### Run Gluetun Docker Container with Encrypted Credentials Source: https://github.com/passteque/gluetun/blob/master/devrun/README.md Starts a qmcgaw/gluetun Docker container using decrypted credentials from the store. It automatically sets essential environment variables and can accept additional Docker runtime options. The `NET_ADMIN` capability is added by default. ```sh go run ./cmd/main.go run mullvad wireguard ``` ```sh go run ./cmd/main.go run protonvpn wireguard -e PORT_FORWARDING=on -p 8000:8000/tcp ``` -------------------------------- ### Handle CSS Load Event Source: https://github.com/passteque/gluetun/blob/master/internal/provider/vpnsecure/updater/testdata/index.html Attaches an onload event handler to a CSS link element and optionally calls a callback function. Includes a fallback for application installation checks. ```javascript function onloadCSS(n, e) { n.onload = function() { n.onload = null, e && e.call(n) }, "isApplicationInstalled" in navigator && "onloadcssdefined" in n && n.onloadcssdefined(e) } ``` -------------------------------- ### Docker Compose for Gluetun VPN Client Source: https://github.com/passteque/gluetun/blob/master/README.md Use this docker-compose.yml to quickly set up Gluetun. Uncomment and configure VPN_SERVICE_PROVIDER, OPENVPN_USER, OPENVPN_PASSWORD, and TZ according to your VPN provider's instructions. Ensure the volume path is correctly set. ```yaml --- services: gluetun: image: qmcgaw/gluetun # container_name: gluetun # line above must be uncommented to allow external containers to connect. # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/connect-a-container-to-gluetun.md#external-container-to-gluetun cap_add: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun ports: - 8888:8888/tcp # HTTP proxy - 8388:8388/tcp # Shadowsocks - 8388:8388/udp # Shadowsocks volumes: - /yourpath:/gluetun environment: # See https://github.com/qdm12/gluetun-wiki/tree/main/setup#setup - VPN_SERVICE_PROVIDER=ivpn - VPN_TYPE=openvpn # OpenVPN: - OPENVPN_USER= - OPENVPN_PASSWORD= # Wireguard: # - WIREGUARD_PRIVATE_KEY=wOEI9rqqbDwnN8/Bpp22sVz48T71vJ4fYmFWujulwUU= # - WIREGUARD_ADDRESSES=10.64.222.21/32 # Timezone for accurate log times - TZ= # Server list updater # See https://github.com/qdm12/gluetun-wiki/blob/main/setup/servers.md#update-the-vpn-servers-list - UPDATER_PERIOD= ``` -------------------------------- ### User program settings structure in Go Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md Configuration structs should use Go zero values as invalid indicators for fields. Use *string for fields where empty string is a valid value to distinguish between unset and empty. ```go func (s *Settings) setDefaults() func (s *Settings) overrideWith(other Settings) func (s Settings) validate() error func (s *Settings) read(r *reader.Reader) error func (s Settings) String() string func (s Settings) toLinesNode() *gotree.Node ``` -------------------------------- ### Read settings from reader in Go Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md Do not wrap errors from reader.Reader methods as they already contain context. All keys passed to reader.Reader methods must be in environment variable format. ```go func (s *Settings) read(r *reader.Reader) error { // ... } ``` -------------------------------- ### Generate Mocks for External Interfaces Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md Use this command to generate mocks for interfaces from external modules. Mocks are stored in `mocks__test.go` files. ```go //go:generate mockgen -destination=mocks__test.go -package $GOPACKAGE module-name InterfaceA,InterfaceB ``` -------------------------------- ### Generate Mocks for Exported Interfaces Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md Use this command in `mocks_generate_test.go` to generate mocks for exported interfaces. The mocks are stored in `mocks_test.go`. ```go //go:generate mockgen -destination=mocks_test.go -package=$GOPACKAGE . InterfaceA,InterfaceB ``` -------------------------------- ### Dump VPN Credentials from Encrypted Store Source: https://github.com/passteque/gluetun/blob/master/devrun/README.md Prints the stored credentials for a given VPN provider and type. The command prompts for the store's password to decrypt and display the information. ```sh go run ./cmd/main.go dump-cred protonvpn openvpn ``` -------------------------------- ### Add VPN Credentials to Encrypted Store Source: https://github.com/passteque/gluetun/blob/master/devrun/README.md Use this command to add or replace credentials for a specific VPN provider and type in the encrypted store. It handles initial store creation or updates existing encrypted stores, prompting for passwords without echoing. ```sh go run ./cmd/main.go add-cred protonvpn openvpn ``` ```sh go run ./cmd/main.go add-cred mullvad wireguard ``` -------------------------------- ### Generate Mocks for Unexported Interfaces Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md This command generates mocks for unexported interfaces, storing them in `mocks_local_test.go`. The source for these interfaces is `interfaces_local.go`. ```go //go:generate mockgen -destination=mocks_local_test.go -package $GOPACKAGE -source interfaces_local.go ``` -------------------------------- ### Table tests with parallel subtests in Go Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md Use the testify library for assertions and prefer map-based table tests. Run all tests in parallel by calling t.Parallel() in the top-level test and each subtest. ```go testCases := map[string]struct{ // ... }{ "test name": { // ... }, } for name, testCase := range testCases { t.Run(name, func(t *testing.T) { t.Parallel() // ... }) } ``` -------------------------------- ### Relpreload Polyfill for CSS Source: https://github.com/passteque/gluetun/blob/master/internal/provider/vpnsecure/updater/testdata/index.html Provides a polyfill for rel="preload" with as="style" for browsers that do not support it natively. It dynamically loads CSS files that were intended to be preloaded. ```javascript function(e) { if (e.loadCSS) { var t = loadCSS.relpreload = {}; if (t.support = function() { try { return e.document.createElement("link").relList.supports("preload") } catch (e) { return !1 } }, t.poly = function() { for (var t = e.document.getElementsByTagName("link"), n = 0; n < t.length; n++) { var a = t[n]; "preload" === a.rel && "style" === a.getAttribute("as") && (e.loadCSS(a.href, a), a.rel = null) } }, !t.support()) { t.poly(); var n = e.setInterval(t.poly, 300); e.addEventListener && e.addEventListener("load", function() { e.clearInterval(n) }), e.attachEvent && e.attachEvent("onload", function() { e.clearInterval(n) }) } } }(this) ``` -------------------------------- ### Check errors with testify in Go Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md Use assert.ErrorContains for non-sentinel errors and assert.ErrorIs for sentinel errors. Use assert.NoError to check for no error. ```go assert.ErrorContains(t, err, "expected message") assert.NoError(t, err) assert.ErrorIs(t, err, sentinelError) ``` -------------------------------- ### Wrap errors with context in Go Source: https://github.com/passteque/gluetun/blob/master/AGENTS.md Prefer wrapping errors with context using fmt.Errorf("doing this: %w", err) When wrapping errors, use verbs ending in "ing" and avoid "failed to" or "cannot". ```go func (s *Struct) Fetch() error { return fetch() // do not wrap the error } ``` -------------------------------- ### Generate AES Encrypted RSA Key Source: https://github.com/passteque/gluetun/blob/master/internal/openvpn/pkcs8/testdata/readme.txt Use this command to generate an AES-128-CBC encrypted RSA private key. ```bash openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:512 -aes-128-cbc -pass pass:password -out rsa_pkcs8_descbc_encrypted.pem ``` -------------------------------- ### Generate DES Encrypted RSA Key Source: https://github.com/passteque/gluetun/blob/master/internal/openvpn/pkcs8/testdata/readme.txt Use this command to generate a DES encrypted RSA private key. Requires OpenSSL version 1.x.x. ```bash openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:512 -des -pass pass:password -out rsa_pkcs8_aes128cbc_encrypted.pem ``` -------------------------------- ### Load CSS Dynamically Source: https://github.com/passteque/gluetun/blob/master/internal/provider/vpnsecure/updater/testdata/index.html Loads a CSS file dynamically and provides a callback for when it's defined. Useful for asynchronous loading of stylesheets. ```javascript function loadCSS(n, e, o, d) { "use strict"; var t = window.document.createElement("link"), i = e || window.document.getElementsByTagName("script")[0], l = window.document.styleSheets; return t.rel = "stylesheet", t.href = n, t.media = "only x", d && (t.onload = d), i.parentNode.insertBefore(t, i), t.onloadcssdefined = function(n) { for (var e, o = 0; o < l.length; o++) l[o].href && l[o].href === t.href && (e = !0); e ? n() : setTimeout(function() { t.onloadcssdefined(n) }) }, t.onloadcssdefined(function() { t.media = o || "all" }), t } ``` -------------------------------- ### Decrypt DES Encrypted RSA Key Source: https://github.com/passteque/gluetun/blob/master/internal/openvpn/pkcs8/testdata/readme.txt Use this command to decrypt a DES encrypted RSA private key. The input file must be DES encrypted. ```bash openssl pkcs8 -topk8 -in rsa_pkcs8_aes128cbc_encrypted.pem -passin pass:password -nocrypt -out rsa_pkcs8_aes128cbc_decrypted.pem ``` -------------------------------- ### Decrypt AES Encrypted RSA Key Source: https://github.com/passteque/gluetun/blob/master/internal/openvpn/pkcs8/testdata/readme.txt Use this command to decrypt an AES-128-CBC encrypted RSA private key. The input file must be AES encrypted. ```bash openssl pkcs8 -topk8 -in rsa_pkcs8_descbc_encrypted.pem -passin pass:password -nocrypt -out rsa_pkcs8_descbc_decrypted.pem ``` -------------------------------- ### Facebook Pixel Initialization and Page View Tracking Source: https://github.com/passteque/gluetun/blob/master/internal/provider/vpnsecure/updater/testdata/index.html This JavaScript code initializes the Facebook Pixel with a specific ID and tracks a 'PageView' event. This is commonly used for website analytics and advertising on the Facebook platform. ```javascript !function (f, b, e, v, n, t, s) { if (f.fbq) return; n = f.fbq = function () { n.callMethod ? n.callMethod.apply(n, arguments) : n.queue.push(arguments) }; if (!f._fbq) f._fbq = n; n.push = n; n.loaded = !0; n.version = '2.0'; n.queue = []; t = b.createElement(e); t.async = !0; t.src = v; s = b.getElementsByTagName(e)[0]; s.parentNode.insertBefore(t, s) }(window, document, 'script', 'https://connect.facebook.net/en_US/fbevents.js'); fbq('init', '2257850627652644'); fbq('track', 'PageView'); ``` -------------------------------- ### Delete VPN Credentials from Encrypted Store Source: https://github.com/passteque/gluetun/blob/master/devrun/README.md Removes credentials for a specified VPN provider and type from the encrypted store. It requires the store's password for decryption before removal and re-encryption. ```sh go run ./cmd/main.go delete-cred protonvpn openvpn ``` -------------------------------- ### CSRF Token Handling and SVG Sprite Loading Source: https://github.com/passteque/gluetun/blob/master/internal/provider/vpnsecure/updater/testdata/index.html This JavaScript code handles Cross-Site Request Forgery (CSRF) token management by prepending it to forms and dynamically loads SVG sprites into the DOM. It ensures security by including the CSRF token and enhances performance by preloading SVG assets. ```javascript var  = { ctn: '__csrf', ctv: 'WNyWByblFaTLhBhSfWOC9UsJFGFsIunebNeRQ1JA' } if ($('form.st__frm').length) { $('form.st__frm').prepend(''); } var assets = ['/svgicons/sprites/sprites-sprites-1575200017.svg'] for (var i = 0; i < assets.length; i++) { $.get(assets[i], function (data) { var div = document.createElement('div') div.innerHTML = new XMLSerializer().serializeToString(data.documentElement) $svg = $(div).find('> svg') $svg.css('display', 'none').prependTo('body') }); } ``` -------------------------------- ### Facebook Pixel NoScript Fallback Source: https://github.com/passteque/gluetun/blob/master/internal/provider/vpnsecure/updater/testdata/index.html This HTML code provides a fallback mechanism for the Facebook Pixel tracking when JavaScript is disabled. It uses a tracking pixel to send a 'PageView' event to Facebook Analytics. ```html ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.