chore(all): review error wrappings

- remove repetitive `cannot` and `failed` prefixes - rename `unmarshaling` to `decoding`
2023-04-01 16:53:04 +00:00
parent 63a696d7e7
commit 4ba159e483
76 changed files with 178 additions and 178 deletions
--- a/cmd/gluetun/main.go
+++ b/cmd/gluetun/main.go
@@ -245,7 +245,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 	allSettings.Pprof.HTTPServer.Logger = logger.New(log.SetComponent("pprof"))
 	pprofServer, err := pprof.New(allSettings.Pprof)
 	if err != nil {
-		return fmt.Errorf("cannot create Pprof server: %w", err)
+		return fmt.Errorf("creating Pprof server: %w", err)
 	}
 	puid, pgid := int(*allSettings.System.PUID), int(*allSettings.System.PGID)
@@ -291,7 +291,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 	const defaultUsername = "nonrootuser"
 	nonRootUsername, err := alpineConf.CreateUser(defaultUsername, puid)
 	if err != nil {
-		return fmt.Errorf("cannot create user: %w", err)
+		return fmt.Errorf("creating user: %w", err)
 	}
 	if nonRootUsername != defaultUsername {
 		logger.Info("using existing username " + nonRootUsername + " corresponding to user id " + fmt.Sprint(puid))
@@ -309,7 +309,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 		if strings.Contains(err.Error(), "operation not permitted") {
 			logger.Warn("💡 Tip: Are you passing NET_ADMIN capability to gluetun?")
 		}
-		return fmt.Errorf("cannot setup routing: %w", err)
+		return fmt.Errorf("setting up routing: %w", err)
 	}
 	defer func() {
 		routingLogger.Info("routing cleanup...")
@@ -458,7 +458,7 @@ func _main(ctx context.Context, buildInfo models.BuildInformation,
 		buildInfo, vpnLooper, portForwardLooper, unboundLooper, updaterLooper, publicIPLooper,
 		storage, ipv6Supported)
 	if err != nil {
-		return fmt.Errorf("cannot setup control server: %w", err)
+		return fmt.Errorf("setting up control server: %w", err)
 	}
 	httpServerReady := make(chan struct{})
 	go httpServer.Run(httpServerCtx, httpServerReady, httpServerDone)
--- a/internal/cli/formatservers.go
+++ b/internal/cli/formatservers.go
@@ -73,7 +73,7 @@ func (c *CLI) FormatServers(args []string) error {
 	logger := newNoopLogger()
 	storage, err := storage.New(logger, constants.ServersData)
 	if err != nil {
-		return fmt.Errorf("cannot create servers storage: %w", err)
+		return fmt.Errorf("creating servers storage: %w", err)
 	}
 	formatted := storage.FormatToMarkdown(providerToFormat)
@@ -81,18 +81,18 @@ func (c *CLI) FormatServers(args []string) error {
 	output = filepath.Clean(output)
 	file, err := os.OpenFile(output, os.O_TRUNC|os.O_WRONLY|os.O_CREATE, 0644)
 	if err != nil {
-		return fmt.Errorf("cannot open output file: %w", err)
+		return fmt.Errorf("opening output file: %w", err)
 	}
 	_, err = fmt.Fprint(file, formatted)
 	if err != nil {
 		_ = file.Close()
-		return fmt.Errorf("cannot write to output file: %w", err)
+		return fmt.Errorf("writing to output file: %w", err)
 	}
 	err = file.Close()
 	if err != nil {
-		return fmt.Errorf("cannot close output file: %w", err)
+		return fmt.Errorf("closing output file: %w", err)
 	}
 	return nil
--- a/internal/cli/update.go
+++ b/internal/cli/update.go
@@ -72,7 +72,7 @@ func (c *CLI) Update(ctx context.Context, args []string, logger UpdaterLogger) e
 	storage, err := storage.New(logger, constants.ServersData)
 	if err != nil {
-		return fmt.Errorf("cannot create servers storage: %w", err)
+		return fmt.Errorf("creating servers storage: %w", err)
 	}
 	const clientTimeout = 10 * time.Second
@@ -88,13 +88,13 @@ func (c *CLI) Update(ctx context.Context, args []string, logger UpdaterLogger) e
 	updater := updater.New(httpClient, storage, providers, logger)
 	err = updater.UpdateServers(ctx, options.Providers, options.MinRatio)
 	if err != nil {
-		return fmt.Errorf("cannot update server information: %w", err)
+		return fmt.Errorf("updating server information: %w", err)
 	}
 	if maintainerMode {
 		err := storage.FlushToFile(c.repoServersPath)
 		if err != nil {
-			return fmt.Errorf("cannot write servers data to embedded JSON file: %w", err)
+			return fmt.Errorf("writing servers data to embedded JSON file: %w", err)
 		}
 	}
--- a/internal/configuration/settings/dns.go
+++ b/internal/configuration/settings/dns.go
@@ -31,7 +31,7 @@ type DNS struct {
 func (d DNS) validate() (err error) {
 	err = d.DoT.validate()
 	if err != nil {
-		return fmt.Errorf("failed validating DoT settings: %w", err)
+		return fmt.Errorf("validating DoT settings: %w", err)
 	}
 	return nil
--- a/internal/configuration/settings/openvpn.go
+++ b/internal/configuration/settings/openvpn.go
@@ -171,7 +171,7 @@ func validateOpenVPNConfigFilepath(isCustom bool,
 	extractor := extract.New()
 	_, _, err = extractor.Data(confFile)
 	if err != nil {
-		return fmt.Errorf("failed extracting information from custom configuration file: %w", err)
+		return fmt.Errorf("extracting information from custom configuration file: %w", err)
 	}
 	return nil
--- a/internal/configuration/sources/env/firewall.go
+++ b/internal/configuration/sources/env/firewall.go
@@ -73,7 +73,7 @@ func stringsToIPNets(ss []string) (ipNets []net.IPNet, err error) {
 	for i, s := range ss {
 		ip, ipNet, err := net.ParseCIDR(s)
 		if err != nil {
-			return nil, fmt.Errorf("cannot parse IP network %q: %w", s, err)
+			return nil, fmt.Errorf("parsing IP network %q: %w", s, err)
 		}
 		ipNet.IP = ip
 		ipNets[i] = *ipNet
--- a/internal/configuration/sources/env/helpers.go
+++ b/internal/configuration/sources/env/helpers.go
@@ -137,7 +137,7 @@ func unsetEnvKeys(envKeys []string, err error) (newErr error) {
 	for _, envKey := range envKeys {
 		unsetErr := os.Unsetenv(envKey)
 		if unsetErr != nil && newErr == nil {
-			newErr = fmt.Errorf("cannot unset environment variable %s: %w", envKey, unsetErr)
+			newErr = fmt.Errorf("unsetting environment variable %s: %w", envKey, unsetErr)
 		}
 	}
 	return newErr
--- a/internal/configuration/sources/secrets/httpproxy.go
+++ b/internal/configuration/sources/secrets/httpproxy.go
@@ -12,7 +12,7 @@ func readHTTPProxy() (settings settings.HTTPProxy, err error) {
 		"/run/secrets/httpproxy_user",
 	)
 	if err != nil {
-		return settings, fmt.Errorf("cannot read HTTP proxy user secret file: %w", err)
+		return settings, fmt.Errorf("reading HTTP proxy user secret file: %w", err)
 	}
 	settings.Password, err = readSecretFileAsStringPtr(
@@ -20,7 +20,7 @@ func readHTTPProxy() (settings settings.HTTPProxy, err error) {
 		"/run/secrets/httpproxy_password",
 	)
 	if err != nil {
-		return settings, fmt.Errorf("cannot read OpenVPN password secret file: %w", err)
+		return settings, fmt.Errorf("reading OpenVPN password secret file: %w", err)
 	}
 	return settings, nil
--- a/internal/configuration/sources/secrets/openvpn.go
+++ b/internal/configuration/sources/secrets/openvpn.go
@@ -13,7 +13,7 @@ func readOpenVPN() (
 		"/run/secrets/openvpn_user",
 	)
 	if err != nil {
-		return settings, fmt.Errorf("cannot read user file: %w", err)
+		return settings, fmt.Errorf("reading user file: %w", err)
 	}
 	settings.Password, err = readSecretFileAsStringPtr(
@@ -21,7 +21,7 @@ func readOpenVPN() (
 		"/run/secrets/openvpn_password",
 	)
 	if err != nil {
-		return settings, fmt.Errorf("cannot read password file: %w", err)
+		return settings, fmt.Errorf("reading password file: %w", err)
 	}
 	settings.Key, err = readPEMSecretFile(
@@ -29,7 +29,7 @@ func readOpenVPN() (
 		"/run/secrets/openvpn_clientkey",
 	)
 	if err != nil {
-		return settings, fmt.Errorf("cannot read client key file: %w", err)
+		return settings, fmt.Errorf("reading client key file: %w", err)
 	}
 	settings.EncryptedKey, err = readPEMSecretFile(
@@ -53,7 +53,7 @@ func readOpenVPN() (
 		"/run/secrets/openvpn_clientcrt",
 	)
 	if err != nil {
-		return settings, fmt.Errorf("cannot read client certificate file: %w", err)
+		return settings, fmt.Errorf("reading client certificate file: %w", err)
 	}
 	return settings, nil
--- a/internal/configuration/sources/secrets/shadowsocks.go
+++ b/internal/configuration/sources/secrets/shadowsocks.go
@@ -12,7 +12,7 @@ func readShadowsocks() (settings settings.Shadowsocks, err error) {
 		"/run/secrets/shadowsocks_password",
 	)
 	if err != nil {
-		return settings, fmt.Errorf("cannot read Shadowsocks password secret file: %w", err)
+		return settings, fmt.Errorf("reading Shadowsocks password secret file: %w", err)
 	}
 	return settings, nil
--- a/internal/configuration/sources/secrets/vpn.go
+++ b/internal/configuration/sources/secrets/vpn.go
@@ -9,7 +9,7 @@ import (
 func readVPN() (vpn settings.VPN, err error) {
 	vpn.OpenVPN, err = readOpenVPN()
 	if err != nil {
-		return vpn, fmt.Errorf("cannot read OpenVPN settings: %w", err)
+		return vpn, fmt.Errorf("reading OpenVPN settings: %w", err)
 	}
 	return vpn, nil
--- a/internal/firewall/enable.go
+++ b/internal/firewall/enable.go
@@ -21,7 +21,7 @@ func (c *Config) SetEnabled(ctx context.Context, enabled bool) (err error) {
 	if !enabled {
 		c.logger.Info("disabling...")
 		if err = c.disable(ctx); err != nil {
-			return fmt.Errorf("cannot disable firewall: %w", err)
+			return fmt.Errorf("disabling firewall: %w", err)
 		}
 		c.enabled = false
 		c.logger.Info("disabled successfully")
@@ -31,7 +31,7 @@ func (c *Config) SetEnabled(ctx context.Context, enabled bool) (err error) {
 	c.logger.Info("enabling...")
 	if err := c.enable(ctx); err != nil {
-		return fmt.Errorf("cannot enable firewall: %w", err)
+		return fmt.Errorf("enabling firewall: %w", err)
 	}
 	c.enabled = true
 	c.logger.Info("enabled successfully")
@@ -41,13 +41,13 @@ func (c *Config) SetEnabled(ctx context.Context, enabled bool) (err error) {
 func (c *Config) disable(ctx context.Context) (err error) {
 	if err = c.clearAllRules(ctx); err != nil {
-		return fmt.Errorf("cannot clear all rules: %w", err)
+		return fmt.Errorf("clearing all rules: %w", err)
 	}
 	if err = c.setIPv4AllPolicies(ctx, "ACCEPT"); err != nil {
-		return fmt.Errorf("cannot set ipv4 policies: %w", err)
+		return fmt.Errorf("setting ipv4 policies: %w", err)
 	}
 	if err = c.setIPv6AllPolicies(ctx, "ACCEPT"); err != nil {
-		return fmt.Errorf("cannot set ipv6 policies: %w", err)
+		return fmt.Errorf("setting ipv6 policies: %w", err)
 	}
 	return nil
 }
@@ -123,7 +123,7 @@ func (c *Config) enable(ctx context.Context) (err error) {
 	}
 	if err := c.runUserPostRules(ctx, c.customRulesPath, remove); err != nil {
-		return fmt.Errorf("cannot run user defined post firewall rules: %w", err)
+		return fmt.Errorf("running user defined post firewall rules: %w", err)
 	}
 	return nil
@@ -138,7 +138,7 @@ func (c *Config) allowVPNIP(ctx context.Context) (err error) {
 	for _, defaultRoute := range c.defaultRoutes {
 		err = c.acceptOutputTrafficToVPN(ctx, defaultRoute.NetInterface, c.vpnConnection, remove)
 		if err != nil {
-			return fmt.Errorf("cannot accept output traffic through VPN: %w", err)
+			return fmt.Errorf("accepting output traffic through VPN: %w", err)
 		}
 	}
@@ -165,7 +165,7 @@ func (c *Config) allowInputPorts(ctx context.Context) (err error) {
 			const remove = false
 			err = c.acceptInputToPort(ctx, netInterface, port, remove)
 			if err != nil {
-				return fmt.Errorf("cannot accept input port %d on interface %s: %w",
+				return fmt.Errorf("accepting input port %d on interface %s: %w",
 					port, netInterface, err)
 			}
 		}
--- a/internal/firewall/iptables.go
+++ b/internal/firewall/iptables.go
@@ -257,7 +257,7 @@ func (c *Config) runUserPostRules(ctx context.Context, filepath string, remove b
 		case ipv4:
 			err = c.runIptablesInstruction(ctx, rule)
 		case c.ip6Tables == "":
-			err = fmt.Errorf("cannot run user ip6tables rule: %w", ErrNeedIP6Tables)
+			err = fmt.Errorf("running user ip6tables rule: %w", ErrNeedIP6Tables)
 		default: // ipv6
 			err = c.runIP6tablesInstruction(ctx, rule)
 		}
--- a/internal/firewall/outboundsubnets.go
+++ b/internal/firewall/outboundsubnets.go
@@ -28,7 +28,7 @@ func (c *Config) SetOutboundSubnets(ctx context.Context, subnets []net.IPNet) (e
 	c.removeOutboundSubnets(ctx, subnetsToRemove)
 	if err := c.addOutboundSubnets(ctx, subnetsToAdd); err != nil {
-		return fmt.Errorf("cannot set allowed outbound subnets: %w", err)
+		return fmt.Errorf("setting allowed outbound subnets: %w", err)
 	}
 	return nil
--- a/internal/firewall/ports.go
+++ b/internal/firewall/ports.go
@@ -36,7 +36,7 @@ func (c *Config) SetAllowedPort(ctx context.Context, port uint16, intf string) (
 	const remove = false
 	if err := c.acceptInputToPort(ctx, intf, port, remove); err != nil {
-		return fmt.Errorf("cannot allow input to port %d through interface %s: %w",
+		return fmt.Errorf("allowing input to port %d through interface %s: %w",
 			port, intf, err)
 	}
 	netInterfaces[intf] = struct{}{}
@@ -70,7 +70,7 @@ func (c *Config) RemoveAllowedPort(ctx context.Context, port uint16) (err error)
 	for netInterface := range interfacesSet {
 		err := c.acceptInputToPort(ctx, netInterface, port, remove)
 		if err != nil {
-			return fmt.Errorf("cannot remove allowed port %d on interface %s: %w",
+			return fmt.Errorf("removing allowed port %d on interface %s: %w",
 				port, netInterface, err)
 		}
 		delete(interfacesSet, netInterface)
--- a/internal/firewall/vpn.go
+++ b/internal/firewall/vpn.go
@@ -45,13 +45,13 @@ func (c *Config) SetVPNConnection(ctx context.Context,
 	for _, defaultRoute := range c.defaultRoutes {
 		if err := c.acceptOutputTrafficToVPN(ctx, defaultRoute.NetInterface, connection, remove); err != nil {
-			return fmt.Errorf("cannot allow output traffic through VPN connection: %w", err)
+			return fmt.Errorf("allowing output traffic through VPN connection: %w", err)
 		}
 	}
 	c.vpnConnection = connection
 	if err = c.acceptOutputThroughInterface(ctx, vpnIntf, remove); err != nil {
-		return fmt.Errorf("cannot accept output traffic through interface %s: %w", vpnIntf, err)
+		return fmt.Errorf("accepting output traffic through interface %s: %w", vpnIntf, err)
 	}
 	c.vpnIntf = vpnIntf
--- a/internal/healthcheck/health.go
+++ b/internal/healthcheck/health.go
@@ -74,12 +74,12 @@ func (s *Server) healthCheck(ctx context.Context) (err error) {
 	const dialNetwork = "tcp4"
 	connection, err := s.dialer.DialContext(ctx, dialNetwork, address)
 	if err != nil {
-		return fmt.Errorf("cannot dial: %w", err)
+		return fmt.Errorf("dialing: %w", err)
 	}
 	err = connection.Close()
 	if err != nil {
-		return fmt.Errorf("cannot close connection: %w", err)
+		return fmt.Errorf("closing connection: %w", err)
 	}
 	return nil
@@ -91,7 +91,7 @@ func makeAddressToDial(address string) (addressToDial string, err error) {
 		addrErr := new(net.AddrError)
 		ok := errors.As(err, &addrErr)
 		if !ok || addrErr.Err != "missing port in address" {
-			return "", fmt.Errorf("cannot split host and port from address: %w", err)
+			return "", fmt.Errorf("splitting host and port from address: %w", err)
 		}
 		host = address
 		const defaultPort = "443"
--- a/internal/healthcheck/health_test.go
+++ b/internal/healthcheck/health_test.go
@@ -85,7 +85,7 @@ func Test_makeAddressToDial(t *testing.T) {
 		},
 		"bad address": {
 			address: "test.com::",
-			err:     fmt.Errorf("cannot split host and port from address: address test.com::: too many colons in address"), //nolint:lll
+			err:     fmt.Errorf("splitting host and port from address: address test.com::: too many colons in address"), //nolint:lll
 		},
 	}
--- a/internal/models/servers.go
+++ b/internal/models/servers.go
@@ -27,13 +27,13 @@ func (a *AllServers) MarshalJSON() (data []byte, err error) {
 	_, err = buffer.WriteString("{")
 	if err != nil {
-		return nil, fmt.Errorf("cannot write opening bracket: %w", err)
+		return nil, fmt.Errorf("writing opening bracket: %w", err)
 	}
 	versionString := fmt.Sprintf(`"version":%d`, a.Version)
 	_, err = buffer.WriteString(versionString)
 	if err != nil {
-		return nil, fmt.Errorf("cannot write schema version string: %w", err)
+		return nil, fmt.Errorf("writing schema version string: %w", err)
 	}
 	sortedProviders := make(sort.StringSlice, 0, len(a.ProviderToServers))
@@ -46,26 +46,26 @@ func (a *AllServers) MarshalJSON() (data []byte, err error) {
 		providerKey := fmt.Sprintf(`,"%s":`, provider)
 		_, err = buffer.WriteString(providerKey)
 		if err != nil {
-			return nil, fmt.Errorf("cannot write provider key %s: %w",
+			return nil, fmt.Errorf("writing provider key %s: %w",
 				providerKey, err)
 		}
 		servers := a.ProviderToServers[provider]
 		serversJSON, err := json.Marshal(servers)
 		if err != nil {
-			return nil, fmt.Errorf("failed encoding servers for provider %s: %w",
+			return nil, fmt.Errorf("encoding servers for provider %s: %w",
 				provider, err)
 		}
 		_, err = buffer.Write(serversJSON)
 		if err != nil {
-			return nil, fmt.Errorf("cannot write JSON servers data for provider %s: %w",
+			return nil, fmt.Errorf("writing JSON servers data for provider %s: %w",
 				provider, err)
 		}
 	}
 	_, err = buffer.WriteString("}")
 	if err != nil {
-		return nil, fmt.Errorf("cannot write closing bracket: %w", err)
+		return nil, fmt.Errorf("writing closing bracket: %w", err)
 	}
 	return buffer.Bytes(), nil
@@ -127,14 +127,14 @@ func (a *AllServers) UnmarshalJSON(data []byte) (err error) {
 		jsonValue, err := json.Marshal(value)
 		if err != nil {
-			return fmt.Errorf("cannot marshal %s servers: %w",
+			return fmt.Errorf("encoding %s servers: %w",
 				key, err)
 		}
 		var servers Servers
 		err = json.Unmarshal(jsonValue, &servers)
 		if err != nil {
-			return fmt.Errorf("cannot unmarshal %s servers: %w",
+			return fmt.Errorf("decoding %s servers: %w",
 				key, err)
 		}
--- a/internal/netlink/family.go
+++ b/internal/netlink/family.go
@@ -16,7 +16,7 @@ const (
 func (n *NetLink) IsWireguardSupported() (ok bool, err error) {
 	families, err := netlink.GenlFamilyList()
 	if err != nil {
-		return false, fmt.Errorf("cannot list gen 1 families: %w", err)
+		return false, fmt.Errorf("listing gen 1 families: %w", err)
 	}
 	for _, family := range families {
 		if family.Name == "wireguard" {
--- a/internal/openvpn/extract/data.go
+++ b/internal/openvpn/extract/data.go
@@ -17,12 +17,12 @@ func (e *Extractor) Data(filepath string) (lines []string,
 	connection models.Connection, err error) {
 	lines, err = readCustomConfigLines(filepath)
 	if err != nil {
-		return nil, connection, fmt.Errorf("cannot read configuration file: %w", err)
+		return nil, connection, fmt.Errorf("reading configuration file: %w", err)
 	}
 	connection, err = extractDataFromLines(lines)
 	if err != nil {
-		return nil, connection, fmt.Errorf("cannot extract connection from file: %w", err)
+		return nil, connection, fmt.Errorf("extracting connection from file: %w", err)
 	}
 	return lines, connection, nil
--- a/internal/openvpn/extract/extract.go
+++ b/internal/openvpn/extract/extract.go
@@ -54,14 +54,14 @@ func extractDataFromLine(line string) (
 	case strings.HasPrefix(line, "proto "):
 		protocol, err = extractProto(line)
 		if err != nil {
-			return nil, 0, "", fmt.Errorf("failed extracting protocol from proto line: %w", err)
+			return nil, 0, "", fmt.Errorf("extracting protocol from proto line: %w", err)
 		}
 		return nil, 0, protocol, nil
 	case strings.HasPrefix(line, "remote "):
 		ip, port, protocol, err = extractRemote(line)
 		if err != nil {
-			return nil, 0, "", fmt.Errorf("failed extracting from remote line: %w", err)
+			return nil, 0, "", fmt.Errorf("extracting from remote line: %w", err)
 		}
 		return ip, port, protocol, nil
 	}
--- a/internal/openvpn/extract/extract_test.go
+++ b/internal/openvpn/extract/extract_test.go
@@ -29,7 +29,7 @@ func Test_extractDataFromLines(t *testing.T) {
 		},
 		"extraction error": {
 			lines: []string{"bla bla", "proto bad", "remote 1.2.3.4 1194 tcp"},
-			err:   errors.New("on line 2: failed extracting protocol from proto line: network protocol not supported: bad"),
+			err:   errors.New("on line 2: extracting protocol from proto line: network protocol not supported: bad"),
 		},
 		"only use first values found": {
 			lines: []string{"proto udp", "proto tcp", "remote 1.2.3.4 443 tcp", "remote 5.2.3.4 1194 udp"},
--- a/internal/provider/airvpn/updater/api.go
+++ b/internal/provider/airvpn/updater/api.go
@@ -54,7 +54,7 @@ func fetchAPI(ctx context.Context, client *http.Client) (
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&data); err != nil {
 		_ = response.Body.Close()
-		return data, fmt.Errorf("unmarshaling response body: %w", err)
+		return data, fmt.Errorf("decoding response body: %w", err)
 	}
 	if err := response.Body.Close(); err != nil {
--- a/internal/provider/custom/connection.go
+++ b/internal/provider/custom/connection.go
@@ -32,7 +32,7 @@ func getOpenVPNConnection(extractor Extractor,
 	connection models.Connection, err error) {
 	_, connection, err = extractor.Data(*selection.OpenVPN.ConfFile)
 	if err != nil {
-		return connection, fmt.Errorf("cannot extract connection: %w", err)
+		return connection, fmt.Errorf("extracting connection: %w", err)
 	}
 	customPort := *selection.OpenVPN.CustomPort
--- a/internal/provider/example/updater/api.go
+++ b/internal/provider/example/updater/api.go
@@ -50,11 +50,11 @@ func fetchAPI(ctx context.Context, client *http.Client) (
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&data); err != nil {
 		_ = response.Body.Close()
-		return data, fmt.Errorf("failed unmarshaling response body: %w", err)
+		return data, fmt.Errorf("decoding response body: %w", err)
 	}
 	if err := response.Body.Close(); err != nil {
-		return data, fmt.Errorf("cannot close response body: %w", err)
+		return data, fmt.Errorf("closing response body: %w", err)
 	}
 	return data, nil
--- a/internal/provider/expressvpn/connection_test.go
+++ b/internal/provider/expressvpn/connection_test.go
@@ -37,7 +37,7 @@ func Test_Provider_GetConnection(t *testing.T) {
 		"error": {
 			storageErr: errTest,
 			errWrapped: errTest,
-			errMessage: "cannot filter servers: test error",
+			errMessage: "filtering servers: test error",
 		},
 		"default OpenVPN TCP port": {
 			filteredServers: []models.Server{
--- a/internal/provider/ivpn/connection_test.go
+++ b/internal/provider/ivpn/connection_test.go
@@ -37,7 +37,7 @@ func Test_Provider_GetConnection(t *testing.T) {
 		"error": {
 			storageErr: errTest,
 			errWrapped: errTest,
-			errMessage: "cannot filter servers: test error",
+			errMessage: "filtering servers: test error",
 		},
 		"default OpenVPN TCP port": {
 			filteredServers: []models.Server{
--- a/internal/provider/ivpn/updater/api.go
+++ b/internal/provider/ivpn/updater/api.go
@@ -53,11 +53,11 @@ func fetchAPI(ctx context.Context, client *http.Client) (
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&data); err != nil {
 		_ = response.Body.Close()
-		return data, fmt.Errorf("failed unmarshaling response body: %w", err)
+		return data, fmt.Errorf("decoding response body: %w", err)
 	}
 	if err := response.Body.Close(); err != nil {
-		return data, fmt.Errorf("cannot close response body: %w", err)
+		return data, fmt.Errorf("closing response body: %w", err)
 	}
 	return data, nil
--- a/internal/provider/ivpn/updater/api_test.go
+++ b/internal/provider/ivpn/updater/api_test.go
@@ -27,7 +27,7 @@ func Test_fetchAPI(t *testing.T) {
 		},
 		"nil body": {
 			responseStatus: http.StatusOK,
-			err:            errors.New("failed unmarshaling response body: EOF"),
+			err:            errors.New("decoding response body: EOF"),
 		},
 		"no server": {
 			responseStatus: http.StatusOK,
--- a/internal/provider/ivpn/updater/servers.go
+++ b/internal/provider/ivpn/updater/servers.go
@@ -14,7 +14,7 @@ func (u *Updater) FetchServers(ctx context.Context, minServers int) (
 	servers []models.Server, err error) {
 	data, err := fetchAPI(ctx, u.client)
 	if err != nil {
-		return nil, fmt.Errorf("failed fetching API: %w", err)
+		return nil, fmt.Errorf("fetching API: %w", err)
 	}
 	hosts := make(map[string]struct{}, len(data.Servers))
--- a/internal/provider/ivpn/updater/servers_test.go
+++ b/internal/provider/ivpn/updater/servers_test.go
@@ -47,7 +47,7 @@ func Test_Updater_GetServers(t *testing.T) {
 		"http response error": {
 			warnerBuilder:  func(ctrl *gomock.Controller) common.Warner { return nil },
 			responseStatus: http.StatusNoContent,
-			err:            errors.New("failed fetching API: HTTP status code not OK: 204 No Content"),
+			err:            errors.New("fetching API: HTTP status code not OK: 204 No Content"),
 		},
 		"resolve error": {
 			warnerBuilder: func(ctrl *gomock.Controller) common.Warner {
--- a/internal/provider/mullvad/connection_test.go
+++ b/internal/provider/mullvad/connection_test.go
@@ -37,7 +37,7 @@ func Test_Provider_GetConnection(t *testing.T) {
 		"error": {
 			storageErr: errTest,
 			errWrapped: errTest,
-			errMessage: "cannot filter servers: test error",
+			errMessage: "filtering servers: test error",
 		},
 		"default OpenVPN TCP port": {
 			filteredServers: []models.Server{
--- a/internal/provider/mullvad/updater/api.go
+++ b/internal/provider/mullvad/updater/api.go
@@ -10,7 +10,7 @@ import (
 var (
 	ErrHTTPStatusCodeNotOK = errors.New("HTTP status code not OK")
-	ErrUnmarshalResponseBody = errors.New("failed unmarshaling response body")
+	ErrDecodeResponseBody  = errors.New("failed decoding response body")
 )
 type serverData struct {
@@ -47,7 +47,7 @@ func fetchAPI(ctx context.Context, client *http.Client) (data []serverData, err
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&data); err != nil {
-		return nil, fmt.Errorf("%w: %s", ErrUnmarshalResponseBody, err)
+		return nil, fmt.Errorf("%w: %s", ErrDecodeResponseBody, err)
 	}
 	if err := response.Body.Close(); err != nil {
--- a/internal/provider/nordvpn/updater/api.go
+++ b/internal/provider/nordvpn/updater/api.go
@@ -43,7 +43,7 @@ func fetchAPI(ctx context.Context, client *http.Client) (data []serverData, err
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&data); err != nil {
-		return nil, fmt.Errorf("failed unmarshaling response body: %w", err)
+		return nil, fmt.Errorf("decoding response body: %w", err)
 	}
 	if err := response.Body.Close(); err != nil {
--- a/internal/provider/privateinternetaccess/httpclient.go
+++ b/internal/provider/privateinternetaccess/httpclient.go
@@ -15,7 +15,7 @@ import (
 func newHTTPClient(serverName string) (client *http.Client, err error) {
 	rootCAs, err := x509.SystemCertPool()
 	if err != nil {
-		return nil, fmt.Errorf("cannot load system certificates: %w", err)
+		return nil, fmt.Errorf("loading system certificates: %w", err)
 	}
 	const piaCertificate = "MIIHqzCCBZOgAwIBAgIJAJ0u+vODZJntMA0GCSqGSIb3DQEBDQUAMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTAeFw0xNDA0MTcxNzQwMzNaFw0zNDA0MTIxNzQwMzNaMIHoMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvc0FuZ2VsZXMxIDAeBgNVBAoTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQLExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEAxMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBCkTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMS8wLQYJKoZIhvcNAQkBFiBzZWN1cmVAcHJpdmF0ZWludGVybmV0YWNjZXNzLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALVkhjumaqBbL8aSgj6xbX1QPTfTd1qHsAZd2B97m8Vw31c/2yQgZNf5qZY0+jOIHULNDe4R9TIvyBEbvnAg/OkPw8n/+ScgYOeH876VUXzjLDBnDb8DLr/+w9oVsuDeFJ9KV2UFM1OYX0SnkHnrYAN2QLF98ESK4NCSU01h5zkcgmQ+qKSfA9Ny0/UpsKPBFqsQ25NvjDWFhCpeqCHKUJ4Be27CDbSl7lAkBuHMPHJs8f8xPgAbHRXZOxVCpayZ2SNDfCwsnGWpWFoMGvdMbygngCn6jA/W1VSFOlRlfLuuGe7QFfDwA0jaLCxuWt/BgZylp7tAzYKR8lnWmtUCPm4+BtjyVDYtDCiGBD9Z4P13RFWvJHw5aapx/5W/CuvVyI7pKwvc2IT+KPxCUhH1XI8ca5RN3C9NoPJJf6qpg4g0rJH3aaWkoMRrYvQ+5PXXYUzjtRHImghRGd/ydERYoAZXuGSbPkm9Y/p2X8unLcW+F0xpJD98+ZI+tzSsI99Zs5wijSUGYr9/j18KHFTMQ8n+1jauc5bCCegN27dPeKXNSZ5riXFL2XX6BkY68y58UaNzmeGMiUL9BOV1iV+PMb7B7PYs7oFLjAhh0EdyvfHkrh/ZV9BEhtFa7yXp8XR0J6vz1YV9R6DYJmLjOEbhU8N0gc3tZm4Qz39lIIG6w3FDAgMBAAGjggFUMIIBUDAdBgNVHQ4EFgQUrsRtyWJftjpdRM0+925Y6Cl08SUwggEfBgNVHSMEggEWMIIBEoAUrsRtyWJftjpdRM0+925Y6Cl08SWhge6kgeswgegxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTETMBEGA1UEBxMKTG9zQW5nZWxlczEgMB4GA1UEChMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxIDAeBgNVBAsTF1ByaXZhdGUgSW50ZXJuZXQgQWNjZXNzMSAwHgYDVQQDExdQcml2YXRlIEludGVybmV0IEFjY2VzczEgMB4GA1UEKRMXUHJpdmF0ZSBJbnRlcm5ldCBBY2Nlc3MxLzAtBgkqhkiG9w0BCQEWIHNlY3VyZUBwcml2YXRlaW50ZXJuZXRhY2Nlc3MuY29tggkAnS7684Nkme0wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAgEAJsfhsPk3r8kLXLxY+v+vHzbr4ufNtqnL9/1Uuf8NrsCtpXAoyZ0YqfbkWx3NHTZ7OE9ZRhdMP/RqHQE1p4N4Sa1nZKhTKasV6KhHDqSCt/dvEm89xWm2MVA7nyzQxVlHa9AkcBaemcXEiyT19XdpiXOP4Vhs+J1R5m8zQOxZlV1GtF9vsXmJqWZpOVPmZ8f35BCsYPvv4yMewnrtAC8PFEK/bOPeYcKN50bol22QYaZuLfpkHfNiFTnfMh8sl/ablPyNY7DUNiP5DRcMdIwmfGQxR5WEQoHL3yPJ42LkB5zs6jIm26DGNXfwura/mi105+ENH1CaROtRYwkiHb08U6qLXXJz80mWJkT90nr8Asj35xN2cUppg74nG3YVav/38P48T56hG1NHbYF5uOCske19F6wi9maUoto/3vEr0rnXJUp2KODmKdvBI7co245lHBABWikk8VfejQSlCtDBXn644ZMtAdoxKNfR2WTFVEwJiyd1Fzx0yujuiXDROLhISLQDRjVVAvawrAtLZWYK31bY7KlezPlQnl/D9Asxe85l8jO5+0LdJ6VyOs/Hd4w52alDW/MFySDZSfQHMTIc30hLBJ8OnCEIvluVQQ2UQvoW+no177N9L2Y+M9TcTA62ZyMXShHQGeh20rb4kK8f+iFX8NxtdHVSkxMEFSfDDyQ=" //nolint:lll
--- a/internal/provider/privateinternetaccess/portforward.go
+++ b/internal/provider/privateinternetaccess/portforward.go
@@ -48,12 +48,12 @@ func (p *Provider) PortForward(ctx context.Context, client *http.Client,
 	privateIPClient, err := newHTTPClient(serverName)
 	if err != nil {
-		return 0, fmt.Errorf("cannot create custom HTTP client: %w", err)
+		return 0, fmt.Errorf("creating custom HTTP client: %w", err)
 	}
 	data, err := readPIAPortForwardData(p.portForwardPath)
 	if err != nil {
-		return 0, fmt.Errorf("cannot read saved port forwarded data: %w", err)
+		return 0, fmt.Errorf("reading saved port forwarded data: %w", err)
 	}
 	dataFound := data.Port > 0
@@ -72,7 +72,7 @@ func (p *Provider) PortForward(ctx context.Context, client *http.Client,
 		data, err = refreshPIAPortForwardData(ctx, client, privateIPClient, gateway,
 			p.portForwardPath, p.authFilePath)
 		if err != nil {
-			return 0, fmt.Errorf("cannot refresh port forward data: %w", err)
+			return 0, fmt.Errorf("refreshing port forward data: %w", err)
 		}
 		durationToExpiration = data.Expiration.Sub(p.timeNow())
 	}
@@ -80,7 +80,7 @@ func (p *Provider) PortForward(ctx context.Context, client *http.Client,
 	// First time binding
 	if err := bindPort(ctx, privateIPClient, gateway, data); err != nil {
-		return 0, fmt.Errorf("cannot bind port: %w", err)
+		return 0, fmt.Errorf("binding port: %w", err)
 	}
 	return data.Port, nil
@@ -94,12 +94,12 @@ func (p *Provider) KeepPortForward(ctx context.Context, client *http.Client,
 	port uint16, gateway net.IP, serverName string) (err error) {
 	privateIPClient, err := newHTTPClient(serverName)
 	if err != nil {
-		return fmt.Errorf("cannot create custom HTTP client: %w", err)
+		return fmt.Errorf("creating custom HTTP client: %w", err)
 	}
 	data, err := readPIAPortForwardData(p.portForwardPath)
 	if err != nil {
-		return fmt.Errorf("cannot read saved port forwarded data: %w", err)
+		return fmt.Errorf("reading saved port forwarded data: %w", err)
 	}
 	durationToExpiration := data.Expiration.Sub(p.timeNow())
@@ -121,7 +121,7 @@ func (p *Provider) KeepPortForward(ctx context.Context, client *http.Client,
 		case <-keepAliveTimer.C:
 			err := bindPort(ctx, privateIPClient, gateway, data)
 			if err != nil {
-				return fmt.Errorf("cannot bind port: %w", err)
+				return fmt.Errorf("binding port: %w", err)
 			}
 			keepAliveTimer.Reset(keepAlivePeriod)
 		case <-expiryTimer.C:
@@ -135,16 +135,16 @@ func refreshPIAPortForwardData(ctx context.Context, client, privateIPClient *htt
 	gateway net.IP, portForwardPath, authFilePath string) (data piaPortForwardData, err error) {
 	data.Token, err = fetchToken(ctx, client, authFilePath)
 	if err != nil {
-		return data, fmt.Errorf("cannot fetch token: %w", err)
+		return data, fmt.Errorf("fetching token: %w", err)
 	}
 	data.Port, data.Signature, data.Expiration, err = fetchPortForwardData(ctx, privateIPClient, gateway, data.Token)
 	if err != nil {
-		return data, fmt.Errorf("cannot fetch port forwarding data: %w", err)
+		return data, fmt.Errorf("fetching port forwarding data: %w", err)
 	}
 	if err := writePIAPortForwardData(portForwardPath, data); err != nil {
-		return data, fmt.Errorf("cannot persist port forwarding data: %w", err)
+		return data, fmt.Errorf("persisting port forwarding data: %w", err)
 	}
 	return data, nil
@@ -236,7 +236,7 @@ func fetchToken(ctx context.Context, client *http.Client,
 	authFilePath string) (token string, err error) {
 	username, password, err := getOpenvpnCredentials(authFilePath)
 	if err != nil {
-		return "", fmt.Errorf("cannot get username and password: %w", err)
+		return "", fmt.Errorf("getting username and password: %w", err)
 	}
 	errSubstitutions := map[string]string{
@@ -274,7 +274,7 @@ func fetchToken(ctx context.Context, client *http.Client,
 		Token string `json:"token"`
 	}
 	if err := decoder.Decode(&result); err != nil {
-		return "", fmt.Errorf("cannot unmarshal response: %w", err)
+		return "", fmt.Errorf("decoding response: %w", err)
 	}
 	if result.Token == "" {
@@ -291,13 +291,13 @@ func getOpenvpnCredentials(authFilePath string) (
 	username, password string, err error) {
 	file, err := os.Open(authFilePath)
 	if err != nil {
-		return "", "", fmt.Errorf("cannot read OpenVPN authentication file: %w", err)
+		return "", "", fmt.Errorf("reading OpenVPN authentication file: %w", err)
 	}
 	authData, err := io.ReadAll(file)
 	if err != nil {
 		_ = file.Close()
-		return "", "", fmt.Errorf("authentication file is malformed: %w", err)
+		return "", "", fmt.Errorf("reading authentication file: %w", err)
 	}
 	if err := file.Close(); err != nil {
@@ -329,13 +329,13 @@ func fetchPortForwardData(ctx context.Context, client *http.Client, gateway net.
 	request, err := http.NewRequestWithContext(ctx, http.MethodGet, url.String(), nil)
 	if err != nil {
 		err = replaceInErr(err, errSubstitutions)
-		return 0, "", expiration, fmt.Errorf("cannot obtain signature payload: %w", err)
+		return 0, "", expiration, fmt.Errorf("obtaining signature payload: %w", err)
 	}
 	response, err := client.Do(request)
 	if err != nil {
 		err = replaceInErr(err, errSubstitutions)
-		return 0, "", expiration, fmt.Errorf("cannot obtain signature payload: %w", err)
+		return 0, "", expiration, fmt.Errorf("obtaining signature payload: %w", err)
 	}
 	defer response.Body.Close()
@@ -350,7 +350,7 @@ func fetchPortForwardData(ctx context.Context, client *http.Client, gateway net.
 		Signature string `json:"signature"`
 	}
 	if err := decoder.Decode(&data); err != nil {
-		return 0, "", expiration, fmt.Errorf("cannot unmarshal response: %w", err)
+		return 0, "", expiration, fmt.Errorf("decoding response: %w", err)
 	}
 	if data.Status != "OK" {
@@ -359,7 +359,7 @@ func fetchPortForwardData(ctx context.Context, client *http.Client, gateway net.
 	port, _, expiration, err = unpackPayload(data.Payload)
 	if err != nil {
-		return 0, "", expiration, fmt.Errorf("cannot unpack payload data: %w", err)
+		return 0, "", expiration, fmt.Errorf("unpacking payload data: %w", err)
 	}
 	return port, data.Signature, expiration, err
 }
@@ -371,7 +371,7 @@ var (
 func bindPort(ctx context.Context, client *http.Client, gateway net.IP, data piaPortForwardData) (err error) {
 	payload, err := packPayload(data.Port, data.Token, data.Expiration)
 	if err != nil {
-		return fmt.Errorf("cannot serialize payload: %w", err)
+		return fmt.Errorf("serializing payload: %w", err)
 	}
 	queryParams := make(url.Values)
@@ -410,7 +410,7 @@ func bindPort(ctx context.Context, client *http.Client, gateway net.IP, data pia
 		Message string `json:"message"`
 	}
 	if err := decoder.Decode(&responseData); err != nil {
-		return fmt.Errorf("cannot unmarshal response: from %s: %w", bindPortURL.String(), err)
+		return fmt.Errorf("decoding response: from %s: %w", bindPortURL.String(), err)
 	}
 	if responseData.Status != "OK" {
--- a/internal/provider/protonvpn/updater/api.go
+++ b/internal/provider/protonvpn/updater/api.go
@@ -54,7 +54,7 @@ func fetchAPI(ctx context.Context, client *http.Client) (
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&data); err != nil {
-		return data, fmt.Errorf("failed unmarshaling response body: %w", err)
+		return data, fmt.Errorf("decoding response body: %w", err)
 	}
 	if err := response.Body.Close(); err != nil {
--- a/internal/provider/surfshark/updater/api.go
+++ b/internal/provider/surfshark/updater/api.go
@@ -72,7 +72,7 @@ func fetchAPI(ctx context.Context, client *http.Client) (
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&servers); err != nil {
-		return nil, fmt.Errorf("failed unmarshaling response body: %w", err)
+		return nil, fmt.Errorf("decoding response body: %w", err)
 	}
 	if err := response.Body.Close(); err != nil {
--- a/internal/provider/surfshark/updater/api_test.go
+++ b/internal/provider/surfshark/updater/api_test.go
@@ -115,7 +115,7 @@ func Test_fetchAPI(t *testing.T) {
 		},
 		"nil body": {
 			responseStatus: http.StatusOK,
-			err:            errors.New("failed unmarshaling response body: EOF"),
+			err:            errors.New("decoding response body: EOF"),
 		},
 		"no server": {
 			responseStatus: http.StatusOK,
--- a/internal/provider/surfshark/updater/servers.go
+++ b/internal/provider/surfshark/updater/servers.go
@@ -15,7 +15,7 @@ func (u *Updater) FetchServers(ctx context.Context, minServers int) (
 	err = addServersFromAPI(ctx, u.client, hts)
 	if err != nil {
-		return nil, fmt.Errorf("cannot fetch server information from API: %w", err)
+		return nil, fmt.Errorf("fetching server information from API: %w", err)
 	}
 	warnings, err := addOpenVPNServersFromZip(ctx, u.unzipper, hts)
@@ -23,7 +23,7 @@ func (u *Updater) FetchServers(ctx context.Context, minServers int) (
 		u.warner.Warn(warning)
 	}
 	if err != nil {
-		return nil, fmt.Errorf("cannot get OpenVPN ZIP file: %w", err)
+		return nil, fmt.Errorf("getting OpenVPN ZIP file: %w", err)
 	}
 	getRemainingServers(hts)
--- a/internal/provider/utils/connection.go
+++ b/internal/provider/utils/connection.go
@@ -38,7 +38,7 @@ func GetConnection(provider string,
 	connection models.Connection, err error) {
 	servers, err := storage.FilterServers(provider, selection)
 	if err != nil {
-		return connection, fmt.Errorf("cannot filter servers: %w", err)
+		return connection, fmt.Errorf("filtering servers: %w", err)
 	}
 	protocol := getProtocol(selection)
--- a/internal/provider/utils/connection_test.go
+++ b/internal/provider/utils/connection_test.go
@@ -36,7 +36,7 @@ func Test_GetConnection(t *testing.T) {
 		"storage filter error": {
 			filterError: errTest,
 			errWrapped:  errTest,
-			errMessage:  "cannot filter servers: test error",
+			errMessage:  "filtering servers: test error",
 		},
 		"server without IPs": {
 			filteredServers: []models.Server{
--- a/internal/provider/vpnsecure/updater/servers.go
+++ b/internal/provider/vpnsecure/updater/servers.go
@@ -14,7 +14,7 @@ func (u *Updater) FetchServers(ctx context.Context, minServers int) (
 	servers []models.Server, err error) {
 	servers, err = fetchServers(ctx, u.client, u.warner)
 	if err != nil {
-		return nil, fmt.Errorf("cannot fetch servers: %w", err)
+		return nil, fmt.Errorf("fetching servers: %w", err)
 	} else if len(servers) < minServers {
 		return nil, fmt.Errorf("%w: %d and expected at least %d",
 			common.ErrNotEnoughServers, len(servers), minServers)
--- a/internal/provider/wevpn/connection_test.go
+++ b/internal/provider/wevpn/connection_test.go
@@ -37,7 +37,7 @@ func Test_Provider_GetConnection(t *testing.T) {
 		"error": {
 			storageErr: errTest,
 			errWrapped: errTest,
-			errMessage: "cannot filter servers: test error",
+			errMessage: "filtering servers: test error",
 		},
 		"default OpenVPN TCP port": {
 			filteredServers: []models.Server{
--- a/internal/provider/windscribe/connection_test.go
+++ b/internal/provider/windscribe/connection_test.go
@@ -38,7 +38,7 @@ func Test_Provider_GetConnection(t *testing.T) {
 		"error": {
 			storageErr: errTest,
 			errWrapped: errTest,
-			errMessage: "cannot filter servers: test error",
+			errMessage: "filtering servers: test error",
 		},
 		"default OpenVPN TCP port": {
 			filteredServers: []models.Server{
--- a/internal/provider/windscribe/updater/api.go
+++ b/internal/provider/windscribe/updater/api.go
@@ -62,7 +62,7 @@ func fetchAPI(ctx context.Context, client *http.Client) (
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&data); err != nil {
-		return data, fmt.Errorf("failed unmarshaling response body: %w", err)
+		return data, fmt.Errorf("decoding response body: %w", err)
 	}
 	return data, nil
--- a/internal/publicip/ipinfo/fetch.go
+++ b/internal/publicip/ipinfo/fetch.go
@@ -61,7 +61,7 @@ func (f *Fetch) FetchInfo(ctx context.Context, ip net.IP) (
 	decoder := json.NewDecoder(response.Body)
 	if err := decoder.Decode(&result); err != nil {
-		return result, fmt.Errorf("cannot decode response: %w", err)
+		return result, fmt.Errorf("decoding response: %w", err)
 	}
 	countryCode := strings.ToLower(result.Country)
--- a/internal/routing/default.go
+++ b/internal/routing/default.go
@@ -27,7 +27,7 @@ func (d DefaultRoute) String() string {
 func (r *Routing) DefaultRoutes() (defaultRoutes []DefaultRoute, err error) {
 	routes, err := r.netLinker.RouteList(nil, netlink.FAMILY_ALL)
 	if err != nil {
-		return nil, fmt.Errorf("cannot list routes: %w", err)
+		return nil, fmt.Errorf("listing routes: %w", err)
 	}
 	for _, route := range routes {
@@ -39,7 +39,7 @@ func (r *Routing) DefaultRoutes() (defaultRoutes []DefaultRoute, err error) {
 			linkIndex := route.LinkIndex
 			link, err := r.netLinker.LinkByIndex(linkIndex)
 			if err != nil {
-				return nil, fmt.Errorf("cannot obtain link by index: for default route at index %d: %w", linkIndex, err)
+				return nil, fmt.Errorf("obtaining link by index: for default route at index %d: %w", linkIndex, err)
 			}
 			attributes := link.Attrs()
 			defaultRoute.NetInterface = attributes.Name
@@ -49,7 +49,7 @@ func (r *Routing) DefaultRoutes() (defaultRoutes []DefaultRoute, err error) {
 			}
 			defaultRoute.AssignedIP, err = r.assignedIP(defaultRoute.NetInterface, family)
 			if err != nil {
-				return nil, fmt.Errorf("cannot get assigned IP of %s: %w", defaultRoute.NetInterface, err)
+				return nil, fmt.Errorf("getting assigned IP of %s: %w", defaultRoute.NetInterface, err)
 			}
 			r.logger.Info("default route found: " + defaultRoute.String())
--- a/internal/routing/enable.go
+++ b/internal/routing/enable.go
@@ -7,7 +7,7 @@ import (
 func (r *Routing) Setup() (err error) {
 	defaultRoutes, err := r.DefaultRoutes()
 	if err != nil {
-		return fmt.Errorf("cannot get default routes: %w", err)
+		return fmt.Errorf("getting default routes: %w", err)
 	}
 	touched := false
@@ -23,14 +23,14 @@ func (r *Routing) Setup() (err error) {
 	err = r.routeInboundFromDefault(defaultRoutes)
 	if err != nil {
-		return fmt.Errorf("cannot add routes for inbound traffic from default IP: %w", err)
+		return fmt.Errorf("adding routes for inbound traffic from default IP: %w", err)
 	}
 	r.stateMutex.RLock()
 	outboundSubnets := r.outboundSubnets
 	r.stateMutex.RUnlock()
 	if err := r.setOutboundRoutes(outboundSubnets, defaultRoutes); err != nil {
-		return fmt.Errorf("cannot set outbound subnets routes: %w", err)
+		return fmt.Errorf("setting outbound subnets routes: %w", err)
 	}
 	return nil
@@ -39,16 +39,16 @@ func (r *Routing) Setup() (err error) {
 func (r *Routing) TearDown() error {
 	defaultRoutes, err := r.DefaultRoutes()
 	if err != nil {
-		return fmt.Errorf("cannot get default route: %w", err)
+		return fmt.Errorf("getting default route: %w", err)
 	}
 	err = r.unrouteInboundFromDefault(defaultRoutes)
 	if err != nil {
-		return fmt.Errorf("cannot remove routes for inbound traffic from default IP: %w", err)
+		return fmt.Errorf("removing routes for inbound traffic from default IP: %w", err)
 	}
 	if err := r.setOutboundRoutes(nil, defaultRoutes); err != nil {
-		return fmt.Errorf("cannot set outbound subnets routes: %w", err)
+		return fmt.Errorf("setting outbound subnets routes: %w", err)
 	}
 	return nil
--- a/internal/routing/inbound.go
+++ b/internal/routing/inbound.go
@@ -14,7 +14,7 @@ const (
 func (r *Routing) routeInboundFromDefault(defaultRoutes []DefaultRoute) (err error) {
 	if err := r.addRuleInboundFromDefault(inboundTable, defaultRoutes); err != nil {
-		return fmt.Errorf("cannot add rule: %w", err)
+		return fmt.Errorf("adding rule: %w", err)
 	}
 	defaultDestinationIPv4 := net.IPNet{IP: net.IPv4(0, 0, 0, 0), Mask: net.IPv4Mask(0, 0, 0, 0)}
@@ -28,7 +28,7 @@ func (r *Routing) routeInboundFromDefault(defaultRoutes []DefaultRoute) (err err
 		err := r.addRouteVia(defaultDestination, defaultRoute.Gateway, defaultRoute.NetInterface, inboundTable)
 		if err != nil {
-			return fmt.Errorf("cannot add route: %w", err)
+			return fmt.Errorf("adding route: %w", err)
 		}
 	}
@@ -47,12 +47,12 @@ func (r *Routing) unrouteInboundFromDefault(defaultRoutes []DefaultRoute) (err e
 		err := r.deleteRouteVia(defaultDestination, defaultRoute.Gateway, defaultRoute.NetInterface, inboundTable)
 		if err != nil {
-			return fmt.Errorf("cannot delete route: %w", err)
+			return fmt.Errorf("deleting route: %w", err)
 		}
 	}
 	if err := r.delRuleInboundFromDefault(inboundTable, defaultRoutes); err != nil {
-		return fmt.Errorf("cannot delete rule: %w", err)
+		return fmt.Errorf("deleting rule: %w", err)
 	}
 	return nil
@@ -64,7 +64,7 @@ func (r *Routing) addRuleInboundFromDefault(table int, defaultRoutes []DefaultRo
 		ruleDstNet := (*net.IPNet)(nil)
 		err = r.addIPRule(defaultIPMasked32, ruleDstNet, table, inboundPriority)
 		if err != nil {
-			return fmt.Errorf("cannot add rule for default route %s: %w", defaultRoute, err)
+			return fmt.Errorf("adding rule for default route %s: %w", defaultRoute, err)
 		}
 	}
@@ -77,7 +77,7 @@ func (r *Routing) delRuleInboundFromDefault(table int, defaultRoutes []DefaultRo
 		ruleDstNet := (*net.IPNet)(nil)
 		err = r.deleteIPRule(defaultIPMasked32, ruleDstNet, table, inboundPriority)
 		if err != nil {
-			return fmt.Errorf("cannot delete rule for default route %s: %w", defaultRoute, err)
+			return fmt.Errorf("deleting rule for default route %s: %w", defaultRoute, err)
 		}
 	}
--- a/internal/routing/ip.go
+++ b/internal/routing/ip.go
@@ -29,7 +29,7 @@ func (r *Routing) assignedIP(interfaceName string, family int) (ip net.IP, err e
 	}
 	addresses, err := iface.Addrs()
 	if err != nil {
-		return nil, fmt.Errorf("cannot list interface %s addresses: %w", interfaceName, err)
+		return nil, fmt.Errorf("listing interface %s addresses: %w", interfaceName, err)
 	}
 	for _, address := range addresses {
 		switch value := address.(type) {
--- a/internal/routing/local.go
+++ b/internal/routing/local.go
@@ -23,7 +23,7 @@ type LocalNetwork struct {
 func (r *Routing) LocalNetworks() (localNetworks []LocalNetwork, err error) {
 	links, err := r.netLinker.LinkList()
 	if err != nil {
-		return localNetworks, fmt.Errorf("cannot list links: %w", err)
+		return localNetworks, fmt.Errorf("listing links: %w", err)
 	}
 	localLinks := make(map[int]struct{})
@@ -43,7 +43,7 @@ func (r *Routing) LocalNetworks() (localNetworks []LocalNetwork, err error) {
 	routes, err := r.netLinker.RouteList(nil, netlink.FAMILY_ALL)
 	if err != nil {
-		return localNetworks, fmt.Errorf("cannot list routes: %w", err)
+		return localNetworks, fmt.Errorf("listing routes: %w", err)
 	}
 	for _, route := range routes {
@@ -60,7 +60,7 @@ func (r *Routing) LocalNetworks() (localNetworks []LocalNetwork, err error) {
 		link, err := r.netLinker.LinkByIndex(route.LinkIndex)
 		if err != nil {
-			return localNetworks, fmt.Errorf("cannot find link at index %d: %w", route.LinkIndex, err)
+			return localNetworks, fmt.Errorf("finding link at index %d: %w", route.LinkIndex, err)
 		}
 		localNet.InterfaceName = link.Attrs().Name
--- a/internal/routing/outbound.go
+++ b/internal/routing/outbound.go
@@ -39,7 +39,7 @@ func (r *Routing) setOutboundRoutes(outboundSubnets []net.IPNet,
 	err = r.addOutboundSubnets(subnetsToAdd, defaultRoutes)
 	if err != nil {
-		return fmt.Errorf("cannot add outbound subnet to routes: %w", err)
+		return fmt.Errorf("adding outbound subnet to routes: %w", err)
 	}
 	return nil
@@ -77,7 +77,7 @@ func (r *Routing) addOutboundSubnets(subnets []net.IPNet,
 		for _, defaultRoute := range defaultRoutes {
 			err = r.addRouteVia(subnet, defaultRoute.Gateway, defaultRoute.NetInterface, outboundTable)
 			if err != nil {
-				return fmt.Errorf("cannot add route for subnet %s: %w", subnet, err)
+				return fmt.Errorf("adding route for subnet %s: %w", subnet, err)
 			}
 		}
@@ -85,7 +85,7 @@ func (r *Routing) addOutboundSubnets(subnets []net.IPNet,
 		ruleDstNet := &subnets[i]
 		err = r.addIPRule(ruleSrcNet, ruleDstNet, outboundTable, outboundPriority)
 		if err != nil {
-			return fmt.Errorf("cannot add rule: for subnet %s: %w", subnet, err)
+			return fmt.Errorf("adding rule: for subnet %s: %w", subnet, err)
 		}
 		r.outboundSubnets = append(r.outboundSubnets, subnet)
--- a/internal/routing/routes.go
+++ b/internal/routing/routes.go
@@ -19,7 +19,7 @@ func (r *Routing) addRouteVia(destination net.IPNet, gateway net.IP,
 	link, err := r.netLinker.LinkByName(iface)
 	if err != nil {
-		return fmt.Errorf("cannot find link for interface %s: %w", iface, err)
+		return fmt.Errorf("finding link for interface %s: %w", iface, err)
 	}
 	route := netlink.Route{
@@ -29,7 +29,7 @@ func (r *Routing) addRouteVia(destination net.IPNet, gateway net.IP,
 		Table:     table,
 	}
 	if err := r.netLinker.RouteReplace(&route); err != nil {
-		return fmt.Errorf("cannot replace route for subnet %s at interface %s: %w",
+		return fmt.Errorf("replacing route for subnet %s at interface %s: %w",
 			destinationStr, iface, err)
 	}
@@ -47,7 +47,7 @@ func (r *Routing) deleteRouteVia(destination net.IPNet, gateway net.IP,
 	link, err := r.netLinker.LinkByName(iface)
 	if err != nil {
-		return fmt.Errorf("cannot find link for interface %s: %w", iface, err)
+		return fmt.Errorf("finding link for interface %s: %w", iface, err)
 	}
 	route := netlink.Route{
@@ -57,7 +57,7 @@ func (r *Routing) deleteRouteVia(destination net.IPNet, gateway net.IP,
 		Table:     table,
 	}
 	if err := r.netLinker.RouteDel(&route); err != nil {
-		return fmt.Errorf("cannot delete route: for subnet %s at interface %s: %w",
+		return fmt.Errorf("deleting route: for subnet %s at interface %s: %w",
 			destinationStr, iface, err)
 	}
--- a/internal/routing/rules.go
+++ b/internal/routing/rules.go
@@ -20,7 +20,7 @@ func (r *Routing) addIPRule(src, dst *net.IPNet, table, priority int) error {
 	existingRules, err := r.netLinker.RuleList(netlink.FAMILY_ALL)
 	if err != nil {
-		return fmt.Errorf("cannot list rules: %w", err)
+		return fmt.Errorf("listing rules: %w", err)
 	}
 	for i := range existingRules {
 		if !rulesAreEqual(&existingRules[i], rule) {
@@ -30,7 +30,7 @@ func (r *Routing) addIPRule(src, dst *net.IPNet, table, priority int) error {
 	}
 	if err := r.netLinker.RuleAdd(rule); err != nil {
-		return fmt.Errorf("cannot add rule %s: %w", rule, err)
+		return fmt.Errorf("adding rule %s: %w", rule, err)
 	}
 	return nil
 }
@@ -47,14 +47,14 @@ func (r *Routing) deleteIPRule(src, dst *net.IPNet, table, priority int) error {
 	existingRules, err := r.netLinker.RuleList(netlink.FAMILY_ALL)
 	if err != nil {
-		return fmt.Errorf("cannot list rules: %w", err)
+		return fmt.Errorf("listing rules: %w", err)
 	}
 	for i := range existingRules {
 		if !rulesAreEqual(&existingRules[i], rule) {
 			continue
 		}
 		if err := r.netLinker.RuleDel(rule); err != nil {
-			return fmt.Errorf("cannot delete rule %s: %w", rule, err)
+			return fmt.Errorf("deleting rule %s: %w", rule, err)
 		}
 	}
 	return nil
--- a/internal/routing/rules_test.go
+++ b/internal/routing/rules_test.go
@@ -61,7 +61,7 @@ func Test_Routing_addIPRule(t *testing.T) {
 			ruleList: ruleListCall{
 				err: errDummy,
 			},
-			err: errors.New("cannot list rules: dummy error"),
+			err: errors.New("listing rules: dummy error"),
 		},
 		"rule already exists": {
 			src:      makeIPNet(t, 1),
@@ -87,7 +87,7 @@ func Test_Routing_addIPRule(t *testing.T) {
 				ruleToAdd: makeIPRule(t, makeIPNet(t, 1), makeIPNet(t, 2), 99, 99),
 				err:       errDummy,
 			},
-			err: errors.New("cannot add rule ip rule 99: from 1.1.1.0/24 to 2.2.2.0/24 table 99: dummy error"),
+			err: errors.New("adding rule ip rule 99: from 1.1.1.0/24 to 2.2.2.0/24 table 99: dummy error"),
 		},
 		"add rule success": {
 			src:      makeIPNet(t, 1),
@@ -174,7 +174,7 @@ func Test_Routing_deleteIPRule(t *testing.T) {
 			ruleList: ruleListCall{
 				err: errDummy,
 			},
-			err: errors.New("cannot list rules: dummy error"),
+			err: errors.New("listing rules: dummy error"),
 		},
 		"rule delete error": {
 			src:      makeIPNet(t, 1),
@@ -192,7 +192,7 @@ func Test_Routing_deleteIPRule(t *testing.T) {
 				ruleToDel: makeIPRule(t, makeIPNet(t, 1), makeIPNet(t, 2), 99, 99),
 				err:       errDummy,
 			},
-			err: errors.New("cannot delete rule ip rule 99: from 1.1.1.0/24 to 2.2.2.0/24 table 99: dummy error"),
+			err: errors.New("deleting rule ip rule 99: from 1.1.1.0/24 to 2.2.2.0/24 table 99: dummy error"),
 		},
 		"rule deleted": {
 			src:      makeIPNet(t, 1),
--- a/internal/routing/vpn.go
+++ b/internal/routing/vpn.go
@@ -17,7 +17,7 @@ var (
 func (r *Routing) VPNDestinationIP() (ip net.IP, err error) {
 	routes, err := r.netLinker.RouteList(nil, netlink.FAMILY_ALL)
 	if err != nil {
-		return nil, fmt.Errorf("cannot list routes: %w", err)
+		return nil, fmt.Errorf("listing routes: %w", err)
 	}
 	defaultLinkIndex := -1
@@ -45,12 +45,12 @@ func (r *Routing) VPNDestinationIP() (ip net.IP, err error) {
 func (r *Routing) VPNLocalGatewayIP(vpnIntf string) (ip net.IP, err error) {
 	routes, err := r.netLinker.RouteList(nil, netlink.FAMILY_ALL)
 	if err != nil {
-		return nil, fmt.Errorf("cannot list routes: %w", err)
+		return nil, fmt.Errorf("listing routes: %w", err)
 	}
 	for _, route := range routes {
 		link, err := r.netLinker.LinkByIndex(route.LinkIndex)
 		if err != nil {
-			return nil, fmt.Errorf("cannot find link at index %d: %w", route.LinkIndex, err)
+			return nil, fmt.Errorf("finding link at index %d: %w", route.LinkIndex, err)
 		}
 		interfaceName := link.Attrs().Name
 		if interfaceName == vpnIntf &&
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -26,7 +26,7 @@ func New(ctx context.Context, address string, logEnabled bool, logger Logger,
 	server, err = httpserver.New(httpServerSettings)
 	if err != nil {
-		return nil, fmt.Errorf("cannot create server: %w", err)
+		return nil, fmt.Errorf("creating server: %w", err)
 	}
 	return server, nil
--- a/internal/storage/read.go
+++ b/internal/storage/read.go
@@ -14,7 +14,7 @@ import (
 // readFromFile reads the servers from server.json.
 // It only reads servers that have the same version as the hardcoded servers version
-// to avoid JSON unmarshaling errors.
+// to avoid JSON decoding errors.
 func (s *Storage) readFromFile(filepath string, hardcodedVersions map[string]uint16) (
 	servers models.AllServers, err error) {
 	file, err := os.Open(filepath)
@@ -40,7 +40,7 @@ func (s *Storage) extractServersFromBytes(b []byte, hardcodedVersions map[string
 	servers models.AllServers, err error) {
 	rawMessages := make(map[string]json.RawMessage)
 	if err := json.Unmarshal(b, &rawMessages); err != nil {
-		return servers, fmt.Errorf("cannot decode servers: %w", err)
+		return servers, fmt.Errorf("decoding servers: %w", err)
 	}
 	// Note schema version is at map key "version" as number
@@ -90,7 +90,7 @@ func (s *Storage) readServers(provider string, hardcodedVersion uint16,
 	err = json.Unmarshal(rawMessage, &versionObject)
 	if err != nil {
-		return servers, false, fmt.Errorf("cannot decode servers version for provider %s: %w",
+		return servers, false, fmt.Errorf("decoding servers version for provider %s: %w",
 			provider, err)
 	}
@@ -107,7 +107,7 @@ func (s *Storage) readServers(provider string, hardcodedVersion uint16,
 	err = json.Unmarshal(rawMessage, &servers)
 	if err != nil {
-		return servers, false, fmt.Errorf("cannot decode servers for provider %s: %w",
+		return servers, false, fmt.Errorf("decoding servers for provider %s: %w",
 			provider, err)
 	}
--- a/internal/storage/read_test.go
+++ b/internal/storage/read_test.go
@@ -36,12 +36,12 @@ func Test_extractServersFromBytes(t *testing.T) {
 	}{
 		"bad JSON": {
 			b:          []byte("garbage"),
-			errMessage: "cannot decode servers: invalid character 'g' looking for beginning of value",
+			errMessage: "decoding servers: invalid character 'g' looking for beginning of value",
 		},
 		"bad provider JSON": {
 			b:                 []byte(`{"cyberghost": "garbage"}`),
 			hardcodedVersions: populateProviderToVersion(map[string]uint16{}),
-			errMessage: "cannot decode servers version for provider Cyberghost: " +
+			errMessage: "decoding servers version for provider Cyberghost: " +
 				"json: cannot unmarshal string into Go value of type struct { Version uint16 \"json:\\\"version\\\"\" }",
 		},
 		"bad servers array JSON": {
@@ -49,7 +49,7 @@ func Test_extractServersFromBytes(t *testing.T) {
 			hardcodedVersions: populateProviderToVersion(map[string]uint16{
 				providers.Cyberghost: 1,
 			}),
-			errMessage: "cannot decode servers for provider Cyberghost: " +
+			errMessage: "decoding servers for provider Cyberghost: " +
 				"json: cannot unmarshal string into Go struct field Servers.servers of type []models.Server",
 		},
 		"absent provider keys": {
--- a/internal/storage/servers.go
+++ b/internal/storage/servers.go
@@ -28,7 +28,7 @@ func (s *Storage) SetServers(provider string, servers []models.Server) (err erro
 	err = s.flushToFile(s.filepath)
 	if err != nil {
-		return fmt.Errorf("cannot save servers to file: %w", err)
+		return fmt.Errorf("saving servers to file: %w", err)
 	}
 	return nil
 }
--- a/internal/storage/sync.go
+++ b/internal/storage/sync.go
@@ -23,7 +23,7 @@ func (s *Storage) syncServers() (err error) {
 	serversOnFile, err := s.readFromFile(s.filepath, hardcodedVersions)
 	if err != nil {
-		return fmt.Errorf("cannot read servers from file: %w", err)
+		return fmt.Errorf("reading servers from file: %w", err)
 	}
 	hardcodedCount := countServers(s.hardcodedServers)
@@ -52,7 +52,7 @@ func (s *Storage) syncServers() (err error) {
 	err = s.flushToFile(s.filepath)
 	if err != nil {
-		return fmt.Errorf("cannot write servers to file: %w", err)
+		return fmt.Errorf("writing servers to file: %w", err)
 	}
 	return nil
 }
--- a/internal/tun/check.go
+++ b/internal/tun/check.go
@@ -22,7 +22,7 @@ func (t *Tun) Check(path string) error {
 	info, err := f.Stat()
 	if err != nil {
-		return fmt.Errorf("cannot stat TUN file: %w", err)
+		return fmt.Errorf("getting stat information for TUN file: %w", err)
 	}
 	sys, ok := info.Sys().(*syscall.Stat_t)
@@ -37,7 +37,7 @@ func (t *Tun) Check(path string) error {
 	}
 	if err := f.Close(); err != nil {
-		return fmt.Errorf("cannot close TUN device: %w", err)
+		return fmt.Errorf("closing TUN device: %w", err)
 	}
 	return nil
--- a/internal/tun/create.go
+++ b/internal/tun/create.go
@@ -22,18 +22,18 @@ func (t *Tun) Create(path string) error {
 	dev := unix.Mkdev(major, minor)
 	err := t.mknod(path, unix.S_IFCHR, int(dev))
 	if err != nil {
-		return fmt.Errorf("cannot create TUN device file node: %w", err)
+		return fmt.Errorf("creating TUN device file node: %w", err)
 	}
 	fd, err := unix.Open(path, 0, 0)
 	if err != nil {
-		return fmt.Errorf("cannot Unix Open TUN device file: %w", err)
+		return fmt.Errorf("unix opening TUN device file: %w", err)
 	}
 	const nonBlocking = true
 	err = unix.SetNonblock(fd, nonBlocking)
 	if err != nil {
-		return fmt.Errorf("cannot set non block to TUN device file descriptor: %w", err)
+		return fmt.Errorf("setting non block to TUN device file descriptor: %w", err)
 	}
 	return nil
--- a/internal/tun/tun_test.go
+++ b/internal/tun/tun_test.go
@@ -40,7 +40,7 @@ func Test_Tun(t *testing.T) {
 	// Create TUN device fail as file exists
 	err = tun.Create(path)
 	require.Error(t, err)
-	require.Equal(t, "cannot create TUN device file node: file exists", err.Error())
+	require.EqualError(t, err, "creating TUN device file node: file exists")
 	// Remove simple file
 	err = os.Remove(path)
--- a/internal/updater/providers.go
+++ b/internal/updater/providers.go
@@ -23,7 +23,7 @@ func (u *Updater) updateProvider(ctx context.Context, provider Provider,
 	minServers := int(minRatio * float64(existingServersCount))
 	servers, err := provider.FetchServers(ctx, minServers)
 	if err != nil {
-		return fmt.Errorf("cannot get servers: %w", err)
+		return fmt.Errorf("getting servers: %w", err)
 	}
 	for _, server := range servers {
@@ -47,7 +47,7 @@ func (u *Updater) updateProvider(ctx context.Context, provider Provider,
 	// to avoid accumulating server data in memory.
 	err = u.storage.SetServers(providerName, servers)
 	if err != nil {
-		return fmt.Errorf("cannot set servers to storage: %w", err)
+		return fmt.Errorf("setting servers to storage: %w", err)
 	}
 	return nil
 }
--- a/internal/vpn/openvpn.go
+++ b/internal/vpn/openvpn.go
@@ -18,19 +18,19 @@ func setupOpenVPN(ctx context.Context, fw Firewall,
 	logger openvpn.Logger) (runner *openvpn.Runner, serverName string, err error) {
 	connection, err := providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Supported)
 	if err != nil {
-		return nil, "", fmt.Errorf("failed finding a valid server connection: %w", err)
+		return nil, "", fmt.Errorf("finding a valid server connection: %w", err)
 	}
 	lines := providerConf.OpenVPNConfig(connection, settings.OpenVPN, ipv6Supported)
 	if err := openvpnConf.WriteConfig(lines); err != nil {
-		return nil, "", fmt.Errorf("failed writing configuration to file: %w", err)
+		return nil, "", fmt.Errorf("writing configuration to file: %w", err)
 	}
 	if *settings.OpenVPN.User != "" {
 		err := openvpnConf.WriteAuthFile(*settings.OpenVPN.User, *settings.OpenVPN.Password)
 		if err != nil {
-			return nil, "", fmt.Errorf("failed writing auth to file: %w", err)
+			return nil, "", fmt.Errorf("writing auth to file: %w", err)
 		}
 	}
@@ -42,7 +42,7 @@ func setupOpenVPN(ctx context.Context, fw Firewall,
 	}
 	if err := fw.SetVPNConnection(ctx, connection, settings.OpenVPN.Interface); err != nil {
-		return nil, "", fmt.Errorf("failed allowing VPN connection through firewall: %w", err)
+		return nil, "", fmt.Errorf("allowing VPN connection through firewall: %w", err)
 	}
 	runner = openvpn.NewRunner(settings.OpenVPN, starter, logger)
--- a/internal/vpn/portforward.go
+++ b/internal/vpn/portforward.go
@@ -16,7 +16,7 @@ func (l *Loop) startPortForwarding(ctx context.Context, data tunnelUpData) (err
 	// only used for PIA for now
 	gateway, err := l.routing.VPNLocalGatewayIP(data.vpnIntf)
 	if err != nil {
-		return fmt.Errorf("cannot obtain VPN local gateway IP for interface %s: %w", data.vpnIntf, err)
+		return fmt.Errorf("obtaining VPN local gateway IP for interface %s: %w", data.vpnIntf, err)
 	}
 	l.logger.Info("VPN gateway IP address: " + gateway.String())
@@ -28,7 +28,7 @@ func (l *Loop) startPortForwarding(ctx context.Context, data tunnelUpData) (err
 	}
 	_, err = l.portForward.Start(ctx, pfData)
 	if err != nil {
-		return fmt.Errorf("cannot start port forwarding: %w", err)
+		return fmt.Errorf("starting port forwarding: %w", err)
 	}
 	return nil
--- a/internal/vpn/wireguard.go
+++ b/internal/vpn/wireguard.go
@@ -18,7 +18,7 @@ func setupWireguard(ctx context.Context, netlinker NetLinker,
 	wireguarder *wireguard.Wireguard, serverName string, err error) {
 	connection, err := providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Supported)
 	if err != nil {
-		return nil, "", fmt.Errorf("failed finding a VPN server: %w", err)
+		return nil, "", fmt.Errorf("finding a VPN server: %w", err)
 	}
 	wireguardSettings := utils.BuildWireguardSettings(connection, settings.Wireguard, ipv6Supported)
@@ -29,12 +29,12 @@ func setupWireguard(ctx context.Context, netlinker NetLinker,
 	wireguarder, err = wireguard.New(wireguardSettings, netlinker, logger)
 	if err != nil {
-		return nil, "", fmt.Errorf("failed creating Wireguard: %w", err)
+		return nil, "", fmt.Errorf("creating Wireguard: %w", err)
 	}
 	err = fw.SetVPNConnection(ctx, connection, settings.Wireguard.Interface)
 	if err != nil {
-		return nil, "", fmt.Errorf("failed setting firewall: %w", err)
+		return nil, "", fmt.Errorf("setting firewall: %w", err)
 	}
 	return wireguarder, connection.ServerName, nil
--- a/internal/wireguard/config.go
+++ b/internal/wireguard/config.go
@@ -11,12 +11,12 @@ import (
 func configureDevice(client *wgctrl.Client, settings Settings) (err error) {
 	deviceConfig, err := makeDeviceConfig(settings)
 	if err != nil {
-		return fmt.Errorf("cannot make device configuration: %w", err)
+		return fmt.Errorf("making device configuration: %w", err)
 	}
 	err = client.ConfigureDevice(settings.InterfaceName, deviceConfig)
 	if err != nil {
-		return fmt.Errorf("cannot configure device: %w", err)
+		return fmt.Errorf("configuring device: %w", err)
 	}
 	return nil
--- a/internal/wireguard/netlink_integration_test.go
+++ b/internal/wireguard/netlink_integration_test.go
@@ -117,5 +117,5 @@ func Test_netlink_Wireguard_addRule(t *testing.T) {
 		_ = nilCleanup() // in case it succeeds
 	}
 	require.Error(t, err)
-	assert.Equal(t, "cannot add rule ip rule 10000: from all to all table 999: file exists", err.Error())
+	assert.EqualError(t, err, "adding rule ip rule 10000: from all to all table 999: file exists")
 }
--- a/internal/wireguard/route.go
+++ b/internal/wireguard/route.go
@@ -20,7 +20,7 @@ func (w *Wireguard) addRoute(link netlink.Link, dst *net.IPNet,
 	err = w.netlink.RouteAdd(route)
 	if err != nil {
 		return fmt.Errorf(
-			"cannot add route for link %s, destination %s and table %d: %w",
+			"adding route for link %s, destination %s and table %d: %w",
 			link.Attrs().Name, dst, firewallMark, err)
 	}
--- a/internal/wireguard/route_test.go
+++ b/internal/wireguard/route_test.go
@@ -53,7 +53,7 @@ func Test_Wireguard_addRoute(t *testing.T) {
 				Table:     firewallMark,
 			},
 			routeAddErr: errDummy,
-			err:         errors.New("cannot add route for link a_bridge, destination 1.2.3.4/32 and table 51820: dummy"), //nolint:lll
+			err:         errors.New("adding route for link a_bridge, destination 1.2.3.4/32 and table 51820: dummy"), //nolint:lll
 		},
 	}
--- a/internal/wireguard/rule.go
+++ b/internal/wireguard/rule.go
@@ -15,13 +15,13 @@ func (w *Wireguard) addRule(rulePriority, firewallMark, family int) (
 	rule.Table = firewallMark
 	rule.Family = family
 	if err := w.netlink.RuleAdd(rule); err != nil {
-		return nil, fmt.Errorf("cannot add rule %s: %w", rule, err)
+		return nil, fmt.Errorf("adding rule %s: %w", rule, err)
 	}
 	cleanup = func() error {
 		err := w.netlink.RuleDel(rule)
 		if err != nil {
-			return fmt.Errorf("cannot delete rule %s: %w", rule, err)
+			return fmt.Errorf("deleting rule %s: %w", rule, err)
 		}
 		return nil
 	}
--- a/internal/wireguard/rule_test.go
+++ b/internal/wireguard/rule_test.go
@@ -55,7 +55,7 @@ func Test_Wireguard_addRule(t *testing.T) {
 				Family:            family,
 			},
 			ruleAddErr: errDummy,
-			err:        errors.New("cannot add rule ip rule 987: from all to all table 456: dummy"),
+			err:        errors.New("adding rule ip rule 987: from all to all table 456: dummy"),
 		},
 		"rule delete error": {
 			expectedRule: &netlink.Rule{
@@ -71,7 +71,7 @@ func Test_Wireguard_addRule(t *testing.T) {
 				Family:            family,
 			},
 			ruleDelErr: errDummy,
-			cleanupErr: errors.New("cannot delete rule ip rule 987: from all to all table 456: dummy"),
+			cleanupErr: errors.New("deleting rule ip rule 987: from all to all table 456: dummy"),
 		},
 	}