---
title: "[bojemoi] feat(borodino): OpenVPN gateway + fix ak47/bm12 env vars"
date: 2026-03-30T21:24:58+02:00
draft: false
tags: ["commit", "bojemoi", "main"]
categories: ["Git Activity"]
summary: "Commit 631b96e par Betty dans bojemoi"
author: "Betty"
---

## Commit `631b96e`

| | |
|---|---|
| **Repository** | bojemoi |
| **Branch** | `main` |
| **Author** | Betty |
| **Hash** | `631b96e0ca6c8c73c1b320dc3ca9d3ef9ec3e44c` |


### Description

- Switch wg-gateway from WireGuard to OpenVPN (ProtonVPN TCP config)
  - Dockerfile.wg-gateway: wireguard-tools → openvpn
  - wg-gateway-start.sh: wg-quick → openvpn daemon, wait for tun0, NAT via tun0
  - Secrets: protonvpn_wg → protonvpn_ovpn + protonvpn_auth
- Add route-setup.sh: split-tunnel wrapper for ak47/bm12 (RFC1918 via
  overlay, internet via VPN gateway)
- Fix ak47/bm12 environment sections: YAML merge replaces lists, so
  postgres credentials were missing after adding SCAN_GATEWAY_HOST
- Add .claude/commands/borodino.md skill for C2 stack operations

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

### Files Changed

```
A	.claude/commands/borodino.md
M	borodino/Dockerfile.borodino
A	borodino/Dockerfile.wg-gateway
A	borodino/route-setup.sh
A	borodino/wg-gateway-start.sh
M	stack/40-service-borodino.yml
```

### Diff Summary

```
 .claude/commands/borodino.md   | 156 +++++++++++++++++++++++++++++++++++++++++
 borodino/Dockerfile.borodino   |   2 +
 borodino/Dockerfile.wg-gateway |  16 +++++
 borodino/route-setup.sh        |  37 ++++++++++
 borodino/wg-gateway-start.sh   |  67 ++++++++++++++++++
 stack/40-service-borodino.yml  |  75 +++++++++++++++++++-
 6 files changed, 351 insertions(+), 2 deletions(-)
```