vanja/gluetun
1
0
Fork 0
mirror of https://github.com/qdm12/gluetun.git synced 2026-05-06 20:10:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

chore(devrun): support key and cert for OpenVPN credentials

Browse Source
This commit is contained in:
Quentin McGaw
2026-05-03 02:53:36 +00:00
parent 28ac8b859e
commit 44d510417e
2 changed files with 27 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
devrun/internal/credentials.go
+13 -2
View File
@@ -27,6 +27,8 @@ type providerCredentials struct {
type openvpnCredentials struct { type openvpnCredentials struct {
Username string Username string
Password string Password string
Key string
Cert string
} }
type wireguardCredentials struct { type wireguardCredentials struct {
@@ -76,10 +78,12 @@ func validateCredentials(providerNameToCredentials map[string]providerCredential
func validateOpenvpnCredentials(provider string, creds *openvpnCredentials) error { func validateOpenvpnCredentials(provider string, creds *openvpnCredentials) error {
switch { switch {
case creds.Username == "": case creds.Username == "" && creds.Password != "":
return fmt.Errorf("provider %q openvpn credentials are missing the username", provider) return fmt.Errorf("provider %q openvpn credentials are missing the username", provider)
case creds.Password == "": case creds.Password == "" && creds.Username != "":
return fmt.Errorf("provider %q openvpn credentials are missing the password", provider) return fmt.Errorf("provider %q openvpn credentials are missing the password", provider)
case creds.Username == "" && creds.Password == "" && creds.Key == "" && creds.Cert == "":
return fmt.Errorf("provider %q openvpn credentials are missing the username and password", provider)
} }
return nil return nil
} }
@@ -147,6 +151,8 @@ func buildOpenvpnEnv(creds *openvpnCredentials) []string {
return []string{ return []string{
"OPENVPN_USER=" + creds.Username, "OPENVPN_USER=" + creds.Username,
"OPENVPN_PASSWORD=" + creds.Password, "OPENVPN_PASSWORD=" + creds.Password,
"OPENVPN_KEY=" + creds.Key,
"OPENVPN_CERT=" + creds.Cert,
} }
} }
@@ -220,6 +226,11 @@ func formatCredentialForDump(provider, vpnType string,
builder.WriteString("\n") builder.WriteString("\n")
builder.WriteString("password: ") builder.WriteString("password: ")
builder.WriteString(providerCredentials.OpenVPN.Password) builder.WriteString(providerCredentials.OpenVPN.Password)
builder.WriteString("\nkey: ")
builder.WriteString(providerCredentials.OpenVPN.Key)
builder.WriteString("\ncert: ")
builder.WriteString(providerCredentials.OpenVPN.Cert)
builder.WriteString("\n")
case vpnTypeWireGuard: case vpnTypeWireGuard:
if providerCredentials.WireGuard == nil { if providerCredentials.WireGuard == nil {
return "", fmt.Errorf("no wireguard credentials found for provider %q", provider) return "", fmt.Errorf("no wireguard credentials found for provider %q", provider)
devrun/internal/encrypt.go
+14 -2
View File
@@ -205,19 +205,31 @@ func promptAndAddCredential(
) error { ) error {
switch vpnType { switch vpnType {
case vpnTypeOpenVPN: case vpnTypeOpenVPN:
username, err := readLine(ctx, "OpenVPN username: ", false) username, err := readLine(ctx, "OpenVPN username: ", true)
if err != nil { if err != nil {
return fmt.Errorf("reading username: %w", err) return fmt.Errorf("reading username: %w", err)
} }
password, err := readSecret(ctx, "OpenVPN password: ", false) password, err := readSecret(ctx, "OpenVPN password: ", username == "")
if err != nil { if err != nil {
return fmt.Errorf("reading password: %w", err) return fmt.Errorf("reading password: %w", err)
} }
key, err := readSecret(ctx, "OpenVPN key: ", true)
if err != nil {
return fmt.Errorf("reading key: %w", err)
}
cert, err := readSecret(ctx, "OpenVPN cert: ", true)
if err != nil {
return fmt.Errorf("reading cert: %w", err)
}
openvpnCredentials := &openvpnCredentials{ openvpnCredentials := &openvpnCredentials{
Username: username, Username: username,
Password: string(password), Password: string(password),
Key: string(key),
Cert: string(cert),
} }
err = validateOpenvpnCredentials(provider, openvpnCredentials) err = validateOpenvpnCredentials(provider, openvpnCredentials)
if err != nil { if err != nil {