Merge pull request #1 from tmcphee/Working

New Release

Dockerfile

@@ -1,7 +1,9 @@
 FROM ubuntu:18.04
 MAINTAINER Tyler McPhee
 
-RUN apt-get update -y
+RUN apt update -y
+RUN apt upgrade -y
+RUN apt dist-upgrade -y
 RUN apt-get install -y tzdata
 RUN apt-get install -y lsb-core \
 	sudo \
@@ -14,18 +16,15 @@ RUN apt-get install -y lsb-core \
 	iproute2 \
 	ufw \
 	expect
-RUN apt upgrade -y
 
-#Download and prepare Cyberghost for install
-RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-18.04-1.3.4.zip -O cyberghostvpn_ubuntu.zip
-RUN unzip cyberghostvpn_ubuntu.zip
-RUN mv cyberghostvpn-ubuntu-18.04-1.3.4/* .
-RUN rm -r cyberghostvpn-ubuntu-18.04-1.3.4
-RUN rm cyberghostvpn_ubuntu.zip
-RUN sed -i 's/cyberghostvpn --setup/#cyberghostvpn --setup/g' install.sh
-
-#Install Cyberghost
-RUN bash install.sh
+#Download, prepare and instll Cyberghost 
+RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-18.04-1.3.4.zip -O cyberghostvpn_ubuntu.zip && \
+	unzip cyberghostvpn_ubuntu.zip && \
+	mv cyberghostvpn-ubuntu-18.04-1.3.4/* . && \
+	rm -r cyberghostvpn-ubuntu-18.04-1.3.4  && \
+	rm cyberghostvpn_ubuntu.zip && \
+	sed -i 's/cyberghostvpn --setup/#cyberghostvpn --setup/g' install.sh && \
+	bash install.sh
 
 #Disable IPV6 on ufw
 RUN sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw
@@ -40,3 +39,8 @@ COPY auth.sh .
 RUN chmod +x auth.sh
 
 CMD ["bash", "/start.sh"]
+
+COPY auth.sh .
+RUN chmod +x auth.sh
+
+CMD ["bash", "/start.sh"]

README.md

@@ -7,6 +7,7 @@
 This is a WireGuard client docker that uses the CyberGhost Cli. It allows routing containers traffic through WireGuard.
 
 [Docker Image](https://hub.docker.com/r/tmcphee/cyberghostvpn)
+###### Ubuntu 18.04 | CyberGhost 1.3.4
 ## What is WireGuard?
 
 WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general-purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances.
@@ -18,6 +19,7 @@ docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \
            -v /local/path/to/config:/home/root/.cyberghost:rw \
            -e ACC=example@gmail.com \
            -e PASS=mypassword \
+           -e COUNTRY=US \
            -e NETWORK=192.168.1.0/24 \
            -e WHITELISTPORTS=9090,8080 \
            cyberghostvpn
@@ -30,15 +32,23 @@ docker run -d --net=container:cyberghostvpn other-container
 ```
 Note: If the other containers have exposed ports for example a WEBUI. Forward that port in the cyberghostvpn image, add the port to WHITELISTPORTS environment variable, and set your local LAN using NETWORK environment variable. See [Environment variables](https://github.com/tmcphee/cyberghostvpn#environment-variables) below for details. 
 
-## Selecting a server
+## Selecting a country
 
-Once the initial setup is made the image will copy a run.sh file into the local volume (config folder). Open `run.sh` and edit the command `sudo cyberghostvpn --connect --torrent --country-code NL --wireguard` to the desired.
+Add an environment variable called `COUNTRY` and set to the desired country. 
 Examples:
-- `sudo cyberghostvpn --traffic --country-code CA --wireguard --connect`
-- `sudo cyberghostvpn --streaming 'Netflix US' --country-code US  --wireguard --connect`
+- `United states` COUNTRY=US
+- `CANADA`        COUNTRY=CA
 
 See [GyberGhost selecting a country or single server](https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux) for more details
 
+## Custom DNS / NAMESERVER
+Add an environment variable called `NAMESERVER` and set to the desired DNS. 
+Examples:
+- Cloudflare 1.1.1.1
+- Google 8.8.8.8
+
+This image will use CyberGhost Smart DNS if no Nameserver is provided. Automatic Smart DNS for countries US, NL, JP and GB. Default is US for all other countries
+
 ## How to login
 Login by providing the ACC and PASS environment variables
 ```
@@ -65,11 +75,20 @@ docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \
 - `WHITELISTPORTS` - Allow access to listed ports when VPN is connected. Delimited by comma [8080,8081,9000]
 - `ACC` - CyberGhost username - Used for login
 - `PASS` - CyberGhost password - Used for login
+- `COUNTRY` - Destination Country - See [CyberGhost Connect to a country]([https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux](https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux#h_01EJDGC9TZDW38J9FKNFPE6MBE))
+- `ARGS` - All additional arguments [Examples: "--torrent" "--traffic" "--streaming 'Netflix US'"]
+- `NAMESERVER` - Custom Nameserver/DNS [Examples: Cloudflare 1.1.1.1, Google 8.8.8.8]
 
 ## Firewall
 This image has a custom built-in firewall. On initial start, all traffic is blocked except CyberGhost API IP and Local DNS for resolve. After VPN is connected Local DNS is blocked on Port 53. For first time use the firewall will go through a setup phase to include whitelisted ports where the firewall will be inactive. 
 
 See the firewall section located in start.sh for details. 
 
+## Troubleshooting
+
+Docker runs, but WireGuard does not connect or gives an error
+- Try deleteing the config.ini file located in your mapped config folder. This file is the login token for CyberGhost and may be expired. 
+
+
 ## Disclaimer
 This project was developed independently for personal use. CyberGhost has no affiliation, nor has control over the content or availability of this project. 

run.sh

@@ -1,10 +1,39 @@
 #!/bin/bash
+#VER2.1
 	config_ini=/home/root/.cyberghost/config.ini
 	if [ -f "$config_ini" ]; then
-		#Launch and connect to CyberGhost VPN [Example]
-		sudo cyberghostvpn --connect --torrent --country-code NL --wireguard
+
+		# Check if country is set. Default to US
+		if ! [ -n "$COUNTRY" ]; then
+			echo "Country variable not set. Defaulting to US"
+			export COUNTRY="US"
+		fi
+
+		#Launch and connect to CyberGhost VPN
+		sudo cyberghostvpn --connect --country-code $COUNTRY --wireguard $ARGS
 
-		#Add CyberGhost nameserver to resolv for DNS
-		echo 'nameserver 38.132.106.139' > /etc/resolv.conf
+		# Add CyberGhost nameserver to resolv for DNS
+		# Add Nameserver via env variable $NAMESERVER
+		if [ -n "$NAMESERVER" ]; then
+			echo 'nameserver ' $NAMESERVER > /etc/resolv.conf
+		else
+			# SMART DNS
+			# This will switch baised on country selected
+			# https://support.cyberghostvpn.com/hc/en-us/articles/360012002360
+			case "$COUNTRY" in
+				"NL") echo 'nameserver 75.2.43.210' > /etc/resolv.conf
+				;;
+				"GB") echo 'nameserver 75.2.79.213' > /etc/resolv.conf
+				;;
+				"JP") echo 'nameserver 76.223.64.81' > /etc/resolv.conf
+				;;
+				"DE") echo 'nameserver 13.248.182.241' > /etc/resolv.conf
+				;;
+				"US") echo 'nameserver 99.83.181.72' > /etc/resolv.conf
+				;;
+				*) echo 'nameserver 99.83.181.72' > /etc/resolv.conf
+				;;
+		esac
+		fi
 	fi
-
+

start.sh

@@ -12,6 +12,19 @@
 		sudo ufw delete allow in 53
 	}
 
+	ip_stats () {
+		echo "***********CyberGhost Connection Info***********"
+		echo "IP: ""$(curl -s https://ipinfo.io/ip)"
+		echo "CITY: ""$(curl -s https://ipinfo.io/city)"
+		echo "REGION: ""$(curl -s https://ipinfo.io/region)"
+		echo "COUNTRY: ""$(curl -s https://ipinfo.io/country)"
+
+		str="$(cat /etc/resolv.conf)"
+		value=${str#* }
+		echo "DNS: "$value
+		echo "************************************************"
+	}
+
 	sudo ufw enable #Start Firewall
 
 	FILE=/usr/local/cyberghost/uninstall.sh
@@ -74,16 +87,23 @@
 		echo "$NETWORK" "routed to " "$LOCAL_GATEWAY" " on eth0"
 	fi
 
-
+	# Copy over Run.sh if missing
 	FILE_RUN=/home/root/.cyberghost/run.sh
 	if [ ! -f "$FILE_RUN" ]; then
 		cp /run.sh /home/root/.cyberghost/run.sh
 	fi
 
+	# Replace Run.sh if wrong version
+	if ! grep -q "#VER2.1" "$FILE_RUN"; then
+		rm /home/root/.cyberghost/run.sh
+		cp /run.sh /home/root/.cyberghost/run.sh
+	fi
+
 	#WIREGUARD START AND WATCH
 	enable_dns_port
 	bash /home/root/.cyberghost/run.sh #Start the CyberGhost run script
 	disable_dns_port
+	ip_stats
 	while true #Watch if Connection is lost then reconnect
 	do
 		sleep 30
@@ -95,7 +115,8 @@
 			bash /home/root/.cyberghost/run.sh #Start the CyberGhost run script
 
 			disable_dns_port
+			ip_stats
 		fi
 	done
 
-
+