Rewrite of the entrypoint in Golang (#71)

- General improvements
    - Parallel download of only needed files at start
    - Prettier console output with all streams merged (openvpn, unbound, shadowsocks etc.)
    - Simplified Docker final image
    - Faster bootup
- DNS over TLS
    - Finer grain blocking at DNS level: malicious, ads and surveillance
    - Choose your DNS over TLS providers
    - Ability to use multiple DNS over TLS providers for DNS split horizon
    - Environment variables for DNS logging
    - DNS block lists needed are downloaded and built automatically at start, in parallel
- PIA
    - A random region is selected if the REGION parameter is left empty (thanks @rorph for your PR)
    - Routing and iptables adjusted so it can work as a Kubernetes pod sidecar (thanks @rorph for your PR)

internal/tinyproxy/command.go

@@ -0,0 +1,26 @@
+package tinyproxy
+
+import (
+	"fmt"
+	"io"
+	"strings"
+)
+
+func (c *configurator) Start() (stdout io.ReadCloser, err error) {
+	c.logger.Info("%s: starting tinyproxy server", logPrefix)
+	stdout, _, _, err = c.commander.Start("tinyproxy", "-d")
+	return stdout, err
+}
+
+// Version obtains the version of the installed Tinyproxy server
+func (c *configurator) Version() (string, error) {
+	output, err := c.commander.Run("tinyproxy", "-v")
+	if err != nil {
+		return "", err
+	}
+	words := strings.Fields(output)
+	if len(words) < 2 {
+		return "", fmt.Errorf("tinyproxy -v: output is too short: %q", output)
+	}
+	return words[1], nil
+}

internal/tinyproxy/conf.go

@@ -0,0 +1,44 @@
+package tinyproxy
+
+import (
+	"fmt"
+
+	"github.com/qdm12/golibs/files"
+	"github.com/qdm12/private-internet-access-docker/internal/constants"
+	"github.com/qdm12/private-internet-access-docker/internal/models"
+)
+
+func (c *configurator) MakeConf(logLevel models.TinyProxyLogLevel, port uint16, user, password string, uid, gid int) error {
+	c.logger.Info("%s: generating tinyproxy configuration file", logPrefix)
+	lines := generateConf(logLevel, port, user, password)
+	return c.fileManager.WriteLinesToFile(string(constants.TinyProxyConf),
+		lines,
+		files.FileOwnership(uid, gid),
+		files.FilePermissions(0400))
+}
+
+func generateConf(logLevel models.TinyProxyLogLevel, port uint16, user, password string) (lines []string) {
+	confMapping := map[string]string{
+		"User":                "nonrootuser",
+		"Group":               "tinyproxy",
+		"Port":                fmt.Sprintf("%d", port),
+		"Timeout":             "600",
+		"DefaultErrorFile":    "/usr/share/tinyproxy/default.html",
+		"MaxClients":          "100",
+		"MinSpareServers":     "5",
+		"MaxSpareServers":     "20",
+		"StartServers":        "10",
+		"MaxRequestsPerChild": "0",
+		"DisableViaHeader":    "Yes",
+		"LogLevel":            string(logLevel),
+		// "StatFile": "/usr/share/tinyproxy/stats.html",
+	}
+	if len(user) > 0 {
+		confMapping["BasicAuth"] = fmt.Sprintf("%s %s", user, password)
+	}
+	for k, v := range confMapping {
+		line := fmt.Sprintf("%s %s", k, v)
+		lines = append(lines, line)
+	}
+	return lines
+}

internal/tinyproxy/tinyproxy.go

@@ -0,0 +1,28 @@
+package tinyproxy
+
+import (
+	"io"
+
+	"github.com/qdm12/golibs/command"
+	"github.com/qdm12/golibs/files"
+	"github.com/qdm12/golibs/logging"
+	"github.com/qdm12/private-internet-access-docker/internal/models"
+)
+
+const logPrefix = "tinyproxy configurator"
+
+type Configurator interface {
+	Version() (string, error)
+	MakeConf(logLevel models.TinyProxyLogLevel, port uint16, user, password string, uid, gid int) error
+	Start() (stdout io.ReadCloser, err error)
+}
+
+type configurator struct {
+	fileManager files.FileManager
+	logger      logging.Logger
+	commander   command.Commander
+}
+
+func NewConfigurator(fileManager files.FileManager, logger logging.Logger) Configurator {
+	return &configurator{fileManager, logger, command.NewCommander()}
+}