ishan/manual-connections
1
0
Fork 0
mirror of https://github.com/pia-foss/manual-connections.git synced 2025-02-05 14:08:29 +00:00
Code Issues Projects Releases Wiki Activity

make color definitions portable

Browse Source
This commit is contained in:
a1346054 2021-10-07 12:30:53 +00:00 committed by goonix
parent 7d85dae095
commit 2eaa262bbe
6 changed files with 145 additions and 145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
connect_to_openvpn_with_token.sh
View File

@ -37,13 +37,13 @@ check_tool jq
if [[ -t 1 ]]; then if [[ -t 1 ]]; then
ncolors=$(tput colors) ncolors=$(tput colors)
if [[ -n $ncolors && $ncolors -ge 8 ]]; then if [[ -n $ncolors && $ncolors -ge 8 ]]; then
GREEN='\033[0;32m' red=$(tput setaf 1) # ANSI red
RED='\033[0;31m' green=$(tput setaf 2) # ANSI green
NC='\033[0m' # No Color nc=$(tput sgr0) # No Color
else else
GREEN='' red=''
RED='' green=''
NC='' # No Color nc='' # No Color
fi fi
fi fi
@ -54,25 +54,25 @@ adapter_check=$( ip a s tun06 2>&1 )
should_read="Device \"tun06\" does not exist" should_read="Device \"tun06\" does not exist"
pid_filepath="/opt/piavpn-manual/pia_pid" pid_filepath="/opt/piavpn-manual/pia_pid"
if [[ $adapter_check != *"$should_read"* ]]; then if [[ $adapter_check != *"$should_read"* ]]; then
echo -e "${RED}The tun06 adapter already exists, that interface is required" echo -e "${red}The tun06 adapter already exists, that interface is required"
echo -e "for this configuration.${NC}" echo -e "for this configuration.${nc}"
if [[ -f $pid_filepath ]]; then if [[ -f $pid_filepath ]]; then
old_pid=$( cat "$pid_filepath" ) old_pid=$( cat "$pid_filepath" )
old_pid_name=$( ps -p "$old_pid" -o comm= ) old_pid_name=$( ps -p "$old_pid" -o comm= )
if [[ $old_pid_name == "openvpn" ]]; then if [[ $old_pid_name == "openvpn" ]]; then
echo echo
echo -e "It seems likely that process ${RED}$old_pid${NC} is an OpenVPN connection" echo -e "It seems likely that process ${red}$old_pid${nc} is an OpenVPN connection"
echo "that was established by using this script. Unless it is closed" echo "that was established by using this script. Unless it is closed"
echo "you would not be able to get a new connection." echo "you would not be able to get a new connection."
echo -ne "Do you want to run ${RED}$ kill $old_pid${NC} (Y/n): " echo -ne "Do you want to run ${red}$ kill $old_pid${nc} (Y/n): "
read -r close_connection read -r close_connection
fi fi
if echo "${close_connection:0:1}" | grep -iq n; then if echo "${close_connection:0:1}" | grep -iq n; then
echo -e "${RED}Closing script. Resolve tun06 adapter conflict and run the script again." echo -e "${red}Closing script. Resolve tun06 adapter conflict and run the script again."
exit 1 exit 1
fi fi
echo echo
echo -e "${GREEN}Killing the existing OpenVPN process and waiting 5 seconds...${NC}" echo -e "${green}Killing the existing OpenVPN process and waiting 5 seconds...${nc}"
kill "$old_pid" kill "$old_pid"
echo echo
for i in {5..1}; do for i in {5..1}; do
@ -92,9 +92,9 @@ if [[ -f /proc/net/if_inet6 ]] &&
[[ $(sysctl -n net.ipv6.conf.all.disable_ipv6) -ne 1 || [[ $(sysctl -n net.ipv6.conf.all.disable_ipv6) -ne 1 ||
$(sysctl -n net.ipv6.conf.default.disable_ipv6) -ne 1 ]] $(sysctl -n net.ipv6.conf.default.disable_ipv6) -ne 1 ]]
then then
echo -e "${RED}You should consider disabling IPv6 by running:" echo -e "${red}You should consider disabling IPv6 by running:"
echo "sysctl -w net.ipv6.conf.all.disable_ipv6=1" echo "sysctl -w net.ipv6.conf.all.disable_ipv6=1"
echo -e "sysctl -w net.ipv6.conf.default.disable_ipv6=1${NC}" echo -e "sysctl -w net.ipv6.conf.default.disable_ipv6=1${nc}"
fi fi
# Check if the mandatory environment variables are set. # Check if the mandatory environment variables are set.
@ -102,7 +102,7 @@ if [[ -z $OVPN_SERVER_IP ||
-z $OVPN_HOSTNAME || -z $OVPN_HOSTNAME ||
-z $PIA_TOKEN || -z $PIA_TOKEN ||
-z $CONNECTION_SETTINGS ]]; then -z $CONNECTION_SETTINGS ]]; then
echo -e "${RED}This script requires 4 env vars:" echo -e "${red}This script requires 4 env vars:"
echo "PIA_TOKEN - the token used for authentication" echo "PIA_TOKEN - the token used for authentication"
echo "OVPN_SERVER_IP - IP that you want to connect to" echo "OVPN_SERVER_IP - IP that you want to connect to"
echo "OVPN_HOSTNAME - name of the server, required for ssl" echo "OVPN_HOSTNAME - name of the server, required for ssl"
@ -120,7 +120,7 @@ if [[ -z $OVPN_SERVER_IP ||
echo "An easy solution is to just run get_region_and_token.sh" echo "An easy solution is to just run get_region_and_token.sh"
echo "as it will guide you through getting the best server and" echo "as it will guide you through getting the best server and"
echo "also a token. Detailed information can be found here:" echo "also a token. Detailed information can be found here:"
echo -e "https://github.com/pia-foss/manual-connections${NC}" echo -e "https://github.com/pia-foss/manual-connections${nc}"
exit 1 exit 1
fi fi
@ -131,7 +131,7 @@ rm -f /opt/piavpn-manual/credentials /opt/piavpn-manual/route_info
echo "${PIA_TOKEN:0:62} echo "${PIA_TOKEN:0:62}
${PIA_TOKEN:62}" > /opt/piavpn-manual/credentials || exit 1 ${PIA_TOKEN:62}" > /opt/piavpn-manual/credentials || exit 1
chmod 600 /opt/piavpn-manual/credentials chmod 600 /opt/piavpn-manual/credentials
echo -e "${GREEN}OK!${NC}" echo -e "${green}OK!${nc}"
# Translate connection settings variable # Translate connection settings variable
IFS='_' IFS='_'
@ -168,7 +168,7 @@ echo "remote $OVPN_SERVER_IP $port $protocol" >> /opt/piavpn-manual/pia.ovpn
if [[ $PIA_DNS != "true" ]]; then if [[ $PIA_DNS != "true" ]]; then
cp openvpn_config/openvpn_up.sh /opt/piavpn-manual/ cp openvpn_config/openvpn_up.sh /opt/piavpn-manual/
cp openvpn_config/openvpn_down.sh /opt/piavpn-manual/ cp openvpn_config/openvpn_down.sh /opt/piavpn-manual/
echo -e "${RED}This configuration will not use PIA DNS.${NC}" echo -e "${red}This configuration will not use PIA DNS.${nc}"
echo "If you want to also enable PIA DNS, please start the script" echo "If you want to also enable PIA DNS, please start the script"
echo "with the env var PIA_DNS=true. Example:" echo "with the env var PIA_DNS=true. Example:"
echo $ OVPN_SERVER_IP=\""$OVPN_SERVER_IP"\" OVPN_HOSTNAME=\""$OVPN_HOSTNAME"\" \ echo $ OVPN_SERVER_IP=\""$OVPN_SERVER_IP"\" OVPN_HOSTNAME=\""$OVPN_HOSTNAME"\" \
@ -213,38 +213,38 @@ gateway_ip=$( cat /opt/piavpn-manual/route_info )
# Report and exit if connection was not initialized within 10 seconds. # Report and exit if connection was not initialized within 10 seconds.
if [[ $connected != "true" ]]; then if [[ $connected != "true" ]]; then
echo -e "${RED}The VPN connection was not established within 10 seconds.${NC}" echo -e "${red}The VPN connection was not established within 10 seconds.${nc}"
kill "$ovpn_pid" kill "$ovpn_pid"
exit 1 exit 1
fi fi
echo -e "${GREEN}Initialization Sequence Complete!${NC} echo -e "${green}Initialization Sequence Complete!${nc}
At this point, internet should work via VPN. At this point, internet should work via VPN.
" "
echo -e "OpenVPN Process ID: ${GREEN}$ovpn_pid${NC} echo -e "OpenVPN Process ID: ${green}$ovpn_pid${nc}
VPN route IP: ${GREEN}$gateway_ip${NC} VPN route IP: ${green}$gateway_ip${nc}
To disconnect the VPN, run: To disconnect the VPN, run:
--> ${GREEN}sudo kill $ovpn_pid${NC} <-- --> ${green}sudo kill $ovpn_pid${nc} <--
" "
# This section will stop the script if PIA_PF is not set to "true". # This section will stop the script if PIA_PF is not set to "true".
if [[ $PIA_PF != "true" ]]; then if [[ $PIA_PF != "true" ]]; then
echo "If you want to also enable port forwarding, you can start the script:" echo "If you want to also enable port forwarding, you can start the script:"
echo -e "$ ${GREEN}PIA_TOKEN=$PIA_TOKEN" \ echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN" \
"PF_GATEWAY=$gateway_ip" \ "PF_GATEWAY=$gateway_ip" \
"PF_HOSTNAME=$OVPN_HOSTNAME" \ "PF_HOSTNAME=$OVPN_HOSTNAME" \
"./port_forwarding.sh${NC}" "./port_forwarding.sh${nc}"
echo echo
echo "The location used must be port forwarding enabled, or this will fail." echo "The location used must be port forwarding enabled, or this will fail."
echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list." echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list."
exit 1 exit 1
fi fi
echo -ne "This script got started with ${GREEN}PIA_PF=true${NC}. echo -ne "This script got started with ${green}PIA_PF=true${nc}.
Starting port forwarding in " Starting port forwarding in "
for i in {5..1}; do for i in {5..1}; do
@ -255,10 +255,10 @@ echo
echo echo
echo -e "Starting procedure to enable port forwarding by running the following command: echo -e "Starting procedure to enable port forwarding by running the following command:
$ ${GREEN}PIA_TOKEN=$PIA_TOKEN \\ $ ${green}PIA_TOKEN=$PIA_TOKEN \\
PF_GATEWAY=$gateway_ip \\ PF_GATEWAY=$gateway_ip \\
PF_HOSTNAME=$OVPN_HOSTNAME \\ PF_HOSTNAME=$OVPN_HOSTNAME \\
./port_forwarding.sh${NC}" ./port_forwarding.sh${nc}"
PIA_TOKEN=$PIA_TOKEN \ PIA_TOKEN=$PIA_TOKEN \
PF_GATEWAY=$gateway_ip \ PF_GATEWAY=$gateway_ip \

40
connect_to_wireguard_with_token.sh
View File

@ -37,13 +37,13 @@ check_tool jq
if [[ -t 1 ]]; then if [[ -t 1 ]]; then
ncolors=$(tput colors) ncolors=$(tput colors)
if [[ -n $ncolors && $ncolors -ge 8 ]]; then if [[ -n $ncolors && $ncolors -ge 8 ]]; then
GREEN='\033[0;32m' red=$(tput setaf 1) # ANSI red
RED='\033[0;31m' green=$(tput setaf 2) # ANSI green
NC='\033[0m' # No Color nc=$(tput sgr0) # No Color
else else
GREEN='' red=''
RED='' green=''
NC='' # No Color nc='' # No Color
fi fi
fi fi
@ -55,16 +55,16 @@ if [[ -f /proc/net/if_inet6 ]] &&
[[ $(sysctl -n net.ipv6.conf.all.disable_ipv6) -ne 1 || [[ $(sysctl -n net.ipv6.conf.all.disable_ipv6) -ne 1 ||
$(sysctl -n net.ipv6.conf.default.disable_ipv6) -ne 1 ]] $(sysctl -n net.ipv6.conf.default.disable_ipv6) -ne 1 ]]
then then
echo -e "${RED}You should consider disabling IPv6 by running:" echo -e "${red}You should consider disabling IPv6 by running:"
echo "sysctl -w net.ipv6.conf.all.disable_ipv6=1" echo "sysctl -w net.ipv6.conf.all.disable_ipv6=1"
echo -e "sysctl -w net.ipv6.conf.default.disable_ipv6=1${NC}" echo -e "sysctl -w net.ipv6.conf.default.disable_ipv6=1${nc}"
fi fi
# Check if the mandatory environment variables are set. # Check if the mandatory environment variables are set.
if [[ -z $WG_SERVER_IP || if [[ -z $WG_SERVER_IP ||
-z $WG_HOSTNAME || -z $WG_HOSTNAME ||
-z $PIA_TOKEN ]]; then -z $PIA_TOKEN ]]; then
echo -e "${RED}This script requires 3 env vars:" echo -e "${red}This script requires 3 env vars:"
echo "WG_SERVER_IP - IP that you want to connect to" echo "WG_SERVER_IP - IP that you want to connect to"
echo "WG_HOSTNAME - name of the server, required for ssl" echo "WG_HOSTNAME - name of the server, required for ssl"
echo "PIA_TOKEN - your authentication token" echo "PIA_TOKEN - your authentication token"
@ -76,7 +76,7 @@ if [[ -z $WG_SERVER_IP ||
echo "An easy solution is to just run get_region_and_token.sh" echo "An easy solution is to just run get_region_and_token.sh"
echo "as it will guide you through getting the best server and" echo "as it will guide you through getting the best server and"
echo "also a token. Detailed information can be found here:" echo "also a token. Detailed information can be found here:"
echo -e "https://github.com/pia-foss/manual-connections${NC}" echo -e "https://github.com/pia-foss/manual-connections${nc}"
exit 1 exit 1
fi fi
@ -103,7 +103,7 @@ export wireguard_json
# Check if the API returned OK and stop this script if it didn't. # Check if the API returned OK and stop this script if it didn't.
if [[ $(echo "$wireguard_json" | jq -r '.status') != "OK" ]]; then if [[ $(echo "$wireguard_json" | jq -r '.status') != "OK" ]]; then
>&2 echo -e "${RED}Server did not return OK. Stopping now.${NC}" >&2 echo -e "${red}Server did not return OK. Stopping now.${nc}"
exit 1 exit 1
fi fi
@ -112,7 +112,7 @@ fi
# these scripts. Feel free to fork the project and test it out. # these scripts. Feel free to fork the project and test it out.
echo echo
echo "Trying to disable a PIA WG connection in case it exists..." echo "Trying to disable a PIA WG connection in case it exists..."
wg-quick down pia && echo -e "${GREEN}\nPIA WG connection disabled!${NC}" wg-quick down pia && echo -e "${green}\nPIA WG connection disabled!${nc}"
echo echo
# Create the WireGuard config based on the JSON received from the API # Create the WireGuard config based on the JSON received from the API
@ -142,7 +142,7 @@ PublicKey = $(echo "$wireguard_json" | jq -r '.server_key')
AllowedIPs = 0.0.0.0/0 AllowedIPs = 0.0.0.0/0
Endpoint = ${WG_SERVER_IP}:$(echo "$wireguard_json" | jq -r '.server_port') Endpoint = ${WG_SERVER_IP}:$(echo "$wireguard_json" | jq -r '.server_port')
" > /etc/wireguard/pia.conf || exit 1 " > /etc/wireguard/pia.conf || exit 1
echo -e "${GREEN}OK!${NC}" echo -e "${green}OK!${nc}"
# Start the WireGuard interface. # Start the WireGuard interface.
# If something failed, stop this script. # If something failed, stop this script.
@ -152,29 +152,29 @@ echo
echo "Trying to create the wireguard interface..." echo "Trying to create the wireguard interface..."
wg-quick up pia || exit 1 wg-quick up pia || exit 1
echo echo
echo -e "${GREEN}The WireGuard interface got created.${NC} echo -e "${green}The WireGuard interface got created.${nc}
At this point, internet should work via VPN. At this point, internet should work via VPN.
To disconnect the VPN, run: To disconnect the VPN, run:
--> ${GREEN}wg-quick down pia${NC} <-- --> ${green}wg-quick down pia${nc} <--
" "
# This section will stop the script if PIA_PF is not set to "true". # This section will stop the script if PIA_PF is not set to "true".
if [[ $PIA_PF != "true" ]]; then if [[ $PIA_PF != "true" ]]; then
echo "If you want to also enable port forwarding, you can start the script:" echo "If you want to also enable port forwarding, you can start the script:"
echo -e "$ ${GREEN}PIA_TOKEN=$PIA_TOKEN" \ echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN" \
"PF_GATEWAY=$WG_SERVER_IP" \ "PF_GATEWAY=$WG_SERVER_IP" \
"PF_HOSTNAME=$WG_HOSTNAME" \ "PF_HOSTNAME=$WG_HOSTNAME" \
"./port_forwarding.sh${NC}" "./port_forwarding.sh${nc}"
echo echo
echo "The location used must be port forwarding enabled, or this will fail." echo "The location used must be port forwarding enabled, or this will fail."
echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list." echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list."
exit 1 exit 1
fi fi
echo -ne "This script got started with ${GREEN}PIA_PF=true${NC}. echo -ne "This script got started with ${green}PIA_PF=true${nc}.
Starting port forwarding in " Starting port forwarding in "
for i in {5..1}; do for i in {5..1}; do
@ -185,10 +185,10 @@ echo
echo echo
echo -e "Starting procedure to enable port forwarding by running the following command: echo -e "Starting procedure to enable port forwarding by running the following command:
$ ${GREEN}PIA_TOKEN=$PIA_TOKEN \\ $ ${green}PIA_TOKEN=$PIA_TOKEN \\
PF_GATEWAY=$WG_SERVER_IP \\ PF_GATEWAY=$WG_SERVER_IP \\
PF_HOSTNAME=$WG_HOSTNAME \\ PF_HOSTNAME=$WG_HOSTNAME \\
./port_forwarding.sh${NC}" ./port_forwarding.sh${nc}"
PIA_TOKEN=$PIA_TOKEN \ PIA_TOKEN=$PIA_TOKEN \
PF_GATEWAY=$WG_SERVER_IP \ PF_GATEWAY=$WG_SERVER_IP \

54
get_region.sh
View File

@ -38,14 +38,14 @@ check_all_region_data() {
echo -n "Getting the server list..." echo -n "Getting the server list..."
if [[ ${#all_region_data} -lt 1000 ]]; then if [[ ${#all_region_data} -lt 1000 ]]; then
echo -e "${RED}Could not get correct region data. To debug this, run:" echo -e "${red}Could not get correct region data. To debug this, run:"
echo "$ curl -v $serverlist_url" echo "$ curl -v $serverlist_url"
echo -e "If it works, you will get a huge JSON as a response.${NC}" echo -e "If it works, you will get a huge JSON as a response.${nc}"
exit 1 exit 1
fi fi
# Notify the user that we got the server list. # Notify the user that we got the server list.
echo -e "${GREEN}OK!${NC} echo -e "${green}OK!${nc}
" "
} }
@ -56,7 +56,7 @@ get_selected_region_data() {
jq --arg REGION_ID "$selectedRegion" -r \ jq --arg REGION_ID "$selectedRegion" -r \
'.regions[] | select(.id==$REGION_ID)')" '.regions[] | select(.id==$REGION_ID)')"
if [[ -z $regionData ]]; then if [[ -z $regionData ]]; then
echo -e "${RED}The REGION_ID $selectedRegion is not valid.${NC} echo -e "${red}The REGION_ID $selectedRegion is not valid.${nc}
" "
exit 1 exit 1
fi fi
@ -66,19 +66,19 @@ get_selected_region_data() {
if [[ -t 1 ]]; then if [[ -t 1 ]]; then
ncolors=$(tput colors) ncolors=$(tput colors)
if [[ -n $ncolors && $ncolors -ge 8 ]]; then if [[ -n $ncolors && $ncolors -ge 8 ]]; then
GREEN='\033[0;32m' red=$(tput setaf 1) # ANSI red
RED='\033[0;31m' green=$(tput setaf 2) # ANSI green
NC='\033[0m' # No Color nc=$(tput sgr0) # No Color
else else
GREEN='' red=''
RED='' green=''
NC='' # No Color nc='' # No Color
fi fi
fi fi
# Only allow script to run as root # Only allow script to run as root
if (( EUID != 0 )); then if (( EUID != 0 )); then
echo -e "${RED}This script needs to be run as root. Try again with 'sudo $0'${NC}" echo -e "${red}This script needs to be run as root. Try again with 'sudo $0'${nc}"
exit 1 exit 1
fi fi
@ -158,20 +158,20 @@ if [[ $selectedRegion == "none" ]]; then
.servers.meta[0].ip+" "+.id+" "+.name+" "+(.geo|tostring)' )" .servers.meta[0].ip+" "+.id+" "+.name+" "+(.geo|tostring)' )"
fi fi
echo -e Testing regions that respond \ echo -e Testing regions that respond \
faster than "${GREEN}$MAX_LATENCY${NC}" seconds: faster than "${green}$MAX_LATENCY${nc}" seconds:
selectedRegion="$(echo "$summarized_region_data" | selectedRegion="$(echo "$summarized_region_data" |
xargs -I{} bash -c 'printServerLatency {}' | xargs -I{} bash -c 'printServerLatency {}' |
sort | head -1 | awk '{ print $2 }')" sort | head -1 | awk '{ print $2 }')"
echo echo
if [[ -z $selectedRegion ]]; then if [[ -z $selectedRegion ]]; then
echo -e "${RED}No region responded within ${MAX_LATENCY}s, consider using a higher timeout." echo -e "${red}No region responded within ${MAX_LATENCY}s, consider using a higher timeout."
echo "For example, to wait 1 second for each region, inject MAX_LATENCY=1 like this:" echo "For example, to wait 1 second for each region, inject MAX_LATENCY=1 like this:"
echo -e "$ MAX_LATENCY=1 ./get_region.sh${NC}" echo -e "$ MAX_LATENCY=1 ./get_region.sh${nc}"
exit 1 exit 1
else else
echo -e "A list of servers and connection details, ordered by latency can be echo -e "A list of servers and connection details, ordered by latency can be
found in at : ${GREEN}/opt/piavpn-manual/latencyList${NC} found in at : ${green}/opt/piavpn-manual/latencyList${nc}
" "
fi fi
else else
@ -192,7 +192,7 @@ bestServer_OU_hostname=$(echo "$regionData" | jq -r '.servers.ovpnudp[0].cn')
if [[ $VPN_PROTOCOL == "no" ]]; then if [[ $VPN_PROTOCOL == "no" ]]; then
echo -ne "The $selectedOrLowestLatency region is ${GREEN}$(echo "$regionData" | jq -r '.name')${NC}" echo -ne "The $selectedOrLowestLatency region is ${green}$(echo "$regionData" | jq -r '.name')${nc}"
if echo "$regionData" | jq -r '.geo' | grep true > /dev/null; then if echo "$regionData" | jq -r '.geo' | grep true > /dev/null; then
echo " (geolocated region)." echo " (geolocated region)."
else else
@ -205,20 +205,20 @@ the SSL/TLS certificate actually contains the hostname so that you
are sure you are connecting to a secure server, validated by the are sure you are connecting to a secure server, validated by the
PIA authority. Please find below the list of best IPs and matching PIA authority. Please find below the list of best IPs and matching
hostnames for each protocol: hostnames for each protocol:
${GREEN}Meta Services $bestServer_meta_IP\t- $bestServer_meta_hostname ${green}Meta Services $bestServer_meta_IP\t- $bestServer_meta_hostname
WireGuard $bestServer_WG_IP\t- $bestServer_WG_hostname WireGuard $bestServer_WG_IP\t- $bestServer_WG_hostname
OpenVPN TCP $bestServer_OT_IP\t- $bestServer_OT_hostname OpenVPN TCP $bestServer_OT_IP\t- $bestServer_OT_hostname
OpenVPN UDP $bestServer_OU_IP\t- $bestServer_OU_hostname OpenVPN UDP $bestServer_OU_IP\t- $bestServer_OU_hostname
${NC}" ${nc}"
fi fi
# The script will check for an authentication token, and use it if present # The script will check for an authentication token, and use it if present
# If no token exists, the script will check for login credentials to generate one # If no token exists, the script will check for login credentials to generate one
if [[ -z $PIA_TOKEN ]]; then if [[ -z $PIA_TOKEN ]]; then
if [[ -z $PIA_USER || -z $PIA_PASS ]]; then if [[ -z $PIA_USER || -z $PIA_PASS ]]; then
echo -e "${RED}If you want this script to automatically get an authentication" echo -e "${red}If you want this script to automatically get an authentication"
echo "token, please add the variables PIA_USER and PIA_PASS. Example:" echo "token, please add the variables PIA_USER and PIA_PASS. Example:"
echo -e "$ PIA_USER=p0123456 PIA_PASS=xxx ./get_region.sh${NC}" echo -e "$ PIA_USER=p0123456 PIA_PASS=xxx ./get_region.sh${nc}"
exit 0 exit 0
fi fi
./get_token.sh ./get_token.sh
@ -226,18 +226,18 @@ if [[ -z $PIA_TOKEN ]]; then
export PIA_TOKEN export PIA_TOKEN
rm -f /opt/piavpn-manual/token rm -f /opt/piavpn-manual/token
else else
echo -e "Using existing token ${GREEN}$PIA_TOKEN${NC}." echo -e "Using existing token ${green}$PIA_TOKEN${nc}."
echo echo
fi fi
# Connect with WireGuard and clear authentication token file and latencyList # Connect with WireGuard and clear authentication token file and latencyList
if [[ $VPN_PROTOCOL == "wireguard" ]]; then if [[ $VPN_PROTOCOL == "wireguard" ]]; then
echo "The ./get_region.sh script got started with" echo "The ./get_region.sh script got started with"
echo -e "${GREEN}VPN_PROTOCOL=wireguard${NC}, so we will automatically connect to WireGuard," echo -e "${green}VPN_PROTOCOL=wireguard${nc}, so we will automatically connect to WireGuard,"
echo "by running this command:" echo "by running this command:"
echo -e "$ ${GREEN}PIA_TOKEN=$PIA_TOKEN \\" echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN \\"
echo "WG_SERVER_IP=$bestServer_WG_IP WG_HOSTNAME=$bestServer_WG_hostname \\" echo "WG_SERVER_IP=$bestServer_WG_IP WG_HOSTNAME=$bestServer_WG_hostname \\"
echo -e "PIA_PF=$PIA_PF ./connect_to_wireguard_with_token.sh${NC}" echo -e "PIA_PF=$PIA_PF ./connect_to_wireguard_with_token.sh${nc}"
echo echo
PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN WG_SERVER_IP=$bestServer_WG_IP \ PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN WG_SERVER_IP=$bestServer_WG_IP \
WG_HOSTNAME=$bestServer_WG_hostname ./connect_to_wireguard_with_token.sh WG_HOSTNAME=$bestServer_WG_hostname ./connect_to_wireguard_with_token.sh
@ -254,13 +254,13 @@ if [[ $VPN_PROTOCOL == openvpn* ]]; then
serverHostname=$bestServer_OT_hostname serverHostname=$bestServer_OT_hostname
fi fi
echo "The ./get_region.sh script got started with" echo "The ./get_region.sh script got started with"
echo -e "${GREEN}VPN_PROTOCOL=$VPN_PROTOCOL${NC}, so we will automatically" echo -e "${green}VPN_PROTOCOL=$VPN_PROTOCOL${nc}, so we will automatically"
echo "connect to OpenVPN, by running this command:" echo "connect to OpenVPN, by running this command:"
echo -e "$ ${GREEN}PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN \\" echo -e "$ ${green}PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN \\"
echo " OVPN_SERVER_IP=$serverIP \\" echo " OVPN_SERVER_IP=$serverIP \\"
echo " OVPN_HOSTNAME=$serverHostname \\" echo " OVPN_HOSTNAME=$serverHostname \\"
echo " CONNECTION_SETTINGS=$VPN_PROTOCOL \\" echo " CONNECTION_SETTINGS=$VPN_PROTOCOL \\"
echo -e " ./connect_to_openvpn_with_token.sh${NC}" echo -e " ./connect_to_openvpn_with_token.sh${nc}"
echo echo
PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN \ PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN \
OVPN_SERVER_IP=$serverIP \ OVPN_SERVER_IP=$serverIP \

20
get_token.sh
View File

@ -41,19 +41,19 @@ timeout_timestamp() {
if [[ -t 1 ]]; then if [[ -t 1 ]]; then
ncolors=$(tput colors) ncolors=$(tput colors)
if [[ -n $ncolors && $ncolors -ge 8 ]]; then if [[ -n $ncolors && $ncolors -ge 8 ]]; then
GREEN='\033[0;32m' red=$(tput setaf 1) # ANSI red
RED='\033[0;31m' green=$(tput setaf 2) # ANSI green
NC='\033[0m' # No Color nc=$(tput sgr0) # No Color
else else
GREEN='' red=''
RED='' green=''
NC='' # No Color nc='' # No Color
fi fi
fi fi
# Only allow script to run as root # Only allow script to run as root
if (( EUID != 0 )); then if (( EUID != 0 )); then
echo -e "${RED}This script needs to be run as root. Try again with 'sudo $0'${NC}" echo -e "${red}This script needs to be run as root. Try again with 'sudo $0'${nc}"
exit 1 exit 1
fi fi
@ -74,17 +74,17 @@ generateTokenResponse=$(curl -s -u "$PIA_USER:$PIA_PASS" \
if [[ $(echo "$generateTokenResponse" | jq -r '.status') != "OK" ]]; then if [[ $(echo "$generateTokenResponse" | jq -r '.status') != "OK" ]]; then
echo echo
echo echo
echo -e "${RED}Could not authenticate with the login credentials provided!${NC}" echo -e "${red}Could not authenticate with the login credentials provided!${nc}"
echo echo
exit exit
fi fi
echo -e "${GREEN}OK!" echo -e "${green}OK!"
echo echo
token=$(echo "$generateTokenResponse" | jq -r '.token') token=$(echo "$generateTokenResponse" | jq -r '.token')
tokenExpiration=$(timeout_timestamp) tokenExpiration=$(timeout_timestamp)
tokenLocation="/opt/piavpn-manual/token" tokenLocation="/opt/piavpn-manual/token"
echo -e "PIA_TOKEN=$token${NC}" echo -e "PIA_TOKEN=$token${nc}"
echo "$token" > "$tokenLocation" || exit 1 echo "$token" > "$tokenLocation" || exit 1
echo "$tokenExpiration" >> "$tokenLocation" echo "$tokenExpiration" >> "$tokenLocation"
echo echo

34
port_forwarding.sh
View File

@ -50,13 +50,13 @@ fi
if [[ -t 1 ]]; then if [[ -t 1 ]]; then
ncolors=$(tput colors) ncolors=$(tput colors)
if [[ -n $ncolors && $ncolors -ge 8 ]]; then if [[ -n $ncolors && $ncolors -ge 8 ]]; then
GREEN='\033[0;32m' red=$(tput setaf 1) # ANSI red
RED='\033[0;31m' green=$(tput setaf 2) # ANSI green
NC='\033[0m' # No Color nc=$(tput sgr0) # No Color
else else
GREEN='' red=''
RED='' green=''
NC='' # No Color nc='' # No Color
fi fi
fi fi
@ -97,10 +97,10 @@ export payload_and_signature
# Check if the payload and the signature are OK. # Check if the payload and the signature are OK.
# If they are not OK, just stop the script. # If they are not OK, just stop the script.
if [[ $(echo "$payload_and_signature" | jq -r '.status') != "OK" ]]; then if [[ $(echo "$payload_and_signature" | jq -r '.status') != "OK" ]]; then
echo -e "${RED}The payload_and_signature variable does not contain an OK status.${NC}" echo -e "${red}The payload_and_signature variable does not contain an OK status.${nc}"
exit 1 exit 1
fi fi
echo -e "${GREEN}OK!${NC}" echo -e "${green}OK!${nc}"
# We need to get the signature out of the previous response. # We need to get the signature out of the previous response.
# The signature will allow the us to bind the port on the server. # The signature will allow the us to bind the port on the server.
@ -118,10 +118,10 @@ port=$(echo "$payload" | base64 -d | jq -r '.port')
expires_at=$(echo "$payload" | base64 -d | jq -r '.expires_at') expires_at=$(echo "$payload" | base64 -d | jq -r '.expires_at')
echo -ne " echo -ne "
Signature ${GREEN}$signature${NC} Signature ${green}$signature${nc}
Payload ${GREEN}$payload${NC} Payload ${green}$payload${nc}
--> The port is ${GREEN}$port${NC} and it will expire on ${RED}$expires_at${NC}. <-- --> The port is ${green}$port${nc} and it will expire on ${red}$expires_at${nc}. <--
Trying to bind the port... " Trying to bind the port... "
@ -136,19 +136,19 @@ while true; do
--data-urlencode "payload=${payload}" \ --data-urlencode "payload=${payload}" \
--data-urlencode "signature=${signature}" \ --data-urlencode "signature=${signature}" \
"https://${PF_HOSTNAME}:19999/bindPort")" "https://${PF_HOSTNAME}:19999/bindPort")"
echo -e "${GREEN}OK!${NC}" echo -e "${green}OK!${nc}"
# If port did not bind, just exit the script. # If port did not bind, just exit the script.
# This script will exit in 2 months, since the port will expire. # This script will exit in 2 months, since the port will expire.
export bind_port_response export bind_port_response
if [[ $(echo "$bind_port_response" | jq -r '.status') != "OK" ]]; then if [[ $(echo "$bind_port_response" | jq -r '.status') != "OK" ]]; then
echo -e "${RED}The API did not return OK when trying to bind port... Exiting.${NC}" echo -e "${red}The API did not return OK when trying to bind port... Exiting.${nc}"
exit 1 exit 1
fi fi
echo -e Forwarded port'\t'"${GREEN}$port${NC}" echo -e Forwarded port'\t'"${green}$port${nc}"
echo -e Refreshed on'\t'"${GREEN}$(date)${NC}" echo -e Refreshed on'\t'"${green}$(date)${nc}"
echo -e Expires on'\t'"${RED}$(date --date="$expires_at")${NC}" echo -e Expires on'\t'"${red}$(date --date="$expires_at")${nc}"
echo -e "\n${GREEN}This script will need to remain active to use port forwarding, and will refresh every 15 minutes.${NC}\n" echo -e "\n${green}This script will need to remain active to use port forwarding, and will refresh every 15 minutes.${nc}\n"
# sleep 15 minutes # sleep 15 minutes
sleep 900 sleep 900

86
run_setup.sh
View File

@ -23,13 +23,13 @@
if [[ -t 1 ]]; then if [[ -t 1 ]]; then
ncolors=$(tput colors) ncolors=$(tput colors)
if [[ -n $ncolors && $ncolors -ge 8 ]]; then if [[ -n $ncolors && $ncolors -ge 8 ]]; then
GREEN='\033[0;32m' red=$(tput setaf 1) # ANSI red
RED='\033[0;31m' green=$(tput setaf 2) # ANSI green
NC='\033[0m' # No Color nc=$(tput sgr0) # No Color
else else
GREEN='' red=''
RED='' green=''
NC='' # No Color nc='' # No Color
fi fi
fi fi
@ -39,7 +39,7 @@ floatCheck='^[0-9]+([.][0-9]+)?$'
# Only allow script to run as root # Only allow script to run as root
if (( EUID != 0 )); then if (( EUID != 0 )); then
echo -e "${RED}This script needs to be run as root. Try again with 'sudo $0'${NC}" echo -e "${red}This script needs to be run as root. Try again with 'sudo $0'${nc}"
exit 1 exit 1
fi fi
@ -59,15 +59,15 @@ while :; do
unPrefix=${PIA_USER:0:1} unPrefix=${PIA_USER:0:1}
unSuffix=${PIA_USER:1} unSuffix=${PIA_USER:1}
if [[ -z $PIA_USER ]]; then if [[ -z $PIA_USER ]]; then
echo -e "\n${RED}You must provide input.${NC}" echo -e "\n${red}You must provide input.${nc}"
elif [[ ${#PIA_USER} != 8 ]]; then elif [[ ${#PIA_USER} != 8 ]]; then
echo -e "\n${RED}A PIA username is always 8 characters long.${NC}" echo -e "\n${red}A PIA username is always 8 characters long.${nc}"
elif [[ $unPrefix != "P" ]] && [[ $unPrefix != "p" ]]; then elif [[ $unPrefix != "P" ]] && [[ $unPrefix != "p" ]]; then
echo -e "\n${RED}A PIA username must start with \"p\".${NC}" echo -e "\n${red}A PIA username must start with \"p\".${nc}"
elif ! [[ $unSuffix =~ $intCheck ]]; then elif ! [[ $unSuffix =~ $intCheck ]]; then
echo -e "\n${RED}Username formatting is always p#######!${NC}" echo -e "\n${red}Username formatting is always p#######!${nc}"
else else
echo -e "\n${GREEN}PIA_USER=$PIA_USER${NC}" echo -e "\n${green}PIA_USER=$PIA_USER${nc}"
break break
fi fi
PIA_USER="" PIA_USER=""
@ -85,11 +85,11 @@ while :; do
# Confirm format of PIA_PASS input # Confirm format of PIA_PASS input
if [[ -z $PIA_PASS ]]; then if [[ -z $PIA_PASS ]]; then
echo -e "\n${RED}You must provide input.${NC}" echo -e "\n${red}You must provide input.${nc}"
elif [[ ${#PIA_PASS} -lt 8 ]]; then elif [[ ${#PIA_PASS} -lt 8 ]]; then
echo -e "\n${RED}A PIA password is always a minimum of 8 characters long.${NC}" echo -e "\n${red}A PIA password is always a minimum of 8 characters long.${nc}"
else else
echo -e "\n${GREEN}PIA_PASS input received.${NC}" echo -e "\n${green}PIA_PASS input received.${nc}"
echo echo
break break
fi fi
@ -130,7 +130,7 @@ if [[ $PIA_PF != "true" ]]; then
PIA_PF="false" PIA_PF="false"
fi fi
export PIA_PF export PIA_PF
echo -e "${GREEN}PIA_PF=$PIA_PF${NC}" echo -e "${green}PIA_PF=$PIA_PF${nc}"
echo echo
# Check for in-line definition of DISABLE_IPV6 and prompt for input # Check for in-line definition of DISABLE_IPV6 and prompt for input
@ -143,19 +143,19 @@ if [[ -z $DISABLE_IPV6 ]]; then
fi fi
if echo "${DISABLE_IPV6:0:1}" | grep -iq n; then if echo "${DISABLE_IPV6:0:1}" | grep -iq n; then
echo -e "${RED}IPv6 settings have not been altered. echo -e "${red}IPv6 settings have not been altered.
${NC}" ${nc}"
else else
echo -e "The variable ${GREEN}DISABLE_IPV6=$DISABLE_IPV6${NC}, does not start with 'n' for 'no'. echo -e "The variable ${green}DISABLE_IPV6=$DISABLE_IPV6${nc}, does not start with 'n' for 'no'.
${GREEN}Defaulting to yes.${NC} ${green}Defaulting to yes.${nc}
" "
sysctl -w net.ipv6.conf.all.disable_ipv6=1 sysctl -w net.ipv6.conf.all.disable_ipv6=1
sysctl -w net.ipv6.conf.default.disable_ipv6=1 sysctl -w net.ipv6.conf.default.disable_ipv6=1
echo echo
echo -e "${RED}IPv6 has been disabled${NC}, you can ${GREEN}enable it again with: " echo -e "${red}IPv6 has been disabled${nc}, you can ${green}enable it again with: "
echo "sysctl -w net.ipv6.conf.all.disable_ipv6=0" echo "sysctl -w net.ipv6.conf.all.disable_ipv6=0"
echo "sysctl -w net.ipv6.conf.default.disable_ipv6=0" echo "sysctl -w net.ipv6.conf.default.disable_ipv6=0"
echo -e "${NC}" echo -e "${nc}"
fi fi
# Input validation and check for conflicting declarations of AUTOCONNECT and PREFERRED_REGION # Input validation and check for conflicting declarations of AUTOCONNECT and PREFERRED_REGION
@ -166,26 +166,26 @@ if [[ -z $AUTOCONNECT ]]; then
selectServer="ask" selectServer="ask"
elif echo "${AUTOCONNECT:0:1}" | grep -iq f; then elif echo "${AUTOCONNECT:0:1}" | grep -iq f; then
if [[ $AUTOCONNECT != "false" ]]; then if [[ $AUTOCONNECT != "false" ]]; then
echo -e "The variable ${GREEN}AUTOCONNECT=$AUTOCONNECT${NC}, starts with 'f' for 'false'." echo -e "The variable ${green}AUTOCONNECT=$AUTOCONNECT${nc}, starts with 'f' for 'false'."
AUTOCONNECT="false" AUTOCONNECT="false"
echo -e "Updated ${GREEN}AUTOCONNECT=$AUTOCONNECT${NC}" echo -e "Updated ${green}AUTOCONNECT=$AUTOCONNECT${nc}"
echo echo
fi fi
selectServer="yes" selectServer="yes"
else else
if [[ $AUTOCONNECT != "true" ]]; then if [[ $AUTOCONNECT != "true" ]]; then
echo -e "The variable ${GREEN}AUTOCONNECT=$AUTOCONNECT${NC}, does not start with 'f' for 'false'." echo -e "The variable ${green}AUTOCONNECT=$AUTOCONNECT${nc}, does not start with 'f' for 'false'."
AUTOCONNECT="true" AUTOCONNECT="true"
echo -e "Updated ${GREEN}AUTOCONNECT=$AUTOCONNECT${NC}" echo -e "Updated ${green}AUTOCONNECT=$AUTOCONNECT${nc}"
echo echo
fi fi
if [[ -z $PREFERRED_REGION ]]; then if [[ -z $PREFERRED_REGION ]]; then
echo -e "${GREEN}AUTOCONNECT=true${NC}" echo -e "${green}AUTOCONNECT=true${nc}"
echo echo
else else
echo echo
echo "AUTOCONNECT supersedes in-line definitions of PREFERRED_REGION." echo "AUTOCONNECT supersedes in-line definitions of PREFERRED_REGION."
echo -e "${RED}PREFERRED_REGION=$PREFERRED_REGION will be ignored.${NC} echo -e "${red}PREFERRED_REGION=$PREFERRED_REGION will be ignored.${nc}
" "
PREFERRED_REGION="" PREFERRED_REGION=""
fi fi
@ -233,9 +233,9 @@ For example, you can try 0.2 for 200ms allowed latency.
if [[ -z $latencyInput ]]; then if [[ -z $latencyInput ]]; then
break break
elif [[ $latencyInput == 0 ]]; then elif [[ $latencyInput == 0 ]]; then
echo -e "${RED}Latency input must not be zero.${NC}\n" echo -e "${red}Latency input must not be zero.${nc}\n"
elif ! [[ $customLatency =~ $floatCheck ]]; then elif ! [[ $customLatency =~ $floatCheck ]]; then
echo -e "${RED}Latency input must be numeric.${NC}\n" echo -e "${red}Latency input must be numeric.${nc}\n"
elif [[ $latencyInput =~ $intCheck ]]; then elif [[ $latencyInput =~ $intCheck ]]; then
MAX_LATENCY=$latencyInput MAX_LATENCY=$latencyInput
break break
@ -246,7 +246,7 @@ For example, you can try 0.2 for 200ms allowed latency.
latencyInput="" latencyInput=""
done done
export MAX_LATENCY export MAX_LATENCY
echo -e "${GREEN}MAX_LATENCY=$MAX_LATENCY${NC}" echo -e "${green}MAX_LATENCY=$MAX_LATENCY${nc}"
PREFERRED_REGION="none" PREFERRED_REGION="none"
export PREFERRED_REGION export PREFERRED_REGION
@ -256,7 +256,7 @@ For example, you can try 0.2 for 200ms allowed latency.
if [[ -s /opt/piavpn-manual/latencyList ]]; then if [[ -s /opt/piavpn-manual/latencyList ]]; then
# Output the ordered list of servers that meet the latency specification $MAX_LATENCY # Output the ordered list of servers that meet the latency specification $MAX_LATENCY
echo -e "Ordered list of servers with latency less than ${GREEN}$MAX_LATENCY${NC} seconds:" echo -e "Ordered list of servers with latency less than ${green}$MAX_LATENCY${nc} seconds:"
i=0 i=0
while read -r line; do while read -r line; do
i=$((i+1)) i=$((i+1))
@ -277,17 +277,17 @@ For example, you can try 0.2 for 200ms allowed latency.
while :; do while :; do
read -r -p "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection read -r -p "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection
if [[ -z $serverSelection ]]; then if [[ -z $serverSelection ]]; then
echo -e "\n${RED}You must provide input.${NC}\n" echo -e "\n${red}You must provide input.${nc}\n"
elif ! [[ $serverSelection =~ $intCheck ]]; then elif ! [[ $serverSelection =~ $intCheck ]]; then
echo -e "\n${RED}You must enter a number.${NC}\n" echo -e "\n${red}You must enter a number.${nc}\n"
elif [[ $serverSelection -lt 1 ]]; then elif [[ $serverSelection -lt 1 ]]; then
echo -e "\n${RED}You must enter a number greater than 1.${NC}\n" echo -e "\n${red}You must enter a number greater than 1.${nc}\n"
elif [[ $serverSelection -gt $i ]]; then elif [[ $serverSelection -gt $i ]]; then
echo -e "\n${RED}You must enter a number between 1 and $i.${NC}\n" echo -e "\n${red}You must enter a number between 1 and $i.${nc}\n"
else else
PREFERRED_REGION=$( awk 'NR == '"$serverSelection"' {print $2}' /opt/piavpn-manual/latencyList ) PREFERRED_REGION=$( awk 'NR == '"$serverSelection"' {print $2}' /opt/piavpn-manual/latencyList )
echo echo
echo -e "${GREEN}PREFERRED_REGION=$PREFERRED_REGION${NC}" echo -e "${green}PREFERRED_REGION=$PREFERRED_REGION${nc}"
break break
fi fi
done done
@ -300,7 +300,7 @@ For example, you can try 0.2 for 200ms allowed latency.
exit 1 exit 1
fi fi
else else
echo -e "${GREEN}You will auto-connect to the server with the lowest latency.${NC}" echo -e "${green}You will auto-connect to the server with the lowest latency.${nc}"
echo echo
break break
fi fi
@ -357,15 +357,15 @@ case $VPN_PROTOCOL in
;; ;;
esac esac
export VPN_PROTOCOL export VPN_PROTOCOL
echo -e "${GREEN}VPN_PROTOCOL=$VPN_PROTOCOL echo -e "${green}VPN_PROTOCOL=$VPN_PROTOCOL
${NC}" ${nc}"
# Check for the required presence of resolvconf for setting DNS on wireguard connections # Check for the required presence of resolvconf for setting DNS on wireguard connections
setDNS="yes" setDNS="yes"
if ! command -v resolvconf &>/dev/null && [[ $VPN_PROTOCOL == "wireguard" ]]; then if ! command -v resolvconf &>/dev/null && [[ $VPN_PROTOCOL == "wireguard" ]]; then
echo -e "${RED}The resolvconf package could not be found." echo -e "${red}The resolvconf package could not be found."
echo "This script can not set DNS for you and you will" echo "This script can not set DNS for you and you will"
echo -e "need to invoke DNS protection some other way.${NC}" echo -e "need to invoke DNS protection some other way.${nc}"
echo echo
setDNS="no" setDNS="no"
fi fi
@ -386,7 +386,7 @@ elif [[ $PIA_DNS != "true" || $setDNS == "no" ]]; then
PIA_DNS="false" PIA_DNS="false"
fi fi
export PIA_DNS export PIA_DNS
echo -e "${GREEN}PIA_DNS=$PIA_DNS${NC}" echo -e "${green}PIA_DNS=$PIA_DNS${nc}"
CONNECTION_READY="true" CONNECTION_READY="true"
export CONNECTION_READY export CONNECTION_READY