mirror of
https://github.com/MarkusMcNugen/docker-qBittorrentvpn
synced 2024-11-25 12:04:58 +00:00
150 lines
5.9 KiB
Bash
Executable File
150 lines
5.9 KiB
Bash
Executable File
#!/bin/bash
|
|
# Forked from binhex's OpenVPN dockers
|
|
set -e
|
|
|
|
# check for presence of network interface docker0
|
|
check_network=$(ifconfig | grep docker0 || true)
|
|
|
|
# if network interface docker0 is present then we are running in host mode and thus must exit
|
|
if [[ ! -z "${check_network}" ]]; then
|
|
echo "[crit] Network type detected as 'Host', this will cause major issues, please stop the container and switch back to 'Bridge' mode" && exit 1
|
|
fi
|
|
|
|
export VPN_ENABLED=$(echo "${VPN_ENABLED}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${VPN_ENABLED}" ]]; then
|
|
echo "$(date) [info] VPN_ENABLED defined as '${VPN_ENABLED}'"
|
|
else
|
|
echo "$(date) [warn] VPN_ENABLED not defined,(via -e VPN_ENABLED), defaulting to 'yes'"
|
|
export VPN_ENABLED="yes"
|
|
fi
|
|
|
|
if [[ $VPN_ENABLED == "yes" ]]; then
|
|
# create directory to store openvpn config files
|
|
mkdir -p /config/openvpn
|
|
# set perms and owner for files in /config/openvpn directory
|
|
set +e
|
|
chown -R "${PUID}":"${PGID}" "/config/openvpn" &> /dev/null
|
|
exit_code_chown=$?
|
|
chmod -R 775 "/config/openvpn" &> /dev/null
|
|
exit_code_chmod=$?
|
|
set -e
|
|
if (( ${exit_code_chown} != 0 || ${exit_code_chmod} != 0 )); then
|
|
echo "$(date) [warn] Unable to chown/chmod /config/openvpn/, assuming SMB mountpoint"
|
|
fi
|
|
|
|
# wildcard search for openvpn config files (match on first result)
|
|
export VPN_CONFIG=$(find /config/openvpn -maxdepth 1 -name "*.ovpn" -print -quit)
|
|
|
|
# if ovpn file not found in /config/openvpn then exit
|
|
if [[ -z "${VPN_CONFIG}" ]]; then
|
|
echo "[crit] No OpenVPN config file located in /config/openvpn/ (ovpn extension), please download from your VPN provider and then restart this container, exiting..." && exit 1
|
|
fi
|
|
echo "$(date) [info] OpenVPN config file (ovpn extension) is located at ${VPN_CONFIG}"
|
|
|
|
# convert CRLF (windows) to LF (unix) for ovpn
|
|
/usr/bin/dos2unix "${VPN_CONFIG}" 1> /dev/null
|
|
|
|
# parse values from ovpn file
|
|
export vpn_remote_line=$(cat "${VPN_CONFIG}" | awk '/remote / {print; exit}' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${vpn_remote_line}" ]]; then
|
|
echo "$(date) [info] VPN remote line defined as '${vpn_remote_line}'"
|
|
else
|
|
echo "[crit] VPN configuration file ${VPN_CONFIG} does not contain 'remote' line, showing contents of file before exit..."
|
|
cat "${VPN_CONFIG}" && exit 1
|
|
fi
|
|
export VPN_REMOTE=$(echo "${vpn_remote_line}" | awk '/remote / {print $2; exit}' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${VPN_REMOTE}" ]]; then
|
|
echo "$(date) [info] VPN_REMOTE defined as '${VPN_REMOTE}'"
|
|
else
|
|
echo "[crit] VPN_REMOTE not found in ${VPN_CONFIG}, exiting..." && exit 1
|
|
fi
|
|
export VPN_PORT=$(echo "${vpn_remote_line}" | awk '/remote / {print $3; exit}' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${VPN_PORT}" ]]; then
|
|
echo "$(date) [info] VPN_PORT defined as '${VPN_PORT}'"
|
|
else
|
|
echo "[crit] VPN_PORT not found in ${VPN_CONFIG}, exiting..." && exit 1
|
|
fi
|
|
export VPN_PROTOCOL=$(cat "${VPN_CONFIG}" | awk '/proto / {print $2; exit}' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${VPN_PROTOCOL}" ]]; then
|
|
echo "$(date) [info] VPN_PROTOCOL defined as '${VPN_PROTOCOL}'"
|
|
else
|
|
export VPN_PROTOCOL=$(echo "${vpn_remote_line}" | grep -m 1 'udp\|tcp$' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${VPN_PROTOCOL}" ]]; then
|
|
echo "$(date) [info] VPN_PROTOCOL defined as '${VPN_PROTOCOL}'"
|
|
else
|
|
echo "$(date) [warn] VPN_PROTOCOL not found in ${VPN_CONFIG}, assuming udp"
|
|
export VPN_PROTOCOL="udp"
|
|
fi
|
|
fi
|
|
|
|
# required for use in iptables
|
|
if [[ "${VPN_PROTOCOL}" == "tcp-client" ]]; then
|
|
export VPN_PROTOCOL="tcp"
|
|
fi
|
|
|
|
VPN_DEVICE_TYPE=$(cat "${VPN_CONFIG}" | awk '/dev / {print $2; exit}' | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${VPN_DEVICE_TYPE}" ]]; then
|
|
export VPN_DEVICE_TYPE="${VPN_DEVICE_TYPE}0"
|
|
echo "$(date) [info] VPN_DEVICE_TYPE defined as '${VPN_DEVICE_TYPE}'"
|
|
else
|
|
echo "[crit] VPN_DEVICE_TYPE not found in ${VPN_CONFIG}, exiting..." && exit 1
|
|
fi
|
|
# get values from env vars as defined by user
|
|
export LAN_NETWORK=$(echo "${LAN_NETWORK}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${LAN_NETWORK}" ]]; then
|
|
echo "$(date) [info] LAN_NETWORK defined as '${LAN_NETWORK}'"
|
|
else
|
|
echo "[crit] LAN_NETWORK not defined (via -e LAN_NETWORK), exiting..." && exit 1
|
|
fi
|
|
export NAME_SERVERS=$(echo "${NAME_SERVERS}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${NAME_SERVERS}" ]]; then
|
|
echo "$(date) [info] NAME_SERVERS defined as '${NAME_SERVERS}'"
|
|
else
|
|
echo "$(date) [warn] NAME_SERVERS not defined (via -e NAME_SERVERS), defaulting to Google and FreeDNS name servers"
|
|
export NAME_SERVERS="8.8.8.8,37.235.1.174,8.8.4.4,37.235.1.177"
|
|
fi
|
|
export VPN_OPTIONS=$(echo "${VPN_OPTIONS}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
if [[ ! -z "${VPN_OPTIONS}" ]]; then
|
|
echo "$(date) [info] VPN_OPTIONS defined as '${VPN_OPTIONS}'"
|
|
else
|
|
echo "$(date) [info] VPN_OPTIONS not defined (via -e VPN_OPTIONS)"
|
|
export VPN_OPTIONS=""
|
|
fi
|
|
elif [[ $VPN_ENABLED == "no" ]]; then
|
|
echo "$(date) [warn] !!IMPORTANT!! You have set the VPN to disabled, you will NOT be secure!"
|
|
fi
|
|
|
|
# split comma seperated string into list from NAME_SERVERS env variable
|
|
IFS=',' read -ra name_server_list <<< "${NAME_SERVERS}"
|
|
|
|
# process name servers in the list
|
|
for name_server_item in "${name_server_list[@]}"; do
|
|
|
|
# strip whitespace from start and end of lan_network_item
|
|
name_server_item=$(echo "${name_server_item}" | sed -e 's~^[ \t]*~~;s~[ \t]*$~~')
|
|
|
|
echo "$(date) [info] Adding ${name_server_item} to resolv.conf"
|
|
echo "nameserver ${name_server_item}" >> /etc/resolv.conf
|
|
|
|
done
|
|
|
|
if [[ -z "${PUID}" ]]; then
|
|
echo "$(date) [info] PUID not defined. Defaulting to root user"
|
|
export PUID="root"
|
|
fi
|
|
|
|
if [[ -z "${PGID}" ]]; then
|
|
echo "$(date) [info] PGID not defined. Defaulting to root group"
|
|
export PGID="root"
|
|
fi
|
|
|
|
if [[ $VPN_ENABLED == "yes" ]]; then
|
|
echo "$(date) [info] Starting OpenVPN..."
|
|
cd /config/openvpn
|
|
exec openvpn --config ${VPN_CONFIG} &
|
|
#exec /bin/bash /etc/openvpn/openvpn.init start &
|
|
exec /bin/bash /etc/qbittorrent/iptables.sh
|
|
else
|
|
exec /bin/bash /etc/qbittorrent/start.sh
|
|
fi
|