internal/settings/dns.go

package settings

import (
	"fmt"
	"strings"

	"github.com/qdm12/private-internet-access-docker/internal/models"
	"github.com/qdm12/private-internet-access-docker/internal/params"
)

// DNS contains settings to configure Unbound for DNS over TLS operation
type DNS struct {
	Enabled               bool
	Providers             []models.DNSProvider
	AllowedHostnames      []string
	PrivateAddresses      []string
	Caching               bool
	BlockMalicious        bool
	BlockSurveillance     bool
	BlockAds              bool
	VerbosityLevel        uint8
	VerbosityDetailsLevel uint8
	ValidationLogLevel    uint8
	IPv6                  bool
}

func (d *DNS) String() string {
	if !d.Enabled {
		return "DNS over TLS settings: disabled"
	}
	caching, blockMalicious, blockSurveillance, blockAds, ipv6 := "disabled", "disabed", "disabed", "disabed", "disabed"
	if d.Caching {
		caching = "enabled"
	}
	if d.BlockMalicious {
		blockMalicious = "enabled"
	}
	if d.BlockSurveillance {
		blockSurveillance = "enabled"
	}
	if d.BlockAds {
		blockAds = "enabled"
	}
	if d.IPv6 {
		ipv6 = "enabled"
	}
	var providersStr []string
	for _, provider := range d.Providers {
		providersStr = append(providersStr, string(provider))
	}
	settingsList := []string{
		"DNS over TLS settings:",
		"DNS over TLS provider:\n  |--" + strings.Join(providersStr, "\n  |--"),
		"Caching: " + caching,
		"Block malicious: " + blockMalicious,
		"Block surveillance: " + blockSurveillance,
		"Block ads: " + blockAds,
		"Allowed hostnames:\n  |--" + strings.Join(d.AllowedHostnames, "\n  |--"),
		"Private addresses:\n  |--" + strings.Join(d.PrivateAddresses, "\n  |--"),
		"Verbosity level: " + fmt.Sprintf("%d/5", d.VerbosityLevel),
		"Verbosity details level: " + fmt.Sprintf("%d/4", d.VerbosityDetailsLevel),
		"Validation log level: " + fmt.Sprintf("%d/2", d.ValidationLogLevel),
		"IPv6 resolution: " + ipv6,
	}
	return strings.Join(settingsList, "\n |--")
}

// GetDNSSettings obtains DNS over TLS settings from environment variables using the params package.
func GetDNSSettings(params params.ParamsReader) (settings DNS, err error) {
	settings.Enabled, err = params.GetDNSOverTLS()
	if err != nil || !settings.Enabled {
		return settings, err
	}
	settings.Providers, err = params.GetDNSOverTLSProviders()
	if err != nil {
		return settings, err
	}
	settings.AllowedHostnames, err = params.GetDNSUnblockedHostnames()
	if err != nil {
		return settings, err
	}
	settings.Caching, err = params.GetDNSOverTLSCaching()
	if err != nil {
		return settings, err
	}
	settings.BlockMalicious, err = params.GetDNSMaliciousBlocking()
	if err != nil {
		return settings, err
	}
	settings.BlockSurveillance, err = params.GetDNSSurveillanceBlocking()
	if err != nil {
		return settings, err
	}
	settings.BlockAds, err = params.GetDNSAdsBlocking()
	if err != nil {
		return settings, err
	}
	settings.VerbosityLevel, err = params.GetDNSOverTLSVerbosity()
	if err != nil {
		return settings, err
	}
	settings.VerbosityDetailsLevel, err = params.GetDNSOverTLSVerbosityDetails()
	if err != nil {
		return settings, err
	}
	settings.ValidationLogLevel, err = params.GetDNSOverTLSValidationLogLevel()
	if err != nil {
		return settings, err
	}
	settings.PrivateAddresses = params.GetDNSOverTLSPrivateAddresses()
	settings.IPv6, err = params.GetDNSOverTLSIPv6()
	if err != nil {
		return settings, err
	}
	return settings, nil
}
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`package settings`

			`import (`
			`"fmt"`
			`"strings"`

			`"github.com/qdm12/private-internet-access-docker/internal/models"`
			`"github.com/qdm12/private-internet-access-docker/internal/params"`
			`)`

			`// DNS contains settings to configure Unbound for DNS over TLS operation`
			`type DNS struct {`
			`Enabled bool`
			`Providers []models.DNSProvider`
			`AllowedHostnames []string`
			`PrivateAddresses []string`
Added DOT_CACHING environment variable 2020-02-08 21:28:03 +00:00			`Caching bool`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`BlockMalicious bool`
			`BlockSurveillance bool`
			`BlockAds bool`
			`VerbosityLevel uint8`
			`VerbosityDetailsLevel uint8`
			`ValidationLogLevel uint8`
DOT_IPV6 environment variable added, refers to #88 2020-03-05 00:51:04 +00:00			`IPv6 bool`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`}`

			`func (d *DNS) String() string {`
			`if !d.Enabled {`
			`return "DNS over TLS settings: disabled"`
			`}`
DOT_IPV6 environment variable added, refers to #88 2020-03-05 00:51:04 +00:00			`caching, blockMalicious, blockSurveillance, blockAds, ipv6 := "disabled", "disabed", "disabed", "disabed", "disabed"`
Added DOT_CACHING environment variable 2020-02-08 21:28:03 +00:00			`if d.Caching {`
			`caching = "enabled"`
			`}`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`if d.BlockMalicious {`
			`blockMalicious = "enabled"`
			`}`
			`if d.BlockSurveillance {`
			`blockSurveillance = "enabled"`
			`}`
			`if d.BlockAds {`
			`blockAds = "enabled"`
			`}`
DOT_IPV6 environment variable added, refers to #88 2020-03-05 00:51:04 +00:00			`if d.IPv6 {`
			`ipv6 = "enabled"`
			`}`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`var providersStr []string`
			`for _, provider := range d.Providers {`
			`providersStr = append(providersStr, string(provider))`
			`}`
			`settingsList := []string{`
			`"DNS over TLS settings:",`
Minor changes - Added missing environment variables to Dockerfile - Constant ca certificates filepath - Removed dns/os.go unused file - Formatting improvements - Added comments - Readme TODOs update 2020-02-08 21:08:49 +00:00			`"DNS over TLS provider:\n \|--" + strings.Join(providersStr, "\n \|--"),`
Added DOT_CACHING environment variable 2020-02-08 21:28:03 +00:00			`"Caching: " + caching,`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`"Block malicious: " + blockMalicious,`
			`"Block surveillance: " + blockSurveillance,`
			`"Block ads: " + blockAds,`
Minor changes - Added missing environment variables to Dockerfile - Constant ca certificates filepath - Removed dns/os.go unused file - Formatting improvements - Added comments - Readme TODOs update 2020-02-08 21:08:49 +00:00			`"Allowed hostnames:\n \|--" + strings.Join(d.AllowedHostnames, "\n \|--"),`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`"Private addresses:\n \|--" + strings.Join(d.PrivateAddresses, "\n \|--"),`
			`"Verbosity level: " + fmt.Sprintf("%d/5", d.VerbosityLevel),`
			`"Verbosity details level: " + fmt.Sprintf("%d/4", d.VerbosityDetailsLevel),`
			`"Validation log level: " + fmt.Sprintf("%d/2", d.ValidationLogLevel),`
DOT_IPV6 environment variable added, refers to #88 2020-03-05 00:51:04 +00:00			`"IPv6 resolution: " + ipv6,`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`}`
			`return strings.Join(settingsList, "\n \|--")`
			`}`

			`// GetDNSSettings obtains DNS over TLS settings from environment variables using the params package.`
			`func GetDNSSettings(params params.ParamsReader) (settings DNS, err error) {`
			`settings.Enabled, err = params.GetDNSOverTLS()`
			`if err != nil \|\| !settings.Enabled {`
			`return settings, err`
			`}`
			`settings.Providers, err = params.GetDNSOverTLSProviders()`
			`if err != nil {`
			`return settings, err`
			`}`
			`settings.AllowedHostnames, err = params.GetDNSUnblockedHostnames()`
			`if err != nil {`
			`return settings, err`
			`}`
Added DOT_CACHING environment variable 2020-02-08 21:28:03 +00:00			`settings.Caching, err = params.GetDNSOverTLSCaching()`
			`if err != nil {`
			`return settings, err`
			`}`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`settings.BlockMalicious, err = params.GetDNSMaliciousBlocking()`
			`if err != nil {`
			`return settings, err`
			`}`
			`settings.BlockSurveillance, err = params.GetDNSSurveillanceBlocking()`
			`if err != nil {`
			`return settings, err`
			`}`
			`settings.BlockAds, err = params.GetDNSAdsBlocking()`
			`if err != nil {`
			`return settings, err`
			`}`
			`settings.VerbosityLevel, err = params.GetDNSOverTLSVerbosity()`
			`if err != nil {`
			`return settings, err`
			`}`
			`settings.VerbosityDetailsLevel, err = params.GetDNSOverTLSVerbosityDetails()`
			`if err != nil {`
			`return settings, err`
			`}`
			`settings.ValidationLogLevel, err = params.GetDNSOverTLSValidationLogLevel()`
			`if err != nil {`
			`return settings, err`
			`}`
Added DOT_PRIVATE_ADDRESS environment variable 2020-02-08 21:28:33 +00:00			`settings.PrivateAddresses = params.GetDNSOverTLSPrivateAddresses()`
DOT_IPV6 environment variable added, refers to #88 2020-03-05 00:51:04 +00:00			`settings.IPv6, err = params.GetDNSOverTLSIPv6()`
			`if err != nil {`
			`return settings, err`
			`}`
Rewrite of the entrypoint in Golang (#71) - General improvements - Parallel download of only needed files at start - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.) - Simplified Docker final image - Faster bootup - DNS over TLS - Finer grain blocking at DNS level: malicious, ads and surveillance - Choose your DNS over TLS providers - Ability to use multiple DNS over TLS providers for DNS split horizon - Environment variables for DNS logging - DNS block lists needed are downloaded and built automatically at start, in parallel - PIA - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR) - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR) 2020-02-06 20:42:46 -05:00			`return settings, nil`
			`}`