From 9b42ad934a9353fbefda7cbab2725f4f3b1850a3 Mon Sep 17 00:00:00 2001 From: faireOwl <72615062+faireOwl@users.noreply.github.com> Date: Tue, 23 Aug 2022 04:59:02 -0500 Subject: [PATCH] Add: DIP Support (#159) * Provision of DIP Support Added dedicated IP support, including DIP_TOKEN for one-line calls and prompts through run_setup.sh. Adjusted package dependency response for wireguard to list the necessary package (wireguard-tools) to utilize wg-quick. Updated README.md to clarify package dependencies and include DIP_TOKEN. --- README.md | 3 +- connect_to_openvpn_with_token.sh | 14 +- connect_to_wireguard_with_token.sh | 31 ++- get_dip.sh | 110 +++++++++ get_region.sh | 1 + get_token.sh | 11 +- port_forwarding.sh | 1 + run_setup.sh | 380 ++++++++++++++++++----------- 8 files changed, 392 insertions(+), 159 deletions(-) create mode 100755 get_dip.sh diff --git a/README.md b/README.md index 2a93999..e6c70c1 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ The scripts were written so that they are easy to read and to modify. The code a In order for the scripts to work (probably even if you do a manual setup), you will need the following packages: * `curl` * `jq` - * (only for WireGuard) `wg-quick` and `wireguard` kernel module + * (only for WireGuard) `wireguard-tools` (`wg-quick` and `wireguard` kernel module) * (only for OpenVPN) `openvpn` ## Disclaimers @@ -90,6 +90,7 @@ Here is a list of scripts you could find useful: * [Prompt based connection](run_setup.sh): This script allows connections with a one-line call, or will prompt for any missing or invalid variables. Variables available for one-line calls include: * `PIA_USER` - your PIA username * `PIA_PASS` - your PIA password + * `DIP_TOKEN` - your PIA dedicated IP token (can be purchased in the client control panel) * `PIA_DNS` - true/false * `PIA_PF` - true/false * `MAX_LATENCY` - numeric value, in seconds diff --git a/connect_to_openvpn_with_token.sh b/connect_to_openvpn_with_token.sh index d78874e..bc3a7f5 100755 --- a/connect_to_openvpn_with_token.sh +++ b/connect_to_openvpn_with_token.sh @@ -28,6 +28,7 @@ check_tool() { exit 1 fi } + # Now we call the function to make sure we can use openvpn, curl and jq. check_tool openvpn check_tool curl @@ -124,13 +125,22 @@ if [[ -z $OVPN_SERVER_IP || exit 1 fi +splitToken="dedicated_ip_$DIP_TOKEN" + # Create a credentials file with the login token echo -n "Trying to write /opt/piavpn-manual/pia.ovpn..." mkdir -p /opt/piavpn-manual rm -f /opt/piavpn-manual/credentials /opt/piavpn-manual/route_info -echo "${PIA_TOKEN:0:62} + +if [[ -z $DIP_TOKEN ]]; then + echo "${PIA_TOKEN:0:62} ${PIA_TOKEN:62}" > /opt/piavpn-manual/credentials || exit 1 -chmod 600 /opt/piavpn-manual/credentials + chmod 600 /opt/piavpn-manual/credentials +else + echo "${splitToken:0:62} +${splitToken:62}" > /opt/piavpn-manual/credentials || exit 1 + chmod 600 /opt/piavpn-manual/credentials +fi echo -e "${green}OK!${nc}" # Translate connection settings variable diff --git a/connect_to_wireguard_with_token.sh b/connect_to_wireguard_with_token.sh index 30aa3a2..65ffdb2 100755 --- a/connect_to_wireguard_with_token.sh +++ b/connect_to_wireguard_with_token.sh @@ -22,16 +22,18 @@ # This function allows you to check if the required tools have been installed. check_tool() { cmd=$1 + pkg=$2 if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" - echo "Please install $cmd" + echo "Please install $pkg" exit 1 fi } + # Now we call the function to make sure we can use wg-quick, curl and jq. -check_tool wg-quick -check_tool curl -check_tool jq +check_tool wg-quick wireguard-tools +check_tool curl curl +check_tool jq jq # Check if terminal allows output, if yes, define colors for output if [[ -t 1 ]]; then @@ -93,12 +95,21 @@ export pubKey # https://github.com/pia-foss/manual-connections/blob/master/ca.rsa.4096.crt # In case you want to troubleshoot the script, replace -s with -v. echo "Trying to connect to the PIA WireGuard API on $WG_SERVER_IP..." -wireguard_json="$(curl -s -G \ - --connect-to "$WG_HOSTNAME::$WG_SERVER_IP:" \ - --cacert "ca.rsa.4096.crt" \ - --data-urlencode "pt=${PIA_TOKEN}" \ - --data-urlencode "pubkey=$pubKey" \ - "https://${WG_HOSTNAME}:1337/addKey" )" +if [[ -z $DIP_TOKEN ]]; then + wireguard_json="$(curl -s -G \ + --connect-to "$WG_HOSTNAME::$WG_SERVER_IP:" \ + --cacert "ca.rsa.4096.crt" \ + --data-urlencode "pt=${PIA_TOKEN}" \ + --data-urlencode "pubkey=$pubKey" \ + "https://${WG_HOSTNAME}:1337/addKey" )" +else + wireguard_json="$(curl -s -G \ + --connect-to "$WG_HOSTNAME::$WG_SERVER_IP:" \ + --cacert "ca.rsa.4096.crt" \ + --user "dedicated_ip_$DIP_TOKEN:$WG_SERVER_IP" \ + --data-urlencode "pubkey=$pubKey" \ + "https://$WG_HOSTNAME:1337/addKey" )" +fi export wireguard_json # Check if the API returned OK and stop this script if it didn't. diff --git a/get_dip.sh b/get_dip.sh new file mode 100755 index 0000000..cb58932 --- /dev/null +++ b/get_dip.sh @@ -0,0 +1,110 @@ +#!/bin/bash +# Copyright (C) 2020 Private Internet Access, Inc. +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. + +# This function allows you to check if the required tools have been installed. +check_tool() { + cmd=$1 + if ! command -v $cmd &>/dev/null; then + echo "$cmd could not be found" + echo "Please install $cmd" + exit 1 + fi +} + +# Now we call the function to make sure we can use curl and jq. +check_tool curl +check_tool jq + +# Check if terminal allows output, if yes, define colors for output +if [[ -t 1 ]]; then + ncolors=$(tput colors) + if [[ -n $ncolors && $ncolors -ge 8 ]]; then + red=$(tput setaf 1) # ANSI red + green=$(tput setaf 2) # ANSI green + nc=$(tput sgr0) # No Color + else + red='' + green='' + nc='' # No Color + fi +fi + +# Only allow script to run as root +if (( EUID != 0 )); then + echo -e "${red}This script needs to be run as root. Try again with 'sudo $0'${nc}" + exit 1 +fi + +mkdir -p /opt/piavpn-manual + +if [[ -z $PIA_TOKEN ]]; then + echo "If you want this script to automatically retrieve dedicated IP location details" + echo "from the Meta service, please add the variables PIA_TOKEN and DIP_TOKEN. Example:" + echo "$ PIA_TOKEN DIP_TOKEN=DIP1a2b3c4d5e6f7g8h9i10j11k12l13 ./get_token.sh" + exit 1 +fi + +dipSavedLocation=/opt/piavpn-manual/dipAddress + +echo +echo -n "Checking DIP token..." + +generateDIPResponse=$(curl -s --location --request POST \ + 'https://www.privateinternetaccess.com/api/client/v2/dedicated_ip' \ + --header 'Content-Type: application/json' \ + --header "Authorization: Token $PIA_TOKEN" \ + --data-raw '{ + "tokens":["'"$DIP_TOKEN"'"] + }') + +if [ "$(echo "$generateDIPResponse" | jq -r '.[0].status')" != "active" ]; then + echo + echo + echo -e "${red}Could not validate the dedicated IP token provided!${nc}" + echo + exit +fi + +echo -e ${green}OK!${nc} +echo +dipAddress=$(echo "$generateDIPResponse" | jq -r '.[0].ip') +dipHostname=$(echo "$generateDIPResponse" | jq -r '.[0].cn') +keyHostname=$(echo "dedicated_ip_$DIP_TOKEN") +dipExpiration=$(echo "$generateDIPResponse" | jq -r '.[0].dip_expire') +dipExpiration=$(date -d @$dipExpiration) +dipID=$(echo "$generateDIPResponse" | jq -r '.[0].id') +echo -e The hostname of your dedicated IP is ${green}$dipHostname${nc} +echo +echo -e The dedicated IP address is ${green}$dipAddress${nc} +echo +echo This dedicated IP is valid until $dipExpiration. +echo +pfCapable="true" +if [[ $dipID == us_* ]]; then + pfCapable="false" + echo This location does not have port forwarding capability. + echo +fi +echo $dipAddress > /opt/piavpn-manual/dipAddress || exit 1 +echo $dipHostname >> /opt/piavpn-manual/dipAddress +echo $keyHostname >> /opt/piavpn-manual/dipAddress +echo $dipExpiration >> /opt/piavpn-manual/dipAddress +echo $pfCapable >> /opt/piavpn-manual/dipAddress diff --git a/get_region.sh b/get_region.sh index 4b75220..661bd27 100755 --- a/get_region.sh +++ b/get_region.sh @@ -28,6 +28,7 @@ check_tool() { exit 1 fi } + # Now we call the function to make sure we can use curl and jq. check_tool curl check_tool jq diff --git a/get_token.sh b/get_token.sh index 6285a26..bca23ce 100755 --- a/get_token.sh +++ b/get_token.sh @@ -28,6 +28,7 @@ check_tool() { exit 1 fi } + # Now we call the function to make sure we can use curl and jq. check_tool curl check_tool jq @@ -68,10 +69,12 @@ fi echo -n "Checking login credentials..." -generateTokenResponse=$(curl -s -u "$PIA_USER:$PIA_PASS" \ - "https://www.privateinternetaccess.com/gtoken/generateToken") +generateTokenResponse=$(curl -s --location --request POST \ + 'https://www.privateinternetaccess.com/api/client/v2/token' \ + --form "username=$PIA_USER" \ + --form "password=$PIA_PASS" ) -if [[ $(echo "$generateTokenResponse" | jq -r '.status') != "OK" ]]; then +if [ "$(echo "$generateTokenResponse" | jq -r '.token')" == "" ]; then echo echo echo -e "${red}Could not authenticate with the login credentials provided!${nc}" @@ -83,7 +86,7 @@ echo -e "${green}OK!" echo token=$(echo "$generateTokenResponse" | jq -r '.token') tokenExpiration=$(timeout_timestamp) -tokenLocation="/opt/piavpn-manual/token" +tokenLocation=/opt/piavpn-manual/token echo -e "PIA_TOKEN=$token${nc}" echo "$token" > "$tokenLocation" || exit 1 echo "$tokenExpiration" >> "$tokenLocation" diff --git a/port_forwarding.sh b/port_forwarding.sh index 58d239d..d5e1966 100755 --- a/port_forwarding.sh +++ b/port_forwarding.sh @@ -28,6 +28,7 @@ check_tool() { exit 1 fi } + # Now we call the function to make sure we can use curl and jq. check_tool curl check_tool jq diff --git a/run_setup.sh b/run_setup.sh index 44f1729..9afa5a2 100755 --- a/run_setup.sh +++ b/run_setup.sh @@ -117,6 +117,64 @@ while :; do fi done +# Check for dedicated IP +echo -n "Do you want to use a dedicated IP token ([N]o/[y]es): " +read useDIP +echo +pfOption="true" +if echo ${useDIP:0:1} | grep -iq y; then +useDIP="true" + while :; do + while :; do + # Check for in-line definition of $DIP_TOKEN + if [[ -z $DIP_TOKEN ]]; then + read -p "Dedicated token (DIP#############################): " DIP_TOKEN + fi + + # Confirm format of PIA_USER input + dipPrefix=$( echo ${DIP_TOKEN:0:3} ) + if [[ -z "$DIP_TOKEN" ]]; then + echo -e "\n${red}You must provide input.${nc}" + elif [[ ${#DIP_TOKEN} != 32 ]]; then + echo -e "\n${red}A dedicated IP token is always 32 characters long.${nc}" + elif [[ $dipPrefix != "DIP" ]]; then + echo -e "\n${red}A dedicated IP token must start with \"DIP\".${nc}" + else + break + fi + DIP_TOKEN="" + done + export DIP_TOKEN + + # Confirm DIP_TOKEN and retrieve connection details + ./get_dip.sh + + dipDetails="/opt/piavpn-manual/dipAddress" + # If the script failed to generate retrieve dedicated IP information, the script will exit early. + if [ ! -f "$dipDetails" ]; then + read -p "Do you want to try again ([N]o/[y]es): " tryAgain + if ! echo ${tryAgain:0:1} | grep -iq y; then + exit 1 + fi + DIP_TOKEN="" + else + dipAddress=$( awk 'NR == 1' /opt/piavpn-manual/dipAddress ) + dipHostname=$( awk 'NR == 2' /opt/piavpn-manual/dipAddress) + dipKey=$( awk 'NR == 3' /opt/piavpn-manual/dipAddress ) + pfOption=$( awk 'NR == 5' /opt/piavpn-manual/dipAddress ) + rm -f /opt/piavpn-manual/dipAddress + break + fi + done +fi + +# Erase previous connection details if present +rm -f /opt/piavpn-manual/token /opt/piavpn-manual/latencyList + +# Prompt for port forwarding if no DIP or DIP allows it +if [[ $pfOption = "false" ]]; then + PIA_PF="false" +fi # Check for in-line definition of PIA_PF and prompt for input if [[ -z $PIA_PF ]]; then echo -n "Do you want a forwarding port assigned ([N]o/[y]es): " @@ -158,163 +216,166 @@ ${green}Defaulting to yes.${nc} echo -e "${nc}" fi -# Input validation and check for conflicting declarations of AUTOCONNECT and PREFERRED_REGION -# If both variables are set, AUTOCONNECT has superiority and PREFERRED_REGION is ignored -if [[ -z $AUTOCONNECT ]]; then - echo "AUTOCONNECT was not declared." - echo - selectServer="ask" -elif echo "${AUTOCONNECT:0:1}" | grep -iq f; then - if [[ $AUTOCONNECT != "false" ]]; then - echo -e "The variable ${green}AUTOCONNECT=$AUTOCONNECT${nc}, starts with 'f' for 'false'." - AUTOCONNECT="false" - echo -e "Updated ${green}AUTOCONNECT=$AUTOCONNECT${nc}" +# Only prompt for server selection if no DIP has been specified +if [[ -z $DIP_TOKEN ]]; then + # Input validation and check for conflicting declarations of AUTOCONNECT and PREFERRED_REGION + # If both variables are set, AUTOCONNECT has superiority and PREFERRED_REGION is ignored + if [[ -z $AUTOCONNECT ]]; then + echo "AUTOCONNECT was not declared." echo - fi - selectServer="yes" -else - if [[ $AUTOCONNECT != "true" ]]; then - echo -e "The variable ${green}AUTOCONNECT=$AUTOCONNECT${nc}, does not start with 'f' for 'false'." - AUTOCONNECT="true" - echo -e "Updated ${green}AUTOCONNECT=$AUTOCONNECT${nc}" - echo - fi - if [[ -z $PREFERRED_REGION ]]; then - echo -e "${green}AUTOCONNECT=true${nc}" - echo - else - echo - echo "AUTOCONNECT supersedes in-line definitions of PREFERRED_REGION." - echo -e "${red}PREFERRED_REGION=$PREFERRED_REGION will be ignored.${nc} - " - PREFERRED_REGION="" - fi - selectServer="no" -fi - -# Prompt the user to specify a server or auto-connect to the lowest latency -while :; do - if [[ -z $PREFERRED_REGION ]]; then - # If autoconnect is not set, prompt the user to specify a server or auto-connect to the lowest latency - if [[ $selectServer == "ask" ]]; then - echo -n "Do you want to manually select a server, instead of auto-connecting to the -server with the lowest latency ([N]o/[y]es): " - read -r selectServer + selectServer="ask" + elif echo "${AUTOCONNECT:0:1}" | grep -iq f; then + if [[ $AUTOCONNECT != "false" ]]; then + echo -e "The variable ${green}AUTOCONNECT=$AUTOCONNECT${nc}, starts with 'f' for 'false'." + AUTOCONNECT="false" + echo -e "Updated ${green}AUTOCONNECT=$AUTOCONNECT${nc}" echo fi + selectServer="yes" + else + if [[ $AUTOCONNECT != "true" ]]; then + echo -e "The variable ${green}AUTOCONNECT=$AUTOCONNECT${nc}, does not start with 'f' for 'false'." + AUTOCONNECT="true" + echo -e "Updated ${green}AUTOCONNECT=$AUTOCONNECT${nc}" + echo + fi + if [[ -z $PREFERRED_REGION ]]; then + echo -e "${green}AUTOCONNECT=true${nc}" + echo + else + echo + echo "AUTOCONNECT supersedes in-line definitions of PREFERRED_REGION." + echo -e "${red}PREFERRED_REGION=$PREFERRED_REGION will be ignored.${nc} + " + PREFERRED_REGION="" + fi + selectServer="no" + fi - # Call the region script with input to create an ordered list based upon latency - # When $PREFERRED_REGION is set to none, get_region.sh will generate a list of servers - # that meet the latency requirements specified by $MAX_LATENCY. - # When $VPN_PROTOCOL is set to no, get_region.sh will sort that list of servers - # to allow for numeric selection, or an easy manual review of options. - if echo "${selectServer:0:1}" | grep -iq y; then - # This sets the maximum allowed latency in seconds. - # All servers that respond slower than this will be ignored. - if [[ -z $MAX_LATENCY ]]; then - echo -n "With no input, the maximum allowed latency will be set to 0.05s (50ms). -If your connection has high latency, you may need to increase this value. -For example, you can try 0.2 for 200ms allowed latency. -" - else - latencyInput=$MAX_LATENCY + # Prompt the user to specify a server or auto-connect to the lowest latency + while :; do + if [[ -z $PREFERRED_REGION ]]; then + # If autoconnect is not set, prompt the user to specify a server or auto-connect to the lowest latency + if [[ $selectServer == "ask" ]]; then + echo -n "Do you want to manually select a server, instead of auto-connecting to the + server with the lowest latency ([N]o/[y]es): " + read -r selectServer + echo fi - # Assure that input is numeric and properly formatted. - MAX_LATENCY=0.05 # default - while :; do - if [[ -z $latencyInput ]]; then - read -r -p "Custom latency (no input required for 50ms): " latencyInput - echo + # Call the region script with input to create an ordered list based upon latency + # When $PREFERRED_REGION is set to none, get_region.sh will generate a list of servers + # that meet the latency requirements specified by $MAX_LATENCY. + # When $VPN_PROTOCOL is set to no, get_region.sh will sort that list of servers + # to allow for numeric selection, or an easy manual review of options. + if echo "${selectServer:0:1}" | grep -iq y; then + # This sets the maximum allowed latency in seconds. + # All servers that respond slower than this will be ignored. + if [[ -z $MAX_LATENCY ]]; then + echo -n "With no input, the maximum allowed latency will be set to 0.05s (50ms). + If your connection has high latency, you may need to increase this value. + For example, you can try 0.2 for 200ms allowed latency. + " + else + latencyInput=$MAX_LATENCY fi - customLatency=0 - customLatency+=$latencyInput - if [[ -z $latencyInput ]]; then - break - elif [[ $latencyInput == 0 ]]; then - echo -e "${red}Latency input must not be zero.${nc}\n" - elif ! [[ $customLatency =~ $floatCheck ]]; then - echo -e "${red}Latency input must be numeric.${nc}\n" - elif [[ $latencyInput =~ $intCheck ]]; then - MAX_LATENCY=$latencyInput + # Assure that input is numeric and properly formatted. + MAX_LATENCY=0.05 # default + while :; do + if [[ -z $latencyInput ]]; then + read -r -p "Custom latency (no input required for 50ms): " latencyInput + echo + fi + customLatency=0 + customLatency+=$latencyInput + + if [[ -z $latencyInput ]]; then + break + elif [[ $latencyInput == 0 ]]; then + echo -e "${red}Latency input must not be zero.${nc}\n" + elif ! [[ $customLatency =~ $floatCheck ]]; then + echo -e "${red}Latency input must be numeric.${nc}\n" + elif [[ $latencyInput =~ $intCheck ]]; then + MAX_LATENCY=$latencyInput + break + else + MAX_LATENCY=$customLatency + break + fi + latencyInput="" + done + export MAX_LATENCY + echo -e "${green}MAX_LATENCY=$MAX_LATENCY${nc}" + + PREFERRED_REGION="none" + export PREFERRED_REGION + VPN_PROTOCOL="no" + export VPN_PROTOCOL + VPN_PROTOCOL=no ./get_region.sh + + if [[ -s /opt/piavpn-manual/latencyList ]]; then + # Output the ordered list of servers that meet the latency specification $MAX_LATENCY + echo -e "Ordered list of servers with latency less than ${green}$MAX_LATENCY${nc} seconds:" + i=0 + while read -r line; do + i=$((i+1)) + time=$( awk 'NR == '$i' {print $1}' /opt/piavpn-manual/latencyList ) + id=$( awk 'NR == '$i' {print $2}' /opt/piavpn-manual/latencyList ) + ip=$( awk 'NR == '$i' {print $3}' /opt/piavpn-manual/latencyList ) + location1=$( awk 'NR == '$i' {print $4}' /opt/piavpn-manual/latencyList ) + location2=$( awk 'NR == '$i' {print $5}' /opt/piavpn-manual/latencyList ) + location3=$( awk 'NR == '$i' {print $6}' /opt/piavpn-manual/latencyList ) + location4=$( awk 'NR == '$i' {print $7}' /opt/piavpn-manual/latencyList ) + location="$location1 $location2 $location3 $location4" + printf "%3s : %-8s %-15s %17s" $i "$time" "$ip" "$id" + echo " - $location" + done < /opt/piavpn-manual/latencyList + echo + + # Receive input to specify the server to connect to manually + while :; do + read -r -p "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection + if [[ -z $serverSelection ]]; then + echo -e "\n${red}You must provide input.${nc}\n" + elif ! [[ $serverSelection =~ $intCheck ]]; then + echo -e "\n${red}You must enter a number.${nc}\n" + elif [[ $serverSelection -lt 1 ]]; then + echo -e "\n${red}You must enter a number greater than 1.${nc}\n" + elif [[ $serverSelection -gt $i ]]; then + echo -e "\n${red}You must enter a number between 1 and $i.${nc}\n" + else + PREFERRED_REGION=$( awk 'NR == '"$serverSelection"' {print $2}' /opt/piavpn-manual/latencyList ) + echo + echo -e "${green}PREFERRED_REGION=$PREFERRED_REGION${nc}" + break + fi + done + + # Write the serverID for use when connecting, and display the serverName for user confirmation + export PREFERRED_REGION + echo break else - MAX_LATENCY=$customLatency - break + exit 1 fi - latencyInput="" - done - export MAX_LATENCY - echo -e "${green}MAX_LATENCY=$MAX_LATENCY${nc}" - - PREFERRED_REGION="none" - export PREFERRED_REGION - VPN_PROTOCOL="no" - export VPN_PROTOCOL - VPN_PROTOCOL=no ./get_region.sh - - if [[ -s /opt/piavpn-manual/latencyList ]]; then - # Output the ordered list of servers that meet the latency specification $MAX_LATENCY - echo -e "Ordered list of servers with latency less than ${green}$MAX_LATENCY${nc} seconds:" - i=0 - while read -r line; do - i=$((i+1)) - time=$( awk 'NR == '$i' {print $1}' /opt/piavpn-manual/latencyList ) - id=$( awk 'NR == '$i' {print $2}' /opt/piavpn-manual/latencyList ) - ip=$( awk 'NR == '$i' {print $3}' /opt/piavpn-manual/latencyList ) - location1=$( awk 'NR == '$i' {print $4}' /opt/piavpn-manual/latencyList ) - location2=$( awk 'NR == '$i' {print $5}' /opt/piavpn-manual/latencyList ) - location3=$( awk 'NR == '$i' {print $6}' /opt/piavpn-manual/latencyList ) - location4=$( awk 'NR == '$i' {print $7}' /opt/piavpn-manual/latencyList ) - location="$location1 $location2 $location3 $location4" - printf "%3s : %-8s %-15s %17s" $i "$time" "$ip" "$id" - echo " - $location" - done < /opt/piavpn-manual/latencyList - echo - - # Receive input to specify the server to connect to manually - while :; do - read -r -p "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection - if [[ -z $serverSelection ]]; then - echo -e "\n${red}You must provide input.${nc}\n" - elif ! [[ $serverSelection =~ $intCheck ]]; then - echo -e "\n${red}You must enter a number.${nc}\n" - elif [[ $serverSelection -lt 1 ]]; then - echo -e "\n${red}You must enter a number greater than 1.${nc}\n" - elif [[ $serverSelection -gt $i ]]; then - echo -e "\n${red}You must enter a number between 1 and $i.${nc}\n" - else - PREFERRED_REGION=$( awk 'NR == '"$serverSelection"' {print $2}' /opt/piavpn-manual/latencyList ) - echo - echo -e "${green}PREFERRED_REGION=$PREFERRED_REGION${nc}" - break - fi - done - - # Write the serverID for use when connecting, and display the serverName for user confirmation - export PREFERRED_REGION + else + echo -e "${green}You will auto-connect to the server with the lowest latency.${nc}" echo break - else - exit 1 fi else - echo -e "${green}You will auto-connect to the server with the lowest latency.${nc}" - echo - break + # Validate in-line declaration of PREFERRED_REGION; if invalid remove input to initiate prompts + echo "Region input is : $PREFERRED_REGION" + export PREFERRED_REGION + VPN_PROTOCOL=no ./get_region.sh + if [[ $? != 1 ]]; then + break + fi + PREFERRED_REGION="" fi - else - # Validate in-line declaration of PREFERRED_REGION; if invalid remove input to initiate prompts - echo "Region input is : $PREFERRED_REGION" - export PREFERRED_REGION - VPN_PROTOCOL=no ./get_region.sh - if [[ $? != 1 ]]; then - break - fi - PREFERRED_REGION="" - fi -done + done +fi if [[ -z $VPN_PROTOCOL ]]; then VPN_PROTOCOL="none" @@ -391,4 +452,39 @@ echo -e "${green}PIA_DNS=$PIA_DNS${nc}" CONNECTION_READY="true" export CONNECTION_READY -./get_region.sh +if [[ -z $DIP_TOKEN ]]; then + ./get_region.sh +elif [[ $VPN_PROTOCOL == wireguard ]]; then + echo + echo -e "You will be connecting with ${green}WG_SERVER_IP=$dipAddress${nc} using" + echo -e "${green}VPN_PROTOCOL=wireguard${nc}, so we will automatically connect to WireGuard," + echo "by running this command:" + echo -e "$ ${green}PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN" \\ + echo "DIP_TOKEN=$DIP_TOKEN" \\ + echo "WG_SERVER_IP=$dipAddress WG_HOSTNAME=$dipHostname" \\ + echo -e "./connect_to_wireguard_with_token.sh${nc}" + echo + PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN DIP_TOKEN=$DIP_TOKEN \ + WG_SERVER_IP=$dipAddress WG_HOSTNAME=$dipHostname \ + ./connect_to_wireguard_with_token.sh + rm -f /opt/piavpn-manual/latencyList + exit 0 +elif [[ $VPN_PROTOCOL == openvpn* ]]; then + echo + echo "The dedicated IP connection will be started with" + echo -e "${green}VPN_PROTOCOL=$VPN_PROTOCOL${nc}, so we will automatically" + echo "connect to OpenVPN, by running this command:" + echo -e "$ ${green}PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN" \\ + echo "DIP_TOKEN=$DIP_TOKEN OVPN_SERVER_IP=$dipAddress" \\ + echo "OVPN_HOSTNAME=$dipHostname" \\ + echo "CONNECTION_SETTINGS=$VPN_PROTOCOL" \\ + echo -e "./connect_to_openvpn_with_token.sh${nc}" + echo + PIA_PF=$PIA_PF PIA_TOKEN=$PIA_TOKEN \ + DIP_TOKEN=$DIP_TOKEN OVPN_SERVER_IP=$dipAddress \ + OVPN_HOSTNAME=$dipHostname \ + CONNECTION_SETTINGS=$VPN_PROTOCOL \ + ./connect_to_openvpn_with_token.sh + rm -f /opt/piavpn-manual/latencyList + exit 0 +fi