mirrors/docker-surfshark
2
0
Fork 0
mirror of https://github.com/ilteoood/docker-surfshark.git synced 2025-12-21 13:23:02 +01:00
Code Issues Projects Releases Wiki Activity

This patch is to add in support for IP NAT Masquerade functionality.

Browse Source
This commit is contained in:
Jason Parks
2023-05-17 10:55:11 -06:00
parent 79acdb39bb
commit 1a63139ed9
4 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
Dockerfile
View File

@@ -12,6 +12,7 @@ ENV OPENVPN_OPTS=
ENV CONNECTION_TYPE=tcp ENV CONNECTION_TYPE=tcp
ENV LAN_NETWORK= ENV LAN_NETWORK=
ENV CREATE_TUN_DEVICE= ENV CREATE_TUN_DEVICE=
ENV ENABLE_MASQUERADE=true
ENV OVPN_CONFIGS= ENV OVPN_CONFIGS=
ENV ENABLE_KILL_SWITCH=true ENV ENABLE_KILL_SWITCH=true
HEALTHCHECK --interval=60s --timeout=10s --start-period=30s CMD curl -s https://api.surfshark.com/v1/server/user | grep '"secured":true' HEALTHCHECK --interval=60s --timeout=10s --start-period=30s CMD curl -s https://api.surfshark.com/v1/server/user | grep '"secured":true'

1
README.md
View File

@@ -31,6 +31,7 @@ The container is configurable using 5 environment variables:
|CONNECTION_TYPE|No|The connection type that you want to use: tcp, udp| |CONNECTION_TYPE|No|The connection type that you want to use: tcp, udp|
|LAN_NETWORK|No|Lan network used to access the web ui of attached containers. Can be comma seperated for multiple subnets Comment out or leave blank: example 192.168.0.0/24| |LAN_NETWORK|No|Lan network used to access the web ui of attached containers. Can be comma seperated for multiple subnets Comment out or leave blank: example 192.168.0.0/24|
|CREATE_TUN_DEVICE|No|Creates the TUN device, useful for NAS users| |CREATE_TUN_DEVICE|No|Creates the TUN device, useful for NAS users|
|ENABLE_MASQUERADE|No|Masquerade NAT allows you to translate multiple IP addresses to another single IP address. Usefull when using KASM Workspaces VPN Sidecar.|
|OVPN_CONFIGS|No|Manually provide the path used to read the "Surfshark_Config.zip" file (contains Surshark's OpenVPN configuration files) |OVPN_CONFIGS|No|Manually provide the path used to read the "Surfshark_Config.zip" file (contains Surshark's OpenVPN configuration files)
|ENABLE_KILL_SWITCH|No|Enable the kill-switch functionality |ENABLE_KILL_SWITCH|No|Enable the kill-switch functionality

1
docker-compose.yml
View File

@@ -11,6 +11,7 @@ services:
- SURFSHARK_CITY=mil - SURFSHARK_CITY=mil
- CONNECTION_TYPE=udp - CONNECTION_TYPE=udp
- LAN_NETWORK=192.168.0.0/24 #Optional - Used to access attached containers web ui - LAN_NETWORK=192.168.0.0/24 #Optional - Used to access attached containers web ui
- ENABLE_MASQUERADE=true #Optional - Masquerade NAT allows you to translate multiple IP addresses to another single IP address. Usefull when using KASM Workspaces VPN Sidecar.
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
devices: devices:

6
startup.sh
View File

@@ -32,6 +32,12 @@ if [ "${CREATE_TUN_DEVICE}" = "true" ]; then
chmod 0666 /dev/net/tun chmod 0666 /dev/net/tun
fi fi
# Enable NAT w MASQUERADE mode
if [ "${ENABLE_MASQUERADE}" = "true" ]; then
echo "Enabling IP MASQUERADE using IP Tables"
iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
fi
openvpn --config $VPN_FILE --auth-user-pass vpn-auth.txt --mute-replay-warnings $OPENVPN_OPTS --script-security 2 --up /vpn/sockd.sh openvpn --config $VPN_FILE --auth-user-pass vpn-auth.txt --mute-replay-warnings $OPENVPN_OPTS --script-security 2 --up /vpn/sockd.sh
if [ "${ENABLE_KILL_SWITCH}" = "true" ]; then if [ "${ENABLE_KILL_SWITCH}" = "true" ]; then