admin/gluetun
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,035 Commits 18 Branches 75 Tags
51fd46b58e8ab5a0e3a644141595b9d705e9dd22
Commit Graph

324 Commits

Author SHA1 Message Date
Quentin McGaw
51fd46b58e Merge branch 'master' into pmtu 2025-10-17 00:17:45 +00:00
Quentin McGaw
85890520ab feat(healthcheck): combination of ICMP and TCP+TLS checks (#2923) 
- New option: `HEALTH_ICMP_TARGET_IP` defaults to `0.0.0.0` meaning use the VPN server public IP address.
- Options removed: `HEALTH_VPN_INITIAL_DURATION` and `HEALTH_VPN_ADDITIONAL_DURATION` - times and retries are handpicked and hardcoded.
- Less aggressive checks and less false positive detection
 2025-10-17 01:45:50 +02:00
Quentin McGaw
162d244865 Use PMTUD to set the MTU to the VPN interface 
- Add `VPN_PMTUD` option enabled by default
- One can revert to use `VPN_PMTUD=off` to disable the new PMTUD mechanism
 2025-10-06 09:57:15 +00:00
Alex Lavallee
a035a151bd feat(portforwarding): allow running script upon port forwarding success (#2399) 2024-11-10 09:49:02 +01:00
Quentin McGaw
86d82c1098 chore(main): let system handle OS signals after first one to stop program 2024-11-07 20:19:24 +00:00
Quentin McGaw
a61302f135 feat(publicip): resilient public ip fetcher (#2518) 
- `PUBLICIP_API` accepts a comma separated list of ip data sources, where the first one is the base default one, and sources after it are backup sources used if we are rate limited.
- `PUBLICIP_API` defaults to `ipinfo,ifconfigco,ip2location,cloudflare` such that it now has `ifconfigco,ip2location,cloudflare` as backup ip data sources.
- `PUBLICIP_API_TOKEN` accepts a comma separated list of ip data source tokens, each corresponding by position to the APIs listed in `PUBLICIP_API`.
- logs ip data source when logging public ip information
- assume a rate limiting error is for 30 days (no persistence)
- ready for future live settings updates
  - consider an ip data source no longer banned if the token changes
  - keeps track of ban times when updating the list of fetchers
 2024-10-19 15:21:14 +02:00
Quentin McGaw
76a4bb5dc3 chore: use gofumpt for code formatting 2024-10-11 19:27:29 +00:00
Quentin McGaw
3c8e80a1a4 chore(lint): upgrade linter from v1.56.2 to v1.61.0 
- Remove no longer needed exclude rules
- Add new exclude rules for printf govet errors
- Remove deprecated linters `execinquery` and `exportloopref`
- Rename linter `goerr113` to `err113`
- Rename linter `gomnd` to `mnd`
 2024-10-11 18:05:54 +00:00
Quentin McGaw
a2e76e1683 feat(server): role based authentication system (#2434) 
- Parse toml configuration file, see https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/control-server.md#authentication
- Retro-compatible with existing AND documented routes, until after v3.41 release
- Log a warning if an unprotected-by-default route is accessed unprotected
- Authentication methods: none, apikey, basic
- `genkey` command to generate API keys

Co-authored-by: Joe Jose <45399349+joejose97@users.noreply.github.com>
 2024-09-18 13:29:36 +02:00
Quentin McGaw
a2b3d7e30c chore(deps): implement github.com/qdm12/golibs/command locally (#2418) 2024-08-21 15:21:31 +02:00
Quentin McGaw
4d60b71583 feat(dns): replace unbound with qdm12/dns@v2.0.0-beta-rc6 (#1742) 
- Faster start up
- Clearer error messages
- Allow for more Gluetun-specific customization
- DNSSEC validation is dropped for now (it's sort of unneeded)
- Fix #137
 2024-08-21 14:35:41 +02:00
Jean-François Roy
12c411e203 feat(storage): STORAGE_FILEPATH option (#2416) 
- `STORAGE_FILEPATH=` disables storing to and reading from a local servers.json file
- `STORAGE_FILEPATH` defaults to `/gluetun/servers.json`
- Fix #2074
 2024-08-19 02:26:46 +02:00
Quentin McGaw
897a9d7f57 feat(config): allow invalid server filters (#2419) 
- Disallow setting a server filter when there is no choice available
- Allow setting an invalid server filter when there is at least one choice available
- Log at warn level when an invalid server filter is set
- Fix #2337
 2024-08-17 12:01:26 +02:00
Quentin McGaw
d1f57d0e36 chore(deps): bump gosplash to v0.2.0 
- Merge same links in the same line
- Add `/choose` suffix to github links
 2024-08-05 17:46:31 +00:00
Quentin McGaw
ef6874fe57 fix(firewall): query iptables version for iptables found 2024-05-04 16:19:30 +00:00
Quentin McGaw
e07966f71e fix(tun): only create tun device if it does not exist 
- do not create if it exists and is problematic
- wrap errors with a better context
 2024-04-29 09:29:06 +00:00
Quentin McGaw
ecc80a5a9e chore(config): upgrade to gosettings v0.4.0 
- drop qdm12/govalid dependency
- upgrade qdm12/ss-server to v0.6.0
- do not unset sensitive config settings (makes no sense to me)
 2024-03-25 19:14:20 +00:00
Quentin McGaw
423a5c37e0 feat(publicip): PUBLICIP_API variable supporting ipinfo and ip2location 2024-02-14 07:36:45 +00:00
Quentin McGaw
cfca026621 chore(publicip): less coupling with ipinfo.io 2024-02-14 07:30:02 +00:00
Quentin McGaw
6a6337b98f feat(publicip/ipinfo): add PUBLICIP_API_TOKEN variable 2024-02-13 10:55:06 +00:00
Quentin McGaw
f96448947f fix(publicip): rework run loop and fix restarts 
- Clearing IP data on VPN disconnection clears file
- More efficient partial updates
- Fix loop exit
- Validate settings before updating
 2023-09-24 14:55:51 +00:00
Quentin McGaw
0406de399d chore(portforward): move vpn gateway obtention within port forwarding service 2023-09-23 12:03:06 +00:00
Quentin McGaw
71201411f4 fix(portforward): rework run loop and fix deadlocks (#1874) 2023-09-23 12:57:12 +02:00
Quentin McGaw
e556871e8b change(dns): DNS_KEEP_NAMESERVER leaves DNS fully untouched 2023-08-11 11:03:40 +00:00
Quentin McGaw
eecfb3952f chore(settings): change source precedence order 
1. Secret files (program scope)
2. Files (program scope)
3. Environment variables (OS scope)
Fix #1759
 2023-07-22 16:02:32 +00:00
Quentin McGaw
ff9b56d6d8 docs(all): update to use newer wiki repository 
- Update URLs logged by program
- Update README.md links
- Update contributing guide link
- Update issue templates links
- Replace Wiki issue template by link to Gluetun Wiki repository issue creation
- Set program announcement about Github wiki new location
 2023-06-30 10:31:26 +00:00
Quentin McGaw
40cdb4f662 fix(netlink): RouteList list routes from all tables 
- Do not filter by link anymore
- IPv6 detection simplified
 2023-06-08 09:12:46 +00:00
Quentin McGaw
38ddcfa756 chore(netlink): define own types with minimal fields 
- Allow to swap `github.com/vishvananda/netlink`
- Allow to add build tags for each platform
- One step closer to development on non-Linux platforms
 2023-05-29 06:44:58 +00:00
Quentin McGaw
9d1a0b60a2 fix(netlink): use AddrReplace instead of AddrAdd 2023-05-28 10:22:51 +00:00
Quentin McGaw
3b807e2ca9 feat(openvpn): add support for openvpn 2.6 2023-05-21 13:23:51 +00:00
Quentin McGaw
e8f2296a0d change(openvpn): Openvpn 2.4 no longer supported 2023-05-21 13:20:02 +00:00
Kyle Manna
fc8a2abb8f fix(routing): add policy rules for each destination local networks (#1493) 2023-04-11 09:03:07 -07:00
Quentin McGaw
4ba159e483 chore(all): review error wrappings 
- remove repetitive `cannot` and `failed` prefixes
- rename `unmarshaling` to `decoding`
 2023-04-01 16:57:18 +00:00
Quentin McGaw
c246dae2cc feat(log): log warnings about user settings 
- Warn when using Openvpn 2.4 and SlickVPN
- Warn when using Openvpn 2.5 and SlickVPN
 2023-04-01 15:22:32 +00:00
Quentin McGaw
a97fcda283 fix(version): add name in version check error 2023-02-27 20:16:55 +00:00
Quentin McGaw
f70f0aca9c fix(settings): validate Wireguard addresses depending on IPv6 support 2022-12-14 11:52:03 +00:00
Quentin McGaw
16acd1b162 chore(netlink): log ipv6 support at debug level 2022-12-14 11:52:03 +00:00
Quentin McGaw
a4cf17f81e fix(netlink): change logger level 2022-12-14 11:50:36 +00:00
Quentin McGaw
74426f6202 feat(netlink): add debug logger 2022-12-02 11:26:52 +00:00
Quentin McGaw
7a3b9941aa fix(exit): exit with 1 on runtime error 2022-11-18 09:46:31 +00:00
Quentin McGaw
698095f0a0 fix(pprof): do not run if disabled 2022-11-15 12:45:47 +00:00
Quentin McGaw
e5be20d719 fix(exit): exit with 0 on successful shutdown 2022-09-14 13:23:31 +00:00
Quentin McGaw
5ddd703f6a feat(vpn): auto detection of IPv6 support 
- `OPENVPN_IPV6` removed
- Affects OpenVPN
- Use the same mechanism for OpenVPN and Wireguard
- Check only once at program start since this is unlikely to change at runtime
- Log if IPv6 is supported
- Remove `IPv6` boolean from settings structs
- Move IPv6 detection as a method on NetLinker
 2022-09-06 12:16:29 +00:00
Quentin McGaw
ae5cba519c chore(config): define Source interface locally where needed 2022-08-26 15:03:59 +00:00
Quentin McGaw
26f3832187 chore(config): rename mux source to merge 2022-08-26 14:59:35 +00:00
Quentin McGaw
aa53436e56 chore(lint): upgrade golangci-lint to v1.49.0 
- Add linter `interfacebloat` and fix code issues
- Add linter `reassign`
- Remove deprecated linter `nosnakecase`
 2022-08-24 21:48:24 +00:00
Quentin McGaw
0bb320065e feat(server): patch VPN settings 
- `PUT` at `/v1/vpn/settings`
- Undocumented, experimental for now
 2022-08-21 23:36:48 +00:00
Quentin McGaw
62ad8bcd8f fix(pia): set port forward file owned with PUID and PGID 2022-06-25 15:44:29 +00:00
Quentin McGaw
bda6707685 chore(all): remove unexported interfaces 2022-06-12 01:15:14 +00:00
Quentin McGaw
89277828ac chore(publicip): internal/publicip/ipinfo package 2022-06-12 01:11:22 +00:00