More defaults and fixing typos

2019-04-23 10:32:15 +02:00
parent b26cb508de
commit aad11510f5
4 changed files with 7 additions and 5 deletions
--- a/4
+++ b/4
@@ -13,7 +13,7 @@ LABEL org.label-schema.schema-version="1.0.0-rc1" \
      org.label-schema.vcs-usage="https://github.com/qdm12/private-internet-access-docker/blob/master/README.md#setup" \
      org.label-schema.docker.cmd="docker run -d --cap-add=NET_ADMIN --device=/dev/net/tun -e USER=js89ds7 -e PASSWORD=8fd9s239G qmcgaw/private-internet-access" \
      org.label-schema.docker.cmd.devel="docker run -it --rm --cap-add=NET_ADMIN --device=/dev/net/tun -e USER=js89ds7 -e PASSWORD=8fd9s239G qmcgaw/private-internet-access" \
-      org.label-schema.docker.params="REGION=PIA region,PROTOCOL=udp/tcp,ENCRYPTION=strong/normal,BLOCK_MALICIOUS=on/off,USER=PIA user,PASSWORD=PIA password,EXTRA_SUBNETS=extra subnets to allow on the firewall,NONROOT=yes/no" \
+      org.label-schema.docker.params="REGION=PIA region,PROTOCOL=udp/tcp,ENCRYPTION=strong/normal,BLOCK_MALICIOUS=on/off,BLOCK_NSA=on/off,UNBLOCK=allowed hostnames,USER=PIA user,PASSWORD=PIA password,EXTRA_SUBNETS=extra subnets to allow on the firewall,NONROOT=yes/no" \
      org.label-schema.version="" \
      image-size="17.1MB" \
      ram-usage="13MB to 80MB" \
@@ -27,7 +27,7 @@ ENV USER= \
    BLOCK_NSA=off \
    UNBLOCK= \
    EXTRA_SUBNETS= \
-    NONROOT=
+    NONROOT=no
 ENTRYPOINT /entrypoint.sh
 HEALTHCHECK --interval=3m --timeout=3s --start-period=20s --retries=1 CMD /healthcheck.sh
 RUN apk add -q --progress --no-cache --update openvpn wget ca-certificates iptables unbound unzip && \
--- a/README.md
+++ b/README.md
@@ -75,7 +75,7 @@
    modprobe tun
    ```

-1. **ONLY IF YOU AN ARM DEVICE, depending on your cpu architecture:**
+1. **ONLY IF YOU HAVE AN ARM DEVICE, depending on your cpu architecture:**

    ```sh
    # ARM 32 bit V6
@@ -138,8 +138,8 @@ You can simply use the Docker healthcheck. The container will mark itself as **u
 | `ENCRYPTION` | `strong` | `normal` or `strong` |
 | `USER` | | Your PIA username |
 | `PASSWORD` | | Your PIA password |
-| `NONROOT` | | Run OpenVPN without root, `yes` or other |
-| `EXTRA_SUBNETS` | | Comma separated subnets allowed in the container firewall |
+| `NONROOT` | `no` | Run OpenVPN without root, `yes` or other |
+| `EXTRA_SUBNETS` | | comma separated subnets allowed in the container firewall (i.e. `192.168.1.0/24,192.168.10.121,10.0.0.5/28`) |
 | `BLOCK_MALICIOUS` | `off` | `on` or `off`, blocks malicious hostnames and IPs |
 | `BLOCK_NSA` | `off` | `on` or `off`, blocks NSA hostnames |
 | `UNBLOCK` | | comma separated string (i.e. `web.com,web2.ca`) to unblock hostnames |
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -16,6 +16,7 @@ services:
      - ENCRYPTION=strong
      - REGION=CA Montreal
      - EXTRA_SUBNETS=
+      - NONROOT=no
      - BLOCK_MALICIOUS=off
      - BLOCK_NSA=off
      - UNBLOCK=
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -59,6 +59,7 @@ exitIfNotIn ENCRYPTION "normal,strong"
 exitIfNotIn PROTOCOL "tcp,udp"
 exitIfNotIn BLOCK_MALICIOUS "on,off"
 exitIfNotIn BLOCK_NSA "on,off"
+exitIfNotIn NONROOT "yes,no"
 cat "/openvpn/$PROTOCOL-$ENCRYPTION/$REGION.ovpn" &> /dev/null
 exitOnError $? "/openvpn/$PROTOCOL-$ENCRYPTION/$REGION.ovpn is not accessible"
 for SUBNET in ${EXTRA_SUBNETS//,/ }; do