admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,011 Commits 18 Branches 75 Tags
01e9274f7b232089ffb75b62c17e7d9752181512
Commit Graph

2011 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin McGaw
a61302f135 feat(publicip): resilient public ip fetcher (#2518) 
- `PUBLICIP_API` accepts a comma separated list of ip data sources, where the first one is the base default one, and sources after it are backup sources used if we are rate limited.
- `PUBLICIP_API` defaults to `ipinfo,ifconfigco,ip2location,cloudflare` such that it now has `ifconfigco,ip2location,cloudflare` as backup ip data sources.
- `PUBLICIP_API_TOKEN` accepts a comma separated list of ip data source tokens, each corresponding by position to the APIs listed in `PUBLICIP_API`.
- logs ip data source when logging public ip information
- assume a rate limiting error is for 30 days (no persistence)
- ready for future live settings updates
  - consider an ip data source no longer banned if the token changes
  - keeps track of ban times when updating the list of fetchers
 2024-10-19 15:21:14 +02:00
Quentin McGaw
3dfb43e117 chore(netlink): debug log ip rule commands in netlink instead of routing package 2024-10-19 12:43:26 +00:00
Quentin McGaw
2388e0550b hotfix(publicip): return an error if trying to use cloudflare as ip provider for updating servers data 2024-10-11 21:57:25 +00:00
Quentin McGaw
a7d70dd9a3 fix(publicip): lock settings during entire update 
- to prevent race conditions when data is cleared when vpn goes down
 2024-10-11 21:24:18 +00:00
Quentin McGaw
76a4bb5dc3 chore: use gofumpt for code formatting 2024-10-11 19:27:29 +00:00
Quentin McGaw
3daf15a612 chore(lint): fix gopls govet errors 2024-10-11 19:14:50 +00:00
Quentin McGaw
81ffbaf057 feat(build): upgrade Go from 1.22 to 1.23 2024-10-11 18:58:10 +00:00
Quentin McGaw
abe9dcbe33 chore(lint): add new linters and update codebase 
- add canonicalheader
- add copyloopvar
- add fatcontext
- add intrange
 2024-10-11 18:28:00 +00:00
Quentin McGaw
3c8e80a1a4 chore(lint): upgrade linter from v1.56.2 to v1.61.0 
- Remove no longer needed exclude rules
- Add new exclude rules for printf govet errors
- Remove deprecated linters `execinquery` and `exportloopref`
- Rename linter `goerr113` to `err113`
- Rename linter `gomnd` to `mnd`
 2024-10-11 18:05:54 +00:00
Quentin McGaw
694988b32f chore(devcontainer): drop requirement for docker-compose and use devcontainer.json settings directly 2024-10-10 08:34:56 +00:00
Quentin McGaw
ea31886299 docs(devcontainer): update readme 
- remove Windows without WSL step
- update 'remote containers extension' to 'dev containers extension'
- remove invalid warning on directories creation
- simplify customizations section
  - remove "publish a port" since it can be done at runtime now
  - remove "run other services" since it's rather unneeded in this case
  - expand documentation on custom welcome script and where to specify the bind mount
    - use bullet points instead of subsections headings
 2024-10-10 08:33:33 +00:00
Quentin McGaw
5b2923ca65 feat(publicip): add ifconfigco option 2024-10-08 19:03:10 +00:00
Quentin McGaw
432eaa6c04 feat(vpn): run WaitForDNS before querying the public ip address 
- Fix #2325 better
 2024-10-08 11:30:35 +00:00
Quentin McGaw
5fd0af9395 feat(publicip): retry fetching information when connection refused error is encountered 
- Fix #2325
 2024-10-08 11:30:35 +00:00
Quentin McGaw
03deb9aed0 feat(publicip): PUBLICIP_ENABLED replaces PUBLICIP_PERIOD 
- No point periodically fetch the public IP address. Could not find anything mentioning why this was added.
- Simplification of the publicip loop code
- `PUBLICIP_ENABLED` (on, off) can be set to enable or not public ip data fetching on VPN connection
- `PUBLICIP_PERIOD=0` still works to indicate to disable public ip fetching
- `PUBLICIP_PERIOD` != 0 means to enable public ip fetching
- Warnings logged when using `PUBLICIP_PERIOD`
 2024-10-08 11:30:31 +00:00
Jeremy Lin
cbdd1a933c feat(publicip): cloudflare API support (#2502) 2024-10-06 15:30:33 +02:00
Quentin McGaw
99e9bc87cf fix(firewall): deduplicate VPN address accept rule for multiple default routes with the same network interface 2024-10-06 09:48:07 +00:00
Quentin McGaw
9ef14ee070 fix(firewall): deduplicate ipv6 multicast output accept rules 2024-10-06 09:46:47 +00:00
Quentin McGaw
7842ff4cdc fix(firewall): ipv6 multicast output address value 2024-10-06 09:28:39 +00:00
Quentin McGaw
3d6d03b327 fix(firewall): log warning if ipv6 nat filter not supported instead of returning an error 
- Allow to port forward redirect for IPv4 and not IPv6 if IPv6 NAT is not supported
- Fix #2503
 2024-10-05 07:52:30 +00:00
Quentin McGaw
7ebbaf4351 docs(Dockerfile): add OPENVPN_MSSFIX environment variable 2024-09-29 18:01:20 +00:00
Quentin McGaw
c665b13cec fix(settings): prevent using FREE_ONLY and PORT_FORWARD_ONLY together with protonvpn (see #2470) 2024-09-28 17:51:47 +00:00
Quentin McGaw
970b21a6eb docs(Dockerfile): add missing option definitions 
- `STREAM_ONLY`
- `FREE_ONLY`
- Document `PORT_FORWARD_ONLY` is for both PIA and ProtonVPN
 2024-09-28 17:49:03 +00:00
Quentin McGaw
62747f1eb8 fix(storage): add missing selection fields to build noServerFoundError 
- `STREAM_ONLY`, `PORT_FORWARD_ONLY`, `SECURE_CORE_ONLY`, `TOR_ONLY` and target ip options affected
- Refers to issue #2470
 2024-09-28 17:47:56 +00:00
Quentin McGaw
a2e76e1683 feat(server): role based authentication system (#2434) 
- Parse toml configuration file, see https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/control-server.md#authentication
- Retro-compatible with existing AND documented routes, until after v3.41 release
- Log a warning if an unprotected-by-default route is accessed unprotected
- Authentication methods: none, apikey, basic
- `genkey` command to generate API keys

Co-authored-by: Joe Jose <45399349+joejose97@users.noreply.github.com>
 2024-09-18 13:29:36 +02:00
Quentin McGaw
07651683f9 feat(providers): add giganews support (#2479) 2024-09-18 13:01:37 +02:00
Quentin McGaw
429aea8e0f docs(github): change and add labels 
- change "config problem" to "user error"
- add "performance" category
- add "investigation" category
 2024-08-25 07:06:33 +00:00
Quentin McGaw
01fa9934bc hotfix(routing): detect vpn local gateway with new routes listing 2024-08-25 07:01:33 +00:00
Quentin McGaw
ff7cadb43b chore(server): move log middleware to internal/server/middlewares/log 2024-08-23 13:46:52 +00:00
Quentin McGaw
540acc915d chore(deps): upgrade vishvananda/netlink from v1.2.1-beta.2 to v1.2.1 2024-08-23 13:46:09 +00:00
dependabot[bot]
703a546c1d Chore(deps): Bump google.golang.org/protobuf from 1.30.0 to 1.33.0 (#2428) 2024-08-22 17:24:39 +02:00
Quentin McGaw
4851bd70da chore(deps): remove qdm12/golibs dependency 
- Implement friendly duration formatting locally
 2024-08-21 13:27:30 +00:00
Quentin McGaw
a2b3d7e30c chore(deps): implement github.com/qdm12/golibs/command locally (#2418) 2024-08-21 15:21:31 +02:00
Quentin McGaw
4d60b71583 feat(dns): replace unbound with qdm12/dns@v2.0.0-beta-rc6 (#1742) 
- Faster start up
- Clearer error messages
- Allow for more Gluetun-specific customization
- DNSSEC validation is dropped for now (it's sort of unneeded)
- Fix #137
 2024-08-21 14:35:41 +02:00
Quentin McGaw
3f130931d2 hotfix(firewall): fix ip prefix parsing for ipv6 (again) 2024-08-19 17:06:45 +00:00
Quentin McGaw
946f055fed hotfix(firewall): handle iptables CIDR ranges with 3 digits for IPv6 2024-08-19 14:02:53 +00:00
Quentin McGaw
eaece0cb8e fix(ivpn): split city into city and region 
- Fix bad city values containing a comma
- update ivpn servers data
 2024-08-19 03:10:53 +00:00
Quentin McGaw
4203f4fabf fix(nordvpn): remove commas from region values 2024-08-19 03:08:14 +00:00
Quentin McGaw
c39edb6378 fix(pia): support port forwarding using Wireguard (#2420) 
- Build API IP address using the first 2 bytes of the gateway IP and adding `128.1` to it
- API IP address is valid for both OpenVPN and Wireguard
- Fix #2320
 2024-08-19 03:19:16 +02:00
Quentin McGaw
b3cc2781ff hotfix(config): fix missing test lines for previous commit 2024-08-19 01:00:30 +00:00
Jean-François Roy
12c411e203 feat(storage): STORAGE_FILEPATH option (#2416) 
- `STORAGE_FILEPATH=` disables storing to and reading from a local servers.json file
- `STORAGE_FILEPATH` defaults to `/gluetun/servers.json`
- Fix #2074
 2024-08-19 02:26:46 +02:00
Quentin McGaw
3bf937d705 feat(privado): update servers data 2024-08-18 23:29:10 +00:00
Quentin McGaw
bc55c25e73 fix(firewall): delete chain rules by line number (#2411) 
- Fix #2334 
- Parsing of iptables chains, contributing to progress for #1856
 2024-08-17 20:12:22 +02:00
Quentin McGaw
897a9d7f57 feat(config): allow invalid server filters (#2419) 
- Disallow setting a server filter when there is no choice available
- Allow setting an invalid server filter when there is at least one choice available
- Log at warn level when an invalid server filter is set
- Fix #2337
 2024-08-17 12:01:26 +02:00
Quentin McGaw
4a128677dd chore(github): add 2 labels 
- servers storage category
- nearly resolved status
 2024-08-17 10:00:23 +00:00
Quentin McGaw
9233f3f5ba feat(pia/updater): use v6 API to get servers data 2024-08-16 12:40:22 +00:00
Quentin McGaw
11c2354408 feat(privatevpn): native port forwarding support (#2285) 2024-08-16 14:20:00 +02:00
Quentin McGaw
1f2882434a feat(format-servers): add json format option 2024-08-16 10:14:06 +00:00
dependabot[bot]
01aaf2c86a Chore(deps): Bump golang.org/x/net from 0.25.0 to 0.28.0 (#2401) 2024-08-09 11:35:01 +02:00
dependabot[bot]
d260ac7a49 Chore(deps): Bump golang.org/x/text from 0.15.0 to 0.17.0 (#2400) 2024-08-09 11:34:47 +02:00