Features
- Public IP fetching:
- Add
PUBLICIP_API_TOKEN
variable PUBLICIP_API
variable supportingipinfo
andip2location
- Add
- Private Internet Access:
PORT_FORWARD_ONLY
variable (#2070) - NordVPN:
- update mechanism uses v2 NordVPN web API
- Filter servers with
SERVER_CATEGORIES
(#1806)
- Wireguard:
- Read config from secret file, defaults to
/run/secrets/wg0.conf
which can be changed with variableWIREGUARD_CONF_SECRETFILE
- Read private key, preshared key and addresses from individual secret files (#1348)
- Read config from secret file, defaults to
- Firewall: disallow the unspecified address (
0.0.0.0/0
or::/0
) for outbound subnets - Built-in servers data updated:
- NordVPN
- Privado
- Private Internet Access
- VPN Unlimited
- VyprVPN
- Healthcheck: change unhealthy log from info to debug level
Fixes
- Privado: update OpenVPN zip file URL
STREAM_ONLY
behavior fixed (#2126)- Torguard: set user agent to be allowed to download zip files
- Surfshark:
- Remove no longer valid multi hop regions
- Fail validation for empty string region
- Clearer error message for surfshark regions: only log possible 'new' server regions, do not log old retro-compatible server regions
Maintenance
- Healthcheck: more explicit log to go read the Wiki health guide
- NAT-PMP: RPC error contain all failed attempt messages
- Github:
- add closed issue workflow stating comments are not monitored
- add opened issue workflow
- Dependencies
- Bump github.com/breml/rootcerts from 0.2.14 to 0.2.16 (#2094)
- CI
- Pin docker/build-push-action to v5 (without minor version)
- Upgrade linter to v1.56.2