Added Docker set-up

Dockerfile

@@ -0,0 +1,48 @@
+# Use Ubuntu 20.04 as the base image
+FROM ubuntu:20.04
+
+# Avoid prompts from apt
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Update and install dependencies
+RUN apt-get update && apt-get install -y \
+    curl \
+    jq \
+    wireguard-tools \
+    openvpn \
+    git \
+    sudo
+
+RUN rm -rf /var/lib/apt/lists/*
+
+# Set up a non-root user
+RUN useradd -m -s /bin/bash pia
+RUN echo "pia ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
+
+# Set working directory
+WORKDIR /home/pia
+
+# Clone the repository
+# RUN git clone https://github.com/pia-foss/manual-connections.git
+COPY . ./manual-connections
+
+# Set ownership of the cloned repository to the pia user
+RUN chown -R pia:pia /home/pia/manual-connections
+
+# # Create a TUN device
+RUN mkdir -p /dev/net && \
+    mknod /dev/net/tun c 10 200 && \
+    chmod 0666 /dev/net/tun
+
+# Switch to the pia user
+USER pia
+
+# Set the working directory to the cloned repository
+WORKDIR /home/pia/manual-connections
+
+# Make the run_setup.sh script executable
+RUN chmod +x run_setup.sh
+RUN chmod +x /home/pia/manual-connections/docker-scripts/startup.sh
+
+# Set the startup script as the entry point
+CMD ["/home/pia/manual-connections/docker-scripts/startup.sh"]

README.md

@@ -171,6 +171,80 @@ listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 byt
 
 If you run curl on the same machine (the one that is connected to the VPN), you will see the traffic in tcpdump anyway and the test won't prove anything. At the same time, the request will get firewall so you will not be able to access the port from the same machine. This can only be tested properly by running curl on another system.
 
+## Docker
+
+> Some features are not still available in Docker natively, like port forwarding.
+
+### Manual build
+
+```bash
+docker build -t pia-manual-connections .
+```
+
+### Run
+
+```bash
+docker run -d --name pia-vpn \
+  --cap-add=NET_ADMIN \
+  --device /dev/net/tun \
+  -e VPN_PROTOCOL=wireguard \
+  -e DISABLE_IPV6=yes \
+  -e DIP_TOKEN=no \
+  -e AUTOCONNECT=true \
+  -e PIA_PF=false \
+  -e PIA_DNS=true \
+  -e PIA_USER=your_username \
+  -e PIA_PASS=your_password \
+  -e PIA_CONNECT=true \
+  -e MAX_LATENCY=50 \
+  pia-manual-connections
+```
+
+### Docker Compose example
+
+```yaml
+version: '3'
+services:
+  vpn:
+    # image: not-published-yet
+    build:
+      dockerfile: Dockerfile
+      context: vpn/manual-connection-pia
+    container_name: docker-pia
+    environment:
+      - PUID=1000
+      - PGID=1000
+      - TZ=America/New_York
+      - PIA_USER=p8809962
+      - PIA_PASS=NENKDCpU4m
+      - AUTOCONNECT=true
+      - PIA_CONNECT=true
+      - DIP_TOKEN=YOUR_TOKEN_OR_NOTHING
+      - PREFERRED_REGION=auto # Ignored when DIP_TOKEN
+      - VPN_PROTOCOL=wireguard # or openvpn
+    volumes:
+      - ./config:/config
+    # dns:
+    #   - 8.8.8.8
+    #   - 8.8.4.4
+    cap_add:
+      - NET_ADMIN
+    restart: unless-stopped
+
+  # Example of another service sharing the VPN
+  # If this service needs LAN access then LOCAL_NETWORK must be set appropriatley on the vpn container
+  # Forwared ports should also be set on the vpn container if needed rather than this one in
+  # order to access from the LAN
+  # It may be preferable to use a reverse proxy connected via the docker bridge network instead
+  # to keep the vpn isolated from the LAN
+  other-service:
+    image: some-other-image
+    # Other services can share the VPN using 'network_mode'
+    # See https://docs.docker.com/engine/reference/run/#network-container and
+    # https://docs.docker.com/compose/compose-file/compose-file-v3/#network_mode
+    network_mode: "service:vpn"
+```
+
 ## Thanks
 
 A big special thanks to [faireOwl](https://github.com/faireOwl) for his contributions to this repo.

docker-scipts/startup.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+
+sudo VPN_PROTOCOL=$VPN_PROTOCOL 
+DISABLE_IPV6=$DISABLE_IPV6 
+DIP_TOKEN=$DIP_TOKEN 
+AUTOCONNECT=$AUTOCONNECT 
+PIA_PF=$PIA_PF 
+PIA_DNS=$PIA_DNS 
+PIA_USER=$PIA_USER 
+PIA_PASS=$PIA_PASS 
+PIA_CONNECT=$PIA_CONNECT 
+PIA_CONF_PATH=$PIA_CONF_PATH 
+MAX_LATENCY=$MAX_LATENCY 
+PREFERRED_REGION=$PREFERRED_REGION 
+./run_setup.sh
+
+# Keep the container running
+tail -f /dev/null