codecov[bot]
commented
3 months ago Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Closed renovate[bot] closed 3 months ago
codecov[bot]
commented
3 months ago All modified and coverable lines are covered by tests :white_check_mark:
This PR contains the following updates:
v3.35.0->v3.38.0Release Notes
qdm12/gluetun (qmcgaw/gluetun)
### [`v3.38.0`](https://togithub.com/qdm12/gluetun/releases/tag/v3.38.0) [Compare Source](https://togithub.com/qdm12/gluetun/compare/v3.37.0...v3.38.0) #### Features - Public IP fetching: - Add `PUBLICIP_API_TOKEN` variable - `PUBLICIP_API` variable supporting `ipinfo` and `ip2location` - Private Internet Access: `PORT_FORWARD_ONLY` variable ([#2070](https://togithub.com/qdm12/gluetun/issues/2070)) - NordVPN: - update mechanism uses v2 NordVPN web API - Filter servers with `SERVER_CATEGORIES` ([#1806](https://togithub.com/qdm12/gluetun/issues/1806)) - Wireguard: - Read config from secret file, defaults to `/run/secrets/wg0.conf` which can be changed with variable `WIREGUARD_CONF_SECRETFILE` - Read private key, preshared key and addresses from individual secret files ([#1348](https://togithub.com/qdm12/gluetun/issues/1348)) - Firewall: disallow the unspecified address (`0.0.0.0/0` or `::/0`) for outbound subnets - Built-in servers data updated: - NordVPN - Privado - Private Internet Access - VPN Unlimited - VyprVPN - Healthcheck: change unhealthy log from info to debug level #### Fixes - Privado: update OpenVPN zip file URL - `STREAM_ONLY` behavior fixed ([#2126](https://togithub.com/qdm12/gluetun/issues/2126)) - Torguard: set user agent to be allowed to download zip files - Surfshark: - Remove no longer valid multi hop regions - Fail validation for empty string region - Clearer error message for surfshark regions: only log possible 'new' server regions, do not log old retro-compatible server regions #### Maintenance - Healthcheck: more explicit log to go read the Wiki health guide - NAT-PMP: RPC error contain all failed attempt messages - Github: - add closed issue workflow stating comments are not monitored - add opened issue workflow - Dependencies - Bump github.com/breml/rootcerts from 0.2.14 to 0.2.16 ([#2094](https://togithub.com/qdm12/gluetun/issues/2094)) - CI - Pin docker/build-push-action to v5 (without minor version) - Upgrade linter to v1.56.2 ### [`v3.37.0`](https://togithub.com/qdm12/gluetun/releases/tag/v3.37.0) [Compare Source](https://togithub.com/qdm12/gluetun/compare/v3.36.0...v3.37.0) π π Happy new year **2024** π π *Personal note at the bottom* π #### Features - Port forwarding: port redirection with `VPN_PORT_FORWARDING_LISTENING_PORT` - Custom provider: support tcp-client proto for OpenVPN - NordVPN: add access token warning if used as wireguard private key - Windscribe: update servers data #### Fixes - Shadowsocks: bump from v0.5.0-rc1 to v0.5.0 - treat udp read error as non critical - log out crash error for tcpudp combined server - Wireguard: - Load preshared key from toml file correctly and from peer selection - Custom provider OpenVPN: - Default TCP port for any tcp protocol - Firewall: - Handle OpenVPN `tcp-client` protocol as `tcp` - PureVPN: fix update url and update servers ([#1992](https://togithub.com/qdm12/gluetun/issues/1992)) - VPN Unlimited OpenVPN: - Update CA certificate and add new second certificate - Remove `DEFAULT:@SECLEVEL=0` - Specify cipher as AES-256-CBC and auth as SHA512 - Format-servers command: - Fix for providers with dashes - Add missing `server name` header for PIA #### Maintenance - Bump github.com/breml/rootcerts from 0.2.11 to 0.2.14 ([#1800](https://togithub.com/qdm12/gluetun/issues/1800), [#1981](https://togithub.com/qdm12/gluetun/issues/1981)) - Bump github.com/fatih/color from 1.15.0 to 1.16.0 ([#1950](https://togithub.com/qdm12/gluetun/issues/1950)) - Bump github.com/klauspost/compress from 1.16.7 to 1.17.4 ([#1922](https://togithub.com/qdm12/gluetun/issues/1922), [#1993](https://togithub.com/qdm12/gluetun/issues/1993)) - Bump golang.org/x/crypto from 0.16.0 to 0.17.0 ([#2012](https://togithub.com/qdm12/gluetun/issues/2012)) - Bump golang.org/x/net from 0.12.0 to 0.19.0 ([#1907](https://togithub.com/qdm12/gluetun/issues/1907), [#1953](https://togithub.com/qdm12/gluetun/issues/1953), [#1985](https://togithub.com/qdm12/gluetun/issues/1985)) - Bump golang.org/x/sys from 0.11.0 to 0.13.0 ([#1897](https://togithub.com/qdm12/gluetun/issues/1897)) - Bump golang.org/x/text from 0.11.0 to 0.14.0 ([#1845](https://togithub.com/qdm12/gluetun/issues/1845), [#1946](https://togithub.com/qdm12/gluetun/issues/1946)) - CI: - Bump actions/checkout from 3 to 4 ([#1847](https://togithub.com/qdm12/gluetun/issues/1847)) - Bump crazy-max/ghaction-github-labeler from 4 to 5 ([#1858](https://togithub.com/qdm12/gluetun/issues/1858)) - Bump DavidAnson/markdownlint-cli2-action from 11 to 14 ([#1871](https://togithub.com/qdm12/gluetun/issues/1871), [#1982](https://togithub.com/qdm12/gluetun/issues/1982)) - Bump docker/build-push-action from 4.1.1 to 5.1.0 ([#1860](https://togithub.com/qdm12/gluetun/issues/1860), [#1969](https://togithub.com/qdm12/gluetun/issues/1969)) - Bump docker/login-action from 2 to 3 ([#1936](https://togithub.com/qdm12/gluetun/issues/1936)) - Bump docker/metadata-action from 4 to 5 ([#1937](https://togithub.com/qdm12/gluetun/issues/1937)) - Bump docker/setup-buildx-action from 2 to 3 ([#1938](https://togithub.com/qdm12/gluetun/issues/1938)) - Bump docker/setup-qemu-action from 2 to 3 ([#1861](https://togithub.com/qdm12/gluetun/issues/1861)) - Bump github/codeql-action from 2 to 3 ([#2002](https://togithub.com/qdm12/gluetun/issues/2002)) *** ##### Personal note on the state of Gluetun I have been focusing my effort since mid November on [a DNSSEC validator](https://togithub.com/qdm12/dns/commits/dnssec/) to finalize a Go library on par with the usage we have of Unbound, in order to replace Unbound in Gluetun and add DNS special features for Gluetun. For example: - automatically diverting local hostnames questions to the local Docker DNS server (a long overdued problem) - already implemented - allow resolution of VPN endpoint hostname to ips in a very restricted DNS server + firewall to only allow a specific hostname to resolve (not implemented yet) This is a tough problem not so well documented with few complete and valid implementations, so it's taking some time. There is likely 2 more weeks of work left before finalization. ### [`v3.36.0`](https://togithub.com/qdm12/gluetun/releases/tag/v3.36.0) [Compare Source](https://togithub.com/qdm12/gluetun/compare/v3.35.0...v3.36.0) π Happy Halloween π Hopefully it is not a spooky release! πΈ #### Features - Wireguard - `WIREGUARD_ALLOWED_IPS` variable ([#1291](https://togithub.com/qdm12/gluetun/issues/1291)) - Parse settings from `/gluetun/wireguard/wg0.conf` ([#1120](https://togithub.com/qdm12/gluetun/issues/1120)) - VPN server port forwarding - `VPN_PORT_FORWARDING_PROVIDER` variable ([#1616](https://togithub.com/qdm12/gluetun/issues/1616)) - ProtonVPN port forwarding support with NAT-PMP ([#1543](https://togithub.com/qdm12/gluetun/issues/1543)) - Servers data - Surfshark servers data API endpoint updated ([#1560](https://togithub.com/qdm12/gluetun/issues/1560)) - Built-in servers data updated for Cyberghost, Mullvad, Torguard, Surfshark - Clarify "Wireguard is up" message logged - Updater log warning about using `-minratio` if not enough servers are found - Configuration: add `/32` if not present for Wireguard addresses #### Fixes - **Minor breaking change**: `DNS_KEEP_NAMESERVER` leaves DNS fully untouched - **Minor breaking change**: `update` command uses dashes instead of spaces for provider names (i.e. `-vpn\ unlimited` -> `-vpn-unlimited`) - Port forwarding run loop reworked and fixed ([#1874](https://togithub.com/qdm12/gluetun/issues/1874)) - Public IP fetching run loop reworked and fixed - ProtonVPN: add `aes-256-gcm` cipher for OpenVPN - Custom provider: allow custom endpoint port setting - IPv6 support for ipinfo ([#1853](https://togithub.com/qdm12/gluetun/issues/1853)) - Routing: `VPNLocalGatewayIP` Wireguard support - Routing: add outbound subnets routes only for matching ip families - Routing: change firewall only for matching ip families - Netlink: try loading Wireguard module if not found ([#1741](https://togithub.com/qdm12/gluetun/issues/1741)) - Public IP: do not retry when doing too many requests #### Documentation - Readme - remove `UPDATER_VPN_SERVICE_PROVIDERS` in docker-compose config - remove Slack channel link (don't have time to check it) - update Wireguard native integrations support list - Update to use newer wiki repository - update URLs logged by program - update README.md links - update contributing guide link - update issue templates links - replace Wiki issue template by link to Gluetun Wiki repository issue creation - set program announcement about Github wiki new location - Issue templates - add Unraid as option in bug issue template - provide minimum requirements for an issue: title must be filled, at least 10 lines of log provided, Gluetun version must be provided #### Maintenance - Dockerfile: add missing environment variables - `OPENVPN_PROCESS_USER` value defaults to `root` - Add `HTTPPROXY_STEALTH=off` - Add `HTTP_CONTROL_SERVER_LOG=on` - Code - `internal/settings`: change source precedence order: Secret files then files then environment variables - `internal/routing`: Wrap `setupIPv6` rule error correctly - Move vpn gateway obtention within port forwarding service - `internal/vpn`: fix typo `portForwader` -> `portForwarder` - `internal/provider`: use type assertion for port forwarders - CI - rename workflow to `Markdown` - Markdown workflow triggers on `*.md` files only - Markdown workflow triggers for pull requests as well - Markdown job runs misspell, linting and dead link actions - Markdown publishing step to Docker Hub is only for pushes to the master branch - Add markdown-skip workflow - Dependencies - Upgrade Go to 1.21 - Upgrade linter to v1.54.1 - Bump golang.org/x/text from 0.10.0 to 0.11.0 ([#1726](https://togithub.com/qdm12/gluetun/issues/1726)) - Bump golang.org/x/sys from 0.8.0 to 0.11.0 ([#1732](https://togithub.com/qdm12/gluetun/issues/1732), [#1786](https://togithub.com/qdm12/gluetun/issues/1786)) - Bump golang.org/x/net from 0.10.0 to 0.12.0 ([#1729](https://togithub.com/qdm12/gluetun/issues/1729)) - bump gosettings to v0.4.0-rc1Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.