Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add WG_INTERFACE environment variable that defaults to "pia" #147

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add WG_INTERFACE environment variable that defaults to "pia" #147

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
71ff88e
Add WG_INTERFACE environment variable that defaults to "pia"
lucasrangit Jan 23, 2022
cc8f34b
support executing script from any path instead of requiring a cd first
lucasrangit Mar 2, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions connect_to_openvpn_with_token.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.

DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

# This function allows you to check if the required tools have been installed.
check_tool() {
cmd=$1
Expand Down Expand Up @@ -173,7 +175,7 @@ if [[ $PIA_DNS != "true" ]]; then
echo "with the env var PIA_DNS=true. Example:"
echo $ OVPN_SERVER_IP=\""$OVPN_SERVER_IP"\" OVPN_HOSTNAME=\""$OVPN_HOSTNAME"\" \
PIA_TOKEN=\""$PIA_TOKEN"\" CONNECTION_SETTINGS=\""$CONNECTION_SETTINGS"\" \
PIA_PF=true PIA_DNS=true ./connect_to_openvpn_with_token.sh
PIA_PF=true PIA_DNS=true $DIR/connect_to_openvpn_with_token.sh
else
cp openvpn_config/openvpn_up_dnsoverwrite.sh /opt/piavpn-manual/openvpn_up.sh
cp openvpn_config/openvpn_down_dnsoverwrite.sh /opt/piavpn-manual/openvpn_down.sh
Expand Down Expand Up @@ -237,10 +239,10 @@ if [[ $PIA_PF != "true" ]]; then
echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN" \
"PF_GATEWAY=$gateway_ip" \
"PF_HOSTNAME=$OVPN_HOSTNAME" \
"./port_forwarding.sh${nc}"
"$DIR/port_forwarding.sh${nc}"
echo
echo "The location used must be port forwarding enabled, or this will fail."
echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list."
echo "Calling the $DIR/get_region script with PIA_PF=true will provide a filtered list."
exit 1
fi

Expand All @@ -258,9 +260,9 @@ echo -e "Starting procedure to enable port forwarding by running the following c
$ ${green}PIA_TOKEN=$PIA_TOKEN \\
PF_GATEWAY=$gateway_ip \\
PF_HOSTNAME=$OVPN_HOSTNAME \\
./port_forwarding.sh${nc}"
$DIR/port_forwarding.sh${nc}"

PIA_TOKEN=$PIA_TOKEN \
PF_GATEWAY=$gateway_ip \
PF_HOSTNAME=$OVPN_HOSTNAME \
./port_forwarding.sh
$DIR/port_forwarding.sh
27 changes: 17 additions & 10 deletions connect_to_wireguard_with_token.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.

DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

# This function allows you to check if the required tools have been installed.
check_tool() {
cmd=$1
Expand Down Expand Up @@ -80,6 +82,11 @@ if [[ -z $WG_SERVER_IP ||
exit 1
fi

# Check if an Wireguard interface name has been specified (e.g. /etc/wireguard/INTERFACE.conf)
if [[ -z "$WG_INTERFACE" ]]; then
WG_INTERFACE=pia
fi

# Create ephemeral wireguard keys, that we don't need to save to disk.
privKey=$(wg genkey)
export privKey
Expand Down Expand Up @@ -112,7 +119,7 @@ fi
# these scripts. Feel free to fork the project and test it out.
echo
echo "Trying to disable a PIA WG connection in case it exists..."
wg-quick down pia && echo -e "${green}\nPIA WG connection disabled!${nc}"
wg-quick down "$WG_INTERFACE" && echo -e "${green}\nPIA WG connection disabled!${nc}"
echo

# Create the WireGuard config based on the JSON received from the API
Expand All @@ -129,7 +136,7 @@ if [[ $PIA_DNS == "true" ]]; then
echo
dnsSettingForVPN="DNS = $dnsServer"
fi
echo -n "Trying to write /etc/wireguard/pia.conf..."
echo -n "Trying to write /etc/wireguard/$WG_INTERFACE.conf..."
mkdir -p /etc/wireguard
echo "
[Interface]
Expand All @@ -141,24 +148,24 @@ PersistentKeepalive = 25
PublicKey = $(echo "$wireguard_json" | jq -r '.server_key')
AllowedIPs = 0.0.0.0/0
Endpoint = ${WG_SERVER_IP}:$(echo "$wireguard_json" | jq -r '.server_port')
" > /etc/wireguard/pia.conf || exit 1
" > "/etc/wireguard/$WG_INTERFACE.conf" || exit 1
echo -e "${green}OK!${nc}"

# Start the WireGuard interface.
# If something failed, stop this script.
# If you get DNS errors because you miss some packages,
# just hardcode /etc/resolv.conf to "nameserver 10.0.0.242".
echo
echo "Trying to create the wireguard interface..."
wg-quick up pia || exit 1
echo Trying to create the wireguard interface...
wg-quick up "$WG_INTERFACE" || exit 1
echo
echo -e "${green}The WireGuard interface got created.${nc}

At this point, internet should work via VPN.

To disconnect the VPN, run:

--> ${green}wg-quick down pia${nc} <--
--> ${green}wg-quick down ${WG_INTERFACE}${nc} <--
"

# This section will stop the script if PIA_PF is not set to "true".
Expand All @@ -167,10 +174,10 @@ if [[ $PIA_PF != "true" ]]; then
echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN" \
"PF_GATEWAY=$WG_SERVER_IP" \
"PF_HOSTNAME=$WG_HOSTNAME" \
"./port_forwarding.sh${nc}"
"$DIR/port_forwarding.sh${nc}"
echo
echo "The location used must be port forwarding enabled, or this will fail."
echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list."
echo "Calling the $DIR/get_region script with PIA_PF=true will provide a filtered list."
exit 1
fi

Expand All @@ -188,9 +195,9 @@ echo -e "Starting procedure to enable port forwarding by running the following c
$ ${green}PIA_TOKEN=$PIA_TOKEN \\
PF_GATEWAY=$WG_SERVER_IP \\
PF_HOSTNAME=$WG_HOSTNAME \\
./port_forwarding.sh${nc}"
$DIR/port_forwarding.sh${nc}"

PIA_TOKEN=$PIA_TOKEN \
PF_GATEWAY=$WG_SERVER_IP \
PF_HOSTNAME=$WG_HOSTNAME \
./port_forwarding.sh
$DIR/port_forwarding.sh
20 changes: 11 additions & 9 deletions get_region.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.

DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

# This function allows you to check if the required tools have been installed.
check_tool() {
cmd=$1
Expand Down Expand Up @@ -167,7 +169,7 @@ if [[ $selectedRegion == "none" ]]; then
if [[ -z $selectedRegion ]]; then
echo -e "${red}No region responded within ${MAX_LATENCY}s, consider using a higher timeout."
echo "For example, to wait 1 second for each region, inject MAX_LATENCY=1 like this:"
echo -e "$ MAX_LATENCY=1 ./get_region.sh${nc}"
echo -e "$ MAX_LATENCY=1 $DIR/get_region.sh${nc}"
exit 1
else
echo -e "A list of servers and connection details, ordered by latency can be
Expand Down Expand Up @@ -218,10 +220,10 @@ if [[ -z $PIA_TOKEN ]]; then
if [[ -z $PIA_USER || -z $PIA_PASS ]]; then
echo -e "${red}If you want this script to automatically get an authentication"
echo "token, please add the variables PIA_USER and PIA_PASS. Example:"
echo -e "$ PIA_USER=p0123456 PIA_PASS=xxx ./get_region.sh${nc}"
echo -e "$ PIA_USER=p0123456 PIA_PASS=xxx $DIR/get_region.sh${nc}"
exit 0
fi
./get_token.sh
$DIR/get_token.sh
PIA_TOKEN=$( awk 'NR == 1' /opt/piavpn-manual/token )
export PIA_TOKEN
rm -f /opt/piavpn-manual/token
Expand All @@ -232,15 +234,15 @@ fi

# Connect with WireGuard and clear authentication token file and latencyList
if [[ $VPN_PROTOCOL == "wireguard" ]]; then
echo "The ./get_region.sh script got started with"
echo "The $DIR/get_region.sh script got started with"
echo -e "${green}VPN_PROTOCOL=wireguard${nc}, so we will automatically connect to WireGuard,"
echo "by running this command:"
echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN \\"
echo "WG_SERVER_IP=$bestServer_WG_IP WG_HOSTNAME=$bestServer_WG_hostname \\"
echo -e "PIA_PF=$PIA_PF ./connect_to_wireguard_with_token.sh${nc}"
echo -e "PIA_PF=$PIA_PF $DIR/connect_to_wireguard_with_token.sh${nc}"
echo
PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN WG_SERVER_IP=$bestServer_WG_IP \
WG_HOSTNAME=$bestServer_WG_hostname ./connect_to_wireguard_with_token.sh
WG_HOSTNAME=$bestServer_WG_hostname $DIR/connect_to_wireguard_with_token.sh
rm -f /opt/piavpn-manual/latencyList
exit 0
fi
Expand All @@ -253,20 +255,20 @@ if [[ $VPN_PROTOCOL == openvpn* ]]; then
serverIP=$bestServer_OT_IP
serverHostname=$bestServer_OT_hostname
fi
echo "The ./get_region.sh script got started with"
echo "The $DIR/get_region.sh script got started with"
echo -e "${green}VPN_PROTOCOL=$VPN_PROTOCOL${nc}, so we will automatically"
echo "connect to OpenVPN, by running this command:"
echo -e "$ ${green}PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN \\"
echo " OVPN_SERVER_IP=$serverIP \\"
echo " OVPN_HOSTNAME=$serverHostname \\"
echo " CONNECTION_SETTINGS=$VPN_PROTOCOL \\"
echo -e " ./connect_to_openvpn_with_token.sh${nc}"
echo -e " $DIR/connect_to_openvpn_with_token.sh${nc}"
echo
PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN \
OVPN_SERVER_IP=$serverIP \
OVPN_HOSTNAME=$serverHostname \
CONNECTION_SETTINGS=$VPN_PROTOCOL \
./connect_to_openvpn_with_token.sh
$DIR/connect_to_openvpn_with_token.sh
rm -f /opt/piavpn-manual/latencyList
exit 0
fi
4 changes: 3 additions & 1 deletion get_token.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.

DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

# This function allows you to check if the required tools have been installed.
check_tool() {
cmd=$1
Expand Down Expand Up @@ -62,7 +64,7 @@ mkdir -p /opt/piavpn-manual
if [[ -z $PIA_USER || -z $PIA_PASS ]]; then
echo "If you want this script to automatically get a token from the Meta"
echo "service, please add the variables PIA_USER and PIA_PASS. Example:"
echo "$ PIA_USER=p0123456 PIA_PASS=xxx ./get_token.sh"
echo "$ PIA_USER=p0123456 PIA_PASS=xxx $DIR/get_token.sh"
exit 1
fi

Expand Down
11 changes: 7 additions & 4 deletions run_setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
set -o xtrace

DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

# Check if terminal allows output, if yes, define colors for output
if [[ -t 1 ]]; then
Expand Down Expand Up @@ -98,7 +101,7 @@ while :; do
export PIA_PASS

# Confirm credentials and generate token
./get_token.sh
$DIR/get_token.sh

tokenLocation="/opt/piavpn-manual/token"
# If the script failed to generate an authentication token, the script will exit early.
Expand Down Expand Up @@ -252,7 +255,7 @@ For example, you can try 0.2 for 200ms allowed latency.
export PREFERRED_REGION
VPN_PROTOCOL="no"
export VPN_PROTOCOL
VPN_PROTOCOL=no ./get_region.sh
VPN_PROTOCOL=no $DIR/get_region.sh

if [[ -s /opt/piavpn-manual/latencyList ]]; then
# Output the ordered list of servers that meet the latency specification $MAX_LATENCY
Expand Down Expand Up @@ -308,7 +311,7 @@ For example, you can try 0.2 for 200ms allowed latency.
# Validate in-line declaration of PREFERRED_REGION; if invalid remove input to initiate prompts
echo "Region input is : $PREFERRED_REGION"
export PREFERRED_REGION
VPN_PROTOCOL=no ./get_region.sh
VPN_PROTOCOL=no $DIR/get_region.sh
if [[ $? != 1 ]]; then
break
fi
Expand Down Expand Up @@ -391,4 +394,4 @@ echo -e "${green}PIA_DNS=$PIA_DNS${nc}"
CONNECTION_READY="true"
export CONNECTION_READY

./get_region.sh
$DIR/get_region.sh