From f5f8e60a52d7d1897b6bba22cf8edf44f880f230 Mon Sep 17 00:00:00 2001 From: lluked <17367626+lluked@users.noreply.github.com> Date: Fri, 15 Dec 2023 21:30:50 +0000 Subject: [PATCH] Initial commit --- .env.example | 3 ++ .gitignore | 1 + README.md | 17 ++++++++++ build/Dockerfile | 19 +++++++++++ build/get_wireguard_config.sh | 60 +++++++++++++++++++++++++++++++++++ docker-compose.yml | 16 ++++++++++ output/.gitignore | 2 ++ 7 files changed, 118 insertions(+) create mode 100644 .env.example create mode 100644 .gitignore create mode 100644 README.md create mode 100644 build/Dockerfile create mode 100755 build/get_wireguard_config.sh create mode 100644 docker-compose.yml create mode 100644 output/.gitignore diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..4975fa6 --- /dev/null +++ b/.env.example @@ -0,0 +1,3 @@ +TOKEN=NORDVPN_TOKEN +# API_QUERY="https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1" +# DNS_SERVER=1.1.1.1 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4c49bd7 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.env diff --git a/README.md b/README.md new file mode 100644 index 0000000..a563c96 --- /dev/null +++ b/README.md @@ -0,0 +1,17 @@ +# Get NordVPN WireGuard Config + +Use docker compose to construct wireguard config for NordVPN connections + +## Usage +- Copy .env.example to .env `cp .env.example .env` +- Update TOKEN variable within .env +- API_QUERY for server has basic filters but can be changed as needed +- DNS_SERVER is set to quad9 but can also be changed as needed +- Start with compose `docker-compose up -d` +- Config is available in output directory and container logs `docker logs nordvpn_get_wireguard_config` +- Remove the container `docker-compose down` + +## Links +[Script is based on this gist and its comments ](https://gist.github.com/bluewalk/7b3db071c488c82c604baf76a42eaad3) + +[Docker image is based on this NordVPN support article](https://support.nordvpn.com/Connectivity/Linux/1507838432/How-to-build-the-NordVPN-Docker-image.html) diff --git a/build/Dockerfile b/build/Dockerfile new file mode 100644 index 0000000..18e03c3 --- /dev/null +++ b/build/Dockerfile @@ -0,0 +1,19 @@ +FROM ubuntu:22.04 + +ARG NORDVPN_VERSION=${NORDVPN_VERSION:-3.16.5} +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && \ + apt-get install -y curl iputils-ping wireguard-tools jq && \ + curl https://repo.nordvpn.com/deb/nordvpn/debian/pool/main/nordvpn-release_1.0.0_all.deb -o "/tmp/nordrepo.deb" && \ + apt-get install -y /tmp/nordrepo.deb && \ + apt-get update && \ + apt-get install -y nordvpn${NORDVPN_VERSION:+=$NORDVPN_VERSION} && \ + apt-get remove -y wget nordvpn-release && \ + rm /tmp/nordrepo.deb && \ + apt-get clean + +COPY get_wireguard_config.sh ./get_wireguard_config.sh + +ENTRYPOINT /etc/init.d/nordvpn start && sleep 5 && /bin/bash -c "$@" +CMD ./get_wireguard_config.sh diff --git a/build/get_wireguard_config.sh b/build/get_wireguard_config.sh new file mode 100755 index 0000000..89a8462 --- /dev/null +++ b/build/get_wireguard_config.sh @@ -0,0 +1,60 @@ +#!/bin/bash + +# Get the chosen server +api_response=$(curl -s ${API_QUERY:-"https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1"}) +server_identifier=$(jq -r '.[]|.hostname' <<< "$api_response" | cut -d "." -f 1) +server_hostname=$(jq -r '.[]|.hostname' <<< "$api_response") +server_ip=$(jq -r '.[]|.station' <<< "$api_response") +server_city=$(jq -r '.[]|(.locations|.[]|.country|.city.name)' <<< "$api_response") +server_country=$(jq -r '.[]|(.locations|.[]|.country|.name)' <<< "$api_response") +server_public_key=$(jq -r '.[]|(.technologies|.[].metadata|.[].value)' <<< "$api_response") + +echo "#################### Recommended Server ####################" +echo "Server Identifier: $server_identifier" +echo "Hostname: $server_hostname" +echo "IP: $server_ip" +echo "City: $server_city" +echo "Country: $server_country" +echo "Server Public Key: $server_public_key" +echo "############################################################" +echo "" + +# Get client details +nordvpn login --token "${TOKEN}" +nordvpn set technology NordLynx 2>&1 >/dev/null +nordvpn connect "$server_identifier" 2>&1 >/dev/null + +client_private_key=$(wg show nordlynx private-key) +client_ip_address=$(ip -o addr show dev nordlynx | awk '$3 == "inet" {print $4}') + +echo "###################### Client Details ######################" +echo "Private Key: $client_private_key" +echo "IP Address: $client_ip_address" +echo "############################################################" +echo "" + +# Construct config +config=$(cat << EOF +# Configuration for $server_hostname ($server_ip) - $server_city, $server_country +[Interface] +Address = $client_ip_address +PrivateKey = $client_private_key +DNS = ${DNS_SERVER:-9.9.9.9} + +[Peer] +PublicKey = $server_public_key +AllowedIPs = 0.0.0.0/0 +Endpoint = $server_hostname:51820 +EOF +) + +echo "##################### WireGuard Config #####################" +echo "$config" +echo "############################################################" + +# Write config +rm -f -r /output/* +echo "$config" > "/output/nordvpn-$server_identifier.conf" + +# Disconnect +nordvpn disconnect diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..6e9fc11 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,16 @@ + +services: + + nordvpn_get_wireguard_config: + image: nordvpn_get_wireguard_config + build: + context: "./build" + container_name: nordvpn_get_wireguard_config + cap_add: + - NET_ADMIN + environment: + - TOKEN + - API_QUERY + - DNS_SERVER + volumes: + - ./output:/output diff --git a/output/.gitignore b/output/.gitignore new file mode 100644 index 0000000..d6b7ef3 --- /dev/null +++ b/output/.gitignore @@ -0,0 +1,2 @@ +* +!.gitignore