From f47b320a4a72112f21f43f49ae6212342bda4f93 Mon Sep 17 00:00:00 2001 From: a1346054 <36859588+a1346054@users.noreply.github.com> Date: Fri, 20 Aug 2021 14:19:03 +0000 Subject: [PATCH] use modern shell syntax and fix various warnings This unifies the codestyle across all shell scripts, and fixes many warnings reported through shellcheck. Additionally, it improves readability for everyone wishing to see what is actually going on. --- connect_to_openvpn_with_token.sh | 60 ++++++++++++++--------------- connect_to_wireguard_with_token.sh | 25 ++++++------ get_region.sh | 55 +++++++++++++------------- get_token.sh | 32 ++++++++------- port_forwarding.sh | 29 +++++++------- run_setup.sh | 62 +++++++++++++++--------------- 6 files changed, 129 insertions(+), 134 deletions(-) diff --git a/connect_to_openvpn_with_token.sh b/connect_to_openvpn_with_token.sh index 74b65f7..a46fd39 100755 --- a/connect_to_openvpn_with_token.sh +++ b/connect_to_openvpn_with_token.sh @@ -20,24 +20,23 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 fi } -# Now we call the function to make sure we can use wg-quick, curl and jq. +# Now we call the function to make sure we can use openvpn, curl and jq. +check_tool openvpn check_tool curl check_tool jq -check_tool openvpn # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -51,16 +50,16 @@ fi # Check if manual PIA OpenVPN connection is already initialized. # Multi-hop is out of the scope of this repo, but you should be able to # get multi-hop running with both OpenVPN and WireGuard. -adapter_check="$( ip a s tun06 2>&1 )" +adapter_check=$( ip a s tun06 2>&1 ) should_read="Device \"tun06\" does not exist" pid_filepath="/opt/piavpn-manual/pia_pid" -if [[ "$adapter_check" != *"$should_read"* ]]; then +if [[ $adapter_check != *"$should_read"* ]]; then echo -e ${RED}The tun06 adapter already exists, that interface is required echo -e for this configuration.${NC} - if [ -f "$pid_filepath" ]; then - old_pid="$( cat "$pid_filepath" )" - old_pid_name="$( ps -p "$old_pid" -o comm= )" - if [[ $old_pid_name == 'openvpn' ]]; then + if [[ -f $pid_filepath ]]; then + old_pid=$( cat "$pid_filepath" ) + old_pid_name=$( ps -p "$old_pid" -o comm= ) + if [[ $old_pid_name == "openvpn" ]]; then echo echo -e It seems likely that process ${RED}"$old_pid"${NC} is an OpenVPN connection echo that was established by using this script. Unless it is closed @@ -68,7 +67,7 @@ if [[ "$adapter_check" != *"$should_read"* ]]; then echo -ne "Do you want to run ${RED}$ kill $old_pid${NC} (Y/n): " read -r close_connection fi - if echo "${close_connection:0:1}" | grep -iq n ; then + if echo "${close_connection:0:1}" | grep -iq n; then echo -e ${RED}Closing script. Resolve tun06 adapter conflict and run the script again. exit 1 fi @@ -98,11 +97,11 @@ then echo -e 'sysctl -w net.ipv6.conf.default.disable_ipv6=1'${NC} fi -# Check if the mandatory environment variables are set. -if [[ ! $OVPN_SERVER_IP || - ! $OVPN_HOSTNAME || - ! $PIA_TOKEN || - ! $CONNECTION_SETTINGS ]]; then +# Check if the mandatory environment variables are set. +if [[ -z $OVPN_SERVER_IP || + -z $OVPN_HOSTNAME || + -z $PIA_TOKEN || + -z $CONNECTION_SETTINGS ]]; then echo -e ${RED}'This script requires 4 env vars:' echo 'PIA_TOKEN - the token used for authentication' echo 'OVPN_SERVER_IP - IP that you want to connect to' @@ -121,7 +120,7 @@ if [[ ! $OVPN_SERVER_IP || echo An easy solution is to just run get_region_and_token.sh echo as it will guide you through getting the best server and echo also a token. Detailed information can be found here: - echo -e https://github.com/pia-foss/manual-connections ${NC} + echo -e https://github.com/pia-foss/manual-connections${NC} exit 1 fi @@ -138,8 +137,8 @@ echo -e "${GREEN}OK!${NC}" IFS='_' read -ra connection_settings <<< "$CONNECTION_SETTINGS" IFS=' ' -protocol="${connection_settings[1]}" -encryption="${connection_settings[2]}" +protocol=${connection_settings[1]} +encryption=${connection_settings[2]} prefix_filepath="openvpn_config/standard.ovpn" if [[ $encryption == "strong" ]]; then @@ -161,12 +160,12 @@ else fi # Create the OpenVPN config based on the settings specified -cat $prefix_filepath > /opt/piavpn-manual/pia.ovpn || exit 1 -echo remote "$OVPN_SERVER_IP" $port "$protocol" >> /opt/piavpn-manual/pia.ovpn +cat "$prefix_filepath" > /opt/piavpn-manual/pia.ovpn || exit 1 +echo "remote $OVPN_SERVER_IP $port $protocol" >> /opt/piavpn-manual/pia.ovpn # Copy the up/down scripts to /opt/piavpn-manual/ # based upon use of PIA DNS -if [ "$PIA_DNS" != true ]; then +if [[ $PIA_DNS != "true" ]]; then cp openvpn_config/openvpn_up.sh /opt/piavpn-manual/ cp openvpn_config/openvpn_down.sh /opt/piavpn-manual/ echo -e ${RED}This configuration will not use PIA DNS.${NC} @@ -201,8 +200,7 @@ Confirming OpenVPN connection state..." # Manually adjust the connection_wait_time if needed connection_wait_time=10 confirmation="Initialization Sequence Complete" -for (( timeout=0; timeout <= connection_wait_time; timeout++ )) -do +for (( timeout=0; timeout <= connection_wait_time; timeout++ )); do sleep 1 if grep -q "$confirmation" /opt/piavpn-manual/debug_info; then connected=true @@ -210,11 +208,11 @@ do fi done -ovpn_pid="$( cat /opt/piavpn-manual/pia_pid )" -gateway_ip="$( cat /opt/piavpn-manual/route_info )" +ovpn_pid=$( cat /opt/piavpn-manual/pia_pid ) +gateway_ip=$( cat /opt/piavpn-manual/route_info ) # Report and exit if connection was not initialized within 10 seconds. -if [ "$connected" != true ]; then +if [[ $connected != "true" ]]; then echo -e "${RED}The VPN connection was not established within 10 seconds.${NC}" kill "$ovpn_pid" exit 1 @@ -234,7 +232,7 @@ To disconnect the VPN, run: " # This section will stop the script if PIA_PF is not set to "true". -if [ "$PIA_PF" != true ]; then +if [[ $PIA_PF != "true" ]]; then echo If you want to also enable port forwarding, you can start the script: echo -e $ ${GREEN}PIA_TOKEN="$PIA_TOKEN" \ PF_GATEWAY="$gateway_ip" \ diff --git a/connect_to_wireguard_with_token.sh b/connect_to_wireguard_with_token.sh index 98e6c95..fd5bfbb 100755 --- a/connect_to_wireguard_with_token.sh +++ b/connect_to_wireguard_with_token.sh @@ -20,10 +20,9 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 @@ -35,9 +34,9 @@ check_tool curl check_tool jq # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -62,7 +61,9 @@ then fi # Check if the mandatory environment variables are set. -if [[ ! $WG_SERVER_IP || ! $WG_HOSTNAME || ! $PIA_TOKEN ]]; then +if [[ -z $WG_SERVER_IP || + -z $WG_HOSTNAME || + -z $PIA_TOKEN ]]; then echo -e ${RED}This script requires 3 env vars: echo WG_SERVER_IP - IP that you want to connect to echo WG_HOSTNAME - name of the server, required for ssl @@ -80,9 +81,9 @@ if [[ ! $WG_SERVER_IP || ! $WG_HOSTNAME || ! $PIA_TOKEN ]]; then fi # Create ephemeral wireguard keys, that we don't need to save to disk. -privKey="$(wg genkey)" +privKey=$(wg genkey) export privKey -pubKey="$( echo "$privKey" | wg pubkey)" +pubKey=$( echo "$privKey" | wg pubkey) export pubKey # Authenticate via the PIA WireGuard RESTful API. @@ -101,7 +102,7 @@ wireguard_json="$(curl -s -G \ export wireguard_json # Check if the API returned OK and stop this script if it didn't. -if [ "$(echo "$wireguard_json" | jq -r '.status')" != "OK" ]; then +if [[ $(echo "$wireguard_json" | jq -r '.status') != "OK" ]]; then >&2 echo -e "${RED}Server did not return OK. Stopping now.${NC}" exit 1 fi @@ -120,8 +121,8 @@ echo # This uses a PersistentKeepalive of 25 seconds to keep the NAT active # on firewalls. You can remove that line if your network does not # require it. -if [ "$PIA_DNS" == true ]; then - dnsServer="$(echo "$wireguard_json" | jq -r '.dns_servers[0]')" +if [[ $PIA_DNS == "true" ]]; then + dnsServer=$(echo "$wireguard_json" | jq -r '.dns_servers[0]') echo "Trying to set up DNS to $dnsServer. In case you do not have resolvconf," echo "this operation will fail and you will not get a VPN. If you have issues," echo "start this script without PIA_DNS." @@ -161,7 +162,7 @@ To disconnect the VPN, run: " # This section will stop the script if PIA_PF is not set to "true". -if [ "$PIA_PF" != true ]; then +if [[ $PIA_PF != "true" ]]; then echo If you want to also enable port forwarding, you can start the script: echo -e $ ${GREEN}PIA_TOKEN="$PIA_TOKEN" \ PF_GATEWAY="$WG_SERVER_IP" \ diff --git a/get_region.sh b/get_region.sh index b9c46bf..2497126 100755 --- a/get_region.sh +++ b/get_region.sh @@ -20,10 +20,9 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 @@ -34,7 +33,7 @@ check_tool curl check_tool jq # If the server list has less than 1000 characters, it means curl failed. -function check_all_region_data() { +check_all_region_data() { echo echo -n "Getting the server list..." @@ -44,7 +43,7 @@ function check_all_region_data() { echo -e "If it works, you will get a huge JSON as a response.${NC}" exit 1 fi - + # Notify the user that we got the server list. echo -e "${GREEN}OK!${NC} " @@ -52,11 +51,11 @@ function check_all_region_data() { # Get all data for the selected region # Exit with code 1 if the REGION_ID provided is invalid -function get_selected_region_data() { +get_selected_region_data() { regionData="$( echo "$all_region_data" | jq --arg REGION_ID "$selectedRegion" -r \ '.regions[] | select(.id==$REGION_ID)')" - if [[ ! $regionData ]]; then + if [[ -z $regionData ]]; then echo -e "${RED}The REGION_ID $selectedRegion is not valid.${NC} " exit 1 @@ -64,9 +63,9 @@ function get_selected_region_data() { } # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -101,16 +100,16 @@ serverlist_url='https://serverlist.piaservers.net/vpninfo/servers/v6' # It will print a human-readable message to stderr, # and it will print the variables to stdout printServerLatency() { - serverIP="$1" - regionID="$2" + serverIP=$1 + regionID=$2 regionName="$(echo "${@:3}" | sed 's/ false//' | sed 's/true/(geo)/')" time=$(LC_NUMERIC=en_US.utf8 curl -o /dev/null -s \ --connect-timeout "$MAX_LATENCY" \ --write-out "%{time_connect}" \ - http://"$serverIP":443) - if [ $? -eq 0 ]; then - >&2 echo Got latency "${time}"s for region: "$regionName" + "http://$serverIP:443") + if [[ $? -eq 0 ]]; then + >&2 echo "Got latency ${time}s for region: $regionName" echo "$time $regionID $serverIP" # Write a list of servers with acceptable latency # to /opt/piavpn-manual/latencyList @@ -122,10 +121,10 @@ printServerLatency() { export -f printServerLatency # If a server location or autoconnect isn't specified, set the variable to false/no. -if [[ -z "$PREFERRED_REGION" ]]; then +if [[ -z $PREFERRED_REGION ]]; then PREFERRED_REGION=none fi -if [[ -z "$VPN_PROTOCOL" ]]; then +if [[ -z $VPN_PROTOCOL ]]; then VPN_PROTOCOL=no fi @@ -141,7 +140,7 @@ if [[ $selectedRegion == "none" ]]; then check_all_region_data # Making sure this variable doesn't contain some strange string - if [ "$PIA_PF" != true ]; then + if [[ $PIA_PF != "true" ]]; then PIA_PF="false" fi @@ -165,8 +164,8 @@ if [[ $selectedRegion == "none" ]]; then sort | head -1 | awk '{ print $2 }')" echo - if [ -z "$selectedRegion" ]; then - echo -e ${RED}No region responded within "${MAX_LATENCY}"s, consider using a higher timeout. + if [[ -z $selectedRegion ]]; then + echo -e "${RED}No region responded within ${MAX_LATENCY}s, consider using a higher timeout." echo For example, to wait 1 second for each region, inject MAX_LATENCY=1 like this: echo -e $ MAX_LATENCY=1 ./get_region.sh${NC} exit 1 @@ -182,14 +181,14 @@ fi get_selected_region_data -bestServer_meta_IP="$(echo "$regionData" | jq -r '.servers.meta[0].ip')" -bestServer_meta_hostname="$(echo "$regionData" | jq -r '.servers.meta[0].cn')" -bestServer_WG_IP="$(echo "$regionData" | jq -r '.servers.wg[0].ip')" -bestServer_WG_hostname="$(echo "$regionData" | jq -r '.servers.wg[0].cn')" -bestServer_OT_IP="$(echo "$regionData" | jq -r '.servers.ovpntcp[0].ip')" -bestServer_OT_hostname="$(echo "$regionData" | jq -r '.servers.ovpntcp[0].cn')" -bestServer_OU_IP="$(echo "$regionData" | jq -r '.servers.ovpnudp[0].ip')" -bestServer_OU_hostname="$(echo "$regionData" | jq -r '.servers.ovpnudp[0].cn')" +bestServer_meta_IP=$(echo "$regionData" | jq -r '.servers.meta[0].ip') +bestServer_meta_hostname=$(echo "$regionData" | jq -r '.servers.meta[0].cn') +bestServer_WG_IP=$(echo "$regionData" | jq -r '.servers.wg[0].ip') +bestServer_WG_hostname=$(echo "$regionData" | jq -r '.servers.wg[0].cn') +bestServer_OT_IP=$(echo "$regionData" | jq -r '.servers.ovpntcp[0].ip') +bestServer_OT_hostname=$(echo "$regionData" | jq -r '.servers.ovpntcp[0].cn') +bestServer_OU_IP=$(echo "$regionData" | jq -r '.servers.ovpnudp[0].ip') +bestServer_OU_hostname=$(echo "$regionData" | jq -r '.servers.ovpnudp[0].cn') if [[ $VPN_PROTOCOL == "no" ]]; then @@ -232,7 +231,7 @@ else fi # Connect with WireGuard and clear authentication token file and latencyList -if [[ $VPN_PROTOCOL == wireguard ]]; then +if [[ $VPN_PROTOCOL == "wireguard" ]]; then echo The ./get_region.sh script got started with echo -e ${GREEN}VPN_PROTOCOL=wireguard${NC}, so we will automatically connect to WireGuard, echo by running this command: diff --git a/get_token.sh b/get_token.sh index 0f04790..4266428 100755 --- a/get_token.sh +++ b/get_token.sh @@ -20,29 +20,27 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 fi } - -# This function creates a timestamp, to use for setting $TOKEN_EXPIRATION -function timeout_timestamp() { - date +"%c" --date='1 day' # Timestamp 24 hours -} - # Now we call the function to make sure we can use curl and jq. check_tool curl check_tool jq +# This function creates a timestamp, to use for setting $TOKEN_EXPIRATION +timeout_timestamp() { + date +"%c" --date='1 day' # Timestamp 24 hours +} + # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -61,7 +59,7 @@ fi mkdir -p /opt/piavpn-manual -if [[ ! $PIA_USER || ! $PIA_PASS ]]; then +if [[ -z $PIA_USER || -z $PIA_PASS ]]; then echo If you want this script to automatically get a token from the Meta echo service, please add the variables PIA_USER and PIA_PASS. Example: echo $ PIA_USER=p0123456 PIA_PASS=xxx ./get_token.sh @@ -75,21 +73,21 @@ echo -n "Checking login credentials..." generateTokenResponse=$(curl -s -u "$PIA_USER:$PIA_PASS" \ "https://privateinternetaccess.com/gtoken/generateToken") -if [ "$(echo "$generateTokenResponse" | jq -r '.status')" != "OK" ]; then +if [[ $(echo "$generateTokenResponse" | jq -r '.status') != "OK" ]]; then echo echo echo -e "${RED}Could not authenticate with the login credentials provided!${NC}" echo exit fi - + echo -e ${GREEN}OK! echo token=$(echo "$generateTokenResponse" | jq -r '.token') tokenExpiration=$(timeout_timestamp) -echo -e PIA_TOKEN="$token"${NC} +echo -e "PIA_TOKEN=$token${NC}" echo "$token" > /opt/piavpn-manual/token || exit 1 echo "$tokenExpiration" >> /opt/piavpn-manual/token -echo -echo This token will expire in 24 hours, on "$tokenExpiration". +echo +echo "This token will expire in 24 hours, on $tokenExpiration." echo diff --git a/port_forwarding.sh b/port_forwarding.sh index 39c5dd0..4cb861c 100755 --- a/port_forwarding.sh +++ b/port_forwarding.sh @@ -20,21 +20,20 @@ # SOFTWARE. # This function allows you to check if the required tools have been installed. -function check_tool() { +check_tool() { cmd=$1 - if ! command -v "$cmd" &>/dev/null - then + if ! command -v "$cmd" >/dev/null; then echo "$cmd could not be found" echo "Please install $cmd" exit 1 fi } -# Now we call the function to make sure we can use wg-quick, curl and jq. +# Now we call the function to make sure we can use curl and jq. check_tool curl check_tool jq # Check if the mandatory environment variables are set. -if [[ ! $PF_GATEWAY || ! $PIA_TOKEN || ! $PF_HOSTNAME ]]; then +if [[ -z $PF_GATEWAY || -z $PIA_TOKEN || -z $PF_HOSTNAME ]]; then echo This script requires 3 env vars: echo PF_GATEWAY - the IP of your gateway echo PF_HOSTNAME - name of the host used for SSL/TLS certificate verification @@ -48,9 +47,9 @@ exit 1 fi # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -81,7 +80,7 @@ fi # If you already have a signature, and you would like to re-use that port, # save the payload_and_signature received from your previous request # in the env var PAYLOAD_AND_SIGNATURE, and that will be used instead. -if [[ ! $PAYLOAD_AND_SIGNATURE ]]; then +if [[ -z $PAYLOAD_AND_SIGNATURE ]]; then echo echo -n "Getting new signature... " payload_and_signature="$(curl -s -m 5 \ @@ -90,14 +89,14 @@ if [[ ! $PAYLOAD_AND_SIGNATURE ]]; then -G --data-urlencode "token=${PIA_TOKEN}" \ "https://${PF_HOSTNAME}:19999/getSignature")" else - payload_and_signature="$PAYLOAD_AND_SIGNATURE" + payload_and_signature=$PAYLOAD_AND_SIGNATURE echo -n "Checking the payload_and_signature from the env var... " fi export payload_and_signature # Check if the payload and the signature are OK. # If they are not OK, just stop the script. -if [ "$(echo "$payload_and_signature" | jq -r '.status')" != "OK" ]; then +if [[ $(echo "$payload_and_signature" | jq -r '.status') != "OK" ]]; then echo -e "${RED}The payload_and_signature variable does not contain an OK status.${NC}" exit 1 fi @@ -105,18 +104,18 @@ echo -e "${GREEN}OK!${NC}" # We need to get the signature out of the previous response. # The signature will allow the us to bind the port on the server. -signature="$(echo "$payload_and_signature" | jq -r '.signature')" +signature=$(echo "$payload_and_signature" | jq -r '.signature') # The payload has a base64 format. We need to extract it from the # previous response and also get the following information out: # - port: This is the port you got access to # - expires_at: this is the date+time when the port expires -payload="$(echo "$payload_and_signature" | jq -r '.payload')" -port="$(echo "$payload" | base64 -d | jq -r '.port')" +payload=$(echo "$payload_and_signature" | jq -r '.payload') +port=$(echo "$payload" | base64 -d | jq -r '.port') # The port normally expires after 2 months. If you consider # 2 months is not enough for your setup, please open a ticket. -expires_at="$(echo "$payload" | base64 -d | jq -r '.expires_at')" +expires_at=$(echo "$payload" | base64 -d | jq -r '.expires_at') echo -ne " Signature ${GREEN}$signature${NC} @@ -142,7 +141,7 @@ while true; do # If port did not bind, just exit the script. # This script will exit in 2 months, since the port will expire. export bind_port_response - if [ "$(echo "$bind_port_response" | jq -r '.status')" != "OK" ]; then + if [[ $(echo "$bind_port_response" | jq -r '.status') != "OK" ]]; then echo -e "${RED}The API did not return OK when trying to bind port... Exiting." exit 1 fi diff --git a/run_setup.sh b/run_setup.sh index 61cb3ed..dc890de 100755 --- a/run_setup.sh +++ b/run_setup.sh @@ -20,9 +20,9 @@ # SOFTWARE. # Check if terminal allows output, if yes, define colors for output -if test -t 1; then +if [[ -t 1 ]]; then ncolors=$(tput colors) - if test -n "$ncolors" && test "$ncolors" -ge 8; then + if [[ -n $ncolors && $ncolors -ge 8 ]]; then GREEN='\033[0;32m' RED='\033[0;31m' NC='\033[0m' # No Color @@ -52,13 +52,13 @@ while :; do # Check for in-line definition of $PIA_USER if [[ ! $PIA_USER || $PIA_USER = "" ]]; then echo - read -rp "PIA username (p#######): " PIA_USER + read -r -p "PIA username (p#######): " PIA_USER fi - + # Confirm format of PIA_USER input - unPrefix="${PIA_USER:0:1}" - unSuffix="${PIA_USER:1}" - if [[ -z "$PIA_USER" ]]; then + unPrefix=${PIA_USER:0:1} + unSuffix=${PIA_USER:1} + if [[ -z $PIA_USER ]]; then echo -e "\n${RED}You must provide input.${NC}" elif [[ ${#PIA_USER} != 8 ]]; then echo -e "\n${RED}A PIA username is always 8 characters long.${NC}" @@ -73,18 +73,18 @@ while :; do PIA_USER="" done export PIA_USER - + while :; do # Check for in-line definition of $PIA_PASS if [[ ! $PIA_PASS || $PIA_PASS = "" ]]; then echo echo -n "PIA password: " - read -rs PIA_PASS + read -r -s PIA_PASS echo fi - + # Confirm format of PIA_PASS input - if [[ -z "$PIA_PASS" ]]; then + if [[ -z $PIA_PASS ]]; then echo -e "\n${RED}You must provide input.${NC}" elif [[ ${#PIA_PASS} -lt 8 ]]; then echo -e "\n${RED}A PIA password is always a minimum of 8 characters long.${NC}" @@ -102,8 +102,8 @@ while :; do tokenLocation="/opt/piavpn-manual/token" # If the script failed to generate an authentication token, the script will exit early. - if [ ! -f "$tokenLocation" ]; then - read -pr "Do you want to try again ([N]o/[y]es): " tryAgain + if [[ ! -f $tokenLocation ]]; then + read -r -p "Do you want to try again ([N]o/[y]es): " tryAgain if ! echo "${tryAgain:0:1}" | grep -iq y; then exit 1 fi @@ -160,7 +160,7 @@ fi # Input validation and check for conflicting declarations of AUTOCONNECT and PREFERRED_REGION # If both variables are set, AUTOCONNECT has superiority and PREFERRED_REGION is ignored -if [[ ! $AUTOCONNECT ]]; then +if [[ -z $AUTOCONNECT ]]; then echo AUTOCONNECT was not declared. echo selectServer="ask" @@ -179,7 +179,7 @@ else echo -e "Updated ${GREEN}AUTOCONNECT=$AUTOCONNECT${NC}" echo fi - if [[ ! $PREFERRED_REGION ]]; then + if [[ -z $PREFERRED_REGION ]]; then echo -e "${GREEN}AUTOCONNECT=true${NC}" echo else @@ -196,7 +196,7 @@ fi while :; do if [[ ! $PREFERRED_REGION || $PREFERRED_REGION = "" ]]; then # If autoconnect is not set, prompt the user to specify a server or auto-connect to the lowest latency - if [[ $selectServer = "ask" ]]; then + if [[ $selectServer == "ask" ]]; then echo -n "Do you want to manually select a server, instead of auto-connecting to the server with the lowest latency ([N]o/[y]es): " read -r selectServer @@ -229,10 +229,10 @@ For example, you can try 0.2 for 200ms allowed latency. fi customLatency=0 customLatency+=$latencyInput - - if [[ -z "$latencyInput" ]]; then + + if [[ -z $latencyInput ]]; then break - elif [[ $latencyInput = 0 ]]; then + elif [[ $latencyInput == 0 ]]; then echo -e "${RED}Latency input must not be zero.${NC}\n" elif ! [[ $customLatency =~ $floatCheck ]]; then echo -e "${RED}Latency input must be numeric.${NC}\n" @@ -247,14 +247,14 @@ For example, you can try 0.2 for 200ms allowed latency. done export MAX_LATENCY echo -e "${GREEN}MAX_LATENCY=$MAX_LATENCY${NC}" - + PREFERRED_REGION="none" export PREFERRED_REGION VPN_PROTOCOL="no" export VPN_PROTOCOL VPN_PROTOCOL=no ./get_region.sh - - if [ -s /opt/piavpn-manual/latencyList ]; then + + if [[ -s /opt/piavpn-manual/latencyList ]]; then # Output the ordered list of servers that meet the latency specification $MAX_LATENCY echo -e "Ordered list of servers with latency less than ${GREEN}$MAX_LATENCY${NC} seconds:" i=0 @@ -272,11 +272,11 @@ For example, you can try 0.2 for 200ms allowed latency. echo " - $location" done < /opt/piavpn-manual/latencyList echo - + # Receive input to specify the server to connect to manually - while :; do - read -pr "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection - if [[ -z "$serverSelection" ]]; then + while :; do + read -r -p "Input the number of the server you want to connect to ([1]-[$i]) : " serverSelection + if [[ -z $serverSelection ]]; then echo -e "\n${RED}You must provide input.${NC}\n" elif ! [[ $serverSelection =~ $intCheck ]]; then echo -e "\n${RED}You must enter a number.${NC}\n" @@ -291,7 +291,7 @@ For example, you can try 0.2 for 200ms allowed latency. break fi done - + # Write the serverID for use when connecting, and display the serverName for user confirmation export PREFERRED_REGION echo @@ -316,7 +316,7 @@ For example, you can try 0.2 for 200ms allowed latency. fi done -if [[ ! $VPN_PROTOCOL ]]; then +if [[ -z $VPN_PROTOCOL ]]; then VPN_PROTOCOL="none" fi # This section asks for user connection preferences @@ -330,7 +330,7 @@ case $VPN_PROTOCOL in echo -n "Connection method ([W]ireguard/[o]penvpn): " read -r connection_method echo - + VPN_PROTOCOL="wireguard" if echo "${connection_method:0:1}" | grep -iq o; then echo -n "Connection method ([U]dp/[t]cp): " @@ -362,7 +362,7 @@ ${NC}" # Check for the required presence of resolvconf for setting DNS on wireguard connections setDNS="yes" -if ! command -v resolvconf &>/dev/null && [ "$VPN_PROTOCOL" == wireguard ]; then +if ! command -v resolvconf &>/dev/null && [[ $VPN_PROTOCOL == "wireguard" ]]; then echo -e ${RED}The resolvconf package could not be found. echo This script can not set DNS for you and you will echo -e need to invoke DNS protection some other way.${NC} @@ -382,7 +382,7 @@ if [[ $setDNS = "yes" ]]; then PIA_DNS="false" fi fi -elif [[ $PIA_DNS != "true" || $setDNS = "no" ]];then +elif [[ $PIA_DNS != "true" || $setDNS == "no" ]]; then PIA_DNS="false" fi export PIA_DNS