b26cb508de
Splitted BLOCK_MALICIOUS with BLOCK_NSA and UNBLOCK env variable
2019-04-23 10:29:44 +02:00
27802ba886
Runs OpenVPN as root by default, fixes #19
2019-03-18 11:27:36 +01:00
a3bfa2d77a
Changed healthcheck to only ping 1.1.1.1 to check connectivity
...
This is because your VPN public IP might not be the VPN server entrance IP address, resulting in the container being unhealthy most of the time.
2019-01-15 14:40:28 +01:00
63eae489c7
Reduced image size by removing unbound useless binaries
2019-01-14 09:54:33 +01:00
a8e88cc7fc
Replaced external docker images with Github hosted files
2019-01-01 23:14:36 +02:00
24ba0958ac
Fixed healthcheck
2018-11-27 21:09:21 +02:00
2b45ba3425
The target files are created in /openvpn/target
...
- More resilience to failure
- Less verbose
- Works with start/stop
2018-11-27 17:50:08 +02:00
d1ebddb029
Fixed auth_failed error
...
- Removed nonrootgroup
- File directories are slightly different
- Resolv-retry is removed as pointless as IP addresses are used
- Fixed some arguments to openvpn
2018-11-17 14:44:17 +02:00
9ba7f5969c
Fixed healthcheck
2018-11-15 14:41:39 +02:00
9c6afff973
Healthcheck checks your IP is in the VPN configuration file
2018-11-14 16:25:23 +02:00
d3dc6c74d8
Multiple additions and fixes #12
...
- Unbound ran as `nonrootuser`
- Readme updated
- auth.conf replaced by `USER` and `PASSWORD` env variables
- Removed Nginx section from readme for now
- Reworked entrypoint with more checks
- Malicious IPs and hostnames building is done at Docker build to gain time at launch
- docker-compose updated to reflect changes
2018-11-14 14:38:10 +02:00
7b4c216fc8
Reworked project overall
2018-11-06 14:55:11 +01:00
08d1afccfe
Reworked labels, readme and added License
2018-10-29 16:32:11 +01:00
4bcaec6a33
Big refactoring (more secured, more modular)
...
- Region change to "CA Montreal"
- Using external data images for malicious hostnames
- Added malicious IP addresses blocking with Unbound
- Unbound has DNS rebinding protection
2018-10-28 14:08:14 +01:00
559bec0ba0
Update md5 hash of the named.root file
2018-10-28 16:46:18 +11:00
867992f435
Run apk with --update --no-cache flags to fetch a fresh list of dependencies
2018-10-28 16:45:56 +11:00
3bc45d930c
Hostnames block is done in memory only
2018-10-10 10:24:15 +02:00
e0f201a334
Openvpn runs as non root user and tries all IP addresses
2018-10-05 12:43:16 +02:00
b73ad75cde
Multiple additions and fixes #5
...
- Multi stage build
- Download and checks Unbound Root anchors
- Download and build malicious hostnames block list for Unbound
- Healthcheck only based on the current IP being different from the initial IP
- IPv6 related completely removed
- Multiple checks at launch with $?
- Launch openvpn as root (can't change user)
- Unbound configured with DNS SEC for DNS over TLS
2018-10-04 22:24:43 +02:00
b8dbf0761f
Moved DNS over TLS at start as DNS is required in firewall anyway
2018-09-28 19:51:30 +02:00
93ea50bd49
Fixed non root permission issue
2018-09-21 17:39:03 +02:00
2b7c7cc62a
Restarts on fail; DNS over TLS only when connected to VPN; readme update
2018-09-21 16:39:08 +02:00
6929947611
Runs openvpn as non-root user
2018-09-21 11:39:00 +02:00
706050619d
Re-added Unbound DNS over TLS
...
It turns out you can't use a local DNS server once connected with the VPN, so running the DNS over TLS in the PIA container is the best.
2018-09-21 11:28:23 +02:00
de981c3566
Fixed firewall (iptables) and added ip6tables for ipv6
2018-09-21 09:33:37 +02:00
b652823d89
Removed Unbound from image
...
Better use it in another Docker container, it caused quite some problems with my firewall so I thought it would be better to only
2018-09-20 20:35:29 +02:00
852748ec81
Update to Alpine 3.8
2018-09-08 16:04:05 +02:00
7aa43274b1
Killswitch added with firewall, fixes #3
2018-06-06 22:44:11 -04:00
56121106a9
Added modprobe doc for raspbian, fixes #2
2018-06-01 15:02:07 -04:00
bcc39a97f0
IP detection only relies on duckduck.go
2018-05-27 20:38:43 -04:00
ec9b989ea7
Extended time for healthcheck as it was failing from time to time
2018-04-19 17:35:18 -04:00
e4d7dea676
Trying to fix bug with space value for REGION
2018-04-18 18:02:36 -04:00
adade5698e
Finished dockerfile and updating RAM usage
2018-04-16 14:50:24 -04:00
ce00e3e2b0
Fixed entrypoint permission; Updated image sizes
2018-04-16 14:31:50 -04:00
73c5fe5b2a
Healthcheck searches for city and organization of public IP
2018-04-16 14:19:35 -04:00
dd99f7e306
Added healthcheck
2018-04-15 14:52:27 -04:00
6be3846d74
Added choice of UDP/TCP and level of encryption. Reworked readme and Dockerfile
2018-04-15 14:15:58 -04:00
07dc509e6f
Updated RAM usage and CPU usage, fixed docker-compose
2018-04-13 17:51:22 -04:00
3bd804843c
Added Cloudflare 1.1.1.1 DNS over TLS
2018-04-13 15:35:31 -04:00
712b10dbf9
Fixed Dockerfile
2018-04-01 14:00:07 -04:00
7c39a4c06e
Added docker badges
2018-04-01 13:56:20 -04:00
8be3dedae5
Updated readme and labels
2018-03-31 21:56:18 -04:00
32036c9822
Updated repo
2018-03-31 20:33:45 -04:00
edd51b8078
Fixing dockerfile (again)
2018-03-23 15:33:51 -04:00
860e086d99
Fixing dockerfile
2018-03-23 15:15:49 -04:00
c0e4dd8053
Dockerfile is shorter
2018-03-23 15:05:38 -04:00
ada714af2f
Update Dockerfile
2018-03-15 13:29:47 -04:00
ebbb281280
Fixed Dockerfile chmod +x
2018-02-07 14:13:45 -05:00
244ad9bb40
Initial commit
2018-02-06 21:57:41 -05:00
Quentin McGaw