AlcibiadesCleinias · September 2, 2021 16:32
diff --git a/openvpn-github-action.yml b/openvpn-github-action.yml
 #  I present how with vanilla bash you can connect an GitHub Action runner to a private network
 #  via an OpenVPN config file.
 #  
 #  ## Briefly
 #  The workflow uses github secretes: config, username and passwrod to connect via openvpn in daemon mode.
 #  To be sure that connection established I added bash script to ping during 30 seconds a desired host.
 #  
 #  ## Workflow
 #  1. Put ovpn config into github secrets (remove special symbols like quotes): OPENVPN_FILE
 #  2. Put you login and password into github secrets (mask special symbols with slash): 
 #  OPENVPN_USERNAME, OPENVPN_PASSWROD
 #  3. Mark the host you want to ping during connection establishing in env below
 #  
 #  ## Competitors:
 #  - https://github.com/golfzaptw/action-connect-ovpn#Example-prepare-file-.ovpn
 #  I found the doc composed badly and unclearly (there is also advice to collect openvpn config under git)
 #  - https://github.com/kota65535/github-openvpn-connect-action
 #  I did not test it (a few stars (5), sry)

 name: OpenVpn connect
 on:
  workflow_dispatch:  # todo

 env:
  PING_HOST: 10.90.12.18  # todo

 jobs:
  workflow-with-openvpn:
    name: connect runner to openvpn network and proceed commands
    runs-on: ubuntu-latest
    timeout-minutes: 3

    steps:
      - name: install Open VPN
        run: sudo apt-get install openvpn

      - name: create openVpn config files
        run: |
          echo """${{ secrets.OPENVPN_FILE }}""" > ./config.ovpn
          echo "${{ secrets.OPENVPN_USERNAME }}" > ./login.ovpn
          echo "${{ secrets.OPENVPN_PASSWORD }}" >> ./login.ovpn

      - name: Connect VPN
        run: |
          sudo openvpn --config config.ovpn --auth-user-pass login.ovpn --daemon

      - name: check connection by ping
        run: |
          echo """
          #!/bin/bash
          ping -w 30000 -c 2 \$1 > /dev/null
          if [ \$? -eq 0 ]
            then
              echo ping is ok
              exit 0
            else
              echo ping failed
              exit 1
          fi
          """ > ping_test.sh
          chmod +x ping_test.sh
          ./ping_test.sh ${{ env.PING_HOST }}

      - name: example of commands after the openvpn conection established  # todo
        uses: appleboy/ssh-action@master
        with:
          host: ${{ env.SSH_HOST }}
          username: ${{ env.SSH_USER }}
          key: ${{ secrets.SSH_KEY }}
          passphrase: ${{ secrets.SSH_PASS_PHRASE }}
          script_stop: true
          script: |
            whoami
            pwd
            ls -l
	# I present how with vanilla bash you can connect an GitHub Action runner to a private network
	# via an OpenVPN config file.
	#
	# ## Briefly
	# The workflow uses github secretes: config, username and passwrod to connect via openvpn in daemon mode.
	# To be sure that connection established I added bash script to ping during 30 seconds a desired host.
	#
	# ## Workflow
	# 1. Put ovpn config into github secrets (remove special symbols like quotes): OPENVPN_FILE
	# 2. Put you login and password into github secrets (mask special symbols with slash):
	# OPENVPN_USERNAME, OPENVPN_PASSWROD
	# 3. Mark the host you want to ping during connection establishing in env below
	#
	# ## Competitors:
	# - https://github.com/golfzaptw/action-connect-ovpn#Example-prepare-file-.ovpn
	# I found the doc composed badly and unclearly (there is also advice to collect openvpn config under git)
	# - https://github.com/kota65535/github-openvpn-connect-action
	# I did not test it (a few stars (5), sry)

	name: OpenVpn connect
	on:
	workflow_dispatch: # todo

	env:
	PING_HOST: 10.90.12.18 # todo

	jobs:
	workflow-with-openvpn:
	name: connect runner to openvpn network and proceed commands
	runs-on: ubuntu-latest
	timeout-minutes: 3

	steps:
	- name: install Open VPN
	run: sudo apt-get install openvpn

	- name: create openVpn config files
	run: \|
	echo """${{ secrets.OPENVPN_FILE }}""" > ./config.ovpn
	echo "${{ secrets.OPENVPN_USERNAME }}" > ./login.ovpn
	echo "${{ secrets.OPENVPN_PASSWORD }}" >> ./login.ovpn

	- name: Connect VPN
	run: \|
	sudo openvpn --config config.ovpn --auth-user-pass login.ovpn --daemon

	- name: check connection by ping
	run: \|
	echo """
	#!/bin/bash
	ping -w 30000 -c 2 \$1 > /dev/null
	if [ \$? -eq 0 ]
	then
	echo ping is ok
	exit 0
	else
	echo ping failed
	exit 1
	fi
	""" > ping_test.sh
	chmod +x ping_test.sh
	./ping_test.sh ${{ env.PING_HOST }}

	- name: example of commands after the openvpn conection established # todo
	uses: appleboy/ssh-action@master
	with:
	host: ${{ env.SSH_HOST }}
	username: ${{ env.SSH_USER }}
	key: ${{ secrets.SSH_KEY }}
	passphrase: ${{ secrets.SSH_PASS_PHRASE }}
	script_stop: true
	script: \|
	whoami
	pwd
	ls -l