settings

package
v0.0.0-...-61b053f Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 27, 2024 License: MIT Imports: 35 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrAllowedHostNotValid = errors.New("allowed host is not valid")
	ErrBlockedHostNotValid = errors.New("blocked host is not valid")
)
View Source
var (
	ErrValueUnknown                    = errors.New("value is unknown")
	ErrCityNotValid                    = errors.New("the city specified is not valid")
	ErrControlServerPrivilegedPort     = errors.New("cannot use privileged port without running as root")
	ErrCategoryNotValid                = errors.New("the category specified is not valid")
	ErrCountryNotValid                 = errors.New("the country specified is not valid")
	ErrFilepathMissing                 = errors.New("filepath is missing")
	ErrFirewallZeroPort                = errors.New("cannot have a zero port")
	ErrFirewallPublicOutboundSubnet    = errors.New("outbound subnet has an unspecified address")
	ErrHostnameNotValid                = errors.New("the hostname specified is not valid")
	ErrISPNotValid                     = errors.New("the ISP specified is not valid")
	ErrMinRatioNotValid                = errors.New("minimum ratio is not valid")
	ErrMissingValue                    = errors.New("missing value")
	ErrNameNotValid                    = errors.New("the server name specified is not valid")
	ErrOpenVPNClientKeyMissing         = errors.New("client key is missing")
	ErrOpenVPNCustomPortNotAllowed     = errors.New("custom endpoint port is not allowed")
	ErrOpenVPNEncryptionPresetNotValid = errors.New("PIA encryption preset is not valid")
	ErrOpenVPNInterfaceNotValid        = errors.New("interface name is not valid")
	ErrOpenVPNKeyPassphraseIsEmpty     = errors.New("key passphrase is empty")
	ErrOpenVPNMSSFixIsTooHigh          = errors.New("mssfix option value is too high")
	ErrOpenVPNPasswordIsEmpty          = errors.New("password is empty")
	ErrOpenVPNTCPNotSupported          = errors.New("TCP protocol is not supported")
	ErrOpenVPNUserIsEmpty              = errors.New("user is empty")
	ErrOpenVPNVerbosityIsOutOfBounds   = errors.New("verbosity value is out of bounds")
	ErrOpenVPNVersionIsNotValid        = errors.New("version is not valid")
	ErrPortForwardingEnabled           = errors.New("port forwarding cannot be enabled")
	ErrPortForwardingUserEmpty         = errors.New("port forwarding username is empty")
	ErrPortForwardingPasswordEmpty     = errors.New("port forwarding password is empty")
	ErrRegionNotValid                  = errors.New("the region specified is not valid")
	ErrServerAddressNotValid           = errors.New("server listening address is not valid")
	ErrSystemPGIDNotValid              = errors.New("process group id is not valid")
	ErrSystemPUIDNotValid              = errors.New("process user id is not valid")
	ErrSystemTimezoneNotValid          = errors.New("timezone is not valid")
	ErrUpdaterPeriodTooSmall           = errors.New("VPN server data updater period is too small")
	ErrVPNProviderNameNotValid         = errors.New("VPN provider name is not valid")
	ErrVPNTypeNotValid                 = errors.New("VPN type is not valid")
	ErrWireguardAllowedIPNotSet        = errors.New("allowed IP is not set")
	ErrWireguardAllowedIPsNotSet       = errors.New("allowed IPs is not set")
	ErrWireguardEndpointIPNotSet       = errors.New("endpoint IP is not set")
	ErrWireguardEndpointPortNotAllowed = errors.New("endpoint port is not allowed")
	ErrWireguardEndpointPortNotSet     = errors.New("endpoint port is not set")
	ErrWireguardEndpointPortSet        = errors.New("endpoint port is set")
	ErrWireguardInterfaceAddressNotSet = errors.New("interface address is not set")
	ErrWireguardInterfaceAddressIPv6   = errors.New("interface address is IPv6 but IPv6 is not supported")
	ErrWireguardInterfaceNotValid      = errors.New("interface name is not valid")
	ErrWireguardPreSharedKeyNotSet     = errors.New("pre-shared key is not set")
	ErrWireguardPrivateKeyNotSet       = errors.New("private key is not set")
	ErrWireguardPublicKeyNotSet        = errors.New("public key is not set")
	ErrWireguardPublicKeyNotValid      = errors.New("public key is not valid")
	ErrWireguardKeepAliveNegative      = errors.New("persistent keep alive interval is negative")
	ErrWireguardImplementationNotValid = errors.New("implementation is not valid")
)
View Source
var (
	ErrOwnedOnlyNotSupported       = errors.New("owned only filter is not supported")
	ErrFreeOnlyNotSupported        = errors.New("free only filter is not supported")
	ErrPremiumOnlyNotSupported     = errors.New("premium only filter is not supported")
	ErrStreamOnlyNotSupported      = errors.New("stream only filter is not supported")
	ErrMultiHopOnlyNotSupported    = errors.New("multi hop only filter is not supported")
	ErrPortForwardOnlyNotSupported = errors.New("port forwarding only filter is not supported")
	ErrFreePremiumBothSet          = errors.New("free only and premium only filters are both set")
	ErrSecureCoreOnlyNotSupported  = errors.New("secure core only filter is not supported")
	ErrTorOnlyNotSupported         = errors.New("tor only filter is not supported")
)
View Source
var ErrDoTUpdatePeriodTooShort = errors.New("update period is too short")
View Source
var ErrPrivateAddressNotValid = errors.New("private address is not a valid IP or CIDR range")

Functions

This section is empty.

Types

type ControlServer

type ControlServer struct {
	// Address is the listening address to use.
	// It cannot be nil in the internal state.
	Address *string
	// Log can be true or false to enable logging on requests.
	// It cannot be nil in the internal state.
	Log *bool
	// AuthFilePath is the path to the file containing the authentication
	// configuration for the middleware.
	// It cannot be empty in the internal state and defaults to
	// /gluetun/auth/config.toml.
	AuthFilePath string
}

ControlServer contains settings to customize the control server operation.

func (ControlServer) String

func (c ControlServer) String() string

type DNS

type DNS struct {
	// ServerAddress is the DNS server to use inside
	// the Go program and for the system.
	// It defaults to '127.0.0.1' to be used with the
	// DoT server. It cannot be the zero value in the internal
	// state.
	ServerAddress netip.Addr
	// KeepNameserver is true if the existing DNS server
	// found in /etc/resolv.conf should be used
	// Note setting this to true will likely DNS traffic
	// outside the VPN tunnel since it would go through
	// the local DNS server of your Docker/Kubernetes
	// configuration, which is likely not going through the tunnel.
	// This will also disable the DNS over TLS server and the
	// `ServerAddress` field will be ignored.
	// It defaults to false and cannot be nil in the
	// internal state.
	KeepNameserver *bool
	// DOT contains settings to configure the DoT
	// server.
	DoT DoT
}

DNS contains settings to configure DNS.

func (*DNS) Copy

func (d *DNS) Copy() (copied DNS)

func (DNS) String

func (d DNS) String() string

type DNSBlacklist

type DNSBlacklist struct {
	BlockMalicious       *bool
	BlockAds             *bool
	BlockSurveillance    *bool
	AllowedHosts         []string
	AddBlockedHosts      []string
	AddBlockedIPs        []netip.Addr
	AddBlockedIPPrefixes []netip.Prefix
}

DNSBlacklist is settings for the DNS blacklist building.

func (DNSBlacklist) String

func (b DNSBlacklist) String() string

func (DNSBlacklist) ToBlockBuilderSettings

func (b DNSBlacklist) ToBlockBuilderSettings(client *http.Client) (
	settings blockbuilder.Settings,
)

type DoT

type DoT struct {
	// Enabled is true if the DoT server should be running
	// and used. It defaults to true, and cannot be nil
	// in the internal state.
	Enabled *bool
	// UpdatePeriod is the period to update DNS block lists.
	// It can be set to 0 to disable the update.
	// It defaults to 24h and cannot be nil in
	// the internal state.
	UpdatePeriod *time.Duration
	// Providers is a list of DNS over TLS providers
	Providers []string `json:"providers"`
	// Caching is true if the DoT server should cache
	// DNS responses.
	Caching *bool `json:"caching"`
	// IPv6 is true if the DoT server should connect over IPv6.
	IPv6 *bool `json:"ipv6"`
	// Blacklist contains settings to configure the filter
	// block lists.
	Blacklist DNSBlacklist
}

DoT contains settings to configure the DoT server.

func (DoT) GetFirstPlaintextIPv4

func (d DoT) GetFirstPlaintextIPv4() (ipv4 netip.Addr)

func (DoT) String

func (d DoT) String() string

type FilterChoicesGetter

type FilterChoicesGetter interface {
	GetFilterChoices(provider string) models.FilterChoices
}

type Firewall

type Firewall struct {
	VPNInputPorts   []uint16
	InputPorts      []uint16
	OutboundSubnets []netip.Prefix
	Enabled         *bool
	Debug           *bool
}

Firewall contains settings to customize the firewall operation.

func (Firewall) String

func (f Firewall) String() string

type HTTPProxy

type HTTPProxy struct {
	// User is the username to use for the HTTP proxy.
	// It cannot be nil in the internal state.
	User *string
	// Password is the password to use for the HTTP proxy.
	// It cannot be nil in the internal state.
	Password *string
	// ListeningAddress is the listening address
	// of the HTTP proxy server.
	// It cannot be the empty string in the internal state.
	ListeningAddress string
	// Enabled is true if the HTTP proxy server should run,
	// and false otherwise. It cannot be nil in the
	// internal state.
	Enabled *bool
	// Stealth is true if the HTTP proxy server should hide
	// each request has been proxied to the destination.
	// It cannot be nil in the internal state.
	Stealth *bool
	// Log is true if the HTTP proxy server should log
	// each request/response. It cannot be nil in the
	// internal state.
	Log *bool
	// ReadHeaderTimeout is the HTTP header read timeout duration
	// of the HTTP server. It defaults to 1 second if left unset.
	ReadHeaderTimeout time.Duration
	// ReadTimeout is the HTTP read timeout duration
	// of the HTTP server. It defaults to 3 seconds if left unset.
	ReadTimeout time.Duration
}

HTTPProxy contains settings to configure the HTTP proxy.

func (HTTPProxy) String

func (h HTTPProxy) String() string

type Health

type Health struct {
	// ServerAddress is the listening address
	// for the health check server.
	// It cannot be the empty string in the internal state.
	ServerAddress string
	// ReadHeaderTimeout is the HTTP server header read timeout
	// duration of the HTTP server. It defaults to 100 milliseconds.
	ReadHeaderTimeout time.Duration
	// ReadTimeout is the HTTP read timeout duration of the
	// HTTP server. It defaults to 500 milliseconds.
	ReadTimeout time.Duration
	// TargetAddress is the address (host or host:port)
	// to TCP dial to periodically for the health check.
	// It cannot be the empty string in the internal state.
	TargetAddress string
	// SuccessWait is the duration to wait to re-run the
	// healthcheck after a successful healthcheck.
	// It defaults to 5 seconds and cannot be zero in
	// the internal state.
	SuccessWait time.Duration
	// VPN has health settings specific to the VPN loop.
	VPN HealthyWait
}

Health contains settings for the healthcheck and health server.

func (*Health) OverrideWith

func (h *Health) OverrideWith(other Health)

OverrideWith overrides fields of the receiver settings object with any field set in the other settings.

func (*Health) Read

func (h *Health) Read(r *reader.Reader) (err error)

func (*Health) SetDefaults

func (h *Health) SetDefaults()

func (Health) String

func (h Health) String() string

func (Health) Validate

func (h Health) Validate() (err error)

type HealthyWait

type HealthyWait struct {
	// Initial is the initial duration to wait for the program
	// to be healthy before taking action.
	// It cannot be nil in the internal state.
	Initial *time.Duration
	// Addition is the duration to add to the Initial duration
	// after Initial has expired to wait longer for the program
	// to be healthy.
	// It cannot be nil in the internal state.
	Addition *time.Duration
}

func (HealthyWait) String

func (h HealthyWait) String() string

type Log

type Log struct {
	// Level is the log level of the logger.
	// It cannot be empty in the internal state.
	Level string
}

Log contains settings to configure the logger.

func (Log) String

func (l Log) String() string

type OpenVPN

type OpenVPN struct {
	// Version is the OpenVPN version to run.
	// It can only be "2.5" or "2.6".
	Version string `json:"version"`
	// User is the OpenVPN authentication username.
	// It cannot be nil in the internal state if OpenVPN is used.
	// It is usually required but in some cases can be the empty string
	// to indicate no user+password authentication is needed.
	User *string `json:"user"`
	// Password is the OpenVPN authentication password.
	// It cannot be nil in the internal state if OpenVPN is used.
	// It is usually required but in some cases can be the empty string
	// to indicate no user+password authentication is needed.
	Password *string `json:"password"`
	// ConfFile is a custom OpenVPN configuration file path.
	// It can be set to the empty string for it to be ignored.
	// It cannot be nil in the internal state.
	ConfFile *string `json:"config_file_path"`
	// Ciphers is a list of ciphers to use for OpenVPN,
	// different from the ones specified by the VPN
	// service provider configuration files.
	Ciphers []string `json:"ciphers"`
	// Auth is an auth algorithm to use in OpenVPN instead
	// of the one specified by the VPN service provider.
	// It cannot be nil in the internal state.
	// It is ignored if it is set to the empty string.
	Auth *string `json:"auth"`
	// Cert is the base64 encoded DER of an OpenVPN certificate for the <cert> block.
	// This is notably used by Cyberghost and VPN secure.
	// It can be set to the empty string to be ignored.
	// It cannot be nil in the internal state.
	Cert *string `json:"cert"`
	// Key is the base64 encoded DER of an OpenVPN key.
	// This is used by Cyberghost and VPN Unlimited.
	// It can be set to the empty string to be ignored.
	// It cannot be nil in the internal state.
	Key *string `json:"key"`
	// EncryptedKey is the base64 encoded DER of an encrypted key for OpenVPN.
	// It is used by VPN secure.
	// It defaults to the empty string meaning it is not
	// to be used. KeyPassphrase must be set if this one is set.
	EncryptedKey *string `json:"encrypted_key"`
	// KeyPassphrase is the key passphrase to be used by OpenVPN
	// to decrypt the EncryptedPrivateKey. It defaults to the
	// empty string and must be set if EncryptedPrivateKey is set.
	KeyPassphrase *string `json:"key_passphrase"`
	// PIAEncPreset is the encryption preset for
	// Private Internet Access. It can be set to an
	// empty string for other providers.
	PIAEncPreset *string `json:"pia_encryption_preset"`
	// MSSFix is the value (1 to 10000) to set for the
	// mssfix option for OpenVPN. It is ignored if set to 0.
	// It cannot be nil in the internal state.
	MSSFix *uint16 `json:"mssfix"`
	// Interface is the OpenVPN device interface name.
	// It cannot be an empty string in the internal state.
	Interface string `json:"interface"`
	// ProcessUser is the OpenVPN process OS username
	// to use. It cannot be empty in the internal state.
	// It defaults to 'root'.
	ProcessUser string `json:"process_user"`
	// Verbosity is the OpenVPN verbosity level from 0 to 6.
	// It cannot be nil in the internal state.
	Verbosity *int `json:"verbosity"`
	// Flags is a slice of additional flags to be passed
	// to the OpenVPN program.
	Flags []string `json:"flags"`
}

OpenVPN contains settings to configure the OpenVPN client.

func (OpenVPN) String

func (o OpenVPN) String() string

func (OpenVPN) WithDefaults

func (o OpenVPN) WithDefaults(provider string) OpenVPN

WithDefaults is a shorthand using setDefaults. It's used in unit tests in other packages.

type OpenVPNSelection

type OpenVPNSelection struct {
	// ConfFile is the custom configuration file path.
	// It can be set to an empty string to indicate to
	// NOT use a custom configuration file.
	// It cannot be nil in the internal state.
	ConfFile *string `json:"config_file_path"`
	// Protocol is the OpenVPN network protocol to use,
	// and can be udp or tcp. It cannot be the empty string
	// in the internal state.
	Protocol string `json:"protocol"`
	// CustomPort is the OpenVPN server endpoint port.
	// It can be set to 0 to indicate no custom port should
	// be used. It cannot be nil in the internal state.
	CustomPort *uint16 `json:"custom_port"`
	// PIAEncPreset is the encryption preset for
	// Private Internet Access. It can be set to an
	// empty string for other providers.
	PIAEncPreset *string `json:"pia_encryption_preset"`
}

func (OpenVPNSelection) String

func (o OpenVPNSelection) String() string

type PortForwarding

type PortForwarding struct {
	// Enabled is true if port forwarding should be activated.
	// It cannot be nil for the internal state.
	Enabled *bool `json:"enabled"`
	// Provider is set to specify which custom port forwarding code
	// should be used. This is especially necessary for the custom
	// provider using Wireguard for a provider where Wireguard is not
	// natively supported but custom port forwarding code is available.
	// It defaults to the empty string, meaning the current provider
	// should be the one used for port forwarding.
	// It cannot be nil for the internal state.
	Provider *string `json:"provider"`
	// Filepath is the port forwarding status file path
	// to use. It can be the empty string to indicate not
	// to write to a file. It cannot be nil for the
	// internal state
	Filepath *string `json:"status_file_path"`
	// UpCommand is the command to use when the port forwarding is up.
	// It can be the empty string to indicate not to run a command.
	// It cannot be nil in the internal state.
	UpCommand *string `json:"up_command"`
	// DownCommand is the command to use after the port forwarding goes down.
	// It can be the empty string to indicate to NOT run a command.
	// It cannot be nil in the internal state.
	DownCommand *string `json:"down_command"`
	// ListeningPort is the port traffic would be redirected to from the
	// forwarded port. The redirection is disabled if it is set to 0, which
	// is its default as well.
	ListeningPort *uint16 `json:"listening_port"`
	// Username is only used for Private Internet Access port forwarding.
	Username string `json:"username"`
	// Password is only used for Private Internet Access port forwarding.
	Password string `json:"password"`
}

PortForwarding contains settings for port forwarding.

func (*PortForwarding) Copy

func (p *PortForwarding) Copy() (copied PortForwarding)

func (*PortForwarding) OverrideWith

func (p *PortForwarding) OverrideWith(other PortForwarding)

func (PortForwarding) String

func (p PortForwarding) String() string

func (PortForwarding) Validate

func (p PortForwarding) Validate(vpnProvider string) (err error)

type Provider

type Provider struct {
	// Name is the VPN service provider name.
	// It cannot be the empty string in the internal state.
	Name string `json:"name"`
	// ServerSelection is the settings to
	// select the VPN server.
	ServerSelection ServerSelection `json:"server_selection"`
	// PortForwarding is the settings about port forwarding.
	PortForwarding PortForwarding `json:"port_forwarding"`
}

Provider contains settings specific to a VPN provider.

func (Provider) String

func (p Provider) String() string

type PublicIP

type PublicIP struct {
	// Enabled is set to true to fetch the public ip address
	// information on VPN connection. It defaults to true.
	Enabled *bool
	// IPFilepath is the public IP address status file path
	// to use. It can be the empty string to indicate not
	// to write to a file. It cannot be nil for the
	// internal state
	IPFilepath *string
	// APIs is the list of public ip APIs to use to fetch public IP information.
	// If there is more than one API, the first one is used
	// by default and the others are used as fallbacks in case of
	// the service rate limiting us. It defaults to use all services,
	// with the first one being ipinfo.io for historical reasons.
	APIs []PublicIPAPI
}

PublicIP contains settings for port forwarding.

func (PublicIP) String

func (p PublicIP) String() string

func (PublicIP) UpdateWith

func (p PublicIP) UpdateWith(partialUpdate PublicIP) (updatedSettings PublicIP, err error)

UpdateWith deep copies the receiving settings, overrides the copy with fields set in the partialUpdate argument, validates the new settings and returns them if they are valid, or returns an error otherwise. In all cases, the receiving settings are unmodified.

type PublicIPAPI

type PublicIPAPI struct {
	// Name is the name of the public ip API service.
	// It can be "cloudflare", "ifconfigco", "ip2location" or "ipinfo".
	Name string
	// Token is the token to use for the public ip API service.
	Token string
}

type ServerSelection

type ServerSelection struct {
	// VPN is the VPN type which can be 'openvpn'
	// or 'wireguard'. It cannot be the empty string
	// in the internal state.
	VPN string `json:"vpn"`
	// TargetIP is the server endpoint IP address to use.
	// It will override any IP address from the picked
	// built-in server. It cannot be the empty value in the internal
	// state, and can be set to the unspecified address to indicate
	// there is not target IP address to use.
	TargetIP netip.Addr `json:"target_ip"`
	// Countries is the list of countries to filter VPN servers with.
	Countries []string `json:"countries"`
	// Categories is the list of categories to filter VPN servers with.
	Categories []string `json:"categories"`
	// Regions is the list of regions to filter VPN servers with.
	Regions []string `json:"regions"`
	// Cities is the list of cities to filter VPN servers with.
	Cities []string `json:"cities"`
	// ISPs is the list of ISP names to filter VPN servers with.
	ISPs []string `json:"isps"`
	// Names is the list of server names to filter VPN servers with.
	Names []string `json:"names"`
	// Numbers is the list of server numbers to filter VPN servers with.
	Numbers []uint16 `json:"numbers"`
	// Hostnames is the list of hostnames to filter VPN servers with.
	Hostnames []string `json:"hostnames"`
	// OwnedOnly is true if VPN provider servers that are not owned
	// should be filtered. This is used with Mullvad.
	OwnedOnly *bool `json:"owned_only"`
	// FreeOnly is true if VPN servers that are not free should
	// be filtered. This is used with ProtonVPN and VPN Unlimited.
	FreeOnly *bool `json:"free_only"`
	// PremiumOnly is true if VPN servers that are not premium should
	// be filtered. This is used with VPN Secure.
	// TODO extend to providers using FreeOnly.
	PremiumOnly *bool `json:"premium_only"`
	// StreamOnly is true if VPN servers not for streaming should
	// be filtered. This is used with ProtonVPN and VPNUnlimited.
	StreamOnly *bool `json:"stream_only"`
	// MultiHopOnly is true if VPN servers that are not multihop
	// should be filtered. This is used with Surfshark.
	MultiHopOnly *bool `json:"multi_hop_only"`
	// PortForwardOnly is true if VPN servers that don't support
	// port forwarding should be filtered. This is used with PIA
	// and ProtonVPN.
	PortForwardOnly *bool `json:"port_forward_only"`
	// SecureCoreOnly is true if VPN servers without secure core should
	// be filtered. This is used with ProtonVPN.
	SecureCoreOnly *bool `json:"secure_core_only"`
	// TorOnly is true if VPN servers without tor should
	// be filtered. This is used with ProtonVPN.
	TorOnly *bool `json:"tor_only"`
	// OpenVPN contains settings to select OpenVPN servers
	// and the final connection.
	OpenVPN OpenVPNSelection `json:"openvpn"`
	// Wireguard contains settings to select Wireguard servers
	// and the final connection.
	Wireguard WireguardSelection `json:"wireguard"`
}

func (ServerSelection) String

func (ss ServerSelection) String() string

func (ServerSelection) WithDefaults

func (ss ServerSelection) WithDefaults(provider string) ServerSelection

WithDefaults is a shorthand using setDefaults. It's used in unit tests in other packages.

type Settings

type Settings struct {
	ControlServer ControlServer
	DNS           DNS
	Firewall      Firewall
	Health        Health
	HTTPProxy     HTTPProxy
	Log           Log
	PublicIP      PublicIP
	Shadowsocks   Shadowsocks
	Storage       Storage
	System        System
	Updater       Updater
	Version       Version
	VPN           VPN
	Pprof         pprof.Settings
}

func (*Settings) OverrideWith

func (s *Settings) OverrideWith(other Settings,
	filterChoicesGetter FilterChoicesGetter, ipv6Supported bool, warner Warner,
) (err error)

func (*Settings) Read

func (s *Settings) Read(r *reader.Reader, warner Warner) (err error)

func (*Settings) SetDefaults

func (s *Settings) SetDefaults()

func (Settings) String

func (s Settings) String() string

func (*Settings) Validate

func (s *Settings) Validate(filterChoicesGetter FilterChoicesGetter, ipv6Supported bool,
	warner Warner,
) (err error)

Validate validates all the settings and returns an error if one of them is not valid. TODO v4 remove pointer for receiver (because of Surfshark).

func (Settings) Warnings

func (s Settings) Warnings() (warnings []string)

type Shadowsocks

type Shadowsocks struct {
	// Enabled is true if the server should be running.
	// It defaults to false, and cannot be nil in the internal state.
	Enabled *bool
	// Settings are settings for the TCP+UDP server.
	tcpudp.Settings
}

Shadowsocks contains settings to configure the Shadowsocks server.

func (Shadowsocks) String

func (s Shadowsocks) String() string

type Storage

type Storage struct {
	// Filepath is the path to the servers.json file. An empty string disables on-disk storage.
	Filepath *string
}

Storage contains settings to configure the storage.

func (Storage) String

func (s Storage) String() string

type System

type System struct {
	PUID     *uint32
	PGID     *uint32
	Timezone string
}

System contains settings to configure system related elements.

func (System) String

func (s System) String() string

type Updater

type Updater struct {
	// Period is the period for which the updater
	// should run. It can be set to 0 to disable the
	// updater. It cannot be nil in the internal state.
	// TODO change to value and add Enabled field.
	Period *time.Duration
	// DNSAddress is the DNS server address to use
	// to resolve VPN server hostnames to IP addresses.
	// It cannot be the empty string in the internal state.
	DNSAddress string
	// MinRatio is the minimum ratio of servers to
	// find per provider, compared to the total current
	// number of servers. It defaults to 0.8.
	MinRatio float64
	// Providers is the list of VPN service providers
	// to update server information for.
	Providers []string
}

Updater contains settings to configure the VPN server information updater.

func (*Updater) SetDefaults

func (u *Updater) SetDefaults(vpnProvider string)

func (Updater) String

func (u Updater) String() string

func (Updater) Validate

func (u Updater) Validate() (err error)

type VPN

type VPN struct {
	// Type is the VPN type and can only be
	// 'openvpn' or 'wireguard'. It cannot be the
	// empty string in the internal state.
	Type      string    `json:"type"`
	Provider  Provider  `json:"provider"`
	OpenVPN   OpenVPN   `json:"openvpn"`
	Wireguard Wireguard `json:"wireguard"`
}

func (*VPN) Copy

func (v *VPN) Copy() (copied VPN)

func (*VPN) OverrideWith

func (v *VPN) OverrideWith(other VPN)

func (VPN) String

func (v VPN) String() string

func (*VPN) Validate

func (v *VPN) Validate(filterChoicesGetter FilterChoicesGetter, ipv6Supported bool, warner Warner) (err error)

TODO v4 remove pointer for receiver (because of Surfshark).

type Version

type Version struct {
	// Enabled is true if the version information should
	// be fetched from Github.
	Enabled *bool
}

Version contains settings to configure the version information fetcher.

func (Version) String

func (v Version) String() string

type Warner

type Warner interface {
	Warn(message string)
}

type Wireguard

type Wireguard struct {
	// PrivateKey is the Wireguard client peer private key.
	// It cannot be nil in the internal state.
	PrivateKey *string `json:"private_key"`
	// PreSharedKey is the Wireguard pre-shared key.
	// It can be the empty string to indicate there
	// is no pre-shared key.
	// It cannot be nil in the internal state.
	PreSharedKey *string `json:"pre_shared_key"`
	// Addresses are the Wireguard interface addresses.
	Addresses []netip.Prefix `json:"addresses"`
	// AllowedIPs are the Wireguard allowed IPs.
	// If left unset, they default to "0.0.0.0/0"
	// and, if IPv6 is supported, "::0".
	AllowedIPs []netip.Prefix `json:"allowed_ips"`
	// Interface is the name of the Wireguard interface
	// to create. It cannot be the empty string in the
	// internal state.
	Interface                   string         `json:"interface"`
	PersistentKeepaliveInterval *time.Duration `json:"persistent_keep_alive_interval"`
	// Maximum Transmission Unit (MTU) of the Wireguard interface.
	// It cannot be zero in the internal state, and defaults to
	// 1320. Note it is not the wireguard-go MTU default of 1420
	// because this impacts bandwidth a lot on some VPN providers,
	// see https://github.com/qdm12/gluetun/issues/1650.
	// It has been lowered to 1320 following quite a bit of
	// investigation in the issue:
	// https://github.com/qdm12/gluetun/issues/2533.
	MTU uint16 `json:"mtu"`
	// Implementation is the Wireguard implementation to use.
	// It can be "auto", "userspace" or "kernelspace".
	// It defaults to "auto" and cannot be the empty string
	// in the internal state.
	Implementation string `json:"implementation"`
}

Wireguard contains settings to configure the Wireguard client.

func (Wireguard) String

func (w Wireguard) String() string

type WireguardSelection

type WireguardSelection struct {
	// EndpointIP is the server endpoint IP address.
	// It is only used with VPN providers generating Wireguard
	// configurations specific to each server and user.
	// To indicate it should not be used, it should be set
	// to netip.IPv4Unspecified(). It can never be the zero value
	// in the internal state.
	EndpointIP netip.Addr `json:"endpoint_ip"`
	// EndpointPort is a the server port to use for the VPN server.
	// It is optional for VPN providers IVPN, Mullvad, Surfshark
	// and Windscribe, and compulsory for the others.
	// When optional, it can be set to 0 to indicate not use
	// a custom endpoint port. It cannot be nil in the internal
	// state.
	EndpointPort *uint16 `json:"endpoint_port"`
	// PublicKey is the server public key.
	// It is only used with VPN providers generating Wireguard
	// configurations specific to each server and user.
	PublicKey string `json:"public_key"`
}

func (WireguardSelection) String

func (w WireguardSelection) String() string

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL