首頁 探索 說明
登入
adnan360
/
protonator
關註 1
讚好 0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
分支: master
分支列表 標籤列表
protonator
/
connect.sh

connect.sh 4.6 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 
  1. #!/usr/bin/env sh
    2. 

  2. #
    3. 

  3. # ~~ Protonator: a ProtonVPN connect script ~~
    4. 

  4. #
    5. 

  5. # License:
    6. 

  6. #   - This script: MIT (Expat)
    7. 

  7. #   - update-resolv-conf.sh (downloaded automatically): GNU GPL
    8. 

  8. 

  9. # Check if a command exists on system
    10. 

  10. #   - $1: command to check if it exists
    11. 

  11. command_exists() {
    12. 

  12. 	if type "$1" >/dev/null 2>&1; then
    13. 

  13. 		return 0
    14. 

  14. 	else
    15. 

  15. 		return 1
    16. 

  16. 	fi
    17. 

  17. }
    18. 

  18. 

  19. # Check requirements
    20. 

  20. if ! command_exists 'openvpn'; then
    21. 

  21. 	echo 'Error: OpenVPN is not installed. Please install it and try again.'
    22. 

  22. 	exit 1272
    23. 

  23. else
    24. 

  24. 	if [ "$SHELL" = '/bin/bash' ] || [ "$SHELL" = '/usr/local/bin/bash' ]; then
    25. 

  25. 		openvpn_version="$(openvpn --version)"
    26. 

  26. 		openvpn_version="${openvpn_version#OpenVPN *}"
    27. 

  27. 		openvpn_version="${openvpn_version%%.*}"
    28. 

  28. 	else
    29. 

  29. 		openvpn_version=$( openvpn --version | head -n 1 | \
    30. 

  30. 			awk '{ print $2 }' | awk -F'.' '{ print $1 }' )
    31. 

  31. 	fi
    32. 

  32. 	if [ "$openvpn_version" != '2' ]; then
    33. 

  33. 		echo "Error: Currently only OpenVPN v2 is supported" \
    34. 

  34. 			"but v${openvpn_version} is installed."
    35. 

  35. 		exit 1247
    36. 

  36. 	fi
    37. 

  37. fi
    38. 

  38. 

  39. # Program to use for root priviledges
    40. 

  40. if command_exists 'sudo'; then
    41. 

  41. 	subin='sudo'
    42. 

  42. elif command_exists 'doas'; then
    43. 

  43. 	subin='doas'
    44. 

  44. else
    45. 

  45. 	echo 'Error: sudo or doas not found... exiting...'
    46. 

  46. 	exit 1235
    47. 

  47. fi
    48. 

  48. 

  49. # Set selection to none
    50. 

  50. chosen=''
    51. 

  51. 

  52. # Going to start file based operations, so cd into script directory so that
    53. 

  53. # relative paths can be used safely. This would allow script to be run from
    54. 

  54. # other directories without messing up things.
    55. 

  55. cd "$(dirname "$0")"
    56. 

  56. 

  57. # If config/config.sh exists, source it to take values from it
    58. 

  58. [ -f 'config/config.sh' ] && . 'config/config.sh'
    59. 

  59. 

  60. # Show CLI based menu (without dmenu, fzf or other GUI tools)
    61. 

  61. shell_menu () {
    62. 

  62. 	file_list=$( cd ovpns; ls *.ovpn )
    63. 

  63. 	menu=$( echo "$file_list" | cat -n | column -c 100 | sed 's/\t/ /g' )
    64. 

  64. 	echo "$menu"
    65. 

  65. 	echo -n 'Enter the number beside the ovpn config filename to connect: '
    66. 

  66. 	read selection
    67. 

  67. 

  68. 	chosen=$( echo "$file_list" | sed -n "${selection}p" )
    69. 

  69. }
    70. 

  70. 

  71. # If there's no menu chooser installed, fallback to shell selection.
    72. 

  72. if [ -z "$DISPLAY" ] || \
    73. 

  73. 	( ! command_exists 'fzf' && ! command_exists 'dmenu' && \
    74. 

  74. 	! command_exists 'rofi' ); then
    75. 

  75. 	shell_menu
    76. 

  76. else
    77. 

  77. 	chosen=$( cd ovpns; ls *.ovpn | \
    78. 

  78. 		(fzf || dmenu || rofi -dmenu -i) 2>/dev/null )
    79. 

  79. fi
    80. 

  80. 

  81. # If nothing is chosen, exit script, otherwise continue
    82. 

  82. if [ -z "$chosen" ]; then
    83. 

  83. 	echo 'Cancelled menu selection... exiting...'
    84. 

  84. 	exit 1
    85. 

  85. fi
    86. 

  86. echo "Chosen to connect to $chosen ..."
    87. 

  87. 

  88. # Create '/etc/openvpn/update-resolv-conf' if it does not exist
    89. 

  89. # Source: https://protonvpn.com/support/linux-vpn-setup/
    90. 

  90. update_resolv_conf_file='/etc/openvpn/update-resolv-conf'
    91. 

  91. if [ ! -f "$update_resolv_conf_file" ]; then
    92. 

  92. 	echo "$update_resolv_conf_file not found ..."
    93. 

  93. 	echo 'Downloading update-resolv-conf and installing it to /etc/openvpn ...'
    94. 

  94. 	[ ! -d '/etc/openvpn' ] && $subin mkdir -p '/etc/openvpn'
    95. 

  95. 	update_resolv_conf_url='https://raw.githubusercontent.com/ProtonVPN/scripts/master/update-resolv-conf.sh'
    96. 

  96. 	if command_exists 'wget'; then
    97. 

  97. 		$subin wget "$update_resolv_conf_url" -O "$update_resolv_conf_file"
    98. 

  98. 	elif command_exists 'curl'; then
    99. 

  99. 		$subin curl -L "$update_resolv_conf_url" -o "$update_resolv_conf_file"
    100. 

  100. 	else
    101. 

  101. 		echo 'Error: curl or wget not found... could not download... exiting...'
    102. 

  102. 		exit 1224
    103. 

  103. 	fi
    104. 

  104. 	if [ "$?" = '0' ]; then
    105. 

  105. 		$subin chmod +x "$update_resolv_conf_file"
    106. 

  106. 	else
    107. 

  107. 		echo 'Download was not successful... exiting...'
    108. 

  108. 		exit 1227
    109. 

  109. 	fi
    110. 

  110. fi
    111. 

  111. 

  112. # Proceed with connect process
    113. 

  113. if [ -f 'config/cred.aes' ]; then
    114. 

  114. 	# If cred.aes is found, we use it. Requires passphrase, but superior to
    115. 

  115. 	# other options.
    116. 

  116. 	# To encrypt:
    117. 

  117. 	# openssl aes-256-cbc -pbkdf2 -iter 25763 -salt -in config/cred.txt -out config/cred.aes -e -a && rm config/cred.txt
    118. 

  118. 	DEC=$(openssl aes-256-cbc -pbkdf2 -iter 25763 -in config/cred.aes -d -a)
    119. 

  119. 	# Separate line with variable is to address mess up of sudo/doas password
    120. 

  120. 	# prompt with openssl one at the same time.
    121. 

  121. 	echo "$DEC" | $subin openvpn --config "ovpns/$chosen" \
    122. 

  122. 		--auth-user-pass /dev/stdin $openvpn_cli_arguments_append
    123. 

  123. 	# Discard the decrypted data because it's not needed anymore.
    124. 

  124. 	unset DEC
    125. 

  125. elif [ -f 'config/cred.enc' ]; then
    126. 

  126. 	# If cred.enc is found, we use it.
    127. 

  127. 	# To encrypt:
    128. 

  128. 	# openssl enc -pbkdf2 -salt -in config/cred.txt -out config/cred.enc -e -a && rm config/cred.txt
    129. 

  129. 	openssl enc -pbkdf2 -in config/cred.enc -d -a | $subin openvpn \
    130. 

  130. 		--config "ovpns/$chosen" --auth-user-pass /dev/stdin \
    131. 

  131. 		$openvpn_cli_arguments_append
    132. 

  132. elif [ -f 'config/cred.txt' ]; then
    133. 

  133. 	# If pass.txt is found, we use it.
    134. 

  134. 	$subin openvpn --config "ovpns/$chosen" --auth-user-pass 'config/cred.txt' \
    135. 

  135. 		$openvpn_cli_arguments_append
    136. 

  136. else
    137. 

  137. 	# If saved cred.txt is not found, we just connect to the config and user
    138. 

  138. 	# will be asked for username and passphrase.
    139. 

  139. 	$subin openvpn --config "ovpns/$chosen" $openvpn_cli_arguments_append
    140. 

  140. fi
    141. 

  141.