gluetun

admin/gluetun

Fork 0

Commit Graph

Select branches

Hide Pull Requests

ci-runs

dependabot/github_actions/actions/checkout-6

dependabot/github_actions/peter-evans/dockerhub-description-5

dependabot/go_modules/golang.org/x/crypto-0.45.0

ivp6-level

loops

master

openvpn-2.4

ovpn

pmtu

port-forwarding-loop-debug

remove-keep-nameserver

server-auth-required

socks5

stash

v3.40

v4-storage-vpn-type-both

wireguard-route-replace

#100

#1005

#1007

#101

#1016

#1026

#1033

#1040

#1042

#1047

#1052

#1057

#1058

#1067

#1073

#1098

#1114

#1120

#1132

#114

#1145

#115

#116

#1169

#117

#1173

#119

#1191

#1193

#1198

#1210

#1231

#124

#1248

#126

#1264

#1268

#1275

#1276

#1291

#130

#1332

#1337

#1346

#1348

#1352

#1368

#1369

#1373

#1378

#1380

#1383

#1390

#1393

#1413

#1414

#1423

#1424

#1427

#1436

#1437

#1438

#144

#1449

#1471

#1474

#1476

#1483

#1484

#1493

#1505

#1509

#1539

#1543

#1549

#1557

#1560

#1561

#1567

#1571

#1575

#1585

#1596

#1598

#161

#1616

#1622

#1633

#1634

#1636

#1637

#1641

#1649

#1658

#167

#1678

#1679

#168

#1681

#1682

#1684

#1685

#1689

#169

#1722

#1726

#1729

#1732

#174

#1741

#1742

#1780

#1786

#1787

#1788

#1789

#180

#1800

#1806

#182

#183

#1830

#1836

#1836

#184

#1844

#1845

#1847

#1848

#185

#1853

#1857

#1858

#1860

#1861

#1868

#1871

#1874

#189

#1890

#1890

#1897

#1898

#1907

#1912

#1922

#193

#1935

#1936

#1937

#1938

#1946

#1947

#195

#1950

#1953

#1965

#1969

#1973

#1975

#1980

#1981

#1982

#1984

#1985

#1992

#1993

#1995

#1998

#2002

#2012

#2016

#2025

#2033

#2039

#2040

#2046

#205

#2052

#2062

#2070

#2075

#208

#2081

#2089

#2091

#2091

#2094

#2101

#2102

#2105

#2109

#2126

#2138

#2139

#2146

#2151

#2159

#2160

#2167

#2174

#2178

#2182

#2185

#220

#2203

#2204

#2207

#2208

#2214

#2216

#2218

#222

#2221

#2249

#2253

#2254

#226

#2265

#2266

#2269

#227

#2272

#2273

#2279

#228

#2285

#2308

#2309

#2310

#2316

#2319

#232

#2324

#2345

#2352

#237

#2378

#2383

#239

#2390

#2392

#2392

#2398

#2399

#240

#2400

#2401

#2404

#241

#2411

#2416

#2418

#2419

#242

#2420

#2423

#2428

#2432

#2434

#2437

#2440

#2444

#2460

#2465

#2466

#2478

#2479

#248

#2490

#2499

#2502

#2512

#2513

#2518

#2523

#2523

#2526

#2529

#253

#2537

#2537

#2542

#2549

#255

#2550

#2557

#2557

#2564

#257

#2573

#2574

#2575

#2575

#2577

#2578

#258

#2586

#2586

#2588

#259

#260

#2600

#2601

#2611

#2611

#2612

#2619

#262

#2622

#2624

#2629

#2632

#2636

#2636

#264

#2644

#2648

#2652

#2663

#267

#268

#2683

#2687

#2688

#269

#2700

#2700

#2733

#2734

#2739

#2740

#2756

#2767

#2768

#277

#2770

#2773

#2775

#2778

#2789

#2792

#2808

#282

#2821

#2821

#2835

#2838

#2851

#2863

#2864

#2877

#2878

#288

#2880

#2881

#2883

#2884

#2885

#2885

#2888

#2901

#2918

#2923

#2928

#2928

#2929

#293

#2930

#2931

#2932

#2933

#2934

#2935

#2936

#2937

#2938

#2939

#2940

#2944

#2954

#2955

#2956

#2957

#2958

#2959

#2964

#2968

#2969

#297

#2970

#2973

#2975

#2976

#2977

#2980

#2980

#2984

#2988

#2988

#2991

#2991

#2999

#2999

#300

#3001

#3001

#302

#305

#308

#32

#335

#338

#339

#344

#347

#354

#364

#365

#367

#369

#380

#383

#384

#387

#393

#394

#401

#402

#412

#413

#414

#415

#417

#419

#427

#428

#43

#431

#434

#437

#44

#441

#449

#45

#450

#451

#452

#453

#455

#46

#463

#475

#489

#499

#501

#51

#513

#528

#529

#543

#55

#558

#565

#57

#574

#575

#577

#578

#58

#583

#584

#587

#591

#606

#621

#623

#63

#635

#64

#664

#668

#678

#69

#7

#70

#705

#71

#722

#742

#742

#743

#743

#744

#744

#756

#762

#769

#8

#801

#806

#807

#812

#83

#832

#84

#848

#85

#870

#893

#897

#908

#914

#914

#915

#923

#926

#938

#942

#943

#95

#96

#961

#97

#977

#978

#978

#979

#98

#980

#981

#99

v1.0

v2

v2.0.0

v3.0.0

v3.0.1

v3.1.0

v3.10.0

v3.10.1

v3.10.2

v3.10.3

v3.10.4

v3.11.0

v3.11.1

v3.11.2

v3.12.0

v3.12.1

v3.12.2

v3.13.0

v3.13.1

v3.14.0

v3.15.0

v3.16.0

v3.17.0

v3.18.0

v3.19.0

v3.19.1

v3.2.0

v3.2.0-rc1

v3.2.0-rc2

v3.20.0

v3.21.0

v3.21.1

v3.22.0

v3.23.0

v3.24.0

v3.25.0

v3.26.0

v3.27.0

v3.27.1

v3.27.2

v3.28.0

v3.28.1

v3.28.2

v3.29.0

v3.3.0

v3.30.0

v3.30.1

v3.31.0

v3.31.1

v3.32.0

v3.33.0

v3.34.0

v3.34.1

v3.34.2

v3.34.3

v3.35.0

v3.36.0

v3.37.0

v3.37.1

v3.38.0

v3.38.1

v3.39.0

v3.39.1

v3.4.0

v3.40.0

v3.40.1

v3.40.2

v3.40.3

v3.5.0

v3.5.1

v3.6.0

v3.7.0

v3.8.0

v3.8.1

v3.9.0

b5139cd302 Chore(deps): Bump golang.org/x/crypto from 0.44.0 to 0.45.0 dependabot/go_modules/golang.org/x/crypto-0.45.0 dependabot[bot] 2025-11-23 21:40:54 +00:00
2afa988174 hotfix(dns): resolve .site and .network domain names as non-local master Quentin McGaw 2025-11-23 21:39:49 +00:00
a35c994bc8 feat(port-forwarding): add {{VPN_INTERFACE}} template variable Quentin McGaw 2025-11-22 23:32:26 +00:00
0fad44fb68 chore(vpn): do not restart VPN if startup check fails and HEALTH_RESTART_VPN=off - Note you still should not set HEALTH_RESTART_VPN=off this is for debugging only Quentin McGaw 2025-11-22 15:21:40 +00:00
20c8cc77b9 Chore(deps): Bump actions/checkout from 5 to 6 dependabot/github_actions/actions/checkout-6 dependabot[bot] 2025-11-21 20:18:42 +00:00
4f9dcff3f4 hotfix(ci): verify-private requirement for publish, not itself Quentin McGaw 2025-11-21 20:16:57 +00:00
1abc90970d chore(health): add ip address to error messages for small checks Quentin McGaw 2025-11-20 20:03:02 +00:00
a445ba072c chore(health): log out duration of tries in milliseconds Quentin McGaw 2025-11-20 15:08:41 +00:00
9e5624d32b feat(healthcheck): add HEALTH_SMALL_CHECK_TYPE option which can be dns or icmp (default) Note if icmp is not permitted, it fallsback to dns anyway Quentin McGaw 2025-11-20 15:05:38 +00:00
815fcdb711 chore(healthcheck/icmp): log what IP is being pinged when timing out Quentin McGaw 2025-11-20 14:46:31 +00:00
0bb9f62755 hotfix(ci): require verify-private to pass for publish job to trigger Quentin McGaw 2025-11-19 19:58:58 +00:00
93567a7804 hotfix(ci): bump container run timeout from 15s to 30s Quentin McGaw 2025-11-19 19:57:57 +00:00
0afbb71634 feat(main): add ascii logo at exit Quentin McGaw 2025-11-19 18:08:10 +00:00
9f39d47150 feat(healthcheck): HEALTH_ICMP_TARGET_IP -> HEALTH_ICMP_TARGET_IPS - Specify fallback ICMP IP addresses - Defaults changed from 1.1.1.1 to 1.1.1.1,8.8.8.8 - Small periodic check cycles through addresses as it fails and moves to retry Quentin McGaw 2025-11-19 16:00:20 +00:00
f9490656eb chore(healthcheck): mirror default icmp ip set in Dockerfile in the Go code Quentin McGaw 2025-11-19 15:45:04 +00:00
482421dda3 feat(healthcheck): HEALTH_TARGET_ADDRESS -> HEALTH_TARGET_ADDRESSES - Specify fallback addresses - Defaults changed from cloudflare:443 to cloudflare:443,github.com:443 - Startup check runs a parallel dial to each of the addresses specified with a global 6s timeout - Full periodic check cycles through addresses as it fails and moves to retry Quentin McGaw 2025-11-19 15:41:21 +00:00
03f1fea123 hotfix(healthcheck): update outdated function comment Quentin McGaw 2025-11-19 15:34:22 +00:00
7450424849 fix(wireguard): WIREGUARD_ENDPOINT_IP overrides the IP address of a picked connection - Regression introduced in v3.39.0 - Fix #2759 v3.40 Quentin McGaw 2025-11-19 13:11:00 +00:00
16bc27bf9f feat(expressvpn): update hardcoded servers data (#2888) Matthew Bennett 2025-10-06 04:33:36 -07:00
31284542a2 fix(wireguard): WIREGUARD_ENDPOINT_IP overrides the IP address of a picked connection - Regression introduced in v3.39.0 - Fix #2759 Quentin McGaw 2025-11-19 13:11:00 +00:00
5ff5fc4a5e chore(ci): run protonvpn config container Quentin McGaw 2025-11-18 22:08:25 +00:00
5b93464fef fix(proton): giving proton password is not mandatory Quentin McGaw 2025-11-18 21:26:53 +00:00
01e9274f7b fix(proton): giving proton password is not mandatory v3.40.3 Quentin McGaw 2025-11-18 21:26:53 +00:00
daff23bfb3 feat(protonvpn): update servers data including paid data v3.40.2 Quentin McGaw 2025-11-18 13:36:05 +00:00
aa6d26e062 fix(protonvpn/updater): API authentification fix using email - UPDATER_PROTONVPN_USERNAME -> UPDATER_PROTONVPN_EMAIL - -proton-username -> -proton-email - fix authentication flow to use email or username when appropriate - fix #2985 Quentin McGaw 2025-11-18 13:34:59 +00:00
b2859d5a06 fix(storage): only log warning if flushing merged servers to file fails Quentin McGaw 2025-11-17 19:04:13 +00:00
ad8b0657cb fix(dns): fix panic when using DNS_KEEP_NAMESERVER Quentin McGaw 2025-11-17 17:54:52 +00:00
debf3474e7 hotfix(protonvpn): fix retro-compatibility with UPDATER_PROTONVPN_USERNAME Quentin McGaw 2025-11-18 13:40:55 +00:00
2853ca9033 feat(protonvpn): update servers data including paid data Quentin McGaw 2025-11-18 13:36:05 +00:00
74d059dd77 fix(protonvpn/updater): API authentification fix using email - UPDATER_PROTONVPN_USERNAME -> UPDATER_PROTONVPN_EMAIL - -proton-username -> -proton-email - fix authentication flow to use email or username when appropriate - fix #2985 Quentin McGaw 2025-11-18 13:34:59 +00:00
9963e18a8a fix(storage): do not write updated servers to file if file path is empty Quentin McGaw 2025-11-18 13:28:03 +00:00
4f0b8f7292 Merge branch 'master' into remove-keep-nameserver remove-keep-nameserver Quentin McGaw 2025-11-17 19:16:05 +00:00
41cd8fb30d fix(storage): only log warning if flushing merged servers to file fails Quentin McGaw 2025-11-17 19:04:13 +00:00
9ed6cd978d Chore(deps): Bump DavidAnson/markdownlint-cli2-action from 20 to 21 (#2984) dependabot[bot] 2025-11-17 19:57:57 +01:00
c4b9d459ed fix(dns): fix panic when using DNS_KEEP_NAMESERVER Quentin McGaw 2025-11-17 17:54:52 +00:00
6e99ca573e chore(storage): do not read/write to user file when updating in maintainer mode Quentin McGaw 2025-11-17 15:29:41 +00:00
2cf4d6b469 fix(protonvpn/updater): ignore casing when comparing received username Quentin McGaw 2025-11-17 15:23:02 +00:00
25b381e138 fix linting errors Quentin McGaw 2025-11-17 15:17:57 +00:00
35b6b709b2 DNS_UPSTREAM_PLAIN_ADDRESSES option - New CSV format with port, for example ip1:port1,ip2:port2 - retrocompatibility with DNS_ADDRESS. If set, force upstream type to plain and empty user-picked providers. 127.0.0.1 is now ignored since it's always set to this value internally. - requires DNS_UPSTREAM_TYPE=plain must be set to use DNS_UPSTREAM_PLAIN_ADDRESSES (unless using retro DNS_ADDRESS) - Warning log on using private upstream resolvers updated Quentin McGaw 2025-11-17 15:04:06 +00:00
40ea51a3ae Remove DNS_KEEP_NAMESERVER (always off) Quentin McGaw 2025-11-17 13:05:33 +00:00
1a93a41a55 Remove DNS_SERVER option (always on) Quentin McGaw 2025-11-17 13:00:01 +00:00
a17776673b docs(readme): warning on "official" websites Quentin McGaw 2025-11-17 12:46:45 +00:00
fcdba0a3cc feat(portforward): support {{PORT}} template variable Quentin McGaw 2025-11-16 00:18:01 +00:00
c930a4e1be fix(protonvpn): authenticated servers data updating (#2878) v3.40.1 Quentin McGaw 2025-11-13 14:05:26 -05:00
22834e9477 fix(server/log): log out full URL path not just bottom request URI Quentin McGaw 2025-11-13 14:29:58 +00:00
62c2679da2 fix(cyberghost): log warnings from updater resolver Quentin McGaw 2025-11-04 14:42:54 +00:00
5e9ae9fa1f fix(wireguard): specify IP family for new route (#2629) Quentin McGaw 2025-10-30 17:14:45 +01:00
0f19bcfebd fix(port-forward): clear port file instead of removing it - Prevent port forwarding loop crash when trying to delete a directly bind mounted file - See https://github.com/qdm12/gluetun/issues/2942#issuecomment-3468510402 Quentin McGaw 2025-10-30 15:45:01 +00:00
83fc91d3c6 fix(publicip): respect PUBLICIP_ENABLED Quentin McGaw 2025-10-23 19:49:21 +00:00
4adeec8223 fix(vpnunlimited): update certificate values (#2835) mutschler 2025-09-11 21:15:20 +02:00
64bfbaa45d fix(cli): fix openvpnconfig command panic due to missing SetDefaults call Quentin McGaw 2024-12-27 09:30:58 +00:00
4712d0cf79 change(healthcheck): bump tries and timeouts - small periodic check from 10s+20s+30s to 5s+5s+5s+10s+10s+10s+15s+15s+15s+30s - full periodic check from 10s+20s to 10s+15s+30s Quentin McGaw 2025-11-15 16:47:38 +00:00
113c113615 feat(healthcheck): log duration for each failed attempt Quentin McGaw 2025-11-15 16:45:03 +00:00
0717578b06 change!(server): auth is now required for all routes server-auth-required Quentin McGaw 2025-11-14 21:30:42 +00:00
6023eb1878 hotfix(dns): compilation error due to dns package upgrade on master Quentin McGaw 2025-11-14 21:24:40 +00:00
a1ece20617 feat(dns): resolve network-local names (#2970) Quentin McGaw 2025-11-14 11:30:05 -05:00
0bc67b73a8 feat(dns): info log all requests filtered out Quentin McGaw 2025-11-14 16:19:07 +00:00
c7ab5bd34c feat(dns): DNS_REBINDING_PROTECTION_EXEMPT_HOSTNAMES option Quentin McGaw 2025-11-14 16:14:23 +00:00
843bf08aa1 chore(deps): bump dns to 248acd2833 Quentin McGaw 2025-11-14 16:13:59 +00:00
5b25cc95a9 chore(docker): clear DNS_BLOCK_IP_PREFIXES values since DNS rebinding protection is built-in the filter middleware Quentin McGaw 2025-11-14 15:04:56 +00:00
0fddbc54a2 Chore(deps): Bump github.com/cloudflare/circl from 1.6.0 to 1.6.1 (#2977) dependabot[bot] 2025-11-13 23:27:51 +01:00
11fcfb7d19 Chore(deps): Bump golang.org/x/net from 0.46.0 to 0.47.0 (#2976) dependabot[bot] 2025-11-13 23:27:10 +01:00
3cd7d7edcb Chore(deps): Bump golang.org/x/text from 0.30.0 to 0.31.0 (#2975) dependabot[bot] 2025-11-13 23:26:55 +01:00
30609b6fe9 hotfix(configuration/settings): fix requirement for proton username and password Quentin McGaw 2025-11-13 21:58:46 +00:00
8a0921748b fix(protonvpn): authenticated servers data updating (#2878) Quentin McGaw 2025-11-13 14:05:26 -05:00
3fac02a82a feat(server/auth): HTTP_CONTROL_SERVER_AUTH_DEFAULT_ROLE option (JSON encoded) - For example: {"auth":"basic","username":"me","password":"pass"} - For example{"auth":"apiKey","apikey":"xyz"} - For example{"auth":"none"} (I don't recommend) Quentin McGaw 2025-11-13 18:24:34 +00:00
f11f142bee feat(settings/wireguard): precise WIREGUARD_ENDPOINT_IP must be an IP address for now Quentin McGaw 2025-11-13 16:20:00 +00:00
596faef8f2 Chore(deps): Bump golang.org/x/sys from 0.37.0 to 0.38.0 (#2973) dependabot[bot] 2025-11-13 16:47:26 +01:00
3d1b6bc861 feat(server/portforward): change route from /v1/openvpn/portforwarded to /v1/portforward - This route has nothing to do with openvpn specifically - Remove the ed in portforwarded to accomodate future routes such as changing the state of port forwarding - maintaining retrocompatibility with /v1/openvpn/portforwarded - maintaining retrocompatibility with /openvpn/portforwarded - Moved to its own handler /v1/portforward instead of /v1/vpn/portforward to reduce the complexity of the vpn handler Quentin McGaw 2025-11-13 14:50:36 +00:00
46ad576233 fix(server/log): log out full URL path not just bottom request URI Quentin McGaw 2025-11-13 14:29:58 +00:00
46beaac34b hotfix(server/auth): add old route /openvpn/portforwarded as valid Quentin McGaw 2025-11-13 14:21:50 +00:00
3025476e8b chore(portforward): remove double log when clearing port forward file Quentin McGaw 2025-11-13 14:10:13 +00:00
cd6f9493a4 docs(Dockerfile): specify default PUID and PGID to avoid confusion - Both of these already defaulted to 1000 in the Go code Quentin McGaw 2025-11-13 13:06:21 +00:00
9984ad22d7 chore(settings/health): remove unneeded health fields Quentin McGaw 2025-11-13 12:27:33 +00:00
3565ba67c4 hotfix(healthcheck/dns): use dns address tring with port Quentin McGaw 2025-11-12 01:45:10 +00:00
90b9e81129 Merge branch 'master' into pmtu pmtu Quentin McGaw 2025-11-07 21:55:58 +00:00
be935e70e6 Fix lint error ivp6-level Quentin McGaw 2025-11-07 21:54:30 +00:00
5ca13021e7 feat(netlink): detect IPv6 using query to address - If a default IPv6 route is found, query the ip:port defined by IPV6_CHECK_ADDRESS to check for internet access Quentin McGaw 2024-12-12 06:48:43 +00:00
dae44051f6 feat(netlink): detect ipv6 support level - 'supported' if one ipv6 route is found that is not loopback and not a default route - 'internet' if one default ipv6 route is found Quentin McGaw 2024-10-14 16:44:05 +00:00
ffb0bec4da chore(vpn): rename openvpn* to vpn* variables Quentin McGaw 2025-11-07 15:26:24 +00:00
4d2b8787e0 chore(dns): replace UNBLOCK with DNS_UNBLOCK_HOSTNAMES Quentin McGaw 2025-11-07 14:33:20 +00:00
d4831ad4a6 chore(dns): replace DOT_PRIVATE_ADDRESS with DNS_BLOCK_IPS and DNS_BLOCK_IP_PREFIXES Quentin McGaw 2025-11-07 14:31:09 +00:00
9e1b53a732 feat(server): log number of roles read from auth file Quentin McGaw 2025-11-05 23:05:10 +00:00
d0113849d6 feat(dns): support doh upstream type Quentin McGaw 2025-11-05 21:21:16 +00:00
7b25fdfee8 chore(deps): bump dns to v2.0.0-rc9 Quentin McGaw 2025-11-05 20:55:28 +00:00
5ed6e82922 feat(dns): DNS_UPSTREAM_RESOLVER_TYPE option which can be plain or DoT - Migrate DOT to DNS_SERVER - Migrate DOT_PROVIDERS to DNS_UPSTREAM_RESOLVERS - Migrate DOT_PRIVATE_ADDRESS to DNS_PRIVATE_ADDRESSES - Migrate DOT_CACHING to DNS_CACHING - Migrate DOT_IPV6 to DNS_UPSTREAM_IPV6 Quentin McGaw 2025-11-05 20:41:19 +00:00
7dbd14df27 chore(dns): merge DoT settings with DNS settings Quentin McGaw 2025-11-05 20:14:25 +00:00
96d8b53338 Chore(deps): Bump github.com/breml/rootcerts from 0.3.2 to 0.3.3 (#2964) dependabot[bot] 2025-11-04 20:34:22 -05:00
2bd19640d9 feat(health/dns): try another DNS server if one fails Quentin McGaw 2025-11-04 15:51:04 +00:00
1047508bd7 docs(github): update provider issue template Quentin McGaw 2025-11-04 15:07:16 +00:00
eb49306b80 hotfix(health): change default icmp target to 1.1.1.1 - Cloudflare's 1.1.1.1 seems more reliable than the VPN server public IP address you connect to - This can still be changed back to 0.0.0.0 to use the VPN server IP address if needed Quentin McGaw 2025-11-04 14:47:24 +00:00
43da9ddbb3 fix(cyberghost): log warnings from updater resolver Quentin McGaw 2025-11-04 14:42:54 +00:00
7fbc5c3c07 feat(cyberghost): update servers data Quentin McGaw 2025-11-04 14:38:25 +00:00
e03f545e07 Chore(deps): Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 (#2959) dependabot[bot] 2025-11-04 15:33:12 +01:00
942f1f2c0f Chore(deps): Bump github.com/pelletier/go-toml/v2 from 2.2.3 to 2.2.4 (#2958) dependabot[bot] 2025-11-04 15:33:00 +01:00
baf566d7a5 Chore(deps): Bump github.com/klauspost/compress from 1.17.11 to 1.18.1 (#2957) dependabot[bot] 2025-11-04 15:32:46 +01:00
6712adfe6b hotfix(firewall): handle textual values for protocols - Alpine / iptables-legacy bug introduced in Alpine 3.22 - Alpine: what the hell? Stop introducing breaking changes in iptables on every god damn release! Quentin McGaw 2025-11-04 14:16:11 +00:00
2e2e5f9df5 fix(firewall): parse "all" protocol from iptables chains Quentin McGaw 2025-11-03 16:06:21 +00:00
35e9b2365d fix(ci): consider 429 as valid status code for markdown links Quentin McGaw 2025-11-03 16:00:42 +00:00
f4dafaecac Chore(deps): Bump peter-evans/dockerhub-description from 4 to 5 dependabot/github_actions/peter-evans/dockerhub-description-5 dependabot[bot] 2025-10-31 20:04:12 +00:00

1 2 3 4 5 ...