mirror of
https://github.com/qdm12/gluetun.git
synced 2026-05-07 04:20:12 +02:00
Quentin McGaw
11883aa830
- add option `IPV6_CHECK_ADDRESSESES=[2001:4860:4860::8888]:53,[2606:4700:4700::1111]:53` - gluetun needs access to the addresses above through the host firewall, to test ipv6 support before setting up the vpn
70 lines
2.7 KiB
Go
70 lines
2.7 KiB
Go
package vpn
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/qdm12/gluetun/internal/amneziawg"
|
|
"github.com/qdm12/gluetun/internal/configuration/settings"
|
|
"github.com/qdm12/gluetun/internal/models"
|
|
"github.com/qdm12/gluetun/internal/netlink"
|
|
"github.com/qdm12/gluetun/internal/provider"
|
|
"github.com/qdm12/gluetun/internal/wireguard"
|
|
"github.com/qdm12/gosettings"
|
|
)
|
|
|
|
// setupAmneziaWg sets AmneziaWG up using the configurators and settings given.
|
|
func setupAmneziaWg(ctx context.Context, netlinker NetLinker,
|
|
fw Firewall, providerConf provider.Provider,
|
|
settings settings.VPN, ipv6SupportLevel netlink.IPv6SupportLevel, logger wireguard.Logger) (
|
|
amneziawger *amneziawg.Amneziawg, connection models.Connection, err error,
|
|
) {
|
|
ipv6Internet := ipv6SupportLevel == netlink.IPv6Internet
|
|
connection, err = providerConf.GetConnection(settings.Provider.ServerSelection, ipv6Internet)
|
|
if err != nil {
|
|
return nil, models.Connection{}, fmt.Errorf("finding a VPN server: %w", err)
|
|
}
|
|
|
|
amneziaWGSettings := buildAmneziaWgSettings(connection, settings.AmneziaWg, ipv6SupportLevel.IsSupported())
|
|
|
|
logger.Debug("Amneziawg server public key: " + amneziaWGSettings.Wireguard.PublicKey)
|
|
logger.Debug("Amneziawg client private key: " + gosettings.ObfuscateKey(amneziaWGSettings.Wireguard.PrivateKey))
|
|
logger.Debug("Amneziawg pre-shared key: " + gosettings.ObfuscateKey(amneziaWGSettings.Wireguard.PreSharedKey))
|
|
|
|
amneziawger, err = amneziawg.New(amneziaWGSettings, netlinker, logger)
|
|
if err != nil {
|
|
return nil, models.Connection{}, fmt.Errorf("creating amneziawg: %w", err)
|
|
}
|
|
|
|
err = fw.SetVPNConnection(ctx, connection, settings.Wireguard.Interface)
|
|
if err != nil {
|
|
return nil, models.Connection{}, fmt.Errorf("setting firewall: %w", err)
|
|
}
|
|
|
|
return amneziawger, connection, nil
|
|
}
|
|
|
|
func buildAmneziaWgSettings(connection models.Connection,
|
|
userSettings settings.AmneziaWg, ipv6Supported bool,
|
|
) amneziawg.Settings {
|
|
return amneziawg.Settings{
|
|
Wireguard: buildWireguardSettings(connection, userSettings.Wireguard, ipv6Supported),
|
|
JunkPacketCount: *userSettings.JunkPacketCount,
|
|
JunkPacketMin: *userSettings.JunkPacketMin,
|
|
JunkPacketMax: *userSettings.JunkPacketMax,
|
|
PaddingS1: *userSettings.PaddingS1,
|
|
PaddingS2: *userSettings.PaddingS2,
|
|
PaddingS3: *userSettings.PaddingS3,
|
|
PaddingS4: *userSettings.PaddingS4,
|
|
HeaderH1: *userSettings.HeaderH1,
|
|
HeaderH2: *userSettings.HeaderH2,
|
|
HeaderH3: *userSettings.HeaderH3,
|
|
HeaderH4: *userSettings.HeaderH4,
|
|
InitPacketI1: *userSettings.InitPacketI1,
|
|
InitPacketI2: *userSettings.InitPacketI2,
|
|
InitPacketI3: *userSettings.InitPacketI3,
|
|
InitPacketI4: *userSettings.InitPacketI4,
|
|
InitPacketI5: *userSettings.InitPacketI5,
|
|
}
|
|
}
|