ChrSchu90 · ChrSchu90 · Mar 12, 2026 · Mar 12, 2026 · Mar 12, 2026 · Mar 12, 2026
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -23,7 +23,7 @@ env:
   NET_PUBLISH_ARGS: "--verbosity normal --configuration Release -p:DebugType=embedded -p:PublishSingleFile=true --self-contained"
   DOCKER_REGISTRY: ghcr.io
   DOCKER_IMAGE_NAME: ${{ github.repository_owner }}/mullvad-proxy-gateway
-  DOCKER_PLATFORMS: linux/amd64,linux/arm/v7,linux/arm64/v8
+  DOCKER_PLATFORMS: linux/amd64,linux/arm64/v8,linux/arm/v7
 
 jobs:
   build:
@@ -61,38 +61,43 @@ jobs:
       run: dotnet test ${{ env.NET_SOLUTION }} --verbosity normal --no-restore --no-build --configuration Release
 
     - name: .NET Publish amd64
-      if: ${{ steps.tagver.outputs.is_valid == 'true' }}
-      run: dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-x64 ${{ env.NET_PUBLISH_ARGS }} -p:Version=${{ steps.tagver.outputs.version }} -o ${{ env.NET_PUBLISH_DIR }}linux/amd64
+      run: |
+        if [ -n "${{ steps.tagver.outputs.version }}" ]; then
+          dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-x64 ${{ env.NET_PUBLISH_ARGS }} -p:Version=${{ steps.tagver.outputs.version }} -o ${{ env.NET_PUBLISH_DIR }}linux/amd64
+        else
+          dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-x64 ${{ env.NET_PUBLISH_ARGS }} -o ${{ env.NET_PUBLISH_DIR }}linux/amd64      
+        fi
+
+    - name: .NET Publish arm64
+      run: |
+        if [ -n "${{ steps.tagver.outputs.version }}" ]; then
+          dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-arm64 ${{ env.NET_PUBLISH_ARGS }} -p:Version=${{ steps.tagver.outputs.version }} -o ${{ env.NET_PUBLISH_DIR }}linux/arm64
+        else
+          dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-arm64 ${{ env.NET_PUBLISH_ARGS }} -o ${{ env.NET_PUBLISH_DIR }}linux/arm64
+        fi
 
     - name: .NET Publish armv7
-      if: ${{ steps.tagver.outputs.is_valid == 'true' }}
-      run: dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-arm ${{ env.NET_PUBLISH_ARGS }} -p:Version=${{ steps.tagver.outputs.version }} -o ${{ env.NET_PUBLISH_DIR }}linux/arm/v7
-
-    - name: .NET Publish armv8
-      if: ${{ steps.tagver.outputs.is_valid == 'true' }}
-      run: dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-arm64 ${{ env.NET_PUBLISH_ARGS }} -p:Version=${{ steps.tagver.outputs.version }} -o ${{ env.NET_PUBLISH_DIR }}linux/arm64/v8
+      run: |
+        if [ -n "${{ steps.tagver.outputs.version }}" ]; then
+          dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-arm ${{ env.NET_PUBLISH_ARGS }} -p:Version=${{ steps.tagver.outputs.version }} -o ${{ env.NET_PUBLISH_DIR }}linux/armv7
+        else
+          dotnet publish ${{ env.NET_PROJECT }} -r linux-musl-arm ${{ env.NET_PUBLISH_ARGS }} -o ${{ env.NET_PUBLISH_DIR }}linux/armv7
+        fi
 
     - name: Docker QEMU Setup
-      if: ${{ steps.tagver.outputs.is_valid == 'true' }}
       uses: docker/setup-qemu-action@v4
-      id: dockerqemu
 
     - name: Docker Buildx Setup
-      if: ${{ steps.dockerqemu.outcome == 'success' }}
       uses: docker/setup-buildx-action@v4
-      id: dockersetup
 
     - name: Docker Login
       uses: docker/login-action@v4
-      if: ${{ steps.dockersetup.outcome == 'success' }}
-      id: dockerlogin
       with:
         registry: ${{ env.DOCKER_REGISTRY }}
         username: ${{ github.repository_owner }}
         password: ${{ secrets.GITHUB_TOKEN }}       
 
     - name: Docker tags/labels
-      if: ${{ steps.dockerlogin.outcome == 'success' }}
       uses: docker/metadata-action@v6
       id: dockermeta
       with:
@@ -116,6 +121,8 @@ jobs:
           type=raw,value=${{ steps.tagver.outputs.version }}-preview,enable=${{ steps.tagver.outputs.is_prerelease == 'true' }}
           # Specific preview build (fully pinned)
           type=raw,value=${{ steps.tagver.outputs.version }}-${{ steps.tagver.outputs.suffix }},enable=${{ steps.tagver.outputs.is_prerelease == 'true' }}
+          # Test build
+          type=raw,value=ci,enable=${{ steps.tagver.outputs.is_valid != 'true' }}
 
     - name: Docker build/push
       if: ${{ steps.dockermeta.outcome == 'success' }}
@@ -132,7 +139,7 @@ jobs:
 
     - name: Create Release
       uses: softprops/action-gh-release@v2
-      if: ${{ steps.dockerbuild.outcome == 'success' }}
+      if: ${{ steps.tagver.outputs.is_valid == 'true' }}
       with:        
         tag_name: ${{ steps.tagver.outputs.version_tag }}
         prerelease: ${{ steps.tagver.outputs.is_prerelease == 'true' }}

diff --git a/Dockerfile b/Dockerfile
@@ -1,34 +1,31 @@
-FROM --platform=$BUILDPLATFORM alpine:3.23
-ARG BUILDPLATFORM=linux/amd64
+FROM alpine:3.23
+
+ARG TARGETOS
+ARG TARGETARCH
+ARG TARGETVARIANT
 ARG GOST_VERSION=3.2.6
 
 # Install required tools, dotnet dependencies and wireguard dependencies + fixes
-RUN apk add --no-cache curl \
+RUN apk add --no-cache curl grep \
     icu-libs icu-data-full \
     iproute2 iptables ip6tables openresolv wireguard-tools && \
     echo "wireguard" >> /etc/modules && \
+    rm -rf /etc/wireguard && \
+    ln -s /config/wg_confs /etc/wireguard && \
     sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' /usr/bin/wg-quick && \
     rm -rf /tmp/* /var/tmp/* /var/cache/distfiles/*
 
 # Download and add GOST binary (https://github.com/go-gost/gost) for socks5 proxy server
-RUN set -eux; \
-    apk add --no-cache --virtual .fetch-deps wget tar; \
-    case "${BUILDPLATFORM}" in \
-      "linux/amd64") GOST_ARCH="linux_amd64" ;; \
-      "linux/arm/v7") GOST_ARCH="linux_armv7" ;; \
-      "linux/arm64/v8") GOST_ARCH="linux_arm64" ;; \
-      "") echo "BUILDPLATFORM is empty — are you using buildx / BuildKit?"; exit 1 ;; \
-      *) echo "Unsupported BUILDPLATFORM: ${BUILDPLATFORM}"; exit 1 ;; \
-    esac; \
-    wget -qO /tmp/gost.tar.gz "https://github.com/go-gost/gost/releases/download/v${GOST_VERSION}/gost_${GOST_VERSION}_${GOST_ARCH}.tar.gz"; \
-    tar -xzf /tmp/gost.tar.gz -C /; \
-    chmod a+x /gost; \
-    apk del .fetch-deps; \
-    rm -rf /tmp/* /var/tmp/* /var/cache/distfiles/*;
+RUN apk add --no-cache --virtual .fetch-deps wget tar && \
+    wget -qO /tmp/gost.tar.gz "https://github.com/go-gost/gost/releases/download/v${GOST_VERSION}/gost_${GOST_VERSION}_${TARGETOS}_${TARGETARCH}${TARGETVARIANT}.tar.gz" && \
+    tar -xzf /tmp/gost.tar.gz -C / && \
+    chmod a+x /gost && \
+    apk del .fetch-deps && \
+    rm -rf /tmp/* /var/tmp/* /var/cache/distfiles/*
 
 # Add project binaries
 COPY --chmod=755 run.sh /run.sh
-COPY --chmod=755 GostGen/publish/${BUILDPLATFORM} .
+COPY --chmod=755 GostGen/publish/${TARGETOS}/${TARGETARCH}${TARGETVARIANT} .
 
 HEALTHCHECK --interval=30s --timeout=30s --retries=5 --start-period=30s CMD \
   sh -c "curl -fs https://am.i.mullvad.net/json | grep -q '\"mullvad_exit_ip\":true'"

diff --git a/README.md b/README.md
@@ -78,7 +78,7 @@ and download multiple configuration files (for example, for Germany – Frankfur
 
 Place the downloaded configuration files in the `data` volume.
 Note that the file names determine the order in which the connections are attempted, 
-so name them accordingly (e.g., 01-de-fra-wg-001.conf, 02-de-fra-wg-002.conf, 03-de-fra-wg-003.conf, etc.).
+so name them accordingly (e.g., 01-de-fra.conf, 02-de-fra.conf, 03-de-fra.conf, etc.).
 
 You may also include configurations for different locations. The first successfully working configuration will be used.
 

diff --git a/debug.sh b/debug.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-cd "$(dirname "$0")"
+cd "$(dirname "$0")" || exit
 
 DOCKER_FILE="Dockerfile"
 IMAGE_NAME="mullvad-proxy-gateway:dev"
@@ -9,8 +9,8 @@ NET_BUILD_ARGS="-p:DebugType=embedded -p:PublishSingleFile=true -p:Version=0.0.1
 GOST_VERSION="3.2.6"
 
 dotnet publish ${NET_PROJECT} -r linux-musl-x64 ${NET_BUILD_ARGS} -o ./GostGen/publish/linux/amd64 && \
-  dotnet publish ${NET_PROJECT} -r linux-musl-arm ${NET_BUILD_ARGS} -o ./GostGen/publish/linux/arm/v7 && \
-  dotnet publish ${NET_PROJECT} -r linux-musl-arm64 ${NET_BUILD_ARGS} -o ./GostGen/publish/linux/arm64/v8 && \
+  dotnet publish ${NET_PROJECT} -r linux-musl-arm64 ${NET_BUILD_ARGS} -o ./GostGen/publish/linux/arm64 && \
+  dotnet publish ${NET_PROJECT} -r linux-musl-arm ${NET_BUILD_ARGS} -o ./GostGen/publish/linux/armv7 && \
   docker buildx build --progress=plain --rm --platform linux/amd64,linux/arm/v7,linux/arm64/v8 --build-arg GOST_VERSION=${GOST_VERSION} -f ${DOCKER_FILE} -t ${IMAGE_NAME} . && \
   docker volume create mullvadproxygateway_data  && \
   docker run --rm -it -v mullvadproxygateway_data:/data -p 1080:1080 -p 9100:9100 -p 2000-3000:2000-3000 --cap-add NET_ADMIN --sysctl net.ipv4.conf.all.src_valid_mark=1 ${IMAGE_NAME}