Merge pull request #9 from tmcphee/Working

Merge Working into Main

.github/workflows/docker-testing.yml

@@ -5,7 +5,7 @@ name: cyberghostvpn-testing
 # Controls when the action will run. Triggers the workflow on push or pull request
 # events but only for the main branch
 on:
-  release:
+  push:
     branches: [ working ]
 
 # A workflow run is made up of one or more jobs that can run sequentially or in parallel

ChangeLog.txt

@@ -0,0 +1,26 @@
+#1.1.4
+	- Ping to check Internet reachability every 30 minutes
+	- Error catching for incorrect login auth [config.ini]
+	- Changed default DNS to CloudFlare 1.1.1.1
+	- Error codes for tracing
+	- No cache headers added to IP and Location check
+	- Firewall Toggle ENV variable
+	- Protocal Select ENV Variable [WireGuard, OpenVPN]
+
+#1.1.3
+	- Run.sh factored into main script [start.sh] for speed improvements
+	- Variable printouts for Debugging
+	- Removed unused imports iptables, net-tools, and ifupdown
+
+#1.1.1
+	- Update CyberGhost CLI Version to 1.3.4
+	- New variables COUNTRY, ARGS, and NAMESERVER
+	- Updated Run.sh with new DNS sources, error catching, and tweaks
+	- Updated Start.sh to show VPN connection info after successful connection
+
+#1.0.1
+	- Added login by environment variables
+	- Fix for routing
+
+#1.0.0
+	- Initial Realease

Dockerfile

@@ -7,28 +7,38 @@ LABEL DOCKER="https://hub.docker.com/r/tmcphee/cyberghostvpn"
 ENV cyberghost_version=1.3.4
 ENV linux_version=18.04
 
-RUN apt update -y
-RUN apt upgrade -y
-RUN apt dist-upgrade -y
-RUN DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC
-RUN apt-get install -y tzdata
-RUN apt-get install -y lsb-core \
+ARG DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC
+
+#RUN yes | unminimize
+
+RUN apt-get update -y
+RUN apt-get install -y \
 	sudo \
 	wget \
 	unzip \
-	openresolv \
 	iproute2 \
+	openresolv \
 	ufw \
-	expect
-
-#Download, prepare and instll Cyberghost 
-RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-$linux_version-$cyberghost_version.zip -O cyberghostvpn_ubuntu.zip && \
+	expect \
+	iputils-ping \
+	curl \
+	lsb-release
+
+RUN apt-get update -y && \
+	apt-get autoremove -y && \
+	apt-get autoclean -y
+
+#Download, prepare and install CyberGhost CLI [COPY - CACHED VERSION]
+#RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-$linux_version-$cyberghost_version.zip -O cyberghostvpn_ubuntu.zip -U="Mozilla/5.0" && \
+COPY ver/cyberghostvpn-ubuntu-$linux_version-$cyberghost_version.zip ./
+RUN mv cyberghostvpn-ubuntu-$linux_version-$cyberghost_version.zip cyberghostvpn_ubuntu.zip && \
 	unzip cyberghostvpn_ubuntu.zip && \
 	mv cyberghostvpn-ubuntu-$linux_version-$cyberghost_version/* . && \
 	rm -r cyberghostvpn-ubuntu-$linux_version-$cyberghost_version  && \
 	rm cyberghostvpn_ubuntu.zip && \
 	sed -i 's/cyberghostvpn --setup/#cyberghostvpn --setup/g' install.sh && \
 	bash install.sh
+
 
 #Disable IPV6 on ufw
 RUN sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw

README.md

@@ -1,10 +1,10 @@
-<p alighn="center">
+<p align="center">
  <a href="https://www.cyberghostvpn.com/"> <img src="https://raw.githubusercontent.com/tmcphee/cyberghostvpn/main/.img/CyberGhost-Logo-Header.png"></a>
 </p>
 
 # CyberGhost VPN
 
-This is a WireGuard client docker that uses the CyberGhost Cli. It allows routing containers traffic through WireGuard.
+This is a WireGuard client docker that uses the CyberGhost CLI. It allows routing containers traffic through WireGuard.
 
 [Docker Image](https://hub.docker.com/r/tmcphee/cyberghostvpn)
 ###### Ubuntu 18.04 | CyberGhost 1.3.4
@@ -13,19 +13,24 @@ This is a WireGuard client docker that uses the CyberGhost Cli. It allows routin
 WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general-purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances.
 
 ## How to use this image
-Start the image using optional environment variables shown below. The end-user must supply a volume for local storage of the CyberGhost auth and token files. Supplied DNS is optional to avoid using ISP DNS during the initial connection. 
+Start the image using optional environment variables shown below. The end-user must supply a volume for local storage of the CyberGhost auth and token files. Supplied DNS is optional to avoid using ISP DNS during the initial connection. Ensure to run the image in privileged mode.
 ```
-docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \
-           -v /local/path/to/config:/home/root/.cyberghost:rw \
-           -e ACC=example@gmail.com \
-           -e PASS=mypassword \
-           -e COUNTRY=US \
-           -e NETWORK=192.168.1.0/24 \
-           -e WHITELISTPORTS=9090,8080 \
-           cyberghostvpn
+docker run 
+   -d 
+   --name='cyberghostvpn'
+   --net='bridge'
+   --privileged=true
+   --cap-add=NET_ADMIN 
+   -e TZ="America/New_York"
+   -e 'ACC'='example@gmail.com'
+   -e 'PASS'='mypassword'
+   -e 'COUNTRY'='US'
+   -e 'NETWORK'='192.168.1.0/24'
+   -e 'WHITELISTPORTS'='9090,8080'
+   -v '/local/path/to/config':'/home/root/.cyberghost:rw'
 ```
 
-Other containers can connect to this image using by using its network connection.
+Other containers can connect to this image by using its network connection.
 `--net=container:cyberghostvpn`
 ```
 docker run -d --net=container:cyberghostvpn other-container
@@ -36,8 +41,8 @@ Note: If the other containers have exposed ports for example a WEBUI. Forward th
 
 Add an environment variable called `COUNTRY` and set to the desired country. 
 Examples:
-- `United states` COUNTRY=US
-- `CANADA`        COUNTRY=CA
+- `United States` COUNTRY=US
+- `Canada`        COUNTRY=CA
 
 See [CyberGhost selecting a country or single server](https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux) for more details
 
@@ -47,7 +52,7 @@ Examples:
 - Cloudflare 1.1.1.1
 - Google 8.8.8.8
 
-This image will use CyberGhost Smart DNS if no Nameserver is provided. Automatic Smart DNS for countries US, NL, JP and GB. Default is US for all other countries
+This image will use CyberGhost Smart DNS if no Nameserver is provided. Automatic Smart DNS for countries US, NL, JP and GB. Default is CloudFlare [1.1.1.1] for all other countries.
 
 ## How to login
 Login by providing the ACC and PASS environment variables
@@ -59,8 +64,8 @@ docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \
            cyberghostvpn
 ```
 
-## How to acceess ports locally
-Access ports [webUI] by providing the NETWORK and WHITELISTPORTS environment variables. Where NETWORK is the users network and WHITELISTPORTS is the ports the user wants to expose. 
+## How to access ports locally
+Access ports [webUI] by providing the NETWORK and WHITELISTPORTS environment variables. Where NETWORK is the user’s network and WHITELISTPORTS is the ports the user wants to expose. 
 ```
 docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \
            -v /local/path/to/config:/home/root/.cyberghost:rw \
@@ -78,6 +83,8 @@ docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \
 - `COUNTRY` - Destination Country - See [CyberGhost Connect to a country](https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux#h_01EJDGC9TZDW38J9FKNFPE6MBE)
 - `ARGS` - All additional arguments [Examples: "--torrent" "--traffic" "--streaming 'Netflix US'"]
 - `NAMESERVER` - Custom Nameserver/DNS [Examples: Cloudflare 1.1.1.1, Google 8.8.8.8]
+- `PROTOCOL` - Choose between WireGuard or OpenVPN [wireguard, openvpn]. Default WireGuard
+- `FIREWALL` - Optional disable firewall. [FIREWALL=False]. Default True
 
 ## Firewall
 This image has a custom built-in firewall. On initial start, all traffic is blocked except CyberGhost API IP and Local DNS for resolve. After VPN is connected Local DNS is blocked on Port 53. For first time use the firewall will go through a setup phase to include whitelisted ports where the firewall will be inactive. 
@@ -87,8 +94,8 @@ See the firewall section located in start.sh for details.
 ## Troubleshooting
 
 Docker runs, but WireGuard does not connect or gives an error
-- Try deleteing the config.ini file located in your mapped config folder. This file is the login token for CyberGhost and may be expired. 
+- Try deleting the config.ini file located in your mapped config folder. This file is the login token for CyberGhost and may be expired. 
 
 
 ## Disclaimer
-This project was developed independently for personal use. CyberGhost has no affiliation, nor has control over the content or availability of this project. 
+This project was developed independently for personal use. CyberGhost has no affiliation, nor has control over the content or availability of this project.