diff --git a/connect_to_openvpn_with_token.sh b/connect_to_openvpn_with_token.sh index 74b65f7..a46fd39 100755 --- a/connect_to_openvpn_with_token.sh +++ b/connect_to_openvpn_with_token.sh @@ -20,24 +20,23 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 fi } -# Now we call the function to make sure we can use wg-quick, curl and jq. +# Now we call the function to make sure we can use openvpn, curl and jq. +check_tool openvpn check_tool curl check_tool jq -check_tool openvpn # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -51,16 +50,16 @@ fi # Check if manual PIA OpenVPN connection is already initialized. # Multi-hop is out of the scope of this repo, but you should be able to # get multi-hop running with both OpenVPN and WireGuard. -adapter_check="$( ip a s tun06 2>&1 )" +adapter_check=$( ip a s tun06 2>&1 ) should_read="Device \"tun06\" does not exist" pid_filepath="/opt/piavpn-manual/pia_pid" -if [[ "$adapter_check" != *"$should_read"* ]]; then +if [[ $adapter_check != *"$should_read"* ]]; then echo -e ${RED}The tun06 adapter already exists, that interface is required echo -e for this configuration.${NC} - if [ -f "$pid_filepath" ]; then - old_pid="$( cat "$pid_filepath" )" - old_pid_name="$( ps -p "$old_pid" -o comm= )" - if [[ $old_pid_name == 'openvpn' ]]; then + if [[ -f $pid_filepath ]]; then + old_pid=$( cat "$pid_filepath" ) + old_pid_name=$( ps -p "$old_pid" -o comm= ) + if [[ $old_pid_name == "openvpn" ]]; then echo echo -e It seems likely that process ${RED}"$old_pid"${NC} is an OpenVPN connection echo that was established by using this script. Unless it is closed @@ -68,7 +67,7 @@ if [[ "$adapter_check" != *"$should_read"* ]]; then echo -ne "Do you want to run ${RED}$ kill $old_pid${NC} (Y/n): " read -r close_connection fi - if echo "${close_connection:0:1}" | grep -iq n ; then + if echo "${close_connection:0:1}" | grep -iq n; then echo -e ${RED}Closing script. Resolve tun06 adapter conflict and run the script again. exit 1 fi @@ -98,11 +97,11 @@ then echo -e 'sysctl -w net.ipv6.conf.default.disable_ipv6=1'${NC} fi -# Check if the mandatory environment variables are set. -if [[ ! $OVPN_SERVER_IP || - ! $OVPN_HOSTNAME || - ! $PIA_TOKEN || - ! $CONNECTION_SETTINGS ]]; then +# Check if the mandatory environment variables are set. +if [[ -z $OVPN_SERVER_IP || + -z $OVPN_HOSTNAME || + -z $PIA_TOKEN || + -z $CONNECTION_SETTINGS ]]; then echo -e ${RED}'This script requires 4 env vars:' echo 'PIA_TOKEN - the token used for authentication' echo 'OVPN_SERVER_IP - IP that you want to connect to' @@ -121,7 +120,7 @@ if [[ ! $OVPN_SERVER_IP || echo An easy solution is to just run get_region_and_token.sh echo as it will guide you through getting the best server and echo also a token. Detailed information can be found here: - echo -e https://github.com/pia-foss/manual-connections ${NC} + echo -e https://github.com/pia-foss/manual-connections${NC} exit 1 fi @@ -138,8 +137,8 @@ echo -e "${GREEN}OK!${NC}" IFS='_' read -ra connection_settings <<< "$CONNECTION_SETTINGS" IFS=' ' -protocol="${connection_settings[1]}" -encryption="${connection_settings[2]}" +protocol=${connection_settings[1]} +encryption=${connection_settings[2]} prefix_filepath="openvpn_config/standard.ovpn" if [[ $encryption == "strong" ]]; then @@ -161,12 +160,12 @@ else fi # Create the OpenVPN config based on the settings specified -cat $prefix_filepath > /opt/piavpn-manual/pia.ovpn || exit 1 -echo remote "$OVPN_SERVER_IP" $port "$protocol" >> /opt/piavpn-manual/pia.ovpn +cat "$prefix_filepath" > /opt/piavpn-manual/pia.ovpn || exit 1 +echo "remote $OVPN_SERVER_IP $port $protocol" >> /opt/piavpn-manual/pia.ovpn # Copy the up/down scripts to /opt/piavpn-manual/ # based upon use of PIA DNS -if [ "$PIA_DNS" != true ]; then +if [[ $PIA_DNS != "true" ]]; then cp openvpn_config/openvpn_up.sh /opt/piavpn-manual/ cp openvpn_config/openvpn_down.sh /opt/piavpn-manual/ echo -e ${RED}This configuration will not use PIA DNS.${NC} @@ -201,8 +200,7 @@ Confirming OpenVPN connection state..." # Manually adjust the connection_wait_time if needed connection_wait_time=10 confirmation="Initialization Sequence Complete" -for (( timeout=0; timeout <= connection_wait_time; timeout++ )) -do +for (( timeout=0; timeout <= connection_wait_time; timeout++ )); do sleep 1 if grep -q "$confirmation" /opt/piavpn-manual/debug_info; then connected=true @@ -210,11 +208,11 @@ do fi done -ovpn_pid="$( cat /opt/piavpn-manual/pia_pid )" -gateway_ip="$( cat /opt/piavpn-manual/route_info )" +ovpn_pid=$( cat /opt/piavpn-manual/pia_pid ) +gateway_ip=$( cat /opt/piavpn-manual/route_info ) # Report and exit if connection was not initialized within 10 seconds. -if [ "$connected" != true ]; then +if [[ $connected != "true" ]]; then echo -e "${RED}The VPN connection was not established within 10 seconds.${NC}" kill "$ovpn_pid" exit 1 @@ -234,7 +232,7 @@ To disconnect the VPN, run: " # This section will stop the script if PIA_PF is not set to "true". -if [ "$PIA_PF" != true ]; then +if [[ $PIA_PF != "true" ]]; then echo If you want to also enable port forwarding, you can start the script: echo -e $ ${GREEN}PIA_TOKEN="$PIA_TOKEN" \ PF_GATEWAY="$gateway_ip" \ diff --git a/connect_to_wireguard_with_token.sh b/connect_to_wireguard_with_token.sh index 98e6c95..fd5bfbb 100755 --- a/connect_to_wireguard_with_token.sh +++ b/connect_to_wireguard_with_token.sh @@ -20,10 +20,9 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 @@ -35,9 +34,9 @@ check_tool curl check_tool jq # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -62,7 +61,9 @@ then fi # Check if the mandatory environment variables are set. -if [[ ! $WG_SERVER_IP || ! $WG_HOSTNAME || ! $PIA_TOKEN ]]; then +if [[ -z $WG_SERVER_IP || + -z $WG_HOSTNAME || + -z $PIA_TOKEN ]]; then echo -e ${RED}This script requires 3 env vars: echo WG_SERVER_IP - IP that you want to connect to echo WG_HOSTNAME - name of the server, required for ssl @@ -80,9 +81,9 @@ if [[ ! $WG_SERVER_IP || ! $WG_HOSTNAME || ! $PIA_TOKEN ]]; then fi # Create ephemeral wireguard keys, that we don't need to save to disk. -privKey="$(wg genkey)" +privKey=$(wg genkey) export privKey -pubKey="$( echo "$privKey" | wg pubkey)" +pubKey=$( echo "$privKey" | wg pubkey) export pubKey # Authenticate via the PIA WireGuard RESTful API. @@ -101,7 +102,7 @@ wireguard_json="$(curl -s -G \ export wireguard_json # Check if the API returned OK and stop this script if it didn't. -if [ "$(echo "$wireguard_json" | jq -r '.status')" != "OK" ]; then +if [[ $(echo "$wireguard_json" | jq -r '.status') != "OK" ]]; then >&2 echo -e "${RED}Server did not return OK. Stopping now.${NC}" exit 1 fi @@ -120,8 +121,8 @@ echo # This uses a PersistentKeepalive of 25 seconds to keep the NAT active # on firewalls. You can remove that line if your network does not # require it. -if [ "$PIA_DNS" == true ]; then - dnsServer="$(echo "$wireguard_json" | jq -r '.dns_servers[0]')" +if [[ $PIA_DNS == "true" ]]; then + dnsServer=$(echo "$wireguard_json" | jq -r '.dns_servers[0]') echo "Trying to set up DNS to $dnsServer. In case you do not have resolvconf," echo "this operation will fail and you will not get a VPN. If you have issues," echo "start this script without PIA_DNS." @@ -161,7 +162,7 @@ To disconnect the VPN, run: " # This section will stop the script if PIA_PF is not set to "true". -if [ "$PIA_PF" != true ]; then +if [[ $PIA_PF != "true" ]]; then echo If you want to also enable port forwarding, you can start the script: echo -e $ ${GREEN}PIA_TOKEN="$PIA_TOKEN" \ PF_GATEWAY="$WG_SERVER_IP" \ diff --git a/get_region.sh b/get_region.sh index b9c46bf..2497126 100755 --- a/get_region.sh +++ b/get_region.sh @@ -20,10 +20,9 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 @@ -34,7 +33,7 @@ check_tool curl check_tool jq # If the server list has less than 1000 characters, it means curl failed. -function check_all_region_data() { +check_all_region_data() { echo echo -n "Getting the server list..." @@ -44,7 +43,7 @@ function check_all_region_data() { echo -e "If it works, you will get a huge JSON as a response.${NC}" exit 1 fi - + # Notify the user that we got the server list. echo -e "${GREEN}OK!${NC} " @@ -52,11 +51,11 @@ function check_all_region_data() { # Get all data for the selected region # Exit with code 1 if the REGION_ID provided is invalid -function get_selected_region_data() { +get_selected_region_data() { regionData="$( echo "$all_region_data" | jq --arg REGION_ID "$selectedRegion" -r \ '.regions[] | select(.id==$REGION_ID)')" - if [[ ! $regionData ]]; then + if [[ -z $regionData ]]; then echo -e "${RED}The REGION_ID $selectedRegion is not valid.${NC} " exit 1 @@ -64,9 +63,9 @@ function get_selected_region_data() { } # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -101,16 +100,16 @@ serverlist_url='https://serverlist.piaservers.net/vpninfo/servers/v6' # It will print a human-readable message to stderr, # and it will print the variables to stdout printServerLatency() { - serverIP="$1" - regionID="$2" + serverIP=$1 + regionID=$2 regionName="$(echo "${@:3}" | sed 's/ false//' | sed 's/true/(geo)/')" time=$(LC_NUMERIC=en_US.utf8 curl -o /dev/null -s \ --connect-timeout "$MAX_LATENCY" \ --write-out "%{time_connect}" \ - http://"$serverIP":443) - if [ $? -eq 0 ]; then - >&2 echo Got latency "${time}"s for region: "$regionName" + "http://$serverIP:443") + if [[ $? -eq 0 ]]; then + >&2 echo "Got latency ${time}s for region: $regionName" echo "$time $regionID $serverIP" # Write a list of servers with acceptable latency # to /opt/piavpn-manual/latencyList @@ -122,10 +121,10 @@ printServerLatency() { export -f printServerLatency # If a server location or autoconnect isn't specified, set the variable to false/no. -if [[ -z "$PREFERRED_REGION" ]]; then +if [[ -z $PREFERRED_REGION ]]; then PREFERRED_REGION=none fi -if [[ -z "$VPN_PROTOCOL" ]]; then +if [[ -z $VPN_PROTOCOL ]]; then VPN_PROTOCOL=no fi @@ -141,7 +140,7 @@ if [[ $selectedRegion == "none" ]]; then check_all_region_data # Making sure this variable doesn't contain some strange string - if [ "$PIA_PF" != true ]; then + if [[ $PIA_PF != "true" ]]; then PIA_PF="false" fi @@ -165,8 +164,8 @@ if [[ $selectedRegion == "none" ]]; then sort | head -1 | awk '{ print $2 }')" echo - if [ -z "$selectedRegion" ]; then - echo -e ${RED}No region responded within "${MAX_LATENCY}"s, consider using a higher timeout. + if [[ -z $selectedRegion ]]; then + echo -e "${RED}No region responded within ${MAX_LATENCY}s, consider using a higher timeout." echo For example, to wait 1 second for each region, inject MAX_LATENCY=1 like this: echo -e $ MAX_LATENCY=1 ./get_region.sh${NC} exit 1 @@ -182,14 +181,14 @@ fi get_selected_region_data -bestServer_meta_IP="$(echo "$regionData" | jq -r '.servers.meta[0].ip')" -bestServer_meta_hostname="$(echo "$regionData" | jq -r '.servers.meta[0].cn')" -bestServer_WG_IP="$(echo "$regionData" | jq -r '.servers.wg[0].ip')" -bestServer_WG_hostname="$(echo "$regionData" | jq -r '.servers.wg[0].cn')" -bestServer_OT_IP="$(echo "$regionData" | jq -r '.servers.ovpntcp[0].ip')" -bestServer_OT_hostname="$(echo "$regionData" | jq -r '.servers.ovpntcp[0].cn')" -bestServer_OU_IP="$(echo "$regionData" | jq -r '.servers.ovpnudp[0].ip')" -bestServer_OU_hostname="$(echo "$regionData" | jq -r '.servers.ovpnudp[0].cn')" +bestServer_meta_IP=$(echo "$regionData" | jq -r '.servers.meta[0].ip') +bestServer_meta_hostname=$(echo "$regionData" | jq -r '.servers.meta[0].cn') +bestServer_WG_IP=$(echo "$regionData" | jq -r '.servers.wg[0].ip') +bestServer_WG_hostname=$(echo "$regionData" | jq -r '.servers.wg[0].cn') +bestServer_OT_IP=$(echo "$regionData" | jq -r '.servers.ovpntcp[0].ip') +bestServer_OT_hostname=$(echo "$regionData" | jq -r '.servers.ovpntcp[0].cn') +bestServer_OU_IP=$(echo "$regionData" | jq -r '.servers.ovpnudp[0].ip') +bestServer_OU_hostname=$(echo "$regionData" | jq -r '.servers.ovpnudp[0].cn') if [[ $VPN_PROTOCOL == "no" ]]; then @@ -232,7 +231,7 @@ else fi # Connect with WireGuard and clear authentication token file and latencyList -if [[ $VPN_PROTOCOL == wireguard ]]; then +if [[ $VPN_PROTOCOL == "wireguard" ]]; then echo The ./get_region.sh script got started with echo -e ${GREEN}VPN_PROTOCOL=wireguard${NC}, so we will automatically connect to WireGuard, echo by running this command: diff --git a/get_token.sh b/get_token.sh index 0f04790..4266428 100755 --- a/get_token.sh +++ b/get_token.sh @@ -20,29 +20,27 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 fi } - -# This function creates a timestamp, to use for setting $TOKEN_EXPIRATION -function timeout_timestamp() { - date +"%c" --date='1 day' # Timestamp 24 hours -} - # Now we call the function to make sure we can use curl and jq. check_tool curl check_tool jq +# This function creates a timestamp, to use for setting $TOKEN_EXPIRATION +timeout_timestamp() { + date +"%c" --date='1 day' # Timestamp 24 hours +} + # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -61,7 +59,7 @@ fi mkdir -p /opt/piavpn-manual -if [[ ! $PIA_USER || ! $PIA_PASS ]]; then +if [[ -z $PIA_USER || -z $PIA_PASS ]]; then echo If you want this script to automatically get a token from the Meta echo service, please add the variables PIA_USER and PIA_PASS. Example: echo $ PIA_USER=p0123456 PIA_PASS=xxx ./get_token.sh @@ -75,21 +73,21 @@ echo -n "Checking login credentials..." generateTokenResponse=$(curl -s -u "$PIA_USER:$PIA_PASS" \ "https://privateinternetaccess.com/gtoken/generateToken") -if [ "$(echo "$generateTokenResponse" | jq -r '.status')" != "OK" ]; then +if [[ $(echo "$generateTokenResponse" | jq -r '.status') != "OK" ]]; then echo echo echo -e "${RED}Could not authenticate with the login credentials provided!${NC}" echo exit fi - + echo -e ${GREEN}OK! echo token=$(echo "$generateTokenResponse" | jq -r '.token') tokenExpiration=$(timeout_timestamp) -echo -e PIA_TOKEN="$token"${NC} +echo -e "PIA_TOKEN=$token${NC}" echo "$token" > /opt/piavpn-manual/token || exit 1 echo "$tokenExpiration" >> /opt/piavpn-manual/token -echo -echo This token will expire in 24 hours, on "$tokenExpiration". +echo +echo "This token will expire in 24 hours, on $tokenExpiration." echo diff --git a/port_forwarding.sh b/port_forwarding.sh index 39c5dd0..4cb861c 100755 --- a/port_forwarding.sh +++ b/port_forwarding.sh @@ -20,21 +20,20 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 fi } -# Now we call the function to make sure we can use wg-quick, curl and jq. +# Now we call the function to make sure we can use curl and jq. check_tool curl check_tool jq # Check if the mandatory environment variables are set. -if [[ ! $PF_GATEWAY || ! $PIA_TOKEN || ! $PF_HOSTNAME ]]; then +if [[ -z $PF_GATEWAY || -z $PIA_TOKEN || -z $PF_HOSTNAME ]]; then echo This script requires 3 env vars: echo PF_GATEWAY - the IP of your gateway echo PF_HOSTNAME - name of the host used for SSL/TLS certificate verification @@ -48,9 +47,9 @@ exit 1 fi # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -81,7 +80,7 @@ fi # If you already have a signature, and you would like to re-use that port, # save the payload_and_signature received from your previous request # in the env var PAYLOAD_AND_SIGNATURE, and that will be used instead. -if [[ ! $PAYLOAD_AND_SIGNATURE ]]; then +if [[ -z $PAYLOAD_AND_SIGNATURE ]]; then echo echo -n "Getting new signature... " payload_and_signature="$(curl -s -m 5 \ @@ -90,14 +89,14 @@ if [[ ! $PAYLOAD_AND_SIGNATURE ]]; then -G --data-urlencode "token=${PIA_TOKEN}" \ "https://${PF_HOSTNAME}:19999/getSignature")" else - payload_and_signature="$PAYLOAD_AND_SIGNATURE" + payload_and_signature=$PAYLOAD_AND_SIGNATURE echo -n "Checking the payload_and_signature from the env var... " fi export payload_and_signature # Check if the payload and the signature are OK. # If they are not OK, just stop the script. -if [ "$(echo "$payload_and_signature" | jq -r '.status')" != "OK" ]; then +if [[ $(echo "$payload_and_signature" | jq -r '.status') != "OK" ]]; then echo -e "${RED}The payload_and_signature variable does not contain an OK status.${NC}" exit 1 fi @@ -105,18 +104,18 @@ echo -e "${GREEN}OK!${NC}" # We need to get the signature out of the previous response. # The signature will allow the us to bind the port on the server. -signature="$(echo "$payload_and_signature" | jq -r '.signature')" +signature=$(echo "$payload_and_signature" | jq -r '.signature') # The payload has a base64 format. We need to extract it from the # previous response and also get the following information out: # - port: This is the port you got access to # - expires_at: this is the date+time when the port expires -payload="$(echo "$payload_and_signature" | jq -r '.payload')" -port="$(echo "$payload" | base64 -d | jq -r '.port')" +payload=$(echo "$payload_and_signature" | jq -r '.payload') +port=$(echo "$payload" | base64 -d | jq -r '.port') # The port normally expires after 2 months. If you consider # 2 months is not enough for your setup, please open a ticket. -expires_at="$(echo "$payload" | base64 -d | jq -r '.expires_at')" +expires_at=$(echo "$payload" | base64 -d | jq -r '.expires_at') echo -ne " Signature ${GREEN}$signature${NC} @@ -142,7 +141,7 @@ while true; do # If port did not bind, just exit the script. # This script will exit in 2 months, since the port will expire. export bind_port_response - if [ "$(echo "$bind_port_response" | jq -r '.status')" != "OK" ]; then + if [[ $(echo "$bind_port_response" | jq -r '.status') != "OK" ]]; then echo -e "${RED}The API did not return OK when trying to bind port... Exiting." exit 1 fi diff --git a/run_setup.sh b/run_setup.sh index 61cb3ed..dc890de 100755 --- a/run_setup.sh +++ b/run_setup.sh @@ -20,9 +20,9 @@ # SOFTWARE. # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -52,13 +52,13 @@ while :; do # Check for in-line definition of $PIA_USER if [[ ! $PIA_USER || $PIA_USER = "" ]]; then echo - read -rp "PIA username (p#######): " PIA_USER + read -r -p "PIA username (p#######): " PIA_USER fi - + # Confirm format of PIA_USER input - unPrefix="${PIA_USER:0:1}" - unSuffix="${PIA_USER:1}" - if [[ -z "$PIA_USER" ]]; then + unPrefix=${PIA_USER:0:1} + unSuffix=${PIA_USER:1} + if [[ -z $PIA_USER ]]; then echo -e "\n${RED}You must provide input.${NC}" elif [[ ${#PIA_USER} != 8 ]]; then echo -e "\n${RED}A PIA username is always 8 characters long.${NC}" @@ -73,18 +73,18 @@ while :; do PIA_USER="" done export PIA_USER - + while :; do # Check for in-line definition of $PIA_PASS if [[ ! $PIA_PASS || $PIA_PASS = "" ]]; then echo echo -n "PIA password: " - read -rs PIA_PASS + read -r -s PIA_PASS echo fi - + # Confirm format of PIA_PASS input - if [[ -z "$PIA_PASS" ]]; then + if [[ -z $PIA_PASS ]]; then echo -e "\n${RED}You must provide input.${NC}" elif [[ ${#PIA_PASS} -lt 8 ]]; then echo -e "\n${RED}A PIA password is always a minimum of 8 characters long.${NC}" @@ -102,8 +102,8 @@ while :; do tokenLocation="/opt/piavpn-manual/token" # If the script failed to generate an authentication token, the script will exit early. - if [ ! -f "$tokenLocation" ]; then - read -pr "Do you want to try again ([N]o/[y]es): " tryAgain + if [[ ! -f $tokenLocation ]]; then + read -r -p "Do you want to try again ([N]o/[y]es): " tryAgain if ! echo "${tryAgain:0:1}" | grep -iq y; then exit 1 fi @@ -160,7 +160,7 @@ fi # Input validation and check for conflicting declarations of AUTOCONNECT and PREFERRED_REGION # If both variables are set, AUTOCONNECT has superiority and PREFERRED_REGION is ignored -if [[ ! $AUTOCONNECT ]]; then +if [[ -z $AUTOCONNECT ]]; then echo AUTOCONNECT was not declared. echo selectServer="ask" @@ -179,7 +179,7 @@ else echo -e "Updated ${GREEN}AUTOCONNECT=$AUTOCONNECT${NC}" echo fi - if [[ ! $PREFERRED_REGION ]]; then + if [[ -z $PREFERRED_REGION ]]; then echo -e "${GREEN}AUTOCONNECT=true${NC}" echo else @@ -196,7 +196,7 @@ fi while :; do if [[ ! $PREFERRED_REGION || $PREFERRED_REGION = "" ]]; then # If autoconnect is not set, prompt the user to specify a server or auto-connect to the lowest latency - if [[ $selectServer = "ask" ]]; then + if [[ $selectServer == "ask" ]]; then echo -n "Do you want to manually select a server, instead of auto-connecting to the server with the lowest latency ([N]o/[y]es): " read -r selectServer @@ -229,10 +229,10 @@ For example, you can try 0.2 for 200ms allowed latency. fi customLatency=0 customLatency+=$latencyInput - - if [[ -z "$latencyInput" ]]; then + + if [[ -z $latencyInput ]]; then break - elif [[ $latencyInput = 0 ]]; then + elif [[ $latencyInput == 0 ]]; then echo -e "${RED}Latency input must not be zero.${NC}\n" elif ! [[ $customLatency =~ $floatCheck ]]; then echo -e "${RED}Latency input must be numeric.${NC}\n" @@ -247,14 +247,14 @@ For example, you can try 0.2 for 200ms allowed latency. done export MAX_LATENCY echo -e "${GREEN}MAX_LATENCY=$MAX_LATENCY${NC}" - + PREFERRED_REGION="none" export PREFERRED_REGION VPN_PROTOCOL="no" export VPN_PROTOCOL VPN_PROTOCOL=no ./get_region.sh - - if [ -s /opt/piavpn-manual/latencyList ]; then + + if [[ -s /opt/piavpn-manual/latencyList ]]; then # Output the ordered list of servers that meet the latency specification $MAX_LATENCY echo -e "Ordered list of servers with latency less than ${GREEN}$MAX_LATENCY${NC} seconds:" i=0 @@ -272,11 +272,11 @@ For example, you can try 0.2 for 200ms allowed latency. echo " - $location" done < /opt/piavpn-manual/latencyList echo - + # Receive input to specify the server to connect to manually - while :; do - read -pr "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection - if [[ -z "$serverSelection" ]]; then + while :; do + read -r -p "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection + if [[ -z $serverSelection ]]; then echo -e "\n${RED}You must provide input.${NC}\n" elif ! [[ $serverSelection =~ $intCheck ]]; then echo -e "\n${RED}You must enter a number.${NC}\n" @@ -291,7 +291,7 @@ For example, you can try 0.2 for 200ms allowed latency. break fi done - + # Write the serverID for use when connecting, and display the serverName for user confirmation export PREFERRED_REGION echo @@ -316,7 +316,7 @@ For example, you can try 0.2 for 200ms allowed latency. fi done -if [[ ! $VPN_PROTOCOL ]]; then +if [[ -z $VPN_PROTOCOL ]]; then VPN_PROTOCOL="none" fi # This section asks for user connection preferences @@ -330,7 +330,7 @@ case $VPN_PROTOCOL in echo -n "Connection method ([W]ireguard/[o]penvpn): " read -r connection_method echo - + VPN_PROTOCOL="wireguard" if echo "${connection_method:0:1}" | grep -iq o; then echo -n "Connection method ([U]dp/[t]cp): " @@ -362,7 +362,7 @@ ${NC}" # Check for the required presence of resolvconf for setting DNS on wireguard connections setDNS="yes" -if ! command -v resolvconf &>/dev/null && [ "$VPN_PROTOCOL" == wireguard ]; then +if ! command -v resolvconf &>/dev/null && [[ $VPN_PROTOCOL == "wireguard" ]]; then echo -e ${RED}The resolvconf package could not be found. echo This script can not set DNS for you and you will echo -e need to invoke DNS protection some other way.${NC} @@ -382,7 +382,7 @@ if [[ $setDNS = "yes" ]]; then PIA_DNS="false" fi fi -elif [[ $PIA_DNS != "true" || $setDNS = "no" ]];then +elif [[ $PIA_DNS != "true" || $setDNS == "no" ]]; then PIA_DNS="false" fi export PIA_DNS