PKG_EXECPATH inherited from parent caused pkg bootstrap to treat argv[1] as
a module path. Fix: env -u unsets only PKG_EXECPATH so bootstrap starts fresh
while all auth/session vars are preserved. Depth guard prevents loops.
Also pre-run component installation during Docker build so the sudo code path
is never hit at runtime.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
pkg bootstrap crashes when argv[1]='--connect' and --install-missing-components
is present — it tries require('/--connect'). Moving --install-missing-components
to argv[1] lets pkg handle it as its own bootstrap flag. Extracted wrapper to
sudo-wrapper.sh for readability.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- MANUAL_CONNECT=true: container waits for tun0, user connects via docker exec
- MANUAL_CONNECT=false: auto mode (current), now with env -i in sudo wrapper
- sudo wrapper logs inherited env key names so we can see what parent injects
- monitor_loop extracted as shared function used by both modes
- auto mode connect logic cleaned up into a single while-true rotation loop
- Removes gcc/make/git and the microsocks git clone+build step
- Installs dante-server from apt — zero compilation required
- danted uses 'external: tun0' to explicitly route all proxied traffic
through the VPN interface, more reliable than iptables-based routing
- Config is generated at runtime after tun0 is confirmed up
HAProxy SOCKS5 entry point + scalable purevpn-cli/microsocks exit nodes.
Supports up to 10 simultaneous connections (PureVPN limit), random location
selection from a predefined pool, and automatic reconnect to an unused
location on server-side drop.
