nordvpn


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

#!/usr/bin/sh

get_service() {
    systemctl --type=service | grep openvpn-client@nordvpn | awk '{print $1}'
}

run_ping() {
    remote=$(grep -E '^remote [0-9.]+ [0-9]+$' $1 | cut -d ' ' -f 2)
    test ! -z "$remote" || exit 1
    bin=$(which ping)
    test $? -eq 0 || echo "ping not found, please install iputils"
    $bin -c 4 -A $remote | tail -n 1 | cut -d / -f 5
}

progress_bar()
{
    pct=$(echo "${1} / ${2}" | bc -l)
    hashes=$(printf "%0.s#" $(seq $(echo "$pct * 73 + 1" | bc )))
    spaces=$(printf "%0.s " $(seq $(echo "(1 - $pct) * 73" | bc)))
    printf "\r%s%s %5.1f%%" "$hashes" "$spaces" "$(echo "$pct * 100" | bc)"
}

end_progress_bar()
{
    hashes=$(printf "%0.s#" $(seq 73))
    printf "\r%s 100.0%%\n" "$hashes"
}

update_files()
{
    local targetdir=/etc/openvpn/client/nordvpn
    mkdir -p $targetdir
    local tmpdir=$(mktemp -d)
    cd $tmpdir

    echo "Downloading nordvpn config files..."
    curl --progress-bar -o nordvpn.zip https://nordvpn.com/api/files/zip || exit 1
    # cp ~nicolas/abs/openvpn-nordvpn/zip nordvpn.zip || exit 1
    mkdir conf
    unzip -q nordvpn.zip -d conf || exit 2

    echo "Patching and installing files..."
    test -f $targetdir/credentials.conf && cp $targetdir/credentials.conf .
    find /etc/openvpn/client -name 'nordvpn_*.conf' | xargs -r rm
    rm -rf $targetdir/conf && mkdir -p $targetdir/conf

    nb_files=$(find conf -name '*udp1194.ovpn' | wc -l)
    idx=0
    for f in $(find conf -name '*udp1194.ovpn'); do
        progress_bar $idx $nb_files
        sed 's/^auth-user-pass.*$/auth-user-pass \/etc\/openvpn\/client\/nordvpn\/credentials.conf/g' -i $f
        echo "" >> $f
        echo "script-security 2" >> $f
        echo "up /etc/openvpn/client/nordvpn/updown" >> $f
        echo "down /etc/openvpn/client/nordvpn/updown" >> $f
        install -D -m 444 $f $targetdir/conf/$(basename $f)
        ln -s $targetdir/conf/$(basename $f) /etc/openvpn/client/nordvpn_$(echo $(basename $f) | cut -d '.' -f 1).conf
        idx=$(( $idx + 1 ))
    done
    end_progress_bar

    if [ -f credentials.conf ]; then
        cp credentials.conf /etc/openvpn/client/nordvpn/credentials.conf
    else
        echo "login" > /etc/openvpn/client/nordvpn/credentials.conf
        echo "password" >> /etc/openvpn/client/nordvpn/credentials.conf
        chmod 400 /etc/openvpn/client/nordvpn/credentials.conf
        echo "Please update /etc/openvpn/client/nordvpn/credentials.conf"
    fi

    rm -rf $tmpdir
}

print_usage() {
    echo "usage: $(basename $0) [options] command [args]"
    echo "Available options:"
    echo "    -v  be verbose, show commands and variables"
    echo "    -h  print this help and exit"
    echo "Available commands:"
    echo "    list [server_name_pattern]"
    echo "        List available servers."
    echo "    ping server_name"
    echo "        Show round trip latency"
    echo "    rank [server_name_pattern]"
    echo "        Ping all servers matching pattern and rank them"
    echo "    status"
    echo "        Show current systemd service status, if any."
    echo "    start|stop|restart server_name"
    echo "        Start, stop or restart systemd service for specified server."
    echo "    update"
    echo "        Download and install nordvpn config files."
}

while getopts "vh" opt
do
    case $opt in
        v)
            set -x
            shift
            ;;
        *)
            print_usage
            exit $(test $opt == "h")
            ;;
    esac
done

command=$1
shift

case $command in
    list)
        find /etc/openvpn/client/ -type l -name "nordvpn_*${1}*.conf" \
             | xargs -L1 basename \
             | cut -d _ -f 2 \
             | cut -d . -f 1 \
             | sort -g
        ;;
    ping)
        file=/etc/openvpn/client/nordvpn_${1}.conf
        test -f "$file" || exit 1
        run_ping $file
        ;;
    rank)
        tmp=$(mktemp)
        for f in $(find /etc/openvpn/client/ -type l -name "nordvpn_*${1}*.conf")
        do
            echo $(basename $f .conf | cut -d _ -f 2) $(run_ping $f) >> $tmp
        done
        sort -k 2 -n $tmp
        rm -f $tmp
        ;;
    status)
        service=$(get_service)
        test -z "$service" || systemctl status $service
        ;;
    start)
        service=$(get_service)
        test -z "$service" || $0 stop
        if [[ -x /etc/openvpn/vpnfailsafe.sh ]]; then
            ln -fs /etc/openvpn/vpnfailsafe.sh /etc/openvpn/client/nordvpn/updown
        else
            ln -fs /etc/openvpn/update-resolv-conf /etc/openvpn/client/nordvpn/updown
        fi
        if [[ ! -f /etc/openvpn/client/nordvpn_${1}.conf ]]; then
            echo "${1} is not a valid nordvpn server. Exiting."
            exit 1
        fi
        systemctl $command openvpn-client@nordvpn_${1}
        ;;
    stop|restart)
        service=$(get_service)
        test -z "$service" || systemctl $command $service
        ;;
    update)
        update_files
        ;;
    *)
        print_usage
        exit 1
        ;;
esac