Skip to content

Instantly share code, notes, and snippets.

@jonasjancarik

jonasjancarik/install_protonvpn.sh

Last active April 5, 2023 12:28
Show Gist options
  • Save jonasjancarik/b3d2e96d9a718428b992d73e3fa2222f to your computer and use it in GitHub Desktop.
Save jonasjancarik/b3d2e96d9a718428b992d73e3fa2222f to your computer and use it in GitHub Desktop.
Download ZIP
Install proton-vpn linux-cli-community (Ubuntu)
Raw
install_protonvpn.sh
#!/bin/bash
set -e
# colors
RED="\e[31m"
GREEN="\e[32m"
YELLOW="\e[33m"
ENDCOLOR="\e[0m"
function cleanup {
if [[ $? -ne 0 ]]; then
echo -e "${RED}Something went wrong...${ENDCOLOR}"
echo "Cleaning up..."
# Revert to the backup of desktop icons if they exist
if [[ -f ~/Desktop/protonvpn_connect.desktop.bak ]]; then
mv ~/Desktop/protonvpn_connect.desktop.bak ~/Desktop/protonvpn_connect.desktop || true
else
rm -f ~/Desktop/protonvpn_connect.desktop || true
fi
if [[ -f ~/Desktop/protonvpn_disconnect.desktop.bak ]]; then
mv ~/Desktop/protonvpn_disconnect.desktop.bak ~/Desktop/protonvpn_disconnect.desktop || true
else
rm -f ~/Desktop/protonvpn_disconnect.desktop || true
fi
# Reinstall existing protonvpn if backup exists
if [[ -f /tmp/protonvpn.tar.gz ]]; then
sudo tar -C /usr/local/bin/ -xzf /tmp/protonvpn.tar.gz
sudo rm -f /tmp/protonvpn.tar.gz
fi
# Stop and disable the openvpn_sssd_backend_check.service during cleanup
sudo systemctl stop openvpn_sssd_backend_check.service > /dev/null 2>&1 || true
sudo systemctl disable openvpn_sssd_backend_check.service > /dev/null 2>&1 || true
# Remove the openvpn_sssd_backend_check.sh file during cleanup
sudo rm -f /usr/local/bin/openvpn_sssd_backend_check.sh || true
fi
}
trap cleanup EXIT
echo "==========================="
echo "= ="
echo "= ProtonVPN CLI Community ="
echo "= ~custom setup script~ ="
echo "= ="
echo "==========================="
echo ""
echo "This script will install ProtonVPN CLI, set up desktop icons and a few other things."
echo ""
############################################
# Install ProtonVPN and desktop icons etc. #
############################################
# check if pip3 is installed
if ! command -v pip3 &> /dev/null
then
echo "Installing python3-pip..."
sudo apt update > /dev/null 2>&1 | grep -iE 'error|warning' || true
sudo apt install python3-pip -y > /dev/null 2>&1 | grep -iE 'error|warning' || true
fi
if ! command -v dialog &> /dev/null
then
echo "Installing dialog..."
sudo apt update > /dev/null 2>&1 | grep -iE 'error|warning' || true
sudo apt install dialog -y > /dev/null 2>&1 | grep -iE 'error|warning' || true
fi
# Backup existing protonvpn installation
if command -v protonvpn &> /dev/null; then
sudo tar -C /usr/local/bin/ -czf /tmp/protonvpn.tar.gz $(which protonvpn) > /dev/null 2>&1
fi
echo "Installing protonvpn-cli-community..."
sudo pip3 install -q --upgrade --force-reinstall git+https://github.com/jonasjancarik/protonvpn-cli-community.git 2>&1 | grep -iE 'error' || true
echo "Creating desktop shortcuts..."
# Backup existing desktop shortcuts
[[ -f ~/Desktop/protonvpn_connect.desktop ]] && cp ~/Desktop/protonvpn_connect.desktop ~/Desktop/protonvpn_connect.desktop.bak
[[ -f ~/Desktop/protonvpn_disconnect.desktop ]] && cp ~/Desktop/protonvpn_disconnect.desktop ~/Desktop/protonvpn_disconnect.desktop.bak
if [[ "${SSSD_DOMAIN}" ]]; then
echo -e "[Desktop Entry]\nType=Application\nName=ProtonVPN - Connect\nExec=sh -c \"/usr/local/bin/protonvpn_connect_with_split_tunnel_for_ad.sh && notify-send -t 5 'You are now connected using ProtonVPN' || notify-send 'Failed to connect to ProtonVPN'\"\nIcon=gtk-connect\nTerminal=true" > ~/Desktop/protonvpn_connect.desktop
else
echo -e "[Desktop Entry]\nType=Application\nName=ProtonVPN - Connect\nExec=sh -c \"sudo protonvpn c && notify-send -t 5 'You are now connected using ProtonVPN' || notify-send 'Failed to connect to ProtonVPN'\"\nIcon=gtk-connect\nTerminal=true" > ~/Desktop/protonvpn_connect.desktop
fi
echo -e "[Desktop Entry]\nType=Application\nName=ProtonVPN - Disconnect\nExec=sh -c \"sudo protonvpn disconnect; echo 'ProtonVPN connection closed'; sudo pkill -f '^openvpn'\"\nIcon=gtk-disconnect\nTerminal=false" > ~/Desktop/protonvpn_disconnect.desktop
chmod 775 ~/Desktop/protonvpn_connect.desktop
chmod 775 ~/Desktop/protonvpn_disconnect.desktop
failed_to_allow_launching=false
gio set ~/Desktop/protonvpn_connect.desktop metadata::trusted true > /dev/null 2>&1 || failed_to_allow_launching=true
gio set ~/Desktop/protonvpn_disconnect.desktop metadata::trusted true > /dev/null 2>&1 || failed_to_allow_launching=true
if [[ $failed_to_allow_launching == "true" ]]; then
echo -e "${YELLOW}[!] You might have to right-click the desktop icons and choose \"Allow Launching\"${ENDCOLOR}"
fi
# set default protonvpn config - in case the user has already initialised it using an older version
config_file="$HOME/.pvpn-cli/pvpn-cli.cfg"
if [[ -f "$config_file" ]]; then
grep -q "^\[USER\]$" "$config_file" || echo -e "\n[USER]" >> "$config_file"
for option in "ignore_ping_restart=0" "ping=0" "ping_exit=0"; do
key=$(echo "$option" | cut -d= -f1)
value=$(echo "$option" | cut -d= -f2)
if ! grep -q "^$key" "$config_file"; then
sed -i "/^\[USER\]$/a $key=$value" "$config_file"
fi
done
fi
############################
# Set up connection script #
############################
if [[ "${SSSD_DOMAIN}" ]]; then
echo "Setting up connection script..."
cat << EOF | sudo tee /usr/local/bin/protonvpn_connect_with_split_tunnel_for_ad.sh > /dev/null
#!/bin/bash
# Run the sssctl command and store the output in a variable
output=\$(sudo sssctl domain-status ${SSSD_DOMAIN})
# Extract the Discovered AD Domain Controller server lines
dc_lines=\$(echo "\$output" | grep "Discovered AD Domain Controller servers:" -A 1000 | tail -n +2)
# Extract domain names from the lines and join them with commas
dc_domains=\$(echo "\$dc_lines" | awk '{print \$2}' | paste -sd "," -)
# Run the protonvpn command with the extracted domain names
sudo protonvpn connect --split-tunnel "\$dc_domains"
EOF
sudo chmod +x /usr/local/bin/protonvpn_connect_with_split_tunnel_for_ad.sh
fi
################################
# Install connectivity checker #
################################
# The connectivity checker is a script that runs in the background and checks if the SSSD backend is online.
# Ideally, the split-tunneling should ensure that the backend stays online, but it doesn't seem to work reliably.
if [[ -n "${SSSD_DOMAIN}" ]]; then
echo "Installing SSSD domain connectivity check script for ${SSSD_DOMAIN}..."
# Create the host connectivity check script
cat << EOF | sudo tee /usr/local/bin/openvpn_sssd_backend_check.sh > /dev/null
#!/bin/bash
LOG_FILE="/var/log/openvpn_sssd_backend_check.log"
SSSD_DOMAIN=$SSSD_DOMAIN
while true; do
DOMAIN_STATUS_RESULT=1
if sudo sssctl domain-status \$SSSD_DOMAIN | grep -q "Online status: Offline"; then
DOMAIN_STATUS_RESULT=1
else
DOMAIN_STATUS_RESULT=0
fi
if [[ \$DOMAIN_STATUS_RESULT -eq 0 ]]; then
# Domain status is OK, do nothing
:
else
echo "\$(date '+%Y-%m-%d %H:%M:%S') - SSSD backend offline (\${SSSD_DOMAIN}). Killing OpenVPN process." | sudo tee -a \$LOG_FILE > /dev/null
sudo pkill -f "^openvpn"
fi
sleep 10
done
EOF
# Make the script executable
sudo chmod +x /usr/local/bin/openvpn_sssd_backend_check.sh
# Create the systemd service file
cat << 'EOF' | sudo tee /etc/systemd/system/openvpn_sssd_backend_check.service > /dev/null
[Unit]
Description=Periodic host connectivity check service and kill OpenVPN if connectivity is not working
[Service]
Type=simple
ExecStart=/usr/local/bin/openvpn_sssd_backend_check.sh
Restart=always
RestartSec=10
[Install]
WantedBy=multi-user.target
EOF
# Check if the service is installed
if systemctl list-unit-files | grep -q "openvpn_sssd_backend_check.service"; then
# Service is installed
service_status=$(systemctl is-active openvpn_sssd_backend_check.service || true)
# Reload the systemd configuration
sudo systemctl daemon-reload
# If the service is running, restart it; otherwise, start it
if [ "$service_status" == "active" ]; then
sudo systemctl restart openvpn_sssd_backend_check.service
else
sudo systemctl start openvpn_sssd_backend_check.service
fi
else
# Service is not installed, enable and start it
sudo systemctl enable openvpn_sssd_backend_check.service > /dev/null
sudo systemctl start openvpn_sssd_backend_check.service
fi
fi
#####################################################################
# Install the 'down' script (run when the VPN connection is closed) #
#####################################################################
echo "Setting up a notification for when the VPN connection is closed..."
# Get the current user - we remove the domain from the username
USERNAME_NO_DOMAIN=$(echo $USERNAME | cut -d "@" -f1)
# Get the display variable
USER_DISPLAY=$(echo $DISPLAY)
# Set the output directory and file path
VPN_DOWN_SCRIPT="/usr/bin/protonvpn-down.sh"
# Write the protonvpn-down.sh script to the output file
sudo bash -c "cat > \"$VPN_DOWN_SCRIPT\"" << EOL
#!/bin/bash
sudo -u ${USERNAME_NO_DOMAIN} DISPLAY=${USER_DISPLAY} DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id -u ${USERNAME_NO_DOMAIN})/bus notify-send -u critical "ProtonVPN connection closed."
EOL
# Make the protonvpn-down.sh script executable
sudo chmod +x "$VPN_DOWN_SCRIPT"
################################
# Install status bar indicator #
################################
echo "Installing status bar indicator..."
# Add the PPA for indicator-sysmonitor
if ! grep -q "fossfreedom/indicator-sysmonitor" /etc/apt/sources.list /etc/apt/sources.list.d/*; then
sudo add-apt-repository ppa:fossfreedom/indicator-sysmonitor -y > /dev/null 2>&1 | grep -iE 'error|warning' || true
else
sudo apt update > /dev/null 2>&1 | grep -iE 'error|warning' || true
fi
# Install indicator-sysmonitor
sudo apt install indicator-sysmonitor -y > /dev/null 2>&1 | grep -iE 'error|warning' || true
# Write the monitor configuration to the ~/.indicator-sysmonitor.json file
echo '{"custom_text": "{openvpn}", "interval": 2.0, "on_startup": false, "sensors": {"cpu\\d*": ["Average CPU usage", true], "nvgpu": ["Nvidia GPU utilization", true], "mem": ["Physical memory in use.", true], "net": ["Network activity.", true], "netcomp": ["Network activity in Compact form.", true], "totalnet": ["Total Network activity.", true], "bat\\d*": ["Battery capacity.", true], "fs//.+": ["Available space in file system.", true], "swap": ["Average swap usage", true], "upordown": ["Display if your internet connection is up or down", true], "publicip": ["Display your public IP address", true], "cputemp": ["CPU temperature", true], "nvgputemp": ["Nvidia GPU Temperature", true], "openvpn": ["Check VPN connection status", "pgrep -f \"^openvpn\" > /dev/null && echo \"VPN running\" || echo \"VPN not running\""]}}' > ~/.indicator-sysmonitor.json
# Launch indicator-sysmonitor
sudo pkill -f '.*indicator-sysmonitor' 2>&1 || true
(
indicator-sysmonitor > /dev/null 2>&1 & indicator_pid=$!
sleep 3
if ! kill -0 $indicator_pid 2>/dev/null; then
echo -e "${YELLOW}Failed to start status bar indicator. Please manually start the status bar indicator by searching for \"indicator\" in the apps menu. It will show up as \"System Monitor...\"${ENDCOLOR}"
exit 1
fi
) || true
# Remove desktop icon backups
rm ~/Desktop/protonvpn_connect.desktop.bak > /dev/null 2>&1 || true
rm ~/Desktop/protonvpn_disconnect.desktop.bak > /dev/null 2>&1 || true
echo -e "${GREEN}Setup completed.${ENDCOLOR}\n"
# ask the user if they want to run the ProtonVPN setup
if [[ -z "${PROTONVPN_SETUP}" ]]; then
if [[ -t 0 ]]; then
read -p "Do you want to run the ProtonVPN setup now? (Y/n) " -n 1 -r
echo
if [[ -z $REPLY ]] || [[ $REPLY =~ ^[Yy]$ ]]; then
sudo protonvpn init || true
fi
else
echo "Running in a pipeline; cannot ask for user input."
echo "To initialise ProtonVPN, run 'sudo protonvpn init'"
fi
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment