admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,953 Commits 18 Branches 75 Tags
3c8e80a1a4c60636dded1da536a7e65f0c3e94f4
Commit Graph

308 Commits

Author SHA1 Message Date
Quentin McGaw
3c8e80a1a4 chore(lint): upgrade linter from v1.56.2 to v1.61.0 
- Remove no longer needed exclude rules
- Add new exclude rules for printf govet errors
- Remove deprecated linters `execinquery` and `exportloopref`
- Rename linter `goerr113` to `err113`
- Rename linter `gomnd` to `mnd`
 2024-10-11 18:05:54 +00:00
Quentin McGaw
03deb9aed0 feat(publicip): PUBLICIP_ENABLED replaces PUBLICIP_PERIOD 
- No point periodically fetch the public IP address. Could not find anything mentioning why this was added.
- Simplification of the publicip loop code
- `PUBLICIP_ENABLED` (on, off) can be set to enable or not public ip data fetching on VPN connection
- `PUBLICIP_PERIOD=0` still works to indicate to disable public ip fetching
- `PUBLICIP_PERIOD` != 0 means to enable public ip fetching
- Warnings logged when using `PUBLICIP_PERIOD`
 2024-10-08 11:30:31 +00:00
Quentin McGaw
7ebbaf4351 docs(Dockerfile): add OPENVPN_MSSFIX environment variable 2024-09-29 18:01:20 +00:00
Quentin McGaw
970b21a6eb docs(Dockerfile): add missing option definitions 
- `STREAM_ONLY`
- `FREE_ONLY`
- Document `PORT_FORWARD_ONLY` is for both PIA and ProtonVPN
 2024-09-28 17:49:03 +00:00
Quentin McGaw
a2e76e1683 feat(server): role based authentication system (#2434) 
- Parse toml configuration file, see https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/control-server.md#authentication
- Retro-compatible with existing AND documented routes, until after v3.41 release
- Log a warning if an unprotected-by-default route is accessed unprotected
- Authentication methods: none, apikey, basic
- `genkey` command to generate API keys

Co-authored-by: Joe Jose <45399349+joejose97@users.noreply.github.com>
 2024-09-18 13:29:36 +02:00
Quentin McGaw
4d60b71583 feat(dns): replace unbound with qdm12/dns@v2.0.0-beta-rc6 (#1742) 
- Faster start up
- Clearer error messages
- Allow for more Gluetun-specific customization
- DNSSEC validation is dropped for now (it's sort of unneeded)
- Fix #137
 2024-08-21 14:35:41 +02:00
Jean-François Roy
12c411e203 feat(storage): STORAGE_FILEPATH option (#2416) 
- `STORAGE_FILEPATH=` disables storing to and reading from a local servers.json file
- `STORAGE_FILEPATH` defaults to `/gluetun/servers.json`
- Fix #2074
 2024-08-19 02:26:46 +02:00
Quentin McGaw
5191f3558f hotfix(protonvpn): drop P2P_ONLY in favor of PORT_FORWARD_ONLY 2024-07-31 14:29:31 +00:00
Koen van Zuijlen
cb99f90bb5 feat(protonvpn): feature filters (#2182) 
- `SECURE_CORE_ONLY`
- `TOR_ONLY`
- `P2P_ONLY`
 2024-07-29 08:57:31 +02:00
Quentin McGaw
26705f5a23 hotfix(firewall): re-add iptables-legacy for setups with nft kernel support 2024-07-29 05:43:34 +00:00
Quentin McGaw
ddbfdc9f14 feat(firewall): prefer using iptables nft instead of legacy 2024-07-28 14:29:00 +00:00
Quentin McGaw
9807d5f8f5 feat(docker): bump Alpine from 3.19 to 3.20 
- Fix iptables and iptables-nft behavior
- Address systems not supporting iptables-legacy, see #2304
 2024-07-28 12:43:33 +00:00
Quentin McGaw
921992ebc7 chore(build): do not upgrade busybox since vulnerabilities are fixed now 2024-07-28 12:41:54 +00:00
Quentin McGaw
36c8da7ea7 hotfix(config): split common VPN options per VPN type 
- Split `VPN_ENDPOINT_IP` in `OPENVPN_ENDPOINT_IP` and `WIREGUARD_ENDPOINT_IP`
- Split `VPN_ENDPOINT_PORT` in `OPENVPN_ENDPOINT_PORT` and `WIREGUARD_ENDPOINT_PORT`
- Fixes bad usage of Wireguard config file endpoint for OpenVPN #2347
 2024-07-27 10:42:01 +00:00
Quentin McGaw
e7381b3800 chore(config): rename FIREWALL to FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT 2024-07-26 08:25:05 +00:00
Quentin McGaw
0501743814 feat(pia): port forwarding options VPN_PORT_FORWARDING_USERNAME and VPN_PORT_FORWARDING_PASSWORD 
- Retro-compatible with `OPENVPN_USER` + `OPENVPN_PASSWORD`
- No more reading for the OpenVPN auth file
- Allow to use PIA port forwarding with Wireguard
 2024-07-09 14:44:46 +00:00
Quentin McGaw
1e25372189 fix(health): docker healthcheck has 3 retries 2024-05-10 14:31:01 +00:00
Quentin McGaw
fb145d68a0 hotfix(firewall): support iptables-legacy for older kernels 2024-05-02 16:54:29 +00:00
Quentin McGaw
e0a977cf83 change(openvpn): default upgraded from 2.5 to 2.6 2024-05-02 08:13:51 +00:00
Quentin McGaw
4d002a3ad6 feat(docker): bump Alpine from 3.18 to 3.19 2024-05-02 07:43:05 +00:00
Quentin McGaw
c87c0e12fe feat(wireguard): WIREGUARD_PERSISTENT_KEEPALIVE_INTERVAL option 2024-04-25 10:44:13 +00:00
Quentin McGaw
3e79509c97 chore(build): bump Go from 1.21 to 1.22 2024-03-25 18:44:44 +00:00
Adam Hebden
b3ceece779 feat(nordvpn): filter with SERVER_CATEGORIES (#1806) 
- update NordVPN servers data built-in
 2024-03-22 10:02:31 +01:00
Quentin McGaw
c0621bf381 chore(lint): upgrade linter to v1.56.2 2024-03-21 17:02:11 +00:00
Dennis Gaida
fb00fb16c2 feat(settings): load wireguard individual fields as secret files (#1348) 
- Private key from `/run/secrets/wireguard_private_key` (path configurable with `WIREGUARD_PRIVATE_KEY_SECRETFILE`)
- Preshared key from `/run/secrets/wireguard_preshared_key` (path configurable with `WIREGUARD_PRESHARED_KEY_SECRETFILE`)
- Addresses from `/run/secrets/wireguard_addresses` (path configurable with `WIREGUARD_ADDRESSES_SECRETFILE`)
 2024-03-21 10:08:41 +01:00
Quentin McGaw
6096b7ad4b feat(config): read Wireguard config from secret 
- defaults to `/run/secrets/wg0.conf`
- can be changed with variable `WIREGUARD_CONF_SECRETFILE`
 2024-03-21 08:18:14 +00:00
Anton Nesterov
b51aa0c6b9 feat(pia): PORT_FORWARD_ONLY variable (#2070) 2024-03-18 18:40:09 +01:00
Quentin McGaw
423a5c37e0 feat(publicip): PUBLICIP_API variable supporting ipinfo and ip2location 2024-02-14 07:36:45 +00:00
Quentin McGaw
6a6337b98f feat(publicip/ipinfo): add PUBLICIP_API_TOKEN variable 2024-02-13 10:55:06 +00:00
Quentin McGaw
4105f74ce1 feat(portforward): port redirection with VPN_PORT_FORWARDING_LISTENING_PORT 2023-11-23 08:37:43 +00:00
Quentin McGaw
ffc6d2e593 chore(lint): upgrade linter to v1.54.1 2023-09-20 09:34:32 +00:00
Quentin McGaw
03ce08e23d chore(build): upgrade Go to 1.21 2023-09-20 09:34:29 +00:00
Quentin McGaw
919b55c3aa feat(wireguard): WIREGUARD_ALLOWED_IPS variable (#1291) 2023-07-06 09:08:59 +02:00
Quentin McGaw
fae6544431 feat(pf): VPN_PORT_FORWARDING_PROVIDER variable (#1616) 2023-06-30 19:24:01 +02:00
Quentin McGaw
fbe252a9b6 chore(Docker): add missing environment variables 
- `OPENVPN_PROCESS_USER` defaults to `root`
- Add `HTTPPROXY_STEALTH=off`
- Add `HTTP_CONTROL_SERVER_LOG=on`
 2023-06-29 16:20:25 +00:00
Quentin McGaw
2ec9293324 feat(wireguard): MTU defaults to 1400 instead of 1420 2023-06-08 09:50:21 +00:00
Quentin McGaw
c58d6d4de2 chore(lint): upgrade to v1.53.2 and add linters 
- gosmopolitan
- mirror
- tagalign
- zerologlint
 2023-06-08 07:43:30 +00:00
Quentin McGaw
86f95cb390 chore(docker): bump Alpine from 3.17 to 3.18 2023-05-21 13:25:01 +00:00
Quentin McGaw
3b807e2ca9 feat(openvpn): add support for openvpn 2.6 2023-05-21 13:23:51 +00:00
Quentin McGaw
e8f2296a0d change(openvpn): Openvpn 2.4 no longer supported 2023-05-21 13:20:02 +00:00
Lars Haalck
1dd38bc658 feat(wireguard): WIREGUARD_MTU enviromnent variable (#1571) 2023-05-21 15:11:07 +02:00
Quentin McGaw
b6c8399c3b feat(health): HEALTH_SUCCESS_WAIT_DURATION 2023-05-07 09:35:51 +00:00
Quentin McGaw
67bd1171ae feat(env): rename vpn port forwarding variables 
- `VPN_PORT_FORWARDING_STATUS_FILE`
- `VPN_PORT_FORWARDING`
- Deprecate PIA specific variables for VPN port forwarding
 2023-04-27 10:23:55 +00:00
Quentin McGaw
723d0f5e12 chore(lint): upgrade from v1.51.2 to v1.52.2 2023-04-12 09:40:00 +00:00
Quentin McGaw
8bfa2f9b27 chore(docker): loosen pin for openssl 1.1 
- Credits to @kylemanna
 2023-04-03 08:21:58 +00:00
Quentin McGaw
fe2a3e4d11 chore(docker): remove no longer needed apk-tools 2023-04-03 08:20:08 +00:00
Quentin McGaw
b0451d8e50 feat(docker): install full-featured wget 
- Fixes #1260, #1494
- Does not spawn openssl zombie processes
 2023-04-03 08:10:48 +00:00
Quentin McGaw
0f4a2e5224 hotfix(deps): bump old openssl to 1.1.1t-r2 2023-03-31 09:34:33 +00:00
Quentin McGaw
5607916af6 hotfix: bump old openssl to 1.1.1t-r1 2023-03-23 16:36:14 +00:00
Quentin McGaw
e955adc1e1 hotfix: install older openssh for openvpn 2.4 2023-02-27 05:21:42 +00:00