mirror of
https://github.com/qdm12/gluetun.git
synced 2026-06-10 06:12:27 +02:00
SERVER_DEDICATED option
This commit is contained in:
Quentin McGaw
@@ -192,6 +192,8 @@ ENV VPN_SERVICE_PROVIDER=pia \
|
||||
PREMIUM_ONLY= \
|
||||
# # PIA and ProtonVPN only:
|
||||
PORT_FORWARD_ONLY= \
|
||||
# # Ovpn only:
|
||||
SERVER_DEDICATED=no \
|
||||
# Firewall
|
||||
FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT=on \
|
||||
FIREWALL_VPN_INPUT_PORTS= \
|
||||
|
||||
@@ -15,7 +15,7 @@ require (
|
||||
github.com/mdlayher/netlink v1.9.0
|
||||
github.com/pelletier/go-toml/v2 v2.2.4
|
||||
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260421173011-9de8e7fdbe3a
|
||||
github.com/qdm12/gluetun-servers v0.1.1-0.20260521235724-060a16d4b34c
|
||||
github.com/qdm12/gluetun-servers v0.1.1-0.20260522005421-14277e92ce82
|
||||
github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978
|
||||
github.com/qdm12/gosettings v0.4.4
|
||||
github.com/qdm12/goshutdown v0.3.0
|
||||
|
||||
@@ -76,8 +76,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
|
||||
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
|
||||
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260421173011-9de8e7fdbe3a h1:TE157yPQmAbVruH0MWCQzs0vTT/6t96DkoWUXd6PVuc=
|
||||
github.com/qdm12/dns/v2 v2.0.0-rc9.0.20260421173011-9de8e7fdbe3a/go.mod h1:98foWgXJZ+g8gJIuO+fdO+oWpFei5WShMFTeN4Im2lE=
|
||||
github.com/qdm12/gluetun-servers v0.1.1-0.20260521235724-060a16d4b34c h1:rPgmhMt9uOq6pdPr8k0sXUnZ0fjTBw+yUOaIl0ttFu4=
|
||||
github.com/qdm12/gluetun-servers v0.1.1-0.20260521235724-060a16d4b34c/go.mod h1:acttuyHyoFDu6GTbf3kAV+QXeiX8oJeh0MBic67/9z8=
|
||||
github.com/qdm12/gluetun-servers v0.1.1-0.20260522005421-14277e92ce82 h1:tE44IEW7o9yPQaO8HBeoO9RxtTTxqhboIypegrQlVt8=
|
||||
github.com/qdm12/gluetun-servers v0.1.1-0.20260522005421-14277e92ce82/go.mod h1:acttuyHyoFDu6GTbf3kAV+QXeiX8oJeh0MBic67/9z8=
|
||||
github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978 h1:TRGpCU1l0lNwtogEUSs5U+RFceYxkAJUmrGabno7J5c=
|
||||
github.com/qdm12/goservices v0.1.1-0.20251104135713-6bee97bd4978/go.mod h1:D1Po4CRQLYjccnAR2JsVlN1sBMgQrcNLONbvyuzcdTg=
|
||||
github.com/qdm12/gosettings v0.4.4 h1:SM6tOZDf6k8qbjWU8KWyBF4mWIixfsKCfh9DGRLHlj4=
|
||||
|
||||
@@ -63,6 +63,9 @@ type ServerSelection struct {
|
||||
// TorOnly is true if VPN servers without tor should
|
||||
// be filtered. This is used with ProtonVPN.
|
||||
TorOnly *bool `json:"tor_only"`
|
||||
// Dedicated is true if dedicated VPN servers should be chosen only.
|
||||
// This is used with OVPN.
|
||||
Dedicated *bool `json:"dedicated"`
|
||||
// OpenVPN contains settings to select OpenVPN servers
|
||||
// and the final connection.
|
||||
OpenVPN OpenVPNSelection `json:"openvpn"`
|
||||
@@ -272,6 +275,8 @@ func validateFeatureFilters(settings ServerSelection, vpnServiceProvider string)
|
||||
return errors.New("secure core only filter is not supported")
|
||||
case *settings.TorOnly && vpnServiceProvider != providers.Protonvpn:
|
||||
return errors.New("tor only filter is not supported")
|
||||
case *settings.Dedicated && vpnServiceProvider != providers.Ovpn:
|
||||
return errors.New("dedicated filter is not supported")
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
@@ -296,6 +301,7 @@ func (ss *ServerSelection) copy() (copied ServerSelection) {
|
||||
TorOnly: gosettings.CopyPointer(ss.TorOnly),
|
||||
PortForwardOnly: gosettings.CopyPointer(ss.PortForwardOnly),
|
||||
MultiHopOnly: gosettings.CopyPointer(ss.MultiHopOnly),
|
||||
Dedicated: gosettings.CopyPointer(ss.Dedicated),
|
||||
OpenVPN: ss.OpenVPN.copy(),
|
||||
Wireguard: ss.Wireguard.copy(),
|
||||
}
|
||||
@@ -319,6 +325,7 @@ func (ss *ServerSelection) overrideWith(other ServerSelection) {
|
||||
ss.TorOnly = gosettings.OverrideWithPointer(ss.TorOnly, other.TorOnly)
|
||||
ss.MultiHopOnly = gosettings.OverrideWithPointer(ss.MultiHopOnly, other.MultiHopOnly)
|
||||
ss.PortForwardOnly = gosettings.OverrideWithPointer(ss.PortForwardOnly, other.PortForwardOnly)
|
||||
ss.Dedicated = gosettings.OverrideWithPointer(ss.Dedicated, other.Dedicated)
|
||||
ss.OpenVPN.overrideWith(other.OpenVPN)
|
||||
ss.Wireguard.overrideWith(other.Wireguard)
|
||||
}
|
||||
@@ -335,6 +342,7 @@ func (ss *ServerSelection) setDefaults(vpnProvider string, portForwardingEnabled
|
||||
defaultPortForwardOnly := portForwardingEnabled &&
|
||||
helpers.IsOneOf(vpnProvider, providers.PrivateInternetAccess, providers.Protonvpn)
|
||||
ss.PortForwardOnly = gosettings.DefaultPointer(ss.PortForwardOnly, defaultPortForwardOnly)
|
||||
ss.Dedicated = gosettings.DefaultPointer(ss.Dedicated, false)
|
||||
ss.OpenVPN.setDefaults(vpnProvider)
|
||||
ss.Wireguard.setDefaults()
|
||||
}
|
||||
@@ -410,6 +418,10 @@ func (ss ServerSelection) toLinesNode() (node *gotree.Node) {
|
||||
node.Appendf("Multi-hop only servers: yes")
|
||||
}
|
||||
|
||||
if *ss.Dedicated {
|
||||
node.Appendf("Dedicated servers: yes")
|
||||
}
|
||||
|
||||
if *ss.PortForwardOnly {
|
||||
node.Appendf("Port forwarding only servers: yes")
|
||||
}
|
||||
@@ -501,6 +513,12 @@ func (ss *ServerSelection) read(r *reader.Reader,
|
||||
return err
|
||||
}
|
||||
|
||||
// Ovpn only
|
||||
ss.Dedicated, err = r.BoolPtr("SERVER_DEDICATED")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
err = ss.OpenVPN.read(r)
|
||||
if err != nil {
|
||||
return err
|
||||
|
||||
@@ -34,6 +34,7 @@ type Server struct {
|
||||
SecureCore bool `json:"secure_core,omitempty"`
|
||||
Tor bool `json:"tor,omitempty"`
|
||||
PortForward bool `json:"port_forward,omitempty"`
|
||||
Dedicated bool `json:"dedicated,omitempty"`
|
||||
Keep bool `json:"keep,omitempty"`
|
||||
IPs []netip.Addr `json:"ips,omitempty"`
|
||||
PortsTCP []uint16 `json:"ports_tcp,omitempty"`
|
||||
|
||||
@@ -22,13 +22,16 @@ type apiDataCenter struct {
|
||||
}
|
||||
|
||||
type apiServer struct {
|
||||
IP netip.Addr `json:"ip"`
|
||||
Ptr string `json:"ptr"` // hostname
|
||||
Online bool `json:"online"`
|
||||
PublicKey string `json:"public_key"`
|
||||
WireguardPorts []uint16 `json:"wireguard_ports"`
|
||||
MultiHopOpenvpnPort uint16 `json:"multihop_openvpn_port"`
|
||||
MultiHopWireguardPort uint16 `json:"multihop_wireguard_port"`
|
||||
IP netip.Addr `json:"ip"`
|
||||
Ptr string `json:"ptr"` // hostname
|
||||
Online bool `json:"online"`
|
||||
// PublicKey is for the Standard Shared Entry Point
|
||||
PublicKey string `json:"public_key"`
|
||||
// PublicKeyIPv4 is for the Public / Dedicated IP Entry Point
|
||||
PublicKeyIPv4 string `json:"public_key_ipv4"`
|
||||
WireguardPorts []uint16 `json:"wireguard_ports"`
|
||||
MultiHopOpenvpnPort uint16 `json:"multihop_openvpn_port"`
|
||||
MultiHopWireguardPort uint16 `json:"multihop_wireguard_port"`
|
||||
}
|
||||
|
||||
func fetchAPI(ctx context.Context, client *http.Client) (
|
||||
@@ -106,6 +109,7 @@ func (a *apiServer) validate() (err error) {
|
||||
{err: "ip address is not set", condition: !a.IP.IsValid()},
|
||||
{err: "hostname field is not set", condition: a.Ptr == ""},
|
||||
{err: "public key field is not set", condition: a.PublicKey == ""},
|
||||
{err: "public key IPv4 field is not set", condition: a.PublicKeyIPv4 == ""},
|
||||
{err: "wireguard ports array is not set", condition: len(a.WireguardPorts) == 0},
|
||||
{
|
||||
err: "wireguard port is not the default 9929",
|
||||
|
||||
@@ -76,6 +76,7 @@ func Test_fetchAPI(t *testing.T) {
|
||||
Ptr: "vpn44.prd.vienna.ovpn.com",
|
||||
Online: true,
|
||||
PublicKey: "r83LIc0Q2F8s3dY9x5y17Yz8wTADJc7giW1t5eSmoXc=",
|
||||
PublicKeyIPv4: "wFbSRyjSXBmkjJodlqz7DoYn3WNDPYFUIXyIUS2QU2A=",
|
||||
WireguardPorts: []uint16{9929},
|
||||
MultiHopOpenvpnPort: 20044,
|
||||
MultiHopWireguardPort: 30044,
|
||||
|
||||
@@ -56,7 +56,18 @@ func (u *Updater) FetchServers(ctx context.Context, minServers int) (
|
||||
multiHopWireguardServer := wireguardServer
|
||||
multiHopWireguardServer.MultiHop = true
|
||||
multiHopWireguardServer.PortsUDP = []uint16{apiServer.MultiHopWireguardPort}
|
||||
servers = append(servers, wireguardServer, multiHopWireguardServer)
|
||||
dedicatedWireguardServer := wireguardServer
|
||||
dedicatedWireguardServer.WgPubKey = apiServer.PublicKeyIPv4
|
||||
dedicatedWireguardServer.Dedicated = true
|
||||
dedicatedMultiHopWireguardServer := multiHopWireguardServer
|
||||
dedicatedMultiHopWireguardServer.WgPubKey = apiServer.PublicKeyIPv4
|
||||
dedicatedMultiHopWireguardServer.Dedicated = true
|
||||
servers = append(servers,
|
||||
wireguardServer,
|
||||
multiHopWireguardServer,
|
||||
dedicatedWireguardServer,
|
||||
dedicatedMultiHopWireguardServer,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -55,7 +55,7 @@ func Test_Updater_FetchServers(t *testing.T) {
|
||||
errMessage: "validating data center 1 of 1: data center Vienna: country name is not set",
|
||||
},
|
||||
"not_enough_servers": {
|
||||
minServers: 5,
|
||||
minServers: 7,
|
||||
responseStatus: http.StatusOK,
|
||||
responseBody: `{
|
||||
"success": true,
|
||||
@@ -69,6 +69,7 @@ func Test_Updater_FetchServers(t *testing.T) {
|
||||
"ptr": "vpn44.prd.vienna.ovpn.com",
|
||||
"online": true,
|
||||
"public_key": "r83LIc0Q2F8s3dY9x5y17Yz8wTADJc7giW1t5eSmoXc=",
|
||||
"public_key_ipv4": "wFbSRyjSXBmkjJodlqz7DoYn3WNDPYFUIXyIUS2QU2A=",
|
||||
"wireguard_ports": [9929],
|
||||
"multihop_openvpn_port": 20044,
|
||||
"multihop_wireguard_port": 30044
|
||||
@@ -78,7 +79,9 @@ func Test_Updater_FetchServers(t *testing.T) {
|
||||
]
|
||||
}`,
|
||||
errWrapped: common.ErrNotEnoughServers,
|
||||
errMessage: "not enough servers found: 4 and expected at least 5",
|
||||
// Wireguard + dedicated Wireguard + Wireguard multi-hop +
|
||||
// dedicated Wireguard multi-hop + OpenVPN + OpenVPN multi-hop
|
||||
errMessage: "not enough servers found: 6 and expected at least 7",
|
||||
},
|
||||
"success": {
|
||||
minServers: 4,
|
||||
@@ -114,6 +117,7 @@ func Test_Updater_FetchServers(t *testing.T) {
|
||||
"ptr": "vpn45.prd.vienna.ovpn.com",
|
||||
"online": false,
|
||||
"public_key": "r93LIc0Q2F8s3dY9x5y17Yz8wTADJc7giW1t5eSmoXc=",
|
||||
"public_key_ipv4": "wGbSRyjSXBmkjJodlqz7DoYn3WNDPYFUIXyIUS2QU2A=",
|
||||
"wireguard_ports": [9929],
|
||||
"multihop_openvpn_port": 20045,
|
||||
"multihop_wireguard_port": 30045
|
||||
@@ -163,6 +167,26 @@ func Test_Updater_FetchServers(t *testing.T) {
|
||||
MultiHop: true,
|
||||
PortsUDP: []uint16{30044},
|
||||
},
|
||||
{
|
||||
Country: "Austria",
|
||||
City: "Vienna",
|
||||
Hostname: "vpn44.prd.vienna.ovpn.com",
|
||||
IPs: []netip.Addr{netip.MustParseAddr("37.120.212.227")},
|
||||
VPN: vpn.Wireguard,
|
||||
WgPubKey: "wFbSRyjSXBmkjJodlqz7DoYn3WNDPYFUIXyIUS2QU2A=",
|
||||
Dedicated: true,
|
||||
},
|
||||
{
|
||||
Country: "Austria",
|
||||
City: "Vienna",
|
||||
Hostname: "vpn44.prd.vienna.ovpn.com",
|
||||
IPs: []netip.Addr{netip.MustParseAddr("37.120.212.227")},
|
||||
VPN: vpn.Wireguard,
|
||||
WgPubKey: "wFbSRyjSXBmkjJodlqz7DoYn3WNDPYFUIXyIUS2QU2A=",
|
||||
MultiHop: true,
|
||||
Dedicated: true,
|
||||
PortsUDP: []uint16{30044},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
@@ -49,6 +49,7 @@ func (s *Storage) FilterServers(provider string, selection settings.ServerSelect
|
||||
return servers, nil
|
||||
}
|
||||
|
||||
//nolint:gocognit,gocyclo
|
||||
func filterServer(server models.Server,
|
||||
selection settings.ServerSelection,
|
||||
) (filtered bool) {
|
||||
@@ -91,6 +92,11 @@ func filterServer(server models.Server,
|
||||
return true
|
||||
}
|
||||
|
||||
if (*selection.Dedicated && !server.Dedicated) ||
|
||||
(!*selection.Dedicated && server.Dedicated) {
|
||||
return false
|
||||
}
|
||||
|
||||
if filterByPossibilities(server.Country, selection.Countries) {
|
||||
return true
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user