From c3297b38e9abd525a4874e90d1f0109a8f1bc021 Mon Sep 17 00:00:00 2001
From: Nikolai Rodionov <allanger@badhouseplants.net>
Date: Mon, 1 Jan 2024 10:56:33 +0100
Subject: [PATCH] Update XORed vpn to 2.6.8

---
 .drone.yml                       |  2 +-
 Containerfile                    | 79 --------------------------------
 containerfiles/Containerfile-XOR |  4 +-
 3 files changed, 3 insertions(+), 82 deletions(-)
 delete mode 100644 Containerfile

diff --git a/.drone.yml b/.drone.yml
index 64d2b37..2042194 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -20,7 +20,7 @@ steps:
       GITEA_TOKEN:
         from_secret: GITEA_TOKEN
       CONTAINERFILE: ./containerfiles/Containerfile-XOR
-      CUSTOM_TAG: v2.6.5-XOR-4.0.0beta13
+      CUSTOM_TAG: v2.6.8-XOR-4.0.0beta13
     commands:
       - build-container
 
diff --git a/Containerfile b/Containerfile
deleted file mode 100644
index 8b8639e..0000000
--- a/Containerfile
+++ /dev/null
@@ -1,79 +0,0 @@
-FROM ghcr.io/allanger/dumb-downloader as dudo
-ENV OPENVPN_VERSION=2.6.5
-ENV TUNNELBLICK_VERSION=4.0.0beta08
-ENV EASYRSA_VERSION=3.1.5
-RUN apt update && apt install gnupg tar -y
-RUN mkdir /output
-# ------------------------------------------------------
-# -- Downlaod OpenVPN
-# ------------------------------------------------------
-RUN dudo -l "https://keys.openpgp.org/vks/v1/by-fingerprint/F554A3687412CFFEBDEFE0A312F5F7B42F2B01E7" -d security-openvpn-net.asc -p DUMMY
-RUN gpg --import security-openvpn-net.asc
-RUN dudo -l "https://swupdate.openvpn.org/community/releases/openvpn-{{ version }}.tar.gz.asc" -d /tmp/openvpn.asc -p $OPENVPN_VERSION
-# ------------------------------------------------------
-# -- I should fix it later
-# ------------------------------------------------------
-# RUN gpg  --no-tty --verify /tmp/openvpn.asc
-RUN dudo -l "https://swupdate.openvpn.org/community/releases/openvpn-{{ version }}.tar.gz " -d /tmp/openvpn.tar.gz -p $OPENVPN_VERSION
-RUN tar -xf /tmp/openvpn.tar.gz  -C /tmp && rm -f /tmp/openvpn.tar.gz
-RUN mv /tmp/openvpn-$OPENVPN_VERSION /output/openvpn
-# ------------------------------------------------------
-# -- Download Tunnelblick
-# ------------------------------------------------------
-RUN dudo -l "https://github.com/Tunnelblick/Tunnelblick/archive/refs/tags/v{{ version }}.tar.gz" -d /tmp/tunnelblick.tar.gz -p $TUNNELBLICK_VERSION
-RUN tar -xf /tmp/tunnelblick.tar.gz  -C /tmp && rm -f /tmp/tunnelblick.tar.gz
-RUN mv /tmp/Tunnelblick-$TUNNELBLICK_VERSION /output/tunnelblick
-
-FROM ubuntu as builder
-# ------------------------------------------------------
-# -- TODO: Define it only once
-# ------------------------------------------------------
-ENV OPENVPN_VERSION=2.6.5
-ENV TUNNELBLICK_VERSION=v4.0.0beta08
-COPY --from=dudo /output /src
-RUN apt-get update &&\
-      apt-get install -y wget tar unzip build-essential \
-      libssl-dev iproute2 liblz4-dev liblzo2-dev \
-      libpam0g-dev libpkcs11-helper1-dev libsystemd-dev \
-      easy-rsa iptables pkg-config libcap-ng-dev
-RUN cp /src/tunnelblick/third_party/sources/openvpn/openvpn-$OPENVPN_VERSION/patches/*.diff /src/openvpn
-WORKDIR /src/openvpn
-RUN for patch in $(find -type f | grep diff); do\
-        patch -p1 < $patch;\
-    done
-RUN ./configure --disable-systemd --enable-async-push --enable-iproute2
-RUN make && make install
-RUN mkdir /output
-RUN cp $(which openvpn) /output/
-
-# ------------------------------------------------------
-# -- Final container
-# ------------------------------------------------------
-FROM ubuntu:22.04
-LABEL maintainer="allanger <allanger@zohomail.com>"
-COPY --from=builder /output /src
-# -------------------------------------------------------
-# -- Prepare system deps
-# -------------------------------------------------------
-RUN apt update && apt install openvpn easy-rsa iptables -y && \
-  mv /src/openvpn $(which openvpn)
-
-# Needed by scripts
-ENV OPENVPN /etc/openvpn
-
-# Prevents refused client connection because of an expired CRL
-ENV EASYRSA_CRL_DAYS 3650
-
-VOLUME ["/etc/openvpn"]
-
-# Internally uses port 1194, remap if needed using `docker run -p 443:1194/tcp`
-EXPOSE 1194
-
-CMD ["ovpn_run"]
-
-COPY --chmod='755' ./bin /usr/local/bin
-# -----------------------------------------------------------
-# -- Add support for OTP authentication using a PAM module
-# -- I have no idea how it works yet
-# -----------------------------------------------------------
-COPY ./otp/openvpn /etc/pam.d/
diff --git a/containerfiles/Containerfile-XOR b/containerfiles/Containerfile-XOR
index 68422cf..db691c2 100644
--- a/containerfiles/Containerfile-XOR
+++ b/containerfiles/Containerfile-XOR
@@ -1,5 +1,5 @@
 FROM ghcr.io/allanger/dumb-downloader as dudo
-ENV OPENVPN_VERSION=2.6.5
+ENV OPENVPN_VERSION=2.6.8
 ENV TUNNELBLICK_VERSION=4.0.0beta13
 RUN apt update && apt install gnupg tar -y
 RUN mkdir /output
@@ -27,7 +27,7 @@ FROM ubuntu as builder
 # ------------------------------------------------------
 # -- TODO: Define it only once
 # ------------------------------------------------------
-ENV OPENVPN_VERSION=2.6.5
+ENV OPENVPN_VERSION=2.6.8
 ENV TUNNELBLICK_VERSION=v4.0.0beta13
 COPY --from=dudo /output /src
 RUN apt-get update &&\