ishan/manual-connections
1
0
Fork 0
mirror of https://github.com/pia-foss/manual-connections.git synced 2025-02-05 14:08:29 +00:00
Code Issues Projects Releases Wiki Activity

Add: Option to only generate WG config file (#171)

Browse Source 
See #171.
This commit is contained in:
RoboMagus 2023-02-06 12:45:34 +01:00 committed by GitHub
parent e37693326d
commit e956c57849
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 72 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -94,6 +94,8 @@ Here is a list of scripts you could find useful:
* `DIP_TOKEN` - your PIA dedicated IP token (can be purchased in the client control panel) * `DIP_TOKEN` - your PIA dedicated IP token (can be purchased in the client control panel)
* `PIA_DNS` - true/false * `PIA_DNS` - true/false
* `PIA_PF` - true/false * `PIA_PF` - true/false
* `PIA_CONNECT` - true/false; connect to VPN after configuration has been created. Set to false to only create configuration file. Only effective for wireguard protocol. Default true.
* `PIA_CONF_PATH` - path of wireguard config file to be written. Used when only creating config file for wireguard.
* `MAX_LATENCY` - numeric value, in seconds * `MAX_LATENCY` - numeric value, in seconds
* `AUTOCONNECT` - true/false; this will test for and select the server with the lowest latency, it will override PREFERRED_REGION * `AUTOCONNECT` - true/false; this will test for and select the server with the lowest latency, it will override PREFERRED_REGION
* `PREFERRED_REGION` - the region ID for a PIA server * `PREFERRED_REGION` - the region ID for a PIA server
@ -102,7 +104,7 @@ Here is a list of scripts you could find useful:
* [Get region details](get_region.sh): This script will provide server details, validate `PREFERRED_REGION` input, and can determine the lowest latency location. The script can also trigger VPN connections, if you specify `VPN_PROTOCOL=wireguard` or `VPN_PROTOCOL=openvpn`; doing so requires a token. This script can reference `get_token.sh` with use of `PIA_USER` and `PIA_PASS`. If called without specifying `PREFERRED_REGION` this script writes a list of servers within lower than `MAX_LATENCY` to a `/opt/piavpn-manual/latencyList` for reference. * [Get region details](get_region.sh): This script will provide server details, validate `PREFERRED_REGION` input, and can determine the lowest latency location. The script can also trigger VPN connections, if you specify `VPN_PROTOCOL=wireguard` or `VPN_PROTOCOL=openvpn`; doing so requires a token. This script can reference `get_token.sh` with use of `PIA_USER` and `PIA_PASS`. If called without specifying `PREFERRED_REGION` this script writes a list of servers within lower than `MAX_LATENCY` to a `/opt/piavpn-manual/latencyList` for reference.
* [Get a token](get_token.sh): This script allows you to get an authentication token with a valid 'PIA_USER' and 'PIA_PASS'. It will write the token and its expiration date to `/opt/piavpn-manual/token` for reference. * [Get a token](get_token.sh): This script allows you to get an authentication token with a valid 'PIA_USER' and 'PIA_PASS'. It will write the token and its expiration date to `/opt/piavpn-manual/token` for reference.
* [Get DIP details](get_dip.sh): This script will provide necessary connection details to use a dedicated IP. * [Get DIP details](get_dip.sh): This script will provide necessary connection details to use a dedicated IP.
* [Connect to WireGuard](connect_to_wireguard_with_token.sh): This script allows you to connect to the VPN server via WireGuard. * [Connect to WireGuard](connect_to_wireguard_with_token.sh): This script allows you to connect to the VPN server via WireGuard, or create a WireGuard config file by setting environment variable `PIA_CONNECT=false`.
* [Connect to OpenVPN](connect_to_openvpn_with_token.sh): This script allows you to connect to the VPN server via OpenVPN. * [Connect to OpenVPN](connect_to_openvpn_with_token.sh): This script allows you to connect to the VPN server via OpenVPN.
* [Enable Port Forwarding](port_forwarding.sh): Enables you to add Port Forwarding to an existing VPN connection. Adding the environment variable `PIA_PF=true` to any of the previous scripts will also trigger this script. * [Enable Port Forwarding](port_forwarding.sh): Enables you to add Port Forwarding to an existing VPN connection. Adding the environment variable `PIA_PF=true` to any of the previous scripts will also trigger this script.

18
connect_to_wireguard_with_token.sh
View File

@ -49,6 +49,11 @@ if [[ -t 1 ]]; then
fi fi
fi fi
: "${PIA_CONNECT=true}"
DEFAULT_PIA_CONF_PATH=/etc/wireguard/pia.conf
: "${PIA_CONF_PATH:=$DEFAULT_PIA_CONF_PATH}"
# PIA currently does not support IPv6. In order to be sure your VPN # PIA currently does not support IPv6. In order to be sure your VPN
# connection does not leak, it is best to disabled IPv6 altogether. # connection does not leak, it is best to disabled IPv6 altogether.
# IPv6 can also be disabled via kernel commandline param, so we must # IPv6 can also be disabled via kernel commandline param, so we must
@ -118,6 +123,9 @@ if [[ $(echo "$wireguard_json" | jq -r '.status') != "OK" ]]; then
exit 1 exit 1
fi fi
if [[ $PIA_CONNECT == "true" ]]; then
# Ensure config file path is set to default used for WG connection
PIA_CONF_PATH=$DEFAULT_PIA_CONF_PATH
# Multi-hop is out of the scope of this repo, but you should be able to # Multi-hop is out of the scope of this repo, but you should be able to
# get multi-hop running with both WireGuard and OpenVPN by playing with # get multi-hop running with both WireGuard and OpenVPN by playing with
# these scripts. Feel free to fork the project and test it out. # these scripts. Feel free to fork the project and test it out.
@ -125,6 +133,7 @@ echo
echo "Trying to disable a PIA WG connection in case it exists..." echo "Trying to disable a PIA WG connection in case it exists..."
wg-quick down pia && echo -e "${green}\nPIA WG connection disabled!${nc}" wg-quick down pia && echo -e "${green}\nPIA WG connection disabled!${nc}"
echo echo
fi
# Create the WireGuard config based on the JSON received from the API # Create the WireGuard config based on the JSON received from the API
# In case you want this section to also add the DNS setting, please # In case you want this section to also add the DNS setting, please
@ -140,8 +149,8 @@ if [[ $PIA_DNS == "true" ]]; then
echo echo
dnsSettingForVPN="DNS = $dnsServer" dnsSettingForVPN="DNS = $dnsServer"
fi fi
echo -n "Trying to write /etc/wireguard/pia.conf..." echo -n "Trying to write ${PIA_CONF_PATH}..."
mkdir -p /etc/wireguard mkdir -p "$(dirname "$PIA_CONF_PATH")"
echo " echo "
[Interface] [Interface]
Address = $(echo "$wireguard_json" | jq -r '.peer_ip') Address = $(echo "$wireguard_json" | jq -r '.peer_ip')
@ -152,9 +161,11 @@ PersistentKeepalive = 25
PublicKey = $(echo "$wireguard_json" | jq -r '.server_key') PublicKey = $(echo "$wireguard_json" | jq -r '.server_key')
AllowedIPs = 0.0.0.0/0 AllowedIPs = 0.0.0.0/0
Endpoint = ${WG_SERVER_IP}:$(echo "$wireguard_json" | jq -r '.server_port') Endpoint = ${WG_SERVER_IP}:$(echo "$wireguard_json" | jq -r '.server_port')
" > /etc/wireguard/pia.conf || exit 1 " > ${PIA_CONF_PATH} || exit 1
echo -e "${green}OK!${nc}" echo -e "${green}OK!${nc}"
if [[ $PIA_CONNECT == "true" ]]; then
# Start the WireGuard interface. # Start the WireGuard interface.
# If something failed, stop this script. # If something failed, stop this script.
# If you get DNS errors because you miss some packages, # If you get DNS errors because you miss some packages,
@ -205,3 +216,4 @@ PIA_TOKEN=$PIA_TOKEN \
PF_GATEWAY=$WG_SERVER_IP \ PF_GATEWAY=$WG_SERVER_IP \
PF_HOSTNAME=$WG_HOSTNAME \ PF_HOSTNAME=$WG_HOSTNAME \
./port_forwarding.sh ./port_forwarding.sh
fi