != "" {
envKey = "PROTOCOL" envKey = "OPENVPN_PROTOCOL"
}
} else {
r.onRetroActive("PROTOCOL", "OPENVPN_PROTOCOL") r.onRetroActive("PROTOCOL", "OPENVPN_PROTOCOL")
} }
}
switch protocol { switch protocol {
case "": case "":

12
internal/configuration/sources/env/publicip.go vendored
View File

@@ -35,17 +35,17 @@ func readPublicIPPeriod() (period *time.Duration, err error) {
} }
func (r *Reader) readPublicIPFilepath() (filepath *string) { func (r *Reader) readPublicIPFilepath() (filepath *string) {
s := os.Getenv("PUBLICIP_FILE")
if s != "" {
return &s
}
// Retro-compatibility // Retro-compatibility
s = os.Getenv("IP_STATUS_FILE") s := os.Getenv("IP_STATUS_FILE")
if s != "" { if s != "" {
r.onRetroActive("IP_STATUS_FILE", "PUBLICIP_FILE") r.onRetroActive("IP_STATUS_FILE", "PUBLICIP_FILE")
return &s return &s
} }
s = os.Getenv("PUBLICIP_FILE")
if s != "" {
return &s
}
return nil return nil
} }

15
internal/configuration/sources/env/shadowsocks.go vendored
View File

@@ -25,11 +25,6 @@ func (r *Reader) readShadowsocks() (shadowsocks settings.Shadowsocks, err error)
} }
func (r *Reader) readShadowsocksAddress() (address string) { func (r *Reader) readShadowsocksAddress() (address string) {
address = os.Getenv("SHADOWSOCKS_LISTENING_ADDRESS")
if address != "" {
return address
}
// Retro-compatibility // Retro-compatibility
portString := os.Getenv("SHADOWSOCKS_PORT") portString := os.Getenv("SHADOWSOCKS_PORT")
if portString != "" { if portString != "" {
@@ -37,18 +32,16 @@ func (r *Reader) readShadowsocksAddress() (address string) {
return ":" + portString return ":" + portString
} }
return "" return os.Getenv("SHADOWSOCKS_LISTENING_ADDRESS")
} }
func (r *Reader) readShadowsocksCipher() (cipher string) { func (r *Reader) readShadowsocksCipher() (cipher string) {
cipher = os.Getenv("SHADOWSOCKS_CIPHER")
if cipher != "" {
return cipher
}
// Retro-compatibility // Retro-compatibility
cipher = os.Getenv("SHADOWSOCKS_METHOD") cipher = os.Getenv("SHADOWSOCKS_METHOD")
if cipher != "" { if cipher != "" {
r.onRetroActive("SHADOWSOCKS_METHOD", "SHADOWSOCKS_CIPHER") r.onRetroActive("SHADOWSOCKS_METHOD", "SHADOWSOCKS_CIPHER")
}
return cipher return cipher
}
return os.Getenv("SHADOWSOCKS_CIPHER")
} }