chore(vpn): moved wireguard settings helpers from provider/utils to vpn as unexported functions

2026-05-06 07:26:39 -04:00 · 2026-03-11 14:05:55 +00:00
parent e6fc792f4f
commit 97ccadfd33
3 changed files with 76 additions and 87 deletions
@@ -1,79 +0,0 @@
-package utils
-
-import (
-	"net/netip"
-
-	"github.com/qdm12/gluetun/internal/configuration/settings"
-	"github.com/qdm12/gluetun/internal/models"
-	"github.com/qdm12/gluetun/internal/wireguard"
-)
-
-func BuildWireguardSettings(connection models.Connection,
-	userSettings settings.Wireguard, ipv6Supported bool,
-) (settings wireguard.Settings) {
-	settings.PrivateKey = *userSettings.PrivateKey
-	settings.PublicKey = connection.PubKey
-	settings.PreSharedKey = *userSettings.PreSharedKey
-	settings.InterfaceName = userSettings.Interface
-	settings.Implementation = userSettings.Implementation
-	settings.AmneziaWG = buildAmneziaWgSettings(userSettings.AmneziaWG)
-	if *userSettings.MTU > 0 {
-		settings.MTU = *userSettings.MTU
-	} else {
-		// The default is 1320 which is NOT the wireguard-go default
-		// of 1420 because this impacts bandwidth a lot on some
-		// VPN providers, see https://github.com/qdm12/gluetun/issues/1650.
-		// It has been lowered to 1320 following quite a bit of
-		// investigation in the issue: https://github.com/qdm12/gluetun/issues/2533.
-		const defaultMTU = 1320
-		settings.MTU = defaultMTU
-	}
-	settings.IPv6 = &ipv6Supported
-
-	const rulePriority = 101 // 100 is to receive external connections
-	settings.RulePriority = rulePriority
-
-	settings.Endpoint = netip.AddrPortFrom(connection.IP, connection.Port)
-
-	settings.Addresses = make([]netip.Prefix, 0, len(userSettings.Addresses))
-	for _, address := range userSettings.Addresses {
-		if !ipv6Supported && address.Addr().Is6() {
-			continue
-		}
-		addressCopy := netip.PrefixFrom(address.Addr(), address.Bits())
-		settings.Addresses = append(settings.Addresses, addressCopy)
-	}
-
-	settings.AllowedIPs = make([]netip.Prefix, 0, len(userSettings.AllowedIPs))
-	for _, allowedIP := range userSettings.AllowedIPs {
-		if !ipv6Supported && allowedIP.Addr().Is6() {
-			continue
-		}
-		settings.AllowedIPs = append(settings.AllowedIPs, allowedIP)
-	}
-
-	settings.PersistentKeepaliveInterval = *userSettings.PersistentKeepaliveInterval
-
-	return settings
-}
-
-func buildAmneziaWgSettings(s settings.AmneziaWg) wireguard.AmneziaSettings {
-	return wireguard.AmneziaSettings{
-		JunkPacketCount: *s.JunkPacketCount,
-		JunkPacketMin:   *s.JunkPacketMin,
-		JunkPacketMax:   *s.JunkPacketMax,
-		PaddingS1:       *s.PaddingS1,
-		PaddingS2:       *s.PaddingS2,
-		PaddingS3:       *s.PaddingS3,
-		PaddingS4:       *s.PaddingS4,
-		HeaderH1:        *s.HeaderH1,
-		HeaderH2:        *s.HeaderH2,
-		HeaderH3:        *s.HeaderH3,
-		HeaderH4:        *s.HeaderH4,
-		InitPacketI1:    *s.InitPacketI1,
-		InitPacketI2:    *s.InitPacketI2,
-		InitPacketI3:    *s.InitPacketI3,
-		InitPacketI4:    *s.InitPacketI4,
-		InitPacketI5:    *s.InitPacketI5,
-	}
-}
@@ -3,11 +3,11 @@ package vpn
 import (
 	"context"
 	"fmt"
+	"net/netip"

 	"github.com/qdm12/gluetun/internal/configuration/settings"
 	"github.com/qdm12/gluetun/internal/models"
 	"github.com/qdm12/gluetun/internal/provider"
-	"github.com/qdm12/gluetun/internal/provider/utils"
 	"github.com/qdm12/gluetun/internal/wireguard"
 	"github.com/qdm12/gosettings"
 )
@@ -24,7 +24,7 @@ func setupWireguard(ctx context.Context, netlinker NetLinker,
 		return nil, models.Connection{}, fmt.Errorf("finding a VPN server: %w", err)
 	}

-	wireguardSettings := utils.BuildWireguardSettings(connection, settings.Wireguard, ipv6Supported)
+	wireguardSettings := buildWireguardSettings(connection, settings.Wireguard, ipv6Supported)

 	logger.Debug("Wireguard server public key: " + wireguardSettings.PublicKey)
 	logger.Debug("Wireguard client private key: " + gosettings.ObfuscateKey(wireguardSettings.PrivateKey))
@@ -42,3 +42,73 @@ func setupWireguard(ctx context.Context, netlinker NetLinker,

 	return wireguarder, connection, nil
 }
+
+func buildWireguardSettings(connection models.Connection,
+	userSettings settings.Wireguard, ipv6Supported bool,
+) (settings wireguard.Settings) {
+	settings.PrivateKey = *userSettings.PrivateKey
+	settings.PublicKey = connection.PubKey
+	settings.PreSharedKey = *userSettings.PreSharedKey
+	settings.InterfaceName = userSettings.Interface
+	settings.Implementation = userSettings.Implementation
+	settings.AmneziaWG = buildAmneziaWgSettings(userSettings.AmneziaWG)
+	if *userSettings.MTU > 0 {
+		settings.MTU = *userSettings.MTU
+	} else {
+		// The default is 1320 which is NOT the wireguard-go default
+		// of 1420 because this impacts bandwidth a lot on some
+		// VPN providers, see https://github.com/qdm12/gluetun/issues/1650.
+		// It has been lowered to 1320 following quite a bit of
+		// investigation in the issue: https://github.com/qdm12/gluetun/issues/2533.
+		const defaultMTU = 1320
+		settings.MTU = defaultMTU
+	}
+	settings.IPv6 = &ipv6Supported
+
+	const rulePriority = 101 // 100 is to receive external connections
+	settings.RulePriority = rulePriority
+
+	settings.Endpoint = netip.AddrPortFrom(connection.IP, connection.Port)
+
+	settings.Addresses = make([]netip.Prefix, 0, len(userSettings.Addresses))
+	for _, address := range userSettings.Addresses {
+		if !ipv6Supported && address.Addr().Is6() {
+			continue
+		}
+		addressCopy := netip.PrefixFrom(address.Addr(), address.Bits())
+		settings.Addresses = append(settings.Addresses, addressCopy)
+	}
+
+	settings.AllowedIPs = make([]netip.Prefix, 0, len(userSettings.AllowedIPs))
+	for _, allowedIP := range userSettings.AllowedIPs {
+		if !ipv6Supported && allowedIP.Addr().Is6() {
+			continue
+		}
+		settings.AllowedIPs = append(settings.AllowedIPs, allowedIP)
+	}
+
+	settings.PersistentKeepaliveInterval = *userSettings.PersistentKeepaliveInterval
+
+	return settings
+}
+
+func buildAmneziaWgSettings(s settings.AmneziaWg) wireguard.AmneziaSettings {
+	return wireguard.AmneziaSettings{
+		JunkPacketCount: *s.JunkPacketCount,
+		JunkPacketMin:   *s.JunkPacketMin,
+		JunkPacketMax:   *s.JunkPacketMax,
+		PaddingS1:       *s.PaddingS1,
+		PaddingS2:       *s.PaddingS2,
+		PaddingS3:       *s.PaddingS3,
+		PaddingS4:       *s.PaddingS4,
+		HeaderH1:        *s.HeaderH1,
+		HeaderH2:        *s.HeaderH2,
+		HeaderH3:        *s.HeaderH3,
+		HeaderH4:        *s.HeaderH4,
+		InitPacketI1:    *s.InitPacketI1,
+		InitPacketI2:    *s.InitPacketI2,
+		InitPacketI3:    *s.InitPacketI3,
+		InitPacketI4:    *s.InitPacketI4,
+		InitPacketI5:    *s.InitPacketI5,
+	}
+}
@@ -1,4 +1,4 @@
-package utils
+package vpn

 import (
 	"net/netip"
@@ -11,9 +11,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )

-func ptrTo[T any](x T) *T { return &x }
-
-func Test_BuildWireguardSettings(t *testing.T) {
+func Test_buildWireguardSettings(t *testing.T) {
 	t.Parallel()

 	testCases := map[string]struct {
@@ -76,7 +74,7 @@ func Test_BuildWireguardSettings(t *testing.T) {
 				},
 				PersistentKeepaliveInterval: time.Hour,
 				RulePriority:                101,
-				IPv6:                        boolPtr(false),
+				IPv6:                        ptrTo(false),
 				MTU:                         1000,
 				AmneziaWG: wireguard.AmneziaSettings{
 					JunkPacketCount: 1,
@@ -90,7 +88,7 @@ func Test_BuildWireguardSettings(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()

-			settings := BuildWireguardSettings(testCase.connection,
+			settings := buildWireguardSettings(testCase.connection,
 				testCase.userSettings, testCase.ipv6Supported)

 			assert.Equal(t, testCase.settings, settings)