From 783945db84fef944945fa74047d509e9988e60dd Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 19:57:37 -0500 Subject: [PATCH 01/12] Updated CyberGhost and touchup Updated CyberGhost version from 1.3.4 to 1.4.1 Cleaned up run commands --- Dockerfile | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1074df5..9484763 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,16 +16,14 @@ RUN apt-get install -y lsb-core \ expect RUN apt upgrade -y -#Download and prepare Cyberghost for install -RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-18.04-1.3.4.zip -O cyberghostvpn_ubuntu.zip -RUN unzip cyberghostvpn_ubuntu.zip -RUN mv cyberghostvpn-ubuntu-18.04-1.3.4/* . -RUN rm -r cyberghostvpn-ubuntu-18.04-1.3.4 -RUN rm cyberghostvpn_ubuntu.zip -RUN sed -i 's/cyberghostvpn --setup/#cyberghostvpn --setup/g' install.sh - -#Install Cyberghost -RUN bash install.sh +#Download, prepare and instll Cyberghost +RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-18.04-1.4.1.zip -O cyberghostvpn_ubuntu.zip && \ + unzip cyberghostvpn_ubuntu.zip && \ + mv cyberghostvpn-ubuntu-18.04-1.4.1/* . && \ + rm -r cyberghostvpn-ubuntu-18.04-1.4.1 && \ + rm cyberghostvpn_ubuntu.zip && \ + sed -i 's/cyberghostvpn --setup/#cyberghostvpn --setup/g' install.sh && \ + bash install.sh #Disable IPV6 on ufw RUN sed -i 's/IPV6=yes/IPV6=no/g' /etc/default/ufw From c47277fc1678dad42a2fb57ac30e4d5b8d90e414 Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 20:04:53 -0500 Subject: [PATCH 02/12] Add options for customization though args --- run.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run.sh b/run.sh index 052771c..e1bbb04 100644 --- a/run.sh +++ b/run.sh @@ -2,9 +2,9 @@ config_ini=/home/root/.cyberghost/config.ini if [ -f "$config_ini" ]; then #Launch and connect to CyberGhost VPN [Example] - sudo cyberghostvpn --connect --torrent --country-code NL --wireguard + sudo cyberghostvpn --connect --country-code $COUNTRY --wireguard $ARGS #Add CyberGhost nameserver to resolv for DNS echo 'nameserver 38.132.106.139' > /etc/resolv.conf fi - \ No newline at end of file + From 7a8726307d906fee2d0c7a87f61d435a99329784 Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 20:49:33 -0500 Subject: [PATCH 03/12] Added country and args variables. New DNS Added the ability to customize the COUNTRY and ARGS though variables. Added Smart DNS Selection to the nameserver list. DNS Servers can be found here for reference https://support.cyberghostvpn.com/hc/en-us/articles/360012002360 --- run.sh | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/run.sh b/run.sh index e1bbb04..35ca265 100644 --- a/run.sh +++ b/run.sh @@ -4,7 +4,20 @@ #Launch and connect to CyberGhost VPN [Example] sudo cyberghostvpn --connect --country-code $COUNTRY --wireguard $ARGS - #Add CyberGhost nameserver to resolv for DNS - echo 'nameserver 38.132.106.139' > /etc/resolv.conf + # Add CyberGhost nameserver to resolv for DNS + # This will switch baised on country selected + # https://support.cyberghostvpn.com/hc/en-us/articles/360012002360 + case "$COUNTRY" in + "NL") echo 'nameserver 75.2.43.210' > /etc/resolv.conf + ;; + "GB") echo 'nameserver 75.2.79.213' > /etc/resolv.conf + ;; + "JP") echo 'nameserver 76.223.64.81' > /etc/resolv.conf + ;; + "DE") echo 'nameserver 13.248.182.241' > /etc/resolv.conf + ;; + *) echo 'nameserver 99.83.181.72' > /etc/resolv.conf # Default US + ;; + esac fi From a2f378a1910ed45ae73608d85af9712735db05e1 Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 21:00:52 -0500 Subject: [PATCH 04/12] Add nameserver vaiable. Add Cloudflare as default --- run.sh | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/run.sh b/run.sh index 35ca265..8722c78 100644 --- a/run.sh +++ b/run.sh @@ -1,23 +1,31 @@ #!/bin/bash config_ini=/home/root/.cyberghost/config.ini if [ -f "$config_ini" ]; then - #Launch and connect to CyberGhost VPN [Example] + #Launch and connect to CyberGhost VPN sudo cyberghostvpn --connect --country-code $COUNTRY --wireguard $ARGS # Add CyberGhost nameserver to resolv for DNS - # This will switch baised on country selected - # https://support.cyberghostvpn.com/hc/en-us/articles/360012002360 - case "$COUNTRY" in - "NL") echo 'nameserver 75.2.43.210' > /etc/resolv.conf - ;; - "GB") echo 'nameserver 75.2.79.213' > /etc/resolv.conf - ;; - "JP") echo 'nameserver 76.223.64.81' > /etc/resolv.conf - ;; - "DE") echo 'nameserver 13.248.182.241' > /etc/resolv.conf - ;; - *) echo 'nameserver 99.83.181.72' > /etc/resolv.conf # Default US - ;; + # Add Namerver via env variable $NAMESERVER + if [ -n "$NAMESERVER" ]; then + echo 'nameserver ' $NAMESERVER > /etc/resolv.conf + else + # SMART DNS + # This will switch baised on country selected + # https://support.cyberghostvpn.com/hc/en-us/articles/360012002360 + case "$COUNTRY" in + "NL") echo 'nameserver 75.2.43.210' > /etc/resolv.conf + ;; + "GB") echo 'nameserver 75.2.79.213' > /etc/resolv.conf + ;; + "JP") echo 'nameserver 76.223.64.81' > /etc/resolv.conf + ;; + "DE") echo 'nameserver 13.248.182.241' > /etc/resolv.conf + ;; + "US") echo 'nameserver 99.83.181.72' > /etc/resolv.conf + ;; + *) echo 'nameserver 1.1.1.1' > /etc/resolv.conf # Default CLOUDFLARE 1.1.1.1 + ;; esac + fi fi From 5ab4f2174b8aadd0a42cefd9093a86f8a30401ac Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 21:03:16 -0500 Subject: [PATCH 05/12] Add US as Default --- run.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run.sh b/run.sh index 8722c78..b67af2a 100644 --- a/run.sh +++ b/run.sh @@ -5,7 +5,7 @@ sudo cyberghostvpn --connect --country-code $COUNTRY --wireguard $ARGS # Add CyberGhost nameserver to resolv for DNS - # Add Namerver via env variable $NAMESERVER + # Add Nameserver via env variable $NAMESERVER if [ -n "$NAMESERVER" ]; then echo 'nameserver ' $NAMESERVER > /etc/resolv.conf else @@ -23,7 +23,7 @@ ;; "US") echo 'nameserver 99.83.181.72' > /etc/resolv.conf ;; - *) echo 'nameserver 1.1.1.1' > /etc/resolv.conf # Default CLOUDFLARE 1.1.1.1 + *) echo 'nameserver 99.83.181.72' > /etc/resolv.conf ;; esac fi From e0c9f1fd2d9320d3834e7211712e8361dadfe76d Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 21:17:56 -0500 Subject: [PATCH 06/12] Update README.md --- README.md | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 49b21ea..52f44b9 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \ -v /local/path/to/config:/home/root/.cyberghost:rw \ -e ACC=example@gmail.com \ -e PASS=mypassword \ + -e COUNTRY=US \ -e NETWORK=192.168.1.0/24 \ -e WHITELISTPORTS=9090,8080 \ cyberghostvpn @@ -30,15 +31,21 @@ docker run -d --net=container:cyberghostvpn other-container ``` Note: If the other containers have exposed ports for example a WEBUI. Forward that port in the cyberghostvpn image, add the port to WHITELISTPORTS environment variable, and set your local LAN using NETWORK environment variable. See [Environment variables](https://github.com/tmcphee/cyberghostvpn#environment-variables) below for details. -## Selecting a server +## Selecting a country -Once the initial setup is made the image will copy a run.sh file into the local volume (config folder). Open `run.sh` and edit the command `sudo cyberghostvpn --connect --torrent --country-code NL --wireguard` to the desired. +Add an environment variable called `COUNTRY` and set to the desired country. Examples: -- `sudo cyberghostvpn --traffic --country-code CA --wireguard --connect` -- `sudo cyberghostvpn --streaming 'Netflix US' --country-code US --wireguard --connect` +- `United states` COUNTRY=US +- `CANADA` COUNTRY=CA See [GyberGhost selecting a country or single server](https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux) for more details +## Custom DNS / NAMESERVER +Add an environment variable called `NAMESERVER` and set to the desired DNS. +Examples: +- Cloudflare 1.1.1.1 +- Google 8.8.8.8 + ## How to login Login by providing the ACC and PASS environment variables ``` @@ -65,6 +72,9 @@ docker run -d --cap-add=NET_ADMIN --dns 1.1.1.1 \ - `WHITELISTPORTS` - Allow access to listed ports when VPN is connected. Delimited by comma [8080,8081,9000] - `ACC` - CyberGhost username - Used for login - `PASS` - CyberGhost password - Used for login +- `COUNTRY` - Destination Country - See [CyberGhost Connect to a country]([https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux](https://support.cyberghostvpn.com/hc/en-us/articles/360020673194--How-to-select-a-country-or-single-server-with-CyberGhost-on-Linux#h_01EJDGC9TZDW38J9FKNFPE6MBE)) +- `ARGS` - All additional arguments [Examples: "--torrent" "--traffic" "--streaming 'Netflix US'"] +- `NAMESERVER` - Custom Nameserver/DNS [Examples: Cloudflare 1.1.1.1, Google 8.8.8.8] ## Firewall This image has a custom built-in firewall. On initial start, all traffic is blocked except CyberGhost API IP and Local DNS for resolve. After VPN is connected Local DNS is blocked on Port 53. For first time use the firewall will go through a setup phase to include whitelisted ports where the firewall will be inactive. From 595de68496f7787fd38fcc7e02e5ca294aa1abfb Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 21:22:45 -0500 Subject: [PATCH 07/12] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 52f44b9..d83b5b3 100644 --- a/README.md +++ b/README.md @@ -46,6 +46,8 @@ Examples: - Cloudflare 1.1.1.1 - Google 8.8.8.8 +This image will use CyberGhost Smart DNS if no Nameserver is provided. Automatic Smart DNS for countries US, NL, JP and GB. Default is US for all other countries + ## How to login Login by providing the ACC and PASS environment variables ``` From 310f36449543e1d2c6eef0fa648a7ea44127d75a Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Tue, 7 Mar 2023 21:26:18 -0500 Subject: [PATCH 08/12] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index d83b5b3..3d7dfb6 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,7 @@ This is a WireGuard client docker that uses the CyberGhost Cli. It allows routing containers traffic through WireGuard. [Docker Image](https://hub.docker.com/r/tmcphee/cyberghostvpn) +###### Running: Ubuntu 18.04 | CyberGhost 1.4.1 ## What is WireGuard? WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general-purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. From 6176dd8f59d6ee5911678ebf2743a9712c232cfc Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Wed, 8 Mar 2023 14:06:16 -0500 Subject: [PATCH 09/12] Revert to latest working cyberghost cli version --- Dockerfile | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9484763..ad27532 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,9 @@ FROM ubuntu:18.04 MAINTAINER Tyler McPhee -RUN apt-get update -y +RUN apt update -y +RUN apt upgrade -y +RUN apt dist-upgrade -y RUN apt-get install -y tzdata RUN apt-get install -y lsb-core \ sudo \ @@ -14,13 +16,12 @@ RUN apt-get install -y lsb-core \ iproute2 \ ufw \ expect -RUN apt upgrade -y #Download, prepare and instll Cyberghost -RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-18.04-1.4.1.zip -O cyberghostvpn_ubuntu.zip && \ +RUN wget https://download.cyberghostvpn.com/linux/cyberghostvpn-ubuntu-18.04-1.3.4.zip -O cyberghostvpn_ubuntu.zip && \ unzip cyberghostvpn_ubuntu.zip && \ - mv cyberghostvpn-ubuntu-18.04-1.4.1/* . && \ - rm -r cyberghostvpn-ubuntu-18.04-1.4.1 && \ + mv cyberghostvpn-ubuntu-18.04-1.3.4/* . && \ + rm -r cyberghostvpn-ubuntu-18.04-1.3.4 && \ rm cyberghostvpn_ubuntu.zip && \ sed -i 's/cyberghostvpn --setup/#cyberghostvpn --setup/g' install.sh && \ bash install.sh @@ -38,3 +39,8 @@ COPY auth.sh . RUN chmod +x auth.sh CMD ["bash", "/start.sh"] + +COPY auth.sh . +RUN chmod +x auth.sh + +CMD ["bash", "/start.sh"] From 676b0fd747050140e57147a96f54c1c415c74513 Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Wed, 8 Mar 2023 14:07:18 -0500 Subject: [PATCH 10/12] Add error catching for country variable. version# --- run.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/run.sh b/run.sh index b67af2a..29d29eb 100644 --- a/run.sh +++ b/run.sh @@ -1,6 +1,14 @@ #!/bin/bash +#VER2.1 config_ini=/home/root/.cyberghost/config.ini if [ -f "$config_ini" ]; then + + # Check if country is set. Default to US + if ! [ -n "$COUNTRY" ]; then + echo "Country variable not set. Defaulting to US" + export COUNTRY="US" + fi + #Launch and connect to CyberGhost VPN sudo cyberghostvpn --connect --country-code $COUNTRY --wireguard $ARGS From 1058210da58f530d636ad636d4af12ca6566bd7b Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Wed, 8 Mar 2023 14:09:37 -0500 Subject: [PATCH 11/12] Tweaks and new features Added IP stats to show VPN connection info Added version check of the run.sh script and updater --- start.sh | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/start.sh b/start.sh index 1676fb2..ca2012d 100644 --- a/start.sh +++ b/start.sh @@ -12,6 +12,19 @@ sudo ufw delete allow in 53 } + ip_stats () { + echo "***********CyberGhost Connection Info***********" + echo "IP: ""$(curl -s https://ipinfo.io/ip)" + echo "CITY: ""$(curl -s https://ipinfo.io/city)" + echo "REGION: ""$(curl -s https://ipinfo.io/region)" + echo "COUNTRY: ""$(curl -s https://ipinfo.io/country)" + + str="$(cat /etc/resolv.conf)" + value=${str#* } + echo "DNS: "$value + echo "************************************************" + } + sudo ufw enable #Start Firewall FILE=/usr/local/cyberghost/uninstall.sh @@ -74,16 +87,23 @@ echo "$NETWORK" "routed to " "$LOCAL_GATEWAY" " on eth0" fi - + # Copy over Run.sh if missing FILE_RUN=/home/root/.cyberghost/run.sh if [ ! -f "$FILE_RUN" ]; then cp /run.sh /home/root/.cyberghost/run.sh fi + # Replace Run.sh if wrong version + if ! grep -q "#VER2.1" "$FILE_RUN"; then + rm /home/root/.cyberghost/run.sh + cp /run.sh /home/root/.cyberghost/run.sh + fi + #WIREGUARD START AND WATCH enable_dns_port bash /home/root/.cyberghost/run.sh #Start the CyberGhost run script disable_dns_port + ip_stats while true #Watch if Connection is lost then reconnect do sleep 30 @@ -95,7 +115,8 @@ bash /home/root/.cyberghost/run.sh #Start the CyberGhost run script disable_dns_port + ip_stats fi done - \ No newline at end of file + From 3d063b9099b84775c3882af80a56b7403c213cf0 Mon Sep 17 00:00:00 2001 From: Tyler McPhee <32398415+tmcphee@users.noreply.github.com> Date: Wed, 8 Mar 2023 14:16:28 -0500 Subject: [PATCH 12/12] Update README.md --- README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3d7dfb6..5b2b812 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This is a WireGuard client docker that uses the CyberGhost Cli. It allows routing containers traffic through WireGuard. [Docker Image](https://hub.docker.com/r/tmcphee/cyberghostvpn) -###### Running: Ubuntu 18.04 | CyberGhost 1.4.1 +###### Ubuntu 18.04 | CyberGhost 1.3.4 ## What is WireGuard? WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general-purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. @@ -84,5 +84,11 @@ This image has a custom built-in firewall. On initial start, all traffic is bloc See the firewall section located in start.sh for details. +## Troubleshooting + +Docker runs, but WireGuard does not connect or gives an error +- Try deleteing the config.ini file located in your mapped config folder. This file is the login token for CyberGhost and may be expired. + + ## Disclaimer This project was developed independently for personal use. CyberGhost has no affiliation, nor has control over the content or availability of this project.