Rewrite of the entrypoint in Golang (#71)
- General improvements
- Parallel download of only needed files at start
- Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.)
- Simplified Docker final image
- Faster bootup
- DNS over TLS
- Finer grain blocking at DNS level: malicious, ads and surveillance
- Choose your DNS over TLS providers
- Ability to use multiple DNS over TLS providers for DNS split horizon
- Environment variables for DNS logging
- DNS block lists needed are downloaded and built automatically at start, in parallel
- PIA
- A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR)
- Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR)
This commit is contained in:
Quentin McGaw
49
internal/shadowsocks/conf.go
Normal file
49
internal/shadowsocks/conf.go
Normal file
@@ -0,0 +1,49 @@
|
||||
package shadowsocks
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
|
||||
"github.com/qdm12/golibs/files"
|
||||
"github.com/qdm12/private-internet-access-docker/internal/constants"
|
||||
)
|
||||
|
||||
func (c *configurator) MakeConf(port uint16, password string, uid, gid int) (err error) {
|
||||
c.logger.Info("%s: generating configuration file", logPrefix)
|
||||
data := generateConf(port, password)
|
||||
return c.fileManager.WriteToFile(
|
||||
string(constants.ShadowsocksConf),
|
||||
data,
|
||||
files.FileOwnership(uid, gid),
|
||||
files.FilePermissions(0400))
|
||||
}
|
||||
|
||||
func generateConf(port uint16, password string) (data []byte) {
|
||||
conf := struct {
|
||||
Server string `json:"server"`
|
||||
User string `json:"user"`
|
||||
Method string `json:"method"`
|
||||
Timeout uint `json:"timeout"`
|
||||
FastOpen bool `json:"fast_open"`
|
||||
Mode string `json:"mode"`
|
||||
PortPassword map[string]string `json:"port_password"`
|
||||
Workers uint `json:"workers"`
|
||||
Interface string `json:"interface"`
|
||||
Nameserver string `json:"nameserver"`
|
||||
}{
|
||||
Server: "0.0.0.0",
|
||||
User: "nonrootuser",
|
||||
Method: "chacha20-ietf-poly1305",
|
||||
Timeout: 30,
|
||||
FastOpen: false,
|
||||
Mode: "tcp_and_udp",
|
||||
PortPassword: map[string]string{
|
||||
fmt.Sprintf("%d", port): password,
|
||||
},
|
||||
Workers: 2,
|
||||
Interface: "tun",
|
||||
Nameserver: "127.0.0.1",
|
||||
}
|
||||
data, _ = json.Marshal(conf)
|
||||
return data
|
||||
}
|
||||
Reference in New Issue
Block a user