1
1
mirror of https://github.com/namibia/openvpn-install.git synced 2025-01-03 03:40:12 +00:00

Fix Public IP detection - Fix issue when seeip.org is unreachable #1241 (#1243)

The script does work when seeip.org is unreachable, so I changed the policy to define the public IP.

It solves the issue #1241

* Timeout limit on each try to solve the IP to avoid long waits;
* Extra public IP providers as failovers;
* the script only will try to solve an IP if the ENDPOINT is empty;

Co-authored-by: Stanislas <github@slange.me>
This commit is contained in:
Raphael Pinto 2024-11-07 19:55:14 +00:00 committed by GitHub
parent dc114f3243
commit e1f19e0f24
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -216,6 +216,45 @@ access-control: fd42:42:42:42::/112 allow' >>/etc/unbound/openvpn.conf
systemctl restart unbound systemctl restart unbound
} }
function resolvePublicIP() {
# IP version flags, we'll use as default the IPv4
CURL_IP_VERSION_FLAG="-4"
DIG_IP_VERSION_FLAG="-4"
# Behind NAT, we'll default to the publicly reachable IPv4/IPv6.
if [[ $IPV6_SUPPORT == "y" ]]; then
CURL_IP_VERSION_FLAG=""
DIG_IP_VERSION_FLAG="-6"
fi
# If there is no public ip yet, we'll try to solve it using: https://api.seeip.org
if [[ -z $PUBLIC_IP ]]; then
PUBLIC_IP=$(curl -f -m 5 -sS --retry 2 --retry-connrefused "$CURL_IP_VERSION_FLAG" https://api.seeip.org 2>/dev/null)
fi
# If there is no public ip yet, we'll try to solve it using: https://ifconfig.me
if [[ -z $PUBLIC_IP ]]; then
PUBLIC_IP=$(curl -f -m 5 -sS --retry 2 --retry-connrefused "$CURL_IP_VERSION_FLAG" https://ifconfig.me 2>/dev/null)
fi
# If there is no public ip yet, we'll try to solve it using: https://api.ipify.org
if [[ -z $PUBLIC_IP ]]; then
PUBLIC_IP=$(curl -f -m 5 -sS --retry 2 --retry-connrefused "$CURL_IP_VERSION_FLAG" https://api.ipify.org 2>/dev/null)
fi
# If there is no public ip yet, we'll try to solve it using: ns1.google.com
if [[ -z $PUBLIC_IP ]]; then
PUBLIC_IP=$(dig $DIG_IP_VERSION_FLAG TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
fi
if [[ -z $PUBLIC_IP ]]; then
echo >&2 echo "Couldn't solve the public IP"
exit 1
fi
echo "$PUBLIC_IP"
}
function installQuestions() { function installQuestions() {
echo "Welcome to the OpenVPN installer!" echo "Welcome to the OpenVPN installer!"
echo "The git repository is available at: https://github.com/angristan/openvpn-install" echo "The git repository is available at: https://github.com/angristan/openvpn-install"
@ -244,9 +283,12 @@ function installQuestions() {
echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?" echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?"
echo "We need it for the clients to connect to the server." echo "We need it for the clients to connect to the server."
PUBLICIP=$(curl -s https://api.ipify.org) if [[ -z $ENDPOINT ]]; then
DEFAULT_ENDPOINT=$(resolvePublicIP)
fi
until [[ $ENDPOINT != "" ]]; do until [[ $ENDPOINT != "" ]]; do
read -rp "Public IPv4 address or hostname: " -e -i "$PUBLICIP" ENDPOINT read -rp "Public IPv4 address or hostname: " -e -i "$DEFAULT_ENDPOINT" ENDPOINT
done done
fi fi
@ -625,17 +667,9 @@ function installOpenVPN() {
PASS=${PASS:-1} PASS=${PASS:-1}
CONTINUE=${CONTINUE:-y} CONTINUE=${CONTINUE:-y}
# Behind NAT, we'll default to the publicly reachable IPv4/IPv6. if [[ -z $ENDPOINT ]]; then
if [[ $IPV6_SUPPORT == "y" ]]; then ENDPOINT=$(resolvePublicIP)
if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused https://api.seeip.org); then
PUBLIC_IP=$(dig -6 TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
fi fi
else
if ! PUBLIC_IP=$(curl -f --retry 5 --retry-connrefused -4 https://api.seeip.org); then
PUBLIC_IP=$(dig -4 TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"')
fi
fi
ENDPOINT=${ENDPOINT:-$PUBLIC_IP}
fi fi
# Run setup questions first, and set other variables if auto-install # Run setup questions first, and set other variables if auto-install