admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,024 Commits 18 Branches 75 Tags
ccc2f306b995ea34af5a23c6d93fd82c557fe626
Commit Graph

333 Commits

Author SHA1 Message Date
Quentin McGaw
8bef380d8c Fix unit test 2025-10-06 09:57:15 +00:00
Quentin McGaw
162d244865 Use PMTUD to set the MTU to the VPN interface 
- Add `VPN_PMTUD` option enabled by default
- One can revert to use `VPN_PMTUD=off` to disable the new PMTUD mechanism
 2025-10-06 09:57:15 +00:00
Quentin McGaw
b0c4a28be6 chore(lint): upgrade linter to v2.4.0 
- migrate configuration file
- fix existing code issues
- add exclusion rules
- update linter names
 2025-08-16 20:10:19 +00:00
Quentin McGaw
0374c14e42 feat(portforwarding): VPN_PORT_FORWARDING_DOWN_COMMAND option 2024-11-10 10:18:29 +00:00
Alex Lavallee
a035a151bd feat(portforwarding): allow running script upon port forwarding success (#2399) 2024-11-10 09:49:02 +01:00
Quentin McGaw
c655500045 fix(wireguard): change default WIREGUARD_MTU from 1400 to 1320 
- Partially address #2533
 2024-11-05 09:57:03 +00:00
Quentin McGaw
a61302f135 feat(publicip): resilient public ip fetcher (#2518) 
- `PUBLICIP_API` accepts a comma separated list of ip data sources, where the first one is the base default one, and sources after it are backup sources used if we are rate limited.
- `PUBLICIP_API` defaults to `ipinfo,ifconfigco,ip2location,cloudflare` such that it now has `ifconfigco,ip2location,cloudflare` as backup ip data sources.
- `PUBLICIP_API_TOKEN` accepts a comma separated list of ip data source tokens, each corresponding by position to the APIs listed in `PUBLICIP_API`.
- logs ip data source when logging public ip information
- assume a rate limiting error is for 30 days (no persistence)
- ready for future live settings updates
  - consider an ip data source no longer banned if the token changes
  - keeps track of ban times when updating the list of fetchers
 2024-10-19 15:21:14 +02:00
Quentin McGaw
76a4bb5dc3 chore: use gofumpt for code formatting 2024-10-11 19:27:29 +00:00
Quentin McGaw
3daf15a612 chore(lint): fix gopls govet errors 2024-10-11 19:14:50 +00:00
Quentin McGaw
abe9dcbe33 chore(lint): add new linters and update codebase 
- add canonicalheader
- add copyloopvar
- add fatcontext
- add intrange
 2024-10-11 18:28:00 +00:00
Quentin McGaw
3c8e80a1a4 chore(lint): upgrade linter from v1.56.2 to v1.61.0 
- Remove no longer needed exclude rules
- Add new exclude rules for printf govet errors
- Remove deprecated linters `execinquery` and `exportloopref`
- Rename linter `goerr113` to `err113`
- Rename linter `gomnd` to `mnd`
 2024-10-11 18:05:54 +00:00
Quentin McGaw
5b2923ca65 feat(publicip): add ifconfigco option 2024-10-08 19:03:10 +00:00
Quentin McGaw
03deb9aed0 feat(publicip): PUBLICIP_ENABLED replaces PUBLICIP_PERIOD 
- No point periodically fetch the public IP address. Could not find anything mentioning why this was added.
- Simplification of the publicip loop code
- `PUBLICIP_ENABLED` (on, off) can be set to enable or not public ip data fetching on VPN connection
- `PUBLICIP_PERIOD=0` still works to indicate to disable public ip fetching
- `PUBLICIP_PERIOD` != 0 means to enable public ip fetching
- Warnings logged when using `PUBLICIP_PERIOD`
 2024-10-08 11:30:31 +00:00
Quentin McGaw
c665b13cec fix(settings): prevent using FREE_ONLY and PORT_FORWARD_ONLY together with protonvpn (see #2470) 2024-09-28 17:51:47 +00:00
Quentin McGaw
a2e76e1683 feat(server): role based authentication system (#2434) 
- Parse toml configuration file, see https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/control-server.md#authentication
- Retro-compatible with existing AND documented routes, until after v3.41 release
- Log a warning if an unprotected-by-default route is accessed unprotected
- Authentication methods: none, apikey, basic
- `genkey` command to generate API keys

Co-authored-by: Joe Jose <45399349+joejose97@users.noreply.github.com>
 2024-09-18 13:29:36 +02:00
Quentin McGaw
07651683f9 feat(providers): add giganews support (#2479) 2024-09-18 13:01:37 +02:00
Quentin McGaw
4d60b71583 feat(dns): replace unbound with qdm12/dns@v2.0.0-beta-rc6 (#1742) 
- Faster start up
- Clearer error messages
- Allow for more Gluetun-specific customization
- DNSSEC validation is dropped for now (it's sort of unneeded)
- Fix #137
 2024-08-21 14:35:41 +02:00
Quentin McGaw
c39edb6378 fix(pia): support port forwarding using Wireguard (#2420) 
- Build API IP address using the first 2 bytes of the gateway IP and adding `128.1` to it
- API IP address is valid for both OpenVPN and Wireguard
- Fix #2320
 2024-08-19 03:19:16 +02:00
Quentin McGaw
b3cc2781ff hotfix(config): fix missing test lines for previous commit 2024-08-19 01:00:30 +00:00
Jean-François Roy
12c411e203 feat(storage): STORAGE_FILEPATH option (#2416) 
- `STORAGE_FILEPATH=` disables storing to and reading from a local servers.json file
- `STORAGE_FILEPATH` defaults to `/gluetun/servers.json`
- Fix #2074
 2024-08-19 02:26:46 +02:00
Quentin McGaw
897a9d7f57 feat(config): allow invalid server filters (#2419) 
- Disallow setting a server filter when there is no choice available
- Allow setting an invalid server filter when there is at least one choice available
- Log at warn level when an invalid server filter is set
- Fix #2337
 2024-08-17 12:01:26 +02:00
Quentin McGaw
11c2354408 feat(privatevpn): native port forwarding support (#2285) 2024-08-16 14:20:00 +02:00
Quentin McGaw
ac9446e296 feat(protonvpn): Wireguard support (#2390) 2024-08-03 16:10:35 +02:00
Quentin McGaw
5d75bbc869 feat(config): only use port forwarding servers when port forwarding is enabled for ProtonVPN and PIA 2024-07-31 14:49:33 +00:00
Quentin McGaw
72e227f87d fix(config): log out if port forwarding only servers is enabled 2024-07-31 14:44:19 +00:00
Quentin McGaw
c5c37e7f96 hotfix(protonvpn): port forward only option 
- Allow to use with Protonvpn (not just PIA)
- Update code comments
- Check server supports port forwarding when invoking port forward code
 2024-07-31 14:43:59 +00:00
Quentin McGaw
5191f3558f hotfix(protonvpn): drop P2P_ONLY in favor of PORT_FORWARD_ONLY 2024-07-31 14:29:31 +00:00
Quentin McGaw
13ffffb157 feat(fastestvpn): Wireguard support (#2383) 
Credits to @Zerauskire for the initial investigation and @jvanderzande for an initial implementation as well as reviewing the pull request
 2024-07-31 16:16:50 +02:00
Quentin McGaw
7bc2972b27 feat(perfectprivacy): port forwarding support (#2378) 2024-07-30 22:00:26 +02:00
Koen van Zuijlen
cb99f90bb5 feat(protonvpn): feature filters (#2182) 
- `SECURE_CORE_ONLY`
- `TOR_ONLY`
- `P2P_ONLY`
 2024-07-29 08:57:31 +02:00
Quentin McGaw
2bf2525bc5 chore(config): split server filter validation for features and subscription tier 
- `validateSubscriptionTierFilters` function
- `validateFeatureFilters` function
- idea introduced in #2182
 2024-07-29 06:18:28 +00:00
Quentin McGaw
36c8da7ea7 hotfix(config): split common VPN options per VPN type 
- Split `VPN_ENDPOINT_IP` in `OPENVPN_ENDPOINT_IP` and `WIREGUARD_ENDPOINT_IP`
- Split `VPN_ENDPOINT_PORT` in `OPENVPN_ENDPOINT_PORT` and `WIREGUARD_ENDPOINT_PORT`
- Fixes bad usage of Wireguard config file endpoint for OpenVPN #2347
 2024-07-27 10:42:01 +00:00
Quentin McGaw
a03041cfea hotfix(config): do not log retro-compat warning when using OPENVPN_USER or OPENVPN_PASSWORD 2024-07-26 08:42:32 +00:00
Quentin McGaw
e7381b3800 chore(config): rename FIREWALL to FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT 2024-07-26 08:25:05 +00:00
Quentin McGaw
0501743814 feat(pia): port forwarding options VPN_PORT_FORWARDING_USERNAME and VPN_PORT_FORWARDING_PASSWORD 
- Retro-compatible with `OPENVPN_USER` + `OPENVPN_PASSWORD`
- No more reading for the OpenVPN auth file
- Allow to use PIA port forwarding with Wireguard
 2024-07-09 14:44:46 +00:00
Quentin McGaw
fe05521f2b feat(config): read wireguard config file without case sensitivity 2024-06-28 20:57:57 +00:00
Quentin McGaw
93ed87d12b hotfix(pia): allow one value in SERVER_NAMES for the custom provider 2024-06-17 22:34:59 +00:00
Quentin McGaw
e0a977cf83 change(openvpn): default upgraded from 2.5 to 2.6 2024-05-02 08:13:51 +00:00
wanshuangcheng
5dacbb994f chore(all): fix typos in code comments (#2216) 2024-05-02 09:24:49 +02:00
Quentin McGaw
7e0738d113 fix(vpnunlimited): allow OpenVPN TCP on port 1197 2024-04-30 08:05:22 +00:00
Quentin McGaw
c87c0e12fe feat(wireguard): WIREGUARD_PERSISTENT_KEEPALIVE_INTERVAL option 2024-04-25 10:44:13 +00:00
Quentin McGaw
7b4befce61 hotfix(settings): openvpn encrypted key reading from file 2024-04-08 07:40:14 +00:00
Quentin McGaw
6709a248d6 hotfix(settings): HTTPPROXY_LOG reading fixed 2024-04-08 07:35:24 +00:00
Quentin McGaw
982100782c hotfix(config/nordvpn): do not initialize wg addresses to an empty slice 2024-04-02 14:48:40 +00:00
Quentin McGaw
4afbe9332f hotfix(settings): trim space for each wireguard address 2024-04-01 13:04:00 +00:00
Quentin McGaw
4019ee3ea1 hotfix(settings): fix retro-compatible key message 2024-04-01 12:59:47 +00:00
Quentin McGaw
e859c60343 hotfix(config/wireguard): add /32 to address without bits specified 2024-03-29 15:06:34 +00:00
Quentin McGaw
e01ce9c6d8 hotfix(config): read wireguard config from /gluetun/wireguard/wg0.conf 2024-03-26 07:04:26 +00:00
Quentin McGaw
ecc80a5a9e chore(config): upgrade to gosettings v0.4.0 
- drop qdm12/govalid dependency
- upgrade qdm12/ss-server to v0.6.0
- do not unset sensitive config settings (makes no sense to me)
 2024-03-25 19:14:20 +00:00
Quentin McGaw
4d9c619b24 chore(config): use openvpn protocol string field instead of TCP bool 2024-03-25 18:29:51 +00:00