2021-02-06 11:05:50 -05:00
|
|
|
package configuration
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"strconv"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/qdm12/gluetun/internal/constants"
|
|
|
|
|
"github.com/qdm12/golibs/params"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// OpenVPN contains settings to configure the OpenVPN client.
|
|
|
|
|
type OpenVPN struct {
|
|
|
|
|
User string `json:"user"`
|
|
|
|
|
Password string `json:"password"`
|
|
|
|
|
Verbosity int `json:"verbosity"`
|
2021-07-19 15:10:53 +00:00
|
|
|
Flags []string `json:"flags"`
|
2021-02-06 11:05:50 -05:00
|
|
|
MSSFix uint16 `json:"mssfix"`
|
|
|
|
|
Root bool `json:"run_as_root"`
|
|
|
|
|
Cipher string `json:"cipher"`
|
|
|
|
|
Auth string `json:"auth"`
|
2021-03-13 08:51:05 -05:00
|
|
|
Config string `json:"custom_config"`
|
2021-05-31 18:54:36 +00:00
|
|
|
Version string `json:"version"`
|
2021-08-17 15:44:11 +00:00
|
|
|
ClientCrt string `json:"-"` // Cyberghost
|
|
|
|
|
ClientKey string `json:"-"` // Cyberghost, VPNUnlimited
|
|
|
|
|
EncPreset string `json:"encryption_preset"` // PIA
|
|
|
|
|
IPv6 bool `json:"ipv6"` // Mullvad
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (settings *OpenVPN) String() string {
|
|
|
|
|
return strings.Join(settings.lines(), "\n")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (settings *OpenVPN) lines() (lines []string) {
|
|
|
|
|
lines = append(lines, lastIndent+"OpenVPN:")
|
|
|
|
|
|
2021-05-31 18:54:36 +00:00
|
|
|
lines = append(lines, indent+lastIndent+"Version: "+settings.Version)
|
|
|
|
|
|
2021-02-06 11:05:50 -05:00
|
|
|
lines = append(lines, indent+lastIndent+"Verbosity level: "+strconv.Itoa(settings.Verbosity))
|
|
|
|
|
|
2021-07-19 15:10:53 +00:00
|
|
|
if len(settings.Flags) > 0 {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Flags: "+strings.Join(settings.Flags, " "))
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-06 11:05:50 -05:00
|
|
|
if settings.Root {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Run as root: enabled")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(settings.Cipher) > 0 {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Custom cipher: "+settings.Cipher)
|
|
|
|
|
}
|
|
|
|
|
if len(settings.Auth) > 0 {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Custom auth algorithm: "+settings.Auth)
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-13 08:51:05 -05:00
|
|
|
if len(settings.Config) > 0 {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Custom configuration: "+settings.Config)
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
if settings.ClientKey != "" {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Client key is set")
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
if settings.ClientCrt != "" {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Client certificate is set")
|
|
|
|
|
}
|
2021-02-06 11:05:50 -05:00
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
if settings.IPv6 {
|
|
|
|
|
lines = append(lines, indent+lastIndent+"IPv6: enabled")
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
2021-08-17 15:44:11 +00:00
|
|
|
|
|
|
|
|
if settings.EncPreset != "" { // PIA only
|
|
|
|
|
lines = append(lines, indent+lastIndent+"Encryption preset: "+settings.EncPreset)
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
return lines
|
|
|
|
|
}
|
2021-02-06 11:05:50 -05:00
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
func (settings *OpenVPN) read(r reader, serviceProvider string) (err error) {
|
2021-03-13 08:51:05 -05:00
|
|
|
settings.Config, err = r.env.Get("OPENVPN_CUSTOM_CONFIG", params.CaseSensitiveValue())
|
|
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_CUSTOM_CONFIG: %w", err)
|
2021-03-13 08:51:05 -05:00
|
|
|
}
|
2021-06-20 09:18:03 -07:00
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
credentialsRequired := settings.Config == "" && serviceProvider != constants.VPNUnlimited
|
2021-06-20 09:18:03 -07:00
|
|
|
|
2021-03-13 08:51:05 -05:00
|
|
|
settings.User, err = r.getFromEnvOrSecretFile("OPENVPN_USER", credentialsRequired, []string{"USER"})
|
2021-02-06 11:05:50 -05:00
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_USER: %w", err)
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
// Remove spaces in user ID to simplify user's life, thanks @JeordyR
|
|
|
|
|
settings.User = strings.ReplaceAll(settings.User, " ", "")
|
|
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
if serviceProvider == constants.Mullvad {
|
2021-02-06 11:05:50 -05:00
|
|
|
settings.Password = "m"
|
|
|
|
|
} else {
|
2021-03-13 08:51:05 -05:00
|
|
|
settings.Password, err = r.getFromEnvOrSecretFile("OPENVPN_PASSWORD", credentialsRequired, []string{"PASSWORD"})
|
2021-02-06 11:05:50 -05:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-05-31 18:54:36 +00:00
|
|
|
settings.Version, err = r.env.Inside("OPENVPN_VERSION",
|
|
|
|
|
[]string{constants.Openvpn24, constants.Openvpn25}, params.Default(constants.Openvpn25))
|
|
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_VERSION: %w", err)
|
2021-05-31 18:54:36 +00:00
|
|
|
}
|
|
|
|
|
|
2021-06-20 16:39:38 +00:00
|
|
|
settings.Verbosity, err = r.env.IntRange("OPENVPN_VERBOSITY", 0, 6, params.Default("1")) //nolint:gomnd
|
2021-02-06 11:05:50 -05:00
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_VERBOSITY: %w", err)
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
|
2021-07-19 15:10:53 +00:00
|
|
|
settings.Flags = []string{}
|
|
|
|
|
flagsStr, err := r.env.Get("OPENVPN_FLAGS")
|
|
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_FLAGS: %w", err)
|
2021-07-19 15:10:53 +00:00
|
|
|
}
|
|
|
|
|
if flagsStr != "" {
|
|
|
|
|
settings.Flags = strings.Fields(flagsStr)
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-08 00:05:54 +00:00
|
|
|
settings.Root, err = r.env.YesNo("OPENVPN_ROOT", params.Default("yes"))
|
2021-02-06 11:05:50 -05:00
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_ROOT: %w", err)
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
settings.Cipher, err = r.env.Get("OPENVPN_CIPHER")
|
|
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_CIPHER: %w", err)
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
settings.Auth, err = r.env.Get("OPENVPN_AUTH")
|
|
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_AUTH: %w", err)
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
|
2021-06-20 16:39:38 +00:00
|
|
|
const maxMSSFix = 10000
|
|
|
|
|
mssFix, err := r.env.IntRange("OPENVPN_MSSFIX", 0, maxMSSFix, params.Default("0"))
|
2021-02-06 11:05:50 -05:00
|
|
|
if err != nil {
|
2021-07-23 02:34:15 +00:00
|
|
|
return fmt.Errorf("environment variable OPENVPN_MSSFIX: %w", err)
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
|
|
|
|
settings.MSSFix = uint16(mssFix)
|
|
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
settings.IPv6, err = r.env.OnOff("OPENVPN_IPV6", params.Default("off"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf("environment variable OPENVPN_IPV6: %w", err)
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-17 19:35:57 +00:00
|
|
|
settings.EncPreset, err = getPIAEncryptionPreset(r)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-17 15:44:11 +00:00
|
|
|
switch serviceProvider {
|
2021-02-06 11:05:50 -05:00
|
|
|
case constants.Cyberghost:
|
2021-08-17 15:44:11 +00:00
|
|
|
err = settings.readCyberghost(r)
|
2021-06-20 09:18:03 -07:00
|
|
|
case constants.VPNUnlimited:
|
2021-08-17 15:44:11 +00:00
|
|
|
err = settings.readVPNUnlimited(r)
|
|
|
|
|
}
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
2021-02-06 11:05:50 -05:00
|
|
|
}
|
2021-08-17 16:54:22 +00:00
|
|
|
|
|
|
|
|
func readProtocol(env params.Env) (tcp bool, err error) {
|
|
|
|
|
protocol, err := env.Inside("PROTOCOL", []string{constants.TCP, constants.UDP}, params.Default(constants.UDP))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return false, fmt.Errorf("environment variable PROTOCOL: %w", err)
|
|
|
|
|
}
|
|
|
|
|
return protocol == constants.TCP, nil
|
|
|
|
|
}
|
