hotfix(dns): resolve .site and .network domain names as non-local

feat(port-forwarding): add {{VPN_INTERFACE}} template variable
chore(vpn): do not restart VPN if startup check fails and HEALTH_RESTART_VPN=off
2025-11-23 21:39:49 +00:00 · 2025-11-22 23:32:26 +00:00 · 2025-11-22 15:21:40 +00:00
10 changed files with 26 additions and 20 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -37,7 +37,7 @@ jobs:
    env:
      DOCKER_BUILDKIT: "1"
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5

      - uses: reviewdog/action-misspell@v1
        with:
@@ -78,7 +78,7 @@ jobs:
    runs-on: ubuntu-latest
    environment: secrets
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5

      - run: docker build -t qmcgaw/gluetun .

@@ -103,7 +103,7 @@ jobs:
      contents: read
      security-events: write
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
      - uses: actions/setup-go@v6
        with:
          go-version-file: go.mod
@@ -128,7 +128,7 @@ jobs:
      packages: write
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5

      # extract metadata (tags, labels) for Docker
      # https://github.com/docker/metadata-action
--- a/.github/workflows/labels.yml
+++ b/.github/workflows/labels.yml
@@ -11,7 +11,7 @@ jobs:
      issues: write
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
      - uses: crazy-max/ghaction-github-labeler@v5
        with:
          yaml-file: .github/labels.yml
--- a/.github/workflows/markdown.yml
+++ b/.github/workflows/markdown.yml
@@ -18,7 +18,7 @@ jobs:
      actions: read
      contents: read
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5

      - uses: DavidAnson/markdownlint-cli2-action@v21
        with:
--- a/go.mod
+++ b/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/klauspost/compress v1.18.1
 	github.com/klauspost/pgzip v1.2.6
 	github.com/pelletier/go-toml/v2 v2.2.4
-	github.com/qdm12/dns/v2 v2.0.0-rc9.0.20251114155417-248acd28339f
+	github.com/qdm12/dns/v2 v2.0.0-rc9.0.20251123213823-54e987293e88
 	github.com/qdm12/gosettings v0.4.4
 	github.com/qdm12/goshutdown v0.3.0
 	github.com/qdm12/gosplash v0.2.0
--- a/go.sum
+++ b/go.sum
@@ -69,8 +69,8 @@ github.com/prometheus/common v0.60.1 h1:FUas6GcOw66yB/73KC+BOZoFJmbo/1pojoILArPA
 github.com/prometheus/common v0.60.1/go.mod h1:h0LYf1R1deLSKtD4Vdg8gy4RuOvENW2J/h19V5NADQw=
 github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
 github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
-github.com/qdm12/dns/v2 v2.0.0-rc9.0.20251114155417-248acd28339f h1:6wN5D9wACfmXDsQ366egVt0jXY4nqL/QnIwg4nWhXco=
-github.com/qdm12/dns/v2 v2.0.0-rc9.0.20251114155417-248acd28339f/go.mod h1:98foWgXJZ+g8gJIuO+fdO+oWpFei5WShMFTeN4Im2lE=
+github.com/qdm12/dns/v2 v2.0.0-rc9.0.20251123213823-54e987293e88 h1:GJ5FALvJ3UmHjVaNYebrfV5zF5You4dq8HfRWZy2loM=
+github.com/qdm12/dns/v2 v2.0.0-rc9.0.20251123213823-54e987293e88/go.mod h1:98foWgXJZ+g8gJIuO+fdO+oWpFei5WShMFTeN4Im2lE=
 github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978 h1:TRGpCU1l0lNwtogEUSs5U+RFceYxkAJUmrGabno7J5c=
 github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978/go.mod h1:D1Po4CRQLYjccnAR2JsVlN1sBMgQrcNLONbvyuzcdTg=
 github.com/qdm12/gosettings v0.4.4 h1:SM6tOZDf6k8qbjWU8KWyBF4mWIixfsKCfh9DGRLHlj4=
--- a/internal/portforward/service/command.go
+++ b/internal/portforward/service/command.go
@@ -10,7 +10,7 @@ import (
 )

 func runCommand(ctx context.Context, cmder Cmder, logger Logger,
-	commandTemplate string, ports []uint16,
+	commandTemplate string, ports []uint16, vpnInterface string,
 ) (err error) {
 	portStrings := make([]string, len(ports))
 	for i, port := range ports {
@@ -19,6 +19,7 @@ func runCommand(ctx context.Context, cmder Cmder, logger Logger,
 	portsString := strings.Join(portStrings, ",")
 	commandString := strings.ReplaceAll(commandTemplate, "{{PORTS}}", portsString)
 	commandString = strings.ReplaceAll(commandString, "{{PORT}}", portStrings[0])
+	commandString = strings.ReplaceAll(commandString, "{{VPN_INTERFACE}}", vpnInterface)
 	args, err := command.Split(commandString)
 	if err != nil {
 		return fmt.Errorf("parsing command: %w", err)
--- a/internal/portforward/service/command_test.go
+++ b/internal/portforward/service/command_test.go
@@ -17,12 +17,13 @@ func Test_Service_runCommand(t *testing.T) {

 	ctx := context.Background()
 	cmder := command.New()
-	const commandTemplate = `/bin/sh -c "echo {{PORTS}}"`
+	const commandTemplate = `/bin/sh -c "echo {{PORTS}}-{{PORT}}-{{VPN_INTERFACE}}"`
 	ports := []uint16{1234, 5678}
+	const vpnInterface = "tun0"
 	logger := NewMockLogger(ctrl)
-	logger.EXPECT().Info("1234,5678")
+	logger.EXPECT().Info("1234,5678-1234-tun0")

-	err := runCommand(ctx, cmder, logger, commandTemplate, ports)
+	err := runCommand(ctx, cmder, logger, commandTemplate, ports, vpnInterface)

 	require.NoError(t, err)
 }
--- a/internal/portforward/service/start.go
+++ b/internal/portforward/service/start.go
@@ -74,7 +74,7 @@ func (s *Service) Start(ctx context.Context) (runError <-chan error, err error)
 	s.portMutex.Unlock()

 	if s.settings.UpCommand != "" {
-		err = runCommand(ctx, s.cmder, s.logger, s.settings.UpCommand, ports)
+		err = runCommand(ctx, s.cmder, s.logger, s.settings.UpCommand, ports, s.settings.Interface)
 		if err != nil {
 			err = fmt.Errorf("running up command: %w", err)
 			s.logger.Error(err.Error())
--- a/internal/portforward/service/stop.go
+++ b/internal/portforward/service/stop.go
@@ -34,7 +34,7 @@ func (s *Service) cleanup() (err error) {
 		const downTimeout = 60 * time.Second
 		ctx, cancel := context.WithTimeout(context.Background(), downTimeout)
 		defer cancel()
-		err = runCommand(ctx, s.cmder, s.logger, s.settings.DownCommand, s.ports)
+		err = runCommand(ctx, s.cmder, s.logger, s.settings.DownCommand, s.ports, s.settings.Interface)
 		if err != nil {
 			err = fmt.Errorf("running down command: %w", err)
 			s.logger.Error(err.Error())
--- a/internal/vpn/tunnelup.go
+++ b/internal/vpn/tunnelup.go
@@ -41,11 +41,15 @@ func (l *Loop) onTunnelUp(ctx, loopCtx context.Context, data tunnelUpData) {
 	healthErrCh, err := l.healthChecker.Start(ctx)
 	l.healthServer.SetError(err)
 	if err != nil {
+		if *l.healthSettings.RestartVPN {
 			// Note this restart call must be done in a separate goroutine
 			// from the VPN loop goroutine.
 			l.restartVPN(loopCtx, err)
 			return
 		}
+		l.logger.Warnf("(ignored) healthchecker start failed: %s", err)
+		l.logger.Info("👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md")
+	}

 	if *l.dnsLooper.GetSettings().ServerEnabled {
 		_, _ = l.dnsLooper.ApplyStatus(ctx, constants.Running)
@@ -96,7 +100,7 @@ func (l *Loop) collectHealthErrors(ctx, loopCtx context.Context, healthErrCh <-c
 					l.restartVPN(loopCtx, healthErr)
 					return
 				}
-				l.logger.Warnf("healthcheck failed: %s", healthErr)
+				l.logger.Warnf("(ignored) healthcheck failed: %s", healthErr)
 				l.logger.Info("👉 See https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md")
 			} else if previousHealthErr != nil {
 				l.logger.Info("healthcheck passed successfully after previous failure(s)")
Author	SHA1	Message	Date
Quentin McGaw	2afa988174	hotfix(dns): resolve .site and .network domain names as non-local	2025-11-23 21:39:49 +00:00
Quentin McGaw	a35c994bc8	feat(port-forwarding): add `{{VPN_INTERFACE}}` template variable	2025-11-22 23:32:26 +00:00
Quentin McGaw	0fad44fb68	chore(vpn): do not restart VPN if startup check fails and HEALTH_RESTART_VPN=off - Note you still should not set HEALTH_RESTART_VPN=off this is for debugging only	2025-11-22 15:21:40 +00:00