Add: Option to only generate WG config file (#171)

See #171.

README.md

@@ -94,6 +94,8 @@ Here is a list of scripts you could find useful:
    * `DIP_TOKEN` - your PIA dedicated IP token (can be purchased in the client control panel)
    * `PIA_DNS` - true/false
    * `PIA_PF` - true/false
+   * `PIA_CONNECT` - true/false; connect to VPN after configuration has been created. Set to false to only create configuration file. Only effective for wireguard protocol. Default true.
+   * `PIA_CONF_PATH` - path of wireguard config file to be written. Used when only creating config file for wireguard.
    * `MAX_LATENCY` - numeric value, in seconds
    * `AUTOCONNECT` - true/false; this will test for and select the server with the lowest latency, it will override PREFERRED_REGION
    * `PREFERRED_REGION` - the region ID for a PIA server
@@ -102,7 +104,7 @@ Here is a list of scripts you could find useful:
  * [Get region details](get_region.sh): This script will provide server details, validate `PREFERRED_REGION` input, and can determine the lowest latency location. The script can also trigger VPN connections, if you specify `VPN_PROTOCOL=wireguard` or `VPN_PROTOCOL=openvpn`; doing so requires a token. This script can reference `get_token.sh` with use of `PIA_USER` and `PIA_PASS`. If called without specifying `PREFERRED_REGION` this script writes a list of servers within lower than `MAX_LATENCY` to a `/opt/piavpn-manual/latencyList` for reference.
  * [Get a token](get_token.sh): This script allows you to get an authentication token with a valid 'PIA_USER' and 'PIA_PASS'. It will write the token and its expiration date to `/opt/piavpn-manual/token` for reference.
  * [Get DIP details](get_dip.sh): This script will provide necessary connection details to use a dedicated IP.
- * [Connect to WireGuard](connect_to_wireguard_with_token.sh): This script allows you to connect to the VPN server via WireGuard.
+ * [Connect to WireGuard](connect_to_wireguard_with_token.sh): This script allows you to connect to the VPN server via WireGuard, or create a WireGuard config file by setting environment variable `PIA_CONNECT=false`.
  * [Connect to OpenVPN](connect_to_openvpn_with_token.sh): This script allows you to connect to the VPN server via OpenVPN.
  * [Enable Port Forwarding](port_forwarding.sh): Enables you to add Port Forwarding to an existing VPN connection. Adding the environment variable `PIA_PF=true` to any of the previous scripts will also trigger this script.
 

connect_to_wireguard_with_token.sh

@@ -49,6 +49,11 @@ if [[ -t 1 ]]; then
   fi
 fi
 
+: "${PIA_CONNECT=true}"
+
+DEFAULT_PIA_CONF_PATH=/etc/wireguard/pia.conf
+: "${PIA_CONF_PATH:=$DEFAULT_PIA_CONF_PATH}"
+
 # PIA currently does not support IPv6. In order to be sure your VPN
 # connection does not leak, it is best to disabled IPv6 altogether.
 # IPv6 can also be disabled via kernel commandline param, so we must
@@ -118,13 +123,17 @@ if [[ $(echo "$wireguard_json" | jq -r '.status') != "OK" ]]; then
   exit 1
 fi
 
-# Multi-hop is out of the scope of this repo, but you should be able to
-# get multi-hop running with both WireGuard and OpenVPN by playing with
-# these scripts. Feel free to fork the project and test it out.
-echo
-echo "Trying to disable a PIA WG connection in case it exists..."
-wg-quick down pia && echo -e "${green}\nPIA WG connection disabled!${nc}"
-echo
+if [[ $PIA_CONNECT == "true" ]]; then
+  # Ensure config file path is set to default used for WG connection
+  PIA_CONF_PATH=$DEFAULT_PIA_CONF_PATH
+  # Multi-hop is out of the scope of this repo, but you should be able to
+  # get multi-hop running with both WireGuard and OpenVPN by playing with
+  # these scripts. Feel free to fork the project and test it out.
+  echo
+  echo "Trying to disable a PIA WG connection in case it exists..."
+  wg-quick down pia && echo -e "${green}\nPIA WG connection disabled!${nc}"
+  echo
+fi
 
 # Create the WireGuard config based on the JSON received from the API
 # In case you want this section to also add the DNS setting, please
@@ -140,8 +149,8 @@ if [[ $PIA_DNS == "true" ]]; then
   echo
   dnsSettingForVPN="DNS = $dnsServer"
 fi
-echo -n "Trying to write /etc/wireguard/pia.conf..."
-mkdir -p /etc/wireguard
+echo -n "Trying to write ${PIA_CONF_PATH}..."
+mkdir -p "$(dirname "$PIA_CONF_PATH")"
 echo "
 [Interface]
 Address = $(echo "$wireguard_json" | jq -r '.peer_ip')
@@ -152,56 +161,59 @@ PersistentKeepalive = 25
 PublicKey = $(echo "$wireguard_json" | jq -r '.server_key')
 AllowedIPs = 0.0.0.0/0
 Endpoint = ${WG_SERVER_IP}:$(echo "$wireguard_json" | jq -r '.server_port')
-" > /etc/wireguard/pia.conf || exit 1
+" > ${PIA_CONF_PATH} || exit 1
 echo -e "${green}OK!${nc}"
 
-# Start the WireGuard interface.
-# If something failed, stop this script.
-# If you get DNS errors because you miss some packages,
-# just hardcode /etc/resolv.conf to "nameserver 10.0.0.242".
-echo
-echo "Trying to create the wireguard interface..."
-wg-quick up pia || exit 1
-echo
-echo -e "${green}The WireGuard interface got created.${nc}
 
-At this point, internet should work via VPN.
-
-To disconnect the VPN, run:
-
---> ${green}wg-quick down pia${nc} <--
-"
-
-# This section will stop the script if PIA_PF is not set to "true".
-if [[ $PIA_PF != "true" ]]; then
-  echo "If you want to also enable port forwarding, you can start the script:"
-  echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN" \
-    "PF_GATEWAY=$WG_SERVER_IP" \
-    "PF_HOSTNAME=$WG_HOSTNAME" \
-    "./port_forwarding.sh${nc}"
+if [[ $PIA_CONNECT == "true" ]]; then
+  # Start the WireGuard interface.
+  # If something failed, stop this script.
+  # If you get DNS errors because you miss some packages,
+  # just hardcode /etc/resolv.conf to "nameserver 10.0.0.242".
   echo
-  echo "The location used must be port forwarding enabled, or this will fail."
-  echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list."
-  exit 1
+  echo "Trying to create the wireguard interface..."
+  wg-quick up pia || exit 1
+  echo
+  echo -e "${green}The WireGuard interface got created.${nc}
+
+  At this point, internet should work via VPN.
+
+  To disconnect the VPN, run:
+
+  --> ${green}wg-quick down pia${nc} <--
+  "
+
+  # This section will stop the script if PIA_PF is not set to "true".
+  if [[ $PIA_PF != "true" ]]; then
+    echo "If you want to also enable port forwarding, you can start the script:"
+    echo -e "$ ${green}PIA_TOKEN=$PIA_TOKEN" \
+      "PF_GATEWAY=$WG_SERVER_IP" \
+      "PF_HOSTNAME=$WG_HOSTNAME" \
+      "./port_forwarding.sh${nc}"
+    echo
+    echo "The location used must be port forwarding enabled, or this will fail."
+    echo "Calling the ./get_region script with PIA_PF=true will provide a filtered list."
+    exit 1
+  fi
+
+  echo -ne "This script got started with ${green}PIA_PF=true${nc}.
+
+  Starting port forwarding in "
+  for i in {5..1}; do
+    echo -n "$i..."
+    sleep 1
+  done
+  echo
+  echo
+
+  echo -e "Starting procedure to enable port forwarding by running the following command:
+  $ ${green}PIA_TOKEN=$PIA_TOKEN \\
+    PF_GATEWAY=$WG_SERVER_IP \\
+    PF_HOSTNAME=$WG_HOSTNAME \\
+    ./port_forwarding.sh${nc}"
+
+  PIA_TOKEN=$PIA_TOKEN \
+    PF_GATEWAY=$WG_SERVER_IP \
+    PF_HOSTNAME=$WG_HOSTNAME \
+    ./port_forwarding.sh
 fi
-
-echo -ne "This script got started with ${green}PIA_PF=true${nc}.
-
-Starting port forwarding in "
-for i in {5..1}; do
-  echo -n "$i..."
-  sleep 1
-done
-echo
-echo
-
-echo -e "Starting procedure to enable port forwarding by running the following command:
-$ ${green}PIA_TOKEN=$PIA_TOKEN \\
-  PF_GATEWAY=$WG_SERVER_IP \\
-  PF_HOSTNAME=$WG_HOSTNAME \\
-  ./port_forwarding.sh${nc}"
-
-PIA_TOKEN=$PIA_TOKEN \
-  PF_GATEWAY=$WG_SERVER_IP \
-  PF_HOSTNAME=$WG_HOSTNAME \
-  ./port_forwarding.sh