github-actions[bot]
commented
3 months ago --- HelmRelease: downloads/qbittorrent Deployment: downloads/qbittorrent
+++ HelmRelease: downloads/qbittorrent Deployment: downloads/qbittorrent
@@ -88,13 +88,13 @@
value: custom
- name: VPN_TYPE
value: wireguard
envFrom:
- secretRef:
name: qbittorrent-secret
- image: ghcr.io/qdm12/gluetun:v3.38.0
+ image: ghcr.io/qdm12/gluetun:v3.39.1
name: gluetun
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_ADMIN
This PR contains the following updates:
v3.38.0->v3.39.1Release Notes
qdm12/gluetun (ghcr.io/qdm12/gluetun)
### [`v3.39.1`](https://redirect.github.com/qdm12/gluetun/releases/tag/v3.39.1) [Compare Source](https://redirect.github.com/qdm12/gluetun/compare/v3.39.0...v3.39.1) π₯ https://youtu.be/O09rP1DlcFU?si=qPdzWUWnzciNxAc7 #### Fixes - Firewall: delete chain rules by line number ([#2411](https://redirect.github.com/qdm12/gluetun/issues/2411)) - Control server: require authentication for vulnerable routes ([#2434](https://redirect.github.com/qdm12/gluetun/issues/2434)) - NordVPN: remove commas from region values - IVPN: split city into city and region - Fix bad city values containing a comma - update ivpn servers data - Private Internet Access: support port forwarding using custom Wireguard ([#2420](https://redirect.github.com/qdm12/gluetun/issues/2420)) - ProtonVPN: prevent using FREE_ONLY and PORT_FORWARD_ONLY together (see [#2470](https://redirect.github.com/qdm12/gluetun/issues/2470)) - `internal/storage`: add missing selection fields to build `noServerFoundError` (see [#2470](https://redirect.github.com/qdm12/gluetun/issues/2470)) ### [`v3.39.0`](https://redirect.github.com/qdm12/gluetun/releases/tag/v3.39.0) [Compare Source](https://redirect.github.com/qdm12/gluetun/compare/v3.38.1...v3.39.0) π₯ [Youtube video](https://youtu.be/RVWCA6h2dUI) explaining all this #### Features - OpenVPN: default version changed from 2.5 to 2.6 - Alpine upgraded from 3.18 to 3.20 (3.19 got skipped due to buggy `iptables`) - Healthcheck: change timeout mechanism - Healthcheck timeout is no longer fixed to 3 seconds - Healthcheck timeout increases from 2s to 4s, 6s, 8s, 10s - No 1 second wait time between check retries after failure - VPN internal restart may be delayed by a maximum of 10 seconds - Firewall: - Query iptables binary variants to find which one to use depending on the kernel - Prefer using `iptables-nft` over `iptables-legacy` (Alpine new default is nft backend iptables) - Wireguard: - `WIREGUARD_PERSISTENT_KEEPALIVE_INTERVAL` option - read configuration file **without** case sensitivity - VPN Port forwarding: only use port forwarding enabled servers if `VPN_PORT_FORWARDING=on` (applies only to PIA and ProtonVPN for now) - FastestVPN: - Wireguard support ([#2383](https://redirect.github.com/qdm12/gluetun/issues/2383) - Credits to [@Zerauskire](https://redirect.github.com/Zerauskire) for the initial investigation and [@jvanderzande](https://redirect.github.com/jvanderzande) for an initial implementation as well as reviewing the pull request) - use API instead of openvpn zip file to fetch servers data - add city filter `SERVER_CITY` - update built-in servers data - Perfect Privacy: port forwarding support with `VPN_PORT_FORWARDING=on` ([#2378](https://redirect.github.com/qdm12/gluetun/issues/2378)) - Private Internet Access: port forwarding options `VPN_PORT_FORWARDING_USERNAME` and `VPN_PORT_FORWARDING_PASSWORD` (retro-compatible with `OPENVPN_USER` and `OPENVPN_PASSWORD`) - ProtonVPN: - Wireguard support ([#2390](https://redirect.github.com/qdm12/gluetun/issues/2390)) - feature filters `SECURE_CORE_ONLY`, `TOR_ONLY` and `PORT_FORWARD_ONLY` ([#2182](https://redirect.github.com/qdm12/gluetun/issues/2182)) - determine "free" status using API tier value - update built-in servers data - Surfshark: servers data update - VPNSecure: servers data update - `VPN_ENDPOINT_IP` split into `OPENVPN_ENDPOINT_IP` and `WIREGUARD_ENDPOINT_IP` - `VPN_ENDPOINT_PORT` split into `OPENVPN_ENDPOINT_PORT` and `WIREGUARD_ENDPOINT_PORT` #### Fixes - `VPN_PORT_FORWARDING_LISTENING_PORT` fixed - IPv6 support detection ignores loopback route destinations - Custom provider: - handle `port` option line for OpenVPN - ignore comments in an OpenVPN configuration file - assume port forwarding is always supported by a custom server - VPN Unlimited: - change default UDP port from 1194 to 1197 - allow OpenVPN TCP on port 1197 - Private Internet Access Wireguard and port forwarding - Set server name if names filter is set with the custom provider (see [#2147](https://redirect.github.com/qdm12/gluetun/issues/2147)) - PrivateVPN: updater now sets openvpn vpn type for the no-hostname server - Torguard: update OpenVPN configuration - add aes-128-gcm and aes-128-cbc ciphers - remove mssfix, sndbuf, rcvbuf, ping and reneg options - VPNSecure: associate `N / A` with no data for servers - AirVPN: set default mssfix to 1320-28=1292 - Surfshark: remove outdated hardcoded retro servers - Public IP echo: - ip2location parsing for latitude and longitude fixed - abort ip data fetch if vpn context is canceled (prevents requesting the public IP address N times after N VPN failures) - `internal/server`: `/openvpn` route status get and put - get status return stopped if running Wireguard - put status changes vpn type if running Wireguard - Log out if `PORT_FORWARD_ONLY` is enabled in the server filtering tree of settings - Log last Gluetun release by tag name alphabetically instead of by release date - `format-servers` fixed missing VPN type header for providers supporting Wireguard: NordVPN and Surfshark - `internal/tun`: only create tun device if it does not exist, do not create if it exists and does not work #### Documentation - readme: - clarify shadowsocks proxy is a server, not a client - update list of providers supporting Wireguard with the custom provider - add protonvpn as custom port forwarding implementation - disable Github blank issues - Bump github.com/qdm12/gosplash to v0.2.0 - Add `/choose` suffix to github links in logs - add Github labels: "Custom provider", "Category: logs" and "Before next release" - rename `FIREWALL_ENABLED` to `FIREWALL_ENABLED_DISABLING_IT_SHOOTS_YOU_IN_YOUR_FOOT` due to the sheer amount of users misusing it. `FIREWALL_ENABLED` won't do anything anymore. At least you've been warned not to use it... #### Maintenance - Code health - PIA port forwarding: - remove dependency on storage package - return an error to port forwarding loop if server cannot port forward - `internal/config`: - upgrade to `github.com/qdm12/gosettings` v0.4.2 - drop `github.com/qdm12/govalid` dependency - upgrade `github.com/qdm12/ss-server` to v0.6.0 - do not un-set sensitive config settings anymore - removed bad/invalid retro-compatible keys `CONTROL_SERVER_ADDRESS` and `CONTROL_SERVER_PORT` - OpenVPN protocol field is now a string instead of a TCP boolean - Split server filter validation for features and subscription-tier - provider name field as string instead of string pointer - `internal/portforward`: support multiple ports forwarded - Fix typos in code comments ([#2216](https://redirect.github.com/qdm12/gluetun/issues/2216)) - `internal/tun`: fix unit test for unprivileged user - Development environment - fix `source.organizeImports` vscode setting value - linter: remove now invalid skip-dirs configuration block - Dependencies - Bump Wireguard Go dependencies - Bump Go from 1.21 to 1.22 - Bump golang.org/x/net from 0.19.0 to 0.25.0 ([#2138](https://redirect.github.com/qdm12/gluetun/issues/2138), [#2208](https://redirect.github.com/qdm12/gluetun/issues/2208), [#2269](https://redirect.github.com/qdm12/gluetun/issues/2269)) - Bump golang.org/x/sys from 0.15.0 to 0.18.0 ([#2139](https://redirect.github.com/qdm12/gluetun/issues/2139)) - Bump github.com/klauspost/compress from 1.17.4 to 1.17.8 ([#2178](https://redirect.github.com/qdm12/gluetun/issues/2178), [#2218](https://redirect.github.com/qdm12/gluetun/issues/2218)) - Bump github.com/fatih/color from 1.16.0 to 1.17.0 ([#2279](https://redirect.github.com/qdm12/gluetun/issues/2279)) - Bump github.com/stretchr/testify to v1.9.0 - Do not upgrade busybox since vulnerabilities are fixed now with Alpine 3.19+ - CI - Bump DavidAnson/markdownlint-cli2-action from 14 to 16 ([#2214](https://redirect.github.com/qdm12/gluetun/issues/2214)) - Bump peter-evans/dockerhub-description from 3 to 4 ([#2075](https://redirect.github.com/qdm12/gluetun/issues/2075)) - Github - remove empty label description fields - add `/choose` suffix to issue and discussion links - review all issue labels: add closed labels, add category labels, rename labels, add label category prefix, add emojis for each label - Add issue labels: Popularity extreme and high, Closed cannot be done, Categories kernel and public IP service ### [`v3.38.1`](https://redirect.github.com/qdm12/gluetun/releases/tag/v3.38.1) [Compare Source](https://redirect.github.com/qdm12/gluetun/compare/v3.38.0...v3.38.1) βΉοΈ This is a bugfix release for v3.38.0. If you can, please instead use release v3.39.0 #### Fixes - `VPN_PORT_FORWARDING_LISTENING_PORT` fixed - IPv6 support detection ignores loopback route destinations - Custom provider: - handle `port` option line for OpenVPN - ignore comments in an OpenVPN configuration file - assume port forwarding is always supported by a custom server - VPN Unlimited: - change default UDP port from 1194 to 1197 - allow OpenVPN TCP on port 1197 - Private Internet Access Wireguard and port forwarding - Set server name if names filter is set with the custom provider (see [#2147](https://redirect.github.com/qdm12/gluetun/issues/2147)) - PrivateVPN: updater now sets openvpn vpn type for the no-hostname server - Torguard: update OpenVPN configuration - add aes-128-gcm and aes-128-cbc ciphers - remove mssfix, sndbuf, rcvbuf, ping and reneg options - VPNSecure: associate `N / A` with no data for servers - AirVPN: set default mssfix to 1320-28=1292 - Surfshark: remove outdated hardcoded retro servers - Public IP echo: - ip2location parsing for latitude and longitude fixed - abort ip data fetch if vpn context is canceled (prevents requesting the public IP address N times after N VPN failures) - `internal/server`: `/openvpn` route status get and put - get status return stopped if running Wireguard - put status changes vpn type if running Wireguard - Log out if `PORT_FORWARD_ONLY` is enabled in the server filtering tree of settings - Log last Gluetun release by tag name alphabetically instead of by release date - `format-servers` fixed missing VPN type header for providers supporting Wireguard: NordVPN and Surfshark - `internal/tun`: only create tun device if it does not exist, do not create if it exists and does not workConfiguration
π Schedule: Branch creation - "on saturday" in timezone Asia/Kuala_Lumpur, Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.