Minor changes

- Added missing environment variables to Dockerfile - Constant ca certificates filepath - Removed dns/os.go unused file - Formatting improvements - Added comments - Readme TODOs update
2020-02-08 21:08:49 +00:00
parent 6734779e90
commit 247dc01f8a
8 changed files with 20 additions and 38 deletions
--- a/3
+++ b/3
@@ -36,6 +36,9 @@ ENV USER= \
    REGION="CA Montreal" \
    DOT=on \
    DOT_PROVIDERS=cloudflare \
+    DOT_VERBOSITY=1 \
+    DOT_VERBOSITY_DETAILS=0 \
+    DOT_VALIDATION_LOGLEVEL=0 \
    BLOCK_MALICIOUS=on \
    BLOCK_SURVEILLANCE=off \
    BLOCK_ADS=off \
--- a/README.md
+++ b/README.md
@@ -322,7 +322,14 @@ Note that not all regions support port forwarding.
    - Setup
    - Logging streams
 - More unit tests
- Switch to iptables-go instead of using the shell iptables
+- Write in Go
+    - DNS over TLS to replace Unbound
+    - HTTP proxy to replace tinyproxy
+    - use [go-Shadowsocks2](https://github.com/shadowsocks/go-shadowsocks2)
+    - DNS over HTTPS, maybe use [github.com/likexian/doh-go](https://github.com/likexian/doh-go)
+    - use [iptables-go](https://github.com/coreos/go-iptables) to replace iptables
+    - wireguard-go
+    - Openvpn to replace openvpn

 ## License

--- a/internal/constants/paths.go
+++ b/internal/constants/paths.go
@@ -9,6 +9,8 @@ const (
 	UnboundConf models.Filepath = "/etc/unbound/unbound.conf"
 	// ResolvConf is the file path to the system resolv.conf file
 	ResolvConf models.Filepath = "/etc/resolv.conf"
+	// CACertificates is the file path to the CA certificates file
+	CACertificates models.Filepath = "/etc/ssl/certs/ca-certificates.crt"
 	// OpenVPNAuthConf is the file path to the OpenVPN auth file
 	OpenVPNAuthConf models.Filepath = "/etc/openvpn/auth.conf"
 	// OpenVPNConf is the file path to the OpenVPN client configuration file
--- a/internal/dns/conf.go
+++ b/internal/dns/conf.go
@@ -52,7 +52,7 @@ func generateUnboundConf(settings settings.DNS, client network.Client, logger lo
 		"hide-identity":    "yes",
 		"hide-version":     "yes",
 		// Security
-		"tls-cert-bundle":       "\"/etc/ssl/certs/ca-certificates.crt\"",
+		"tls-cert-bundle":       fmt.Sprintf("%q", constants.CACertificates),
 		"root-hints":            fmt.Sprintf("%q", constants.RootHints),
 		"trust-anchor-file":     fmt.Sprintf("%q", constants.RootKey),
 		"harden-below-nxdomain": "yes",
--- a/internal/dns/os.go
+++ b/internal/dns/os.go
@@ -1,33 +0,0 @@
-package dns
-
-import (
-	"net"
-	"strings"
-
-	"github.com/qdm12/private-internet-access-docker/internal/constants"
-)
-
-func (c *configurator) SetNameserver(IP net.IP) error {
-	c.logger.Info("%s: setting local nameserver to %s", logPrefix, IP.String())
-	data, err := c.fileManager.ReadFile(string(constants.ResolvConf))
-	if err != nil {
-		return err
-	}
-	s := strings.TrimSuffix(string(data), "\n")
-	lines := strings.Split(s, "\n")
-	if len(lines) == 1 && lines[0] == "" {
-		lines = nil
-	}
-	found := false
-	for i := range lines {
-		if strings.HasPrefix(lines[i], "nameserver ") {
-			lines[i] = "nameserver " + IP.String()
-			found = true
-		}
-	}
-	if !found {
-		lines = append(lines, "nameserver "+IP.String())
-	}
-	data = []byte(strings.Join(lines, "\n"))
-	return c.fileManager.WriteToFile(string(constants.ResolvConf), data)
-}
--- a/internal/params/params.go
+++ b/internal/params/params.go
@@ -63,6 +63,8 @@ type paramsReader struct {
 	unsetEnv  func(key string) error
 }

+// NewParamsReader returns a paramsReadeer object to read parameters from
+// environment variables
 func NewParamsReader(logger logging.Logger) ParamsReader {
 	return &paramsReader{
 		envParams: libparams.NewEnvParams(),
--- a/internal/settings/dns.go
+++ b/internal/settings/dns.go
@@ -42,11 +42,11 @@ func (d *DNS) String() string {
 	}
 	settingsList := []string{
 		"DNS over TLS settings:",
-		"DNS over TLS provider: \n  |--" + strings.Join(providersStr, "\n  |--"),
+		"DNS over TLS provider:\n  |--" + strings.Join(providersStr, "\n  |--"),
 		"Block malicious: " + blockMalicious,
 		"Block surveillance: " + blockSurveillance,
 		"Block ads: " + blockAds,
-		"Allowed hostnames: " + strings.Join(d.AllowedHostnames, ", "),
+		"Allowed hostnames:\n  |--" + strings.Join(d.AllowedHostnames, "\n  |--"),
 		"Private addresses:\n  |--" + strings.Join(d.PrivateAddresses, "\n  |--"),
 		"Verbosity level: " + fmt.Sprintf("%d/5", d.VerbosityLevel),
 		"Verbosity details level: " + fmt.Sprintf("%d/4", d.VerbosityDetailsLevel),
--- a/internal/splash/splash.go
+++ b/internal/splash/splash.go
@@ -10,6 +10,7 @@ import (
 	"github.com/qdm12/private-internet-access-docker/internal/params"
 )

+// Splash returns the welcome spash message
 func Splash(paramsReader params.ParamsReader) string {
 	version := paramsReader.GetVersion()
 	vcsRef := paramsReader.GetVcsRef()
@@ -40,7 +41,7 @@ func title() []string {
 func annoucement() []string {
 	timestamp := time.Now().UnixNano() / 1000000000
 	if timestamp < constants.AnnoucementExpiration {
-		return []string{emoji.Sprint(":rotating_light: ") + constants.Annoucement}
+		return []string{emoji.Sprint(":mega: ") + constants.Annoucement}
 	}
 	return nil
 }