Feature request: Do not start OpenVPN in WireGuard mode

[the-hotmann]

What's the feature 🧐

I configured the container to use WireGuard and was curious about the Control server.

So I opened the port :8000 to the outside of the container and checked some API Endpoints.

When I called /v1/openvpn/status, I received {"status":"running"} as an answer, while I was using WireGuard. When I called /v1/openvpn/settings, I received {"version":"2.5","user":"","password":"","config_file_path":"","ciphers":null,"auth":"","cert":"","key":"","encrypted_key":"","key_passphrase":"","pia_encryption_preset":"","mssfix":0,"interface":"tun0","process_user":"nonrootuser","verbosity":1,"flags":null}

I think that the service OpenVPN does not need to run at all, when gluetun is used with WireGuard. Does not look like a bug, but like something that can be improved. IMHO it should be done like this:

1. determin which VPN Service will be used
2. if wireguard start wireguard
3. if openvpn check which version 3.1 if 2.5 start openvpn v2.5 3.2 if 2.6 start openvpn v2.6

Like this only the services needed will run.

Thanks :)

Extra information and references

No response

[github-actions[bot]]

@qdm12 is more or less the only maintainer of this project and works on it in his free time. Please:

• do not ask for updates, be patient
• :+1: the issue to show your support instead of commenting @qdm12 usually checks issues at least once a week, if this is a new urgent bug, revert to an older tagged container image

[qdm12]

OpenVPN is actually not running, and Wireguard & OpenVPN share the same "run loop" (only one runs at a time in this run loop). Historically, the control server was there before Wireguard was added, so there is an older /openvpn endpoint and a newer /vpn endpoint containing both the wireguard and openvpn settings. Really to solve this issue, /openvpn should just be thrown out and you should use /vpn instead. BUT for the sake of retro-compatibility, I pushed a fix with commit bf4cc0dabf95df282a6a770faf152f99e5a82813 (latest image) such that:

• GET /openvpn returns "stopped" if the VPN type is not openvpn, whatever the state of Wireguard is.
• PUT /openvpn updates the VPN type to OpenVPN if it was Wireguard AND we request a "running" status. A bit hacky, but that makes sense, if you want openvpn in running state, it should change the vpn type to openvpn and restart the 'vpn loop'.

[github-actions[bot]]

Closed issues are NOT monitored, so commenting here is likely to be not seen. If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project which became too popular to monitor issues closed.