From 7a5710a7fbb24f8326ffda7dc2cdf0b0e5ff6549 Mon Sep 17 00:00:00 2001 From: Patrick Kishino Date: Sat, 15 Apr 2023 22:21:41 +0900 Subject: [PATCH 1/2] Update master with latest dev fixes (#2579) * Quoute variables, fixes #2406 and #2418 * Fix sed busy (#2426) * fix sed device or resource busy errors Signed-off-by: Jonathan Sloan * update info Signed-off-by: Jonathan Sloan * update docs Signed-off-by: Jonathan Sloan * log and fail if config is a mountpoint Signed-off-by: Jonathan Sloan * correct mountpoint check Signed-off-by: Jonathan Sloan Signed-off-by: Jonathan Sloan * Fix fallback of transmission-home #2409 * Fix to use iptables-legacy rather than iptables-nft (#2456) * Fix bug: the evironment file will be invalid (#2496) something environment like: `name=foo bar` will be invalid in the environment file, in a real example, it will be like `provider= SE Sto`. Simply add change it to `provider="SE Sto"` will fix that. * restart privoxy if docker changed eth0 address. (#2494) * restart privoxy if docker changed eth0 address. * sometimes, pidfile exists but process is dead * Simplify RPC creds setup (#2480) Reduce the complexity associated with creating RPC creds * Fix bitwise decimal & octal (#2457) * Fix bitwise decimal & octal The issue is tracked here: https://github.com/haugene/docker-transmission-openvpn/issues/2450#issuecomment-1336259355 Also uses the TRASNMSISSION_UMASK variable instead of settings.json since updateSettings.py is called after userSetup.sh causing the TRANSMISSION_UMASK in settings.json to be stale when userSetup.sh accesses it. * fix: missing {} in sh variable * fix: missing {} in sh variable * fix regex for webproxy enabled (#2505) * review nordvpn error exit messages + tests (#2518) * Check for files existing instead of being executable #2459 * Bump docker/build-push-action from 3 to 4 (#2522) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: Add quotes on generated variables to avoid braking with spaces (#2538) This should fix #2406 * Fix crash in fetch-external-configs on unset vars (#2561) * simple adjustments to "openvpn/modify-openvpn-config.sh" and "transmission/start.sh" that can make the verbosity of logging user-adjustable (#2564) * Bump docker/build-push-action from 3 to 4 (#2534) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Socks5 example doc (#2541) * fixing some heading sizes * adding socks5-proxy example --------- Co-authored-by: Jonathan Fair * Docs: add capabilities for Podman to tips&tricks (#2546) Co-authored-by: Tomas Vik * Change CONFIG_MOD_VERBOSITY usage This change causes ${CONFIG_MOD_VERBOSITY} to become a variable used directly in the .ovpn config file. The default value remains '3'. * Insert ${TRANSMISSION_LOGGING} into exec'd command This change allows for executing 'transmission-daemon' with '--log-level' set. Utilizing a case-statement and forced lowercase, only valid values are accepted. Default is no logging. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: JtMotoX <7191259+JtMotoX@users.noreply.github.com> Co-authored-by: Jonathan Fair Co-authored-by: Patrick Kishino Co-authored-by: Tomas Vik * OVPN script fix for for 4.x branch (#2566) * Bump docker/build-push-action from 3 to 4 (#2534) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Socks5 example doc (#2541) * fixing some heading sizes * adding socks5-proxy example --------- Co-authored-by: Jonathan Fair * Docs: add capabilities for Podman to tips&tricks (#2546) Co-authored-by: Tomas Vik * git instead of unzip git instead of unzip * Using GIT GIT is used now instead of UNZIP due to issues suddenly experienced. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: JtMotoX <7191259+JtMotoX@users.noreply.github.com> Co-authored-by: Jonathan Fair Co-authored-by: Patrick Kishino Co-authored-by: Tomas Vik --------- Signed-off-by: Jonathan Sloan Signed-off-by: dependabot[bot] Co-authored-by: Kristian Haugene Co-authored-by: Jonathan Sloan Co-authored-by: Robert Szynal Co-authored-by: Jiangqiu Shen Co-authored-by: edgd1er Co-authored-by: Colin Hebert Co-authored-by: J.P. Hutchins <34154542+JPHutchins@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jayson Reis Co-authored-by: Chad Co-authored-by: phesster <115180691+phesster@users.noreply.github.com> Co-authored-by: JtMotoX <7191259+JtMotoX@users.noreply.github.com> Co-authored-by: Jonathan Fair Co-authored-by: Tomas Vik Co-authored-by: Derek Gordon --- .dockerignore | 1 + Dockerfile | 4 + docs/supported-providers.md | 12 +- openvpn/fetch-external-configs.sh | 5 +- openvpn/modify-openvpn-config.sh | 11 +- openvpn/nordvpn/configure-openvpn.sh | 203 +++++++++++++++++++++------ openvpn/ovpn/configure-openvpn.sh | 2 + openvpn/persistEnvironment.py | 3 +- openvpn/start.sh | 42 ++++-- scripts/healthcheck.sh | 13 ++ transmission/start.sh | 14 +- transmission/userSetup.sh | 43 +++--- 12 files changed, 261 insertions(+), 92 deletions(-) diff --git a/.dockerignore b/.dockerignore index 6b8710a711..f4b11987f2 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1 +1,2 @@ .git +.github diff --git a/Dockerfile b/Dockerfile index 51421664c2..e792f9989e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -82,6 +82,10 @@ ADD transmission/ /etc/transmission/ ADD scripts /etc/scripts/ ADD privoxy/scripts /opt/privoxy/ +# Support legacy IPTables commands +RUN update-alternatives --set iptables $(which iptables-legacy) && \ + update-alternatives --set ip6tables $(which ip6tables-legacy) + ENV OPENVPN_USERNAME=**None** \ OPENVPN_PASSWORD=**None** \ OPENVPN_PROVIDER=**None** \ diff --git a/docs/supported-providers.md b/docs/supported-providers.md index 57496c5ab3..9a9b849f36 100755 --- a/docs/supported-providers.md +++ b/docs/supported-providers.md @@ -130,12 +130,12 @@ Compose sample: - OPENVPN_PASSWORD=pass ``` -### If you only need to mount one file +### Do not mount single config file -You might not need to mount a folder of configs. You may just have one config file you want to use. -In that case, you can just mount it directly. Mounting it as `default.ovpn` will let you omit `OPENVPN_CONFIG` as well. +Do not mount a single config directly. The container will fail if you try, since it causes sed errors when modify-openvpn-config.sh is executed. +Instead mount the directory where the config exists. -Compose sample: -``` - - /volume1/docker/ipvanish/my-preferred-config-file.ovpn:/etc/openvpn/custom/default.ovpn +```bash +sed: cannot rename /etc/openvpn/custom/sedHeF3gS: Device or resource busy ``` + diff --git a/openvpn/fetch-external-configs.sh b/openvpn/fetch-external-configs.sh index d7983e088d..26f65e1e01 100755 --- a/openvpn/fetch-external-configs.sh +++ b/openvpn/fetch-external-configs.sh @@ -18,18 +18,19 @@ if [[ "${VPN_CONFIG_SOURCE_TYPE}" == "github_zip" ]]; then echo "Cleanup: deleting ${config_repo_temp_zip_file} and ${config_repo_temp_dir}" rm -rf "${config_repo_temp_zip_file}" "${config_repo_temp_dir}" } + + config_repo_temp_zip_file=$(mktemp) + config_repo_temp_dir=$(mktemp -d) trap cleanup EXIT # Concatenate URL for config bundle from the given GitHub repo GITHUB_CONFIG_BUNDLE_URL="https://github.com/${GITHUB_CONFIG_SOURCE_REPO}/archive/${GITHUB_CONFIG_SOURCE_REVISION}.zip" # Create a temporary file and download bundle to it - config_repo_temp_zip_file=$(mktemp) echo "Downloading configs from ${GITHUB_CONFIG_BUNDLE_URL} into ${config_repo_temp_zip_file}" curl -sSL --fail -o "${config_repo_temp_zip_file}" "${GITHUB_CONFIG_BUNDLE_URL}" # Create a temporary folder and extract configs there - config_repo_temp_dir=$(mktemp -d) echo "Extracting configs to ${config_repo_temp_dir}" unzip -q "${config_repo_temp_zip_file}" -d "${config_repo_temp_dir}" diff --git a/openvpn/modify-openvpn-config.sh b/openvpn/modify-openvpn-config.sh index 0bbba3fc61..7a2fb9ba1e 100755 --- a/openvpn/modify-openvpn-config.sh +++ b/openvpn/modify-openvpn-config.sh @@ -19,7 +19,7 @@ CONFIG_MOD_CA_CERTS=${CONFIG_MOD_CA_CERTS:-"1"} CONFIG_MOD_PING=${CONFIG_MOD_PING:-"1"} CONFIG_MOD_RESOLV_RETRY=${CONFIG_MOD_RESOLV_RETRY:-"1"} CONFIG_MOD_TLS_CERTS=${CONFIG_MOD_TLS_CERTS:-"1"} -CONFIG_MOD_VERBOSITY=${CONFIG_MOD_VERBOSITY:-"1"} +CONFIG_MOD_VERBOSITY=${CONFIG_MOD_VERBOSITY:-"3"} CONFIG_MOD_REMAP_USR1=${CONFIG_MOD_REMAP_USR1:-"1"} CONFIG_MOD_FAILURE_SCRIPT=${CONFIG_MOD_FAILURE_SCRIPT:-"1"} @@ -81,14 +81,17 @@ if [[ $CONFIG_MOD_TLS_CERTS == "1" ]]; then fi ## Option 6 - Update or set verbosity of openvpn logging -if [[ $CONFIG_MOD_VERBOSITY == "1" ]]; then - echo "Modification: Set output verbosity to 3" +if [[ $(( "$CONFIG_MOD_VERBOSITY" )) -gt 0 ]]; then + if [[ $(( "$CONFIG_MOD_VERBOSITY" )) -gt 9 ]]; then + CONFIG_MOD_VERBOSITY=9 + fi + echo "Modification: Set output verbosity to ${CONFIG_MOD_VERBOSITY}" # Remove any old options sed -i "/^verb.*$/d" "$CONFIG" # Add new ones sed -i "\$q" "$CONFIG" # Ensure config ends with a line feed - echo "verb 3" >> "$CONFIG" + echo "verb ${CONFIG_MOD_VERBOSITY}" >> "$CONFIG" fi ## Option 7 - Remap the SIGUSR1 signal to SIGTERM diff --git a/openvpn/nordvpn/configure-openvpn.sh b/openvpn/nordvpn/configure-openvpn.sh index 5a06c9cbe6..5d785f4ab9 100755 --- a/openvpn/nordvpn/configure-openvpn.sh +++ b/openvpn/nordvpn/configure-openvpn.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # # get config name based on api recommendation + ENV Vars (NORDVPN_COUNTRY, NORDVPN_PROTOCOL, NORDVPN_CATEGORY) # @@ -22,18 +22,38 @@ set -e -u -o pipefail #Variables -MAIN_DIR="${0%/*}/.." +MAIN_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )"/.." [[ -f ${MAIN_DIR}/utils.sh ]] && source ${MAIN_DIR}/utils.sh || true +source ${MAIN_DIR}/utils.sh +echo $MAIN_DIR nordvpn_api="https://api.nordvpn.com" nordvpn_dl=downloads.nordcdn.com nordvpn_cdn="https://${nordvpn_dl}/configs/files" nordvpn_doc="https://haugene.github.io/docker-transmission-openvpn/provider-specific/#nordvpn" possible_protocol="tcp, udp" VPN_PROVIDER_HOME=${VPN_PROVIDER_HOME:-${MAIN_DIR}/nordvpn} -NORDVPN_COUNTRY=${NORDVPN_COUNTRY:-""} -NORDVPN_CATEGORY=${NORDVPN_CATEGORY:-""} -NORDVPN_PROTOCOL=${NORDVPN_PROTOCOL:-""} -NORDVPN_SERVER=${NORDVPN_SERVER:-""} +NORDVPN_TESTS=${NORDVPN_TESTS:-''} + +#remove stored files older than 1 day. +find /tmp -type f -iname json_* -mtime +1 -exec ls -al {} \; -delete 2>/dev/null || true +#store json between runs to prevent being blocked by api when testing +if [[ -f /tmp/json_countries ]] && [[ -n ${NORDVPN_TESTS} ]]; then + for i in json_countries json_groups json_technologies + do + declare "${i}=$( /tmp/${i} + done +fi # Functions # TESTS: set values to test API response. @@ -41,14 +61,16 @@ test1NoValues() { export NORDVPN_COUNTRY='' export NORDVPN_PROTOCOL='' export NORDVPN_CATEGORY='' - log "expected .nordvpn.com.ovpn with openvpn_udp" + log "expected .nordvpn.com with openvpn_tcp" + export NORDVPN_REG="[a-z]{2}[0-9]+.nordvpn.com" } test2NoCategory() { export NORDVPN_COUNTRY='EE' - export NORDVPN_PROTOCOL='tcp' + export NORDVPN_PROTOCOL='udp' export NORDVPN_CATEGORY='' - log "TESTS: expected ee.nordvpn.com.ovpn with openvpn_tcp" + log "TESTS: expected ee.nordvpn.com with openvpn_udp" + export NORDVPN_REG="ee[0-9]+.nordvpn.com" } test3Incompatible_combinations() { @@ -56,6 +78,7 @@ test3Incompatible_combinations() { export NORDVPN_PROTOCOL='openvpn_tcp_tls_crypt' export NORDVPN_CATEGORY='legacy_obfuscated_servers' log "TESTS: expected a config file not respecting country filter. + message: Unable to find a server with the specified parameters, using any recommended server" + export NORDVPN_REG="[a-z]{2}[0-9]+.nordvpn.com" } test4ServerName_given() { @@ -65,6 +88,7 @@ test4ServerName_given() { #get first server from US (228) with tcp export NORDVPN_SERVER=$(curl -s 'https://api.nordvpn.com/v1/servers/recommendations?filters\[country_id\]=228&filters\[servers_technologies\]\[identifier\]=openvpn_tcp&limit=1' | jq -r .[].hostname) log "TESTS: expected a config file for server ${NORDVPN_SERVER}" + export NORDVPN_REG="us[0-9]+.nordvpn.com" } # Normal run functions @@ -79,10 +103,12 @@ script_init() { } country_filter() { + NORDVPN_COUNTRY=${NORDVPN_COUNTRY:-""} local nordvpn_api=$1 country=(${NORDVPN_COUNTRY//[;,]/ }) + local country_id if [[ ${#country[@]} -ge 1 ]]; then country=${country[0]//_/ } - local country_id=$(echo ${json_countries} | jq --raw-output ".[] | + country_id=$(echo ${json_countries} | jq --raw-output ".[] | select( (.name|test(\"^${country}$\";\"i\")) or (.code|test(\"^${country}$\";\"i\")) ) | .id" | head -n 1) @@ -96,10 +122,12 @@ country_filter() { } group_filter() { + NORDVPN_CATEGORY=${NORDVPN_CATEGORY:-""} local nordvpn_api=$1 category=(${NORDVPN_CATEGORY//[;,]/ }) + local identifier='' if [[ ${#category[@]} -ge 1 ]]; then #category=${category[0]//_/ } - local identifier=$(echo $json_groups | jq --raw-output ".[] | + identifier=$(echo $json_groups | jq --raw-output ".[] | select( ( .identifier|test(\"${category}\";\"i\")) or ( .title| test(\"${category}\";\"i\")) ) | .identifier" | head -n 1) @@ -114,6 +142,7 @@ group_filter() { technology_filter() { local identifier + NORDVPN_PROTOCOL=${NORDVPN_PROTOCOL:-tcp} if [[ ${NORDVPN_PROTOCOL,,} =~ .*udp.* ]]; then identifier="openvpn_udp" elif [[ ${NORDVPN_PROTOCOL,,} =~ .*tcp.* ]]; then @@ -146,30 +175,27 @@ select_hostname() { #TODO return multiples else load=$(curl -s ${nordvpn_api}/server/stats/${hostname} | jq .percent) log "INFO: OVPN: Best server : ${hostname}, load: ${load}" - echo ${hostname} fi + + log "Best server : ${hostname}" + echo ${hostname} } download_hostname() { + NORDVPN_PROTOCOL=${NORDVPN_PROTOCOL:-"tcp"} #udp ==> https://downloads.nordcdn.com/configs/files/ovpn_udp/servers/nl601.nordvpn.com.udp.ovpn #tcp ==> https://downloads.nordcdn.com/configs/files/ovpn_tcp/servers/nl542.nordvpn.com.tcp.ovpn - [[ -z ${1} ]] && return || true local nordvpn_cdn=${nordvpn_cdn} - #which protocol tcp or udp - if [[ ${NORDVPN_PROTOCOL,,} == tcp ]]; then - nordvpn_cdn="${nordvpn_cdn}/ovpn_tcp/servers/" + # remote filename: which protocol tcp or udp + if [[ ${NORDVPN_PROTOCOL,,} == udp ]]; then + nordvpn_cdn="${nordvpn_cdn}/ovpn_udp/servers/${1}.udp.ovpn" + ovpnName=${1}.ovpn + elif [[ ${NORDVPN_PROTOCOL,,} == tcp ]]; then + nordvpn_cdn="${nordvpn_cdn}/ovpn_tcp/servers/${1}.tcp.ovpn" + ovpnName=${1}.ovpn else - nordvpn_cdn="${nordvpn_cdn}/ovpn_udp/servers/" - fi - - # default or defined server name - nordvpn_cdn=${nordvpn_cdn}${1} - ovpnName=${1}.ovpn - - # remote filename - if [[ ${NORDVPN_PROTOCOL,,} == tcp ]]; then - nordvpn_cdn="${nordvpn_cdn}.tcp.ovpn" - else - nordvpn_cdn="${nordvpn_cdn}.udp.ovpn" + #Defaulting to tcp if neither tcp nor udp given. + nordvpn_cdn="${nordvpn_cdn}/ovpn_tcp/servers/${1}.tcp.ovpn" + ovpnName=${1}.ovpn fi log "INFO: OVPN: Downloading config: ${ovpnName}" @@ -185,20 +211,18 @@ download_hostname() { } checkDNS() { - res=$(dig +short ${nordvpn_dl}) - if [ -z "${res:-\"\"}" ]; then - log "ERROR: OVPN: no dns resolution, dns server unavailable or network problem" + res=$(dig +short ${nordvpn_dl})||true + if [[ ${res} == "" ]]; then + fatal_error "ERROR: OVPN: no dns resolution, dns server unavailable or network problem" else log "INFO: OVPN: DNS resolution ok" fi - ping -c2 ${nordvpn_dl} 2>&1 >/dev/null - ret=$? - if [ $ret -eq 0 ]; then + ret=$(ping -c2 ${nordvpn_dl} 2>&1)||true + if [[ $ret =~ \ 0%\ packet\ loss ]]; then log "INFO: OVPN: ok, configurations download site reachable" else - log "ERROR: OVPN: cannot ping ${nordvpn_cdn}, network or internet unavailable. Cannot download NORDVPN configuration files" + fatal_error "ERROR: OVPN: cannot ping ${nordvpn_cdn}, network or internet unavailable. Cannot download NORDVPN configuration files" fi - return $ret } # Main @@ -212,9 +236,12 @@ if [[ -d ${VPN_PROVIDER_HOME} ]]; then find ${VPN_PROVIDER_HOME} -type f ! -name '*.sh' -delete fi -#Tests NORDVPN_ values -if [[ -n ${NORDVPN_TESTS:-""} ]]; then +possible_categories="$(echo ${json_groups} | jq -r .[].identifier |tr '\n' ', ')" +possible_country_codes="$(echo ${json_countries} | jq -r .[].code |tr '\n' ', ')" +possible_country_names="$(echo ${json_countries} | jq -r .[].name |tr '\n' ', ')" +possible_protocol="$(echo ${json_technologies} | jq -r '.[] | [.identifier, .name ]' |tr '\n' ', ' | grep openvpn)" +if [[ -n ${NORDVPN_TESTS} ]]; then case ${NORDVPN_TESTS} in 1) #get recommended config when no values are given, use defaults one, display a warning with possible values @@ -240,7 +267,8 @@ if [[ -n ${NORDVPN_TESTS:-""} ]]; then fi #get config based on server name -if [[ -n ${NORDVPN_SERVER:-""} ]]; then +NORDVPN_SERVER=${NORDVPN_SERVER:-""} +if [[ -n ${NORDVPN_SERVER} ]]; then selected=${NORDVPN_SERVER} load=$(curl -s ${nordvpn_api}/server/stats/${NORDVPN_SERVER} | jq .percent 2>/dev/null) log "INFO: OVPN: server : ${NORDVPN_SERVER}, load: ${load:-N/A}" @@ -255,9 +283,8 @@ else log "Checking NORDPVN API responses" for po in json_countries json_groups json_technologies; do if [[ $(echo ${!po} | grep -c "") -gt 0 ]]; then - msg=$(echo ${!po} | sed -E 's/.*title>([^\<]+).*/\1 /') - log "ERROR: OVPN: unexpected html content from NORDVPN servers: ${msg}" - log "ERROR: OVPN: NORDVPN API has a throttle limit, may return a 429 Too many messages, if container is in a loop of restart" + msg=$(echo ${!po} | grep -oP "(?<=title>)[^<]+") + echo "ERROR, unexpected html content from NORDVPN servers: ${msg}" sleep 30 exit fi @@ -271,6 +298,96 @@ else #get server name from api (best recommended for NORDVPN_<> if defined) selected="$(select_hostname)" fi -[[ -n ${selected} ]] && download_hostname ${selected} || true +if [[ -z ${selected} ]]; then + fatal_error "server compliant with your settings not found, review them" +fi +res="$(download_hostname ${selected})" + +log "OVPN: NORDVPN: selected: ${selected}, VPN_PROVIDER_HOME: ${VPN_PROVIDER_HOME}" +# fix deprecated ciphers +if [[ -f ${VPN_PROVIDER_HOME}/${selected}.ovpn ]]; then + #add data ciphers: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). + if [[ 0 -le $(grep -c "cipher AES-256-CBC" ${VPN_PROVIDER_HOME}/${selected}.ovpn) ]] && [[ 0 -eq $(grep -c "data-ciphers AES-256-CBC" ${VPN_PROVIDER_HOME}/${selected}.ovpn) ]]; then + sed -i "/cipher AES-256-CBC/a data-ciphers AES-256-CBC" ${VPN_PROVIDER_HOME}/${selected}.ovpn + fi +fi +#handle tests results. +if [[ -n ${NORDVPN_TESTS} ]]; then + msg="" + error=0 + [[ ${res} -eq 0 ]] && res=$(<${VPN_PROVIDER_HOME}/${selected}.ovpn) + case ${NORDVPN_TESTS} in + 1) + if [[ ${selected} =~ ${NORDVPN_REG} ]] ; then + msg+="\nOVPN/NORDVPN: test 1: OK: ${selected} matching expected ${NORDVPN_REG}" + else + error=1 + msg+="\nOVPN/NORDVPN: test 1: KO: ${selected} not matching expected ${NORDVPN_REG}" + fi + if [[ $(echo $res | grep -c "proto tcp") -eq 0 ]]; then + error=1 + msg+="\nOVPN/NORDVPN: test 1: KO: ${selected} is not with tcp protocol" + msg+="\n"${res} + else + msg+="\nOVPN/NORDVPN: test 1: OK: ${selected} is with tcp protocol" + fi + ;; + 2) + if [[ ${selected} =~ ${NORDVPN_REG} ]] ; then + msg+="\nOVPN/NORDVPN: test 2: OK: ${selected} matching expected ${NORDVPN_REG}" + else + error=1 + msg+="\nOVPN/NORDVPN: test 2: KO: ${selected} not matching expected ${NORDVPN_REG}" + fi + if [[ $(echo $res | grep -oc "proto udp") -eq 0 ]]; then + error=1 + msg+="\nOVPN/NORDVPN: test 2: KO: ${selected} is not with udp protocol" + msg+="\n"${res} + else + msg+="\nOVPN/NORDVPN: test 2: OK: ${selected} is with udp protocol" + fi ;; + 3) + if [[ ${selected} =~ ${NORDVPN_REG} ]] ; then + msg+="\nOVPN/NORDVPN: test 3: OK: ${selected} matching expected ${NORDVPN_REG}" + else + error=1 + msg+="\nOVPN/NORDVPN: test 3: KO: ${selected} not matching expected ${NORDVPN_REG}" + fi + if [[ $(echo $res | grep -oc "proto tcp") -eq 0 ]]; then + error=1 + msg+="\nOVPN/NORDVPN: test 3: KO: ${selected} is not with tcp protocol" + msg+=${res} + else + msg+="\nOVPN/NORDVPN: test 3: OK: ${selected} is with tcp protocol" + fi + ;; + 4) + if [[ ${selected} =~ ${NORDVPN_REG} ]] ; then + msg+="\nOVPN/NORDVPN: test 4: OK: ${selected} matching expected ${NORDVPN_REG}" + else + error=1 + msg+="\nOVPN/NORDVPN: test 4: KO: ${selected} not matching expected ${NORDVPN_REG}" + fi + if [[ $(echo $res | grep -oc "proto tcp") -eq 0 ]]; then + error=1 + msg+="\nOVPN/NORDVPN: test 4: KO: ${selected} is not with tcp protocol" + msg+=${res} + else + msg+="\nOVPN/NORDVPN: test 4: OK: ${selected} is with tcp protocol" + fi + ;; + *) + fatal_error "\nOVPN: NORDVPN: ${VPN_PROVIDER_HOME}/${selected}.ovpn not found" + esac + if [[ $error -eq 1 ]]; then + fatal_error ${msg} + else + log ${msg} + fi + fatal_error "OVPN: NORDVPN: end of test, container stopped." + [[ /.dockerinit ]] && pkill dumb_init || true +fi + export OPENVPN_CONFIG=${selected} + cd "${0%/*}" \ No newline at end of file diff --git a/openvpn/ovpn/configure-openvpn.sh b/openvpn/ovpn/configure-openvpn.sh index 4439eff037..d357c6df3e 100755 --- a/openvpn/ovpn/configure-openvpn.sh +++ b/openvpn/ovpn/configure-openvpn.sh @@ -37,6 +37,7 @@ cd /etc/openvpn/ovpn find /etc/openvpn/ovpn -type f ! -name "*.sh" -delete # Download and extract wanted bundle into temporary file + echo "creating temp folder" mkdir /tmp/ovpnxtract/ echo "entering temp folder" @@ -48,6 +49,7 @@ echo "deleting temp folder" rm -rf /tmp/ovpnxtract/ + #pattern=$OVPN_CONNECTION.$OVPN_COUNTRY.$OVPN_CITY.$OVPN_PROTOCOL #OPENVPN_CONFIG=$(ls $pattern | shuf | head -n1) diff --git a/openvpn/persistEnvironment.py b/openvpn/persistEnvironment.py index dd31237d33..055e103a93 100644 --- a/openvpn/persistEnvironment.py +++ b/openvpn/persistEnvironment.py @@ -43,9 +43,10 @@ # Dump resulting settings to file with open(args.env_var_script_file, 'w') as script_file: + script_file.write("#!/bin/bash\n") for var_name, var_value in variables_to_persist.items(): script_file.write( - 'export {env_var}={env_var_value}\n'.format( + 'export {env_var}="{env_var_value}"\n'.format( env_var=var_name, env_var_value=var_value, ), diff --git a/openvpn/start.sh b/openvpn/start.sh index 7d730d30f7..bcd228bedb 100755 --- a/openvpn/start.sh +++ b/openvpn/start.sh @@ -12,6 +12,23 @@ if [[ -n "$REVISION" ]]; then echo "Starting container with revision: $REVISION" fi +# +# We have moved the default location of TRANSMISSION_HOME. Should be fully backwards compatible, but display an early warning. +# Will probably keep the compatibility for a long time but should nudge users to update their setup. +# +echo "TRANSMISSION_HOME is currently set to: ${TRANSMISSION_HOME}" +if [[ "${TRANSMISSION_HOME%/*}" != "/config" ]]; then + echo "WARNING: TRANSMISSION_HOME is not set to the default /config/transmission-home, this is not recommended." + echo "TRANSMISSION_HOME should be set to /config/transmission-home OR another custom directory on /config/" + echo "If you would like to migrate your existing TRANSMISSION_HOME, please stop the container, add volume /config and move the transmission-home directory there." +fi +#Old default transmission-home exists, use as fallback +if [ -d "/data/transmission-home" ]; then + TRANSMISSION_HOME="/data/transmission-home" + echo "WARNING: Deprecated. Found old default transmission-home folder at ${TRANSMISSION_HOME}, setting this as TRANSMISSION_HOME. This might break in future versions." + echo "We will fallback to this directory as long as the folder exists. Please consider moving it to /config/transmission-home" +fi + # If openvpn-pre-start.sh exists, run it if [[ -x /scripts/openvpn-pre-start.sh ]]; then echo "Executing /scripts/openvpn-pre-start.sh" @@ -61,7 +78,7 @@ if [[ -z $OPENVPN_CONFIG_URL ]] && [[ "${OPENVPN_PROVIDER}" == "**None**" ]] || fi echo "Using OpenVPN provider: ${VPN_PROVIDER^^}" if [[ "${VPN_PROVIDER}" == "custom" ]]; then - if [[ -x $VPN_PROVIDER_HOME/default.ovpn ]]; then + if [[ -f $VPN_PROVIDER_HOME/default.ovpn ]]; then CHOSEN_OPENVPN_CONFIG=$VPN_PROVIDER_HOME/default.ovpn fi elif [[ -n $OPENVPN_CONFIG_URL ]]; then @@ -79,7 +96,7 @@ if [[ -z ${CHOSEN_OPENVPN_CONFIG} ]]; then echo "Running with VPN_CONFIG_SOURCE ${VPN_CONFIG_SOURCE}" if [[ "${VPN_CONFIG_SOURCE}" == "auto" ]]; then - if [[ -x $VPN_PROVIDER_HOME/configure-openvpn.sh ]]; then + if [[ -f $VPN_PROVIDER_HOME/configure-openvpn.sh ]]; then echo "Provider ${VPN_PROVIDER^^} has a bundled setup script. Defaulting to internal config" VPN_CONFIG_SOURCE=internal elif [[ "${VPN_PROVIDER}" == "custom" ]]; then @@ -96,7 +113,7 @@ if [[ -z ${CHOSEN_OPENVPN_CONFIG} ]]; then ./etc/openvpn/fetch-external-configs.sh fi - if [[ -x $VPN_PROVIDER_HOME/configure-openvpn.sh ]]; then + if [[ -f $VPN_PROVIDER_HOME/configure-openvpn.sh ]]; then echo "Executing setup script for $OPENVPN_PROVIDER" # Preserve $PWD in case it changes when sourcing the script pushd -n "$PWD" > /dev/null @@ -159,6 +176,11 @@ if [[ -z ${CHOSEN_OPENVPN_CONFIG:-""} ]]; then fi fi +# log message and fail if attempting to mount config directly +if mountpoint -q "$CHOSEN_OPENVPN_CONFIG"; then + fatal_error "You're mounting a openvpn config directly, dont't do this it causes issues (see #2274). Mount the directory where the config is instead." +fi + MODIFY_CHOSEN_CONFIG="${MODIFY_CHOSEN_CONFIG:-true}" # The config file we're supposed to use is chosen, modify it to fit this container setup if [[ "${MODIFY_CHOSEN_CONFIG,,}" == "true" ]]; then @@ -197,17 +219,11 @@ else fi if [[ -f /run/secrets/rpc_creds ]]; then - #write creds if no file or contents are not the same. - if [[ ! -f /config/transmission-credentials.txt ]] || [[ "$(cat /run/secrets/rpc_creds)" != "$(cat /config/transmission-credentials.txt)" ]]; then - echo "Setting Transmission RPC credentials from docker secret..." - cp /run/secrets/rpc_creds /config/transmission-credentials.txt - export TRANSMISSION_RPC_USERNAME=$(head -1 /config/transmission-credentials.txt) - export TRANSMISSION_RPC_PASSWORD=$(tail -1 /config/transmission-credentials.txt) - fi -else - echo "${TRANSMISSION_RPC_USERNAME}" > /config/transmission-credentials.txt - echo "${TRANSMISSION_RPC_PASSWORD}" >> /config/transmission-credentials.txt + export TRANSMISSION_RPC_USERNAME=$(head -1 /run/secrets/rpc_creds) + export TRANSMISSION_RPC_PASSWORD=$(tail -1 /run/secrets/rpc_creds) fi +echo "${TRANSMISSION_RPC_USERNAME}" > /config/transmission-credentials.txt +echo "${TRANSMISSION_RPC_PASSWORD}" >> /config/transmission-credentials.txt # Persist transmission settings for use by transmission-daemon export CONFIG="${CHOSEN_OPENVPN_CONFIG}" diff --git a/scripts/healthcheck.sh b/scripts/healthcheck.sh index f379fca916..8c5646c50f 100755 --- a/scripts/healthcheck.sh +++ b/scripts/healthcheck.sh @@ -44,6 +44,7 @@ echo "Network is up" #Expected output is 2 for both checks, 1 for process and 1 for grep OPENVPN=$(pgrep openvpn | wc -l ) TRANSMISSION=$(pgrep transmission | wc -l) +PROXY=$(pgrep privoxy | wc -l) if [[ ${OPENVPN} -ne 1 ]]; then echo "Openvpn process not running" @@ -54,5 +55,17 @@ if [[ ${TRANSMISSION} -ne 1 ]]; then exit 1 fi +if [[ ${WEBPROXY_ENABLED} =~ [yY][eE]?[Ss]?|[tT][Rr][Uu][eE] ]]; then + if [[ ${PROXY} -eq 0 ]]; then + echo "Privoxy warning: process was stopped, restarting." + fi + proxy_ip=$(grep -oP "(?<=^listen-address).*$" /etc/privoxy/config | sed 's/ //g') + cont_ip=$(ip -j a show dev eth0 | jq -r .[].addr_info[].local) + if [[ ${proxy_ip} != ${cont_ip} ]]; then + echo "Privoxy error: container ip (${cont_ip} has changed: privoxy listening to ${proxy_ip}, restarting privoxy." + pkill privoxy || true + /opt/privoxy/start.sh + fi +fi echo "Openvpn and transmission-daemon processes are running" exit 0 diff --git a/transmission/start.sh b/transmission/start.sh index 05f3f854cd..f6d45f92dd 100755 --- a/transmission/start.sh +++ b/transmission/start.sh @@ -56,6 +56,16 @@ if [[ "shift" = "$TRANSMISSION_WEB_UI" ]]; then export TRANSMISSION_WEB_HOME=/opt/transmission-ui/shift fi +case ${TRANSMISSION_LOG_LEVEL,,} in + "trace" | "debug" | "info" | "warn" | "error" | "critical") + echo "Will exec Transmission with '--log-level=${TRANSMISSION_LOG_LEVEL,,}' argument" + export TRANSMISSION_LOGGING="--log-level=${TRANSMISSION_LOG_LEVEL,,}" + ;; + *) + export TRANSMISSION_LOGGING="" + ;; +esac + . /etc/transmission/userSetup.sh echo "Updating Transmission settings.json with values from env variables" @@ -85,7 +95,9 @@ else fi echo "STARTING TRANSMISSION" -exec su --preserve-environment ${RUN_AS} -s /bin/bash -c "/usr/local/bin/transmission-daemon -g ${TRANSMISSION_HOME} --logfile $LOGFILE" & + +exec su --preserve-environment ${RUN_AS} -s /bin/bash -c "/usr/local/bin/transmission-daemon ${TRANSMISSION_LOGGING} -g ${TRANSMISSION_HOME} --logfile $LOGFILE" & + # Configure port forwarding if applicable if [[ -x /etc/openvpn/${OPENVPN_PROVIDER,,}/update-port.sh && (-z $DISABLE_PORT_UPDATER || "false" = "$DISABLE_PORT_UPDATER") ]]; then diff --git a/transmission/userSetup.sh b/transmission/userSetup.sh index 8140c8cb70..7bb38a0fdc 100644 --- a/transmission/userSetup.sh +++ b/transmission/userSetup.sh @@ -18,18 +18,6 @@ if [ -n "$PUID" ] && [ ! "$(id -u root)" -eq "$PUID" ]; then chown ${RUN_AS}:${RUN_AS} /dev/stdout fi - echo "TRANSMISSION_HOME is currently set to: ${TRANSMISSION_HOME}" - if [[ "${TRANSMISSION_HOME%/*}" != "/config" ]]; then - echo "WARNING: TRANSMISSION_HOME is not set to the default /config/, this is not recommended." - echo "TRANSMISSION_HOME should be set to /config/transmission-home OR another custom directory on /config/" - echo "If you would like to migrate your existing TRANSMISSION_HOME, please stop the container, add volume /config and move the transmission-home directory there." - fi - #Old default transmission-home exists, use as fallback - if [ -d "/data/transmission-home" ]; then - TRANSMISSION_HOME="/data/transmission-home" - echo "WARNING: Deprecated. Found old default transmission-home folder at ${TRANSMISSION_HOME}, setting this as TRANSMISSION_HOME. This might break in future versions." - echo "We will fallback to this directory as long as the folder exists. Please consider moving it to /config/" - fi # Make sure directories exist before chown and chmod mkdir -p /config \ @@ -38,13 +26,15 @@ if [ -n "$PUID" ] && [ ! "$(id -u root)" -eq "$PUID" ]; then "${TRANSMISSION_INCOMPLETE_DIR}" \ "${TRANSMISSION_WATCH_DIR}" - echo "Enforcing ownership on transmission config directory" + echo "Enforcing ownership on transmission directories" chown -R ${RUN_AS}:${RUN_AS} \ - /config + /config \ + "${TRANSMISSION_HOME}" - echo "Applying permissions to transmission config directory" + echo "Applying permissions to transmission directories" chmod -R go=rX,u=rwX \ - /config + /config \ + "${TRANSMISSION_HOME}" if [ "$GLOBAL_APPLY_PERMISSIONS" = true ] ; then echo "Setting owner for transmission paths to ${PUID}:${PGID}" @@ -54,17 +44,26 @@ if [ -n "$PUID" ] && [ ! "$(id -u root)" -eq "$PUID" ]; then "${TRANSMISSION_WATCH_DIR}" echo "Setting permissions for download and incomplete directories" - TRANSMISSION_UMASK_OCTAL=$(printf '%03g' $(printf '%o\n' $(jq .umask ${TRANSMISSION_HOME}/settings.json))) - DIR_PERMS=$(printf '%o\n' $((0777 & ~TRANSMISSION_UMASK_OCTAL))) - FILE_PERMS=$(printf '%o\n' $((0666 & ~TRANSMISSION_UMASK_OCTAL))) - echo "Mask: ${TRANSMISSION_UMASK_OCTAL}" + + if [ -z "$TRANSMISSION_UMASK" ] ; then + # fetch from settings.json if not defined in environment + # because updateSettings.py is called after this script is run + TRANSMISSION_UMASK=$(jq .umask ${TRANSMISSION_HOME}/settings.json) + fi + + TRANSMISSION_UMASK_OCTAL=$( printf "%o\n" "${TRANSMISSION_UMASK}" ) + + DIR_PERMS=$( printf '%o\n' $(( 8#777 & ~TRANSMISSION_UMASK)) ) + FILE_PERMS=$( printf '%o\n' $(( 8#666 & ~TRANSMISSION_UMASK)) ) + + echo "umask: ${TRANSMISSION_UMASK_OCTAL}" echo "Directories: ${DIR_PERMS}" echo "Files: ${FILE_PERMS}" find "${TRANSMISSION_DOWNLOAD_DIR}" "${TRANSMISSION_INCOMPLETE_DIR}" -type d \ - -exec chmod $(printf '%o\n' $((0777 & ~TRANSMISSION_UMASK_OCTAL))) {} + + -exec chmod "${DIR_PERMS}" {} + find "${TRANSMISSION_DOWNLOAD_DIR}" "${TRANSMISSION_INCOMPLETE_DIR}" -type f \ - -exec chmod $(printf '%o\n' $((0666 & ~TRANSMISSION_UMASK_OCTAL))) {} + + -exec chmod "${FILE_PERMS}" {} + echo "Setting permission for watch directory (775) and its files (664)" chmod -R o=rX,ug=rwX \ From 5afc9587e759ea08f1e80d5e46b2860601194676 Mon Sep 17 00:00:00 2001 From: Patrick Kishino Date: Sun, 16 Apr 2023 07:20:48 +0900 Subject: [PATCH 2/2] Merge dev into master (#2583) * Quoute variables, fixes #2406 and #2418 * Fix sed busy (#2426) * fix sed device or resource busy errors Signed-off-by: Jonathan Sloan * update info Signed-off-by: Jonathan Sloan * update docs Signed-off-by: Jonathan Sloan * log and fail if config is a mountpoint Signed-off-by: Jonathan Sloan * correct mountpoint check Signed-off-by: Jonathan Sloan Signed-off-by: Jonathan Sloan * Fix fallback of transmission-home #2409 * Fix to use iptables-legacy rather than iptables-nft (#2456) * Fix bug: the evironment file will be invalid (#2496) something environment like: `name=foo bar` will be invalid in the environment file, in a real example, it will be like `provider= SE Sto`. Simply add change it to `provider="SE Sto"` will fix that. * restart privoxy if docker changed eth0 address. (#2494) * restart privoxy if docker changed eth0 address. * sometimes, pidfile exists but process is dead * Simplify RPC creds setup (#2480) Reduce the complexity associated with creating RPC creds * Fix bitwise decimal & octal (#2457) * Fix bitwise decimal & octal The issue is tracked here: https://github.com/haugene/docker-transmission-openvpn/issues/2450#issuecomment-1336259355 Also uses the TRASNMSISSION_UMASK variable instead of settings.json since updateSettings.py is called after userSetup.sh causing the TRANSMISSION_UMASK in settings.json to be stale when userSetup.sh accesses it. * fix: missing {} in sh variable * fix: missing {} in sh variable * fix regex for webproxy enabled (#2505) * review nordvpn error exit messages + tests (#2518) * Check for files existing instead of being executable #2459 * Bump docker/build-push-action from 3 to 4 (#2522) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: Add quotes on generated variables to avoid braking with spaces (#2538) This should fix #2406 * Fix crash in fetch-external-configs on unset vars (#2561) * simple adjustments to "openvpn/modify-openvpn-config.sh" and "transmission/start.sh" that can make the verbosity of logging user-adjustable (#2564) * Bump docker/build-push-action from 3 to 4 (#2534) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Socks5 example doc (#2541) * fixing some heading sizes * adding socks5-proxy example --------- Co-authored-by: Jonathan Fair * Docs: add capabilities for Podman to tips&tricks (#2546) Co-authored-by: Tomas Vik * Change CONFIG_MOD_VERBOSITY usage This change causes ${CONFIG_MOD_VERBOSITY} to become a variable used directly in the .ovpn config file. The default value remains '3'. * Insert ${TRANSMISSION_LOGGING} into exec'd command This change allows for executing 'transmission-daemon' with '--log-level' set. Utilizing a case-statement and forced lowercase, only valid values are accepted. Default is no logging. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: JtMotoX <7191259+JtMotoX@users.noreply.github.com> Co-authored-by: Jonathan Fair Co-authored-by: Patrick Kishino Co-authored-by: Tomas Vik * OVPN script fix for for 4.x branch (#2566) * Bump docker/build-push-action from 3 to 4 (#2534) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Socks5 example doc (#2541) * fixing some heading sizes * adding socks5-proxy example --------- Co-authored-by: Jonathan Fair * Docs: add capabilities for Podman to tips&tricks (#2546) Co-authored-by: Tomas Vik * git instead of unzip git instead of unzip * Using GIT GIT is used now instead of UNZIP due to issues suddenly experienced. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: JtMotoX <7191259+JtMotoX@users.noreply.github.com> Co-authored-by: Jonathan Fair Co-authored-by: Patrick Kishino Co-authored-by: Tomas Vik * Update master with latest dev fixes (#2579) (#2582) * Quoute variables, fixes #2406 and #2418 * Fix sed busy (#2426) * fix sed device or resource busy errors * update info * update docs * log and fail if config is a mountpoint * correct mountpoint check * Fix fallback of transmission-home #2409 * Fix to use iptables-legacy rather than iptables-nft (#2456) * Fix bug: the evironment file will be invalid (#2496) something environment like: `name=foo bar` will be invalid in the environment file, in a real example, it will be like `provider= SE Sto`. Simply add change it to `provider="SE Sto"` will fix that. * restart privoxy if docker changed eth0 address. (#2494) * restart privoxy if docker changed eth0 address. * sometimes, pidfile exists but process is dead * Simplify RPC creds setup (#2480) Reduce the complexity associated with creating RPC creds * Fix bitwise decimal & octal (#2457) * Fix bitwise decimal & octal The issue is tracked here: https://github.com/haugene/docker-transmission-openvpn/issues/2450#issuecomment-1336259355 Also uses the TRASNMSISSION_UMASK variable instead of settings.json since updateSettings.py is called after userSetup.sh causing the TRANSMISSION_UMASK in settings.json to be stale when userSetup.sh accesses it. * fix: missing {} in sh variable * fix: missing {} in sh variable * fix regex for webproxy enabled (#2505) * review nordvpn error exit messages + tests (#2518) * Check for files existing instead of being executable #2459 * Bump docker/build-push-action from 3 to 4 (#2522) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... * fix: Add quotes on generated variables to avoid braking with spaces (#2538) This should fix #2406 * Fix crash in fetch-external-configs on unset vars (#2561) * simple adjustments to "openvpn/modify-openvpn-config.sh" and "transmission/start.sh" that can make the verbosity of logging user-adjustable (#2564) * Bump docker/build-push-action from 3 to 4 (#2534) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... * Socks5 example doc (#2541) * fixing some heading sizes * adding socks5-proxy example --------- * Docs: add capabilities for Podman to tips&tricks (#2546) * Change CONFIG_MOD_VERBOSITY usage This change causes ${CONFIG_MOD_VERBOSITY} to become a variable used directly in the .ovpn config file. The default value remains '3'. * Insert ${TRANSMISSION_LOGGING} into exec'd command This change allows for executing 'transmission-daemon' with '--log-level' set. Utilizing a case-statement and forced lowercase, only valid values are accepted. Default is no logging. --------- * OVPN script fix for for 4.x branch (#2566) * Bump docker/build-push-action from 3 to 4 (#2534) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... * Socks5 example doc (#2541) * fixing some heading sizes * adding socks5-proxy example --------- * Docs: add capabilities for Podman to tips&tricks (#2546) * git instead of unzip git instead of unzip * Using GIT GIT is used now instead of UNZIP due to issues suddenly experienced. --------- --------- Signed-off-by: Jonathan Sloan Signed-off-by: dependabot[bot] Co-authored-by: Kristian Haugene Co-authored-by: Jonathan Sloan Co-authored-by: Robert Szynal Co-authored-by: Jiangqiu Shen Co-authored-by: edgd1er Co-authored-by: Colin Hebert Co-authored-by: J.P. Hutchins <34154542+JPHutchins@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jayson Reis Co-authored-by: Chad Co-authored-by: phesster <115180691+phesster@users.noreply.github.com> Co-authored-by: JtMotoX <7191259+JtMotoX@users.noreply.github.com> Co-authored-by: Jonathan Fair Co-authored-by: Tomas Vik Co-authored-by: Derek Gordon --------- Signed-off-by: Jonathan Sloan Signed-off-by: dependabot[bot] Co-authored-by: Kristian Haugene Co-authored-by: Jonathan Sloan Co-authored-by: Robert Szynal Co-authored-by: Jiangqiu Shen Co-authored-by: edgd1er Co-authored-by: Colin Hebert Co-authored-by: J.P. Hutchins <34154542+JPHutchins@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jayson Reis Co-authored-by: Chad Co-authored-by: phesster <115180691+phesster@users.noreply.github.com> Co-authored-by: JtMotoX <7191259+JtMotoX@users.noreply.github.com> Co-authored-by: Jonathan Fair Co-authored-by: Tomas Vik Co-authored-by: Derek Gordon