diff --git a/openvpn-install.sh b/openvpn-install.sh index 884c1c8..a18e915 100755 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -216,6 +216,45 @@ access-control: fd42:42:42:42::/112 allow' >>/etc/unbound/openvpn.conf systemctl restart unbound } +function resolvePublicIP() { + # IP version flags, we'll use as default the IPv4 + CURL_IP_VERSION_FLAG="-4" + DIG_IP_VERSION_FLAG="-4" + + # Behind NAT, we'll default to the publicly reachable IPv4/IPv6. + if [[ $IPV6_SUPPORT == "y" ]]; then + CURL_IP_VERSION_FLAG="" + DIG_IP_VERSION_FLAG="-6" + fi + + # If there is no public ip yet, we'll try to solve it using: https://ip.seeip.org + if [[ -z $PUBLIC_IP ]]; then + PUBLIC_IP=$(curl -f -m 5 -sS --retry 5 --retry-connrefused $CURL_IP_VERSION_FLAG https://ip.seeip.org 2>/dev/null) + fi + + # If there is no public ip yet, we'll try to solve it using: https://ifconfig.me + if [[ -z $PUBLIC_IP ]]; then + PUBLIC_IP=$(curl -f -m 5 -sS --retry 5 --retry-connrefused $CURL_IP_VERSION_FLAG https://ifconfig.me 2>/dev/null) + fi + + # If there is no public ip yet, we'll try to solve it using: https://api.ipify.org + if [[ -z $PUBLIC_IP ]]; then + PUBLIC_IP=$(curl -f -m 5 -sS --retry 5 --retry-connrefused $CURL_IP_VERSION_FLAG https://api.ipify.org 2>/dev/null) + fi + + # If there is no public ip yet, we'll try to solve it using: ns1.google.com + if [[ -z $PUBLIC_IP ]]; then + PUBLIC_IP=$(dig $DIG_IP_VERSION_FLAG TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"') + fi + + if [[ -z $PUBLIC_IP ]]; then + >&2 echo "Couldn't solve the public IP" + exit 1 + fi + + echo "$PUBLIC_IP" +} + function installQuestions() { echo "Welcome to the OpenVPN installer!" echo "The git repository is available at: https://github.com/angristan/openvpn-install" @@ -244,9 +283,12 @@ function installQuestions() { echo "It seems this server is behind NAT. What is its public IPv4 address or hostname?" echo "We need it for the clients to connect to the server." - PUBLICIP=$(curl -s https://api.ipify.org) + if [[ -z $ENDPOINT ]]; then + DEFAULT_ENDPOINT=$(resolvePublicIP) + fi + until [[ $ENDPOINT != "" ]]; do - read -rp "Public IPv4 address or hostname: " -e -i "$PUBLICIP" ENDPOINT + read -rp "Public IPv4 address or hostname: " -e -i "$DEFAULT_ENDPOINT" ENDPOINT done fi @@ -626,40 +668,8 @@ function installOpenVPN() { CONTINUE=${CONTINUE:-y} if [[ -z $ENDPOINT ]]; then - - # IP version flags, we'll use as default the IPv4 - CURL_IP_VERSION_FLAG="-4" - DIG_IP_VERSION_FLAG="-4" - - # Behind NAT, we'll default to the publicly reachable IPv4/IPv6. - if [[ $IPV6_SUPPORT == "y" ]]; then - CURL_IP_VERSION_FLAG="" - DIG_IP_VERSION_FLAG="-6" - fi - - # If there is no public ip yet, we'll try to solve it using: https://ip.seeip.org - if [[ -z $PUBLIC_IP ]]; then - PUBLIC_IP=$(curl -f -m 5 -sS --retry 5 --retry-connrefused $CURL_IP_VERSION_FLAG https://ip.seeip.org 2>/dev/null) - fi - - # If there is no public ip yet, we'll try to solve it using: https://ifconfig.me - if [[ -z $PUBLIC_IP ]]; then - PUBLIC_IP=$(curl -f -m 5 -sS --retry 5 --retry-connrefused $CURL_IP_VERSION_FLAG https://ifconfig.me 2>/dev/null) - fi - - # If there is no public ip yet, we'll try to solve it using: https://api.ipify.org - if [[ -z $PUBLIC_IP ]]; then - PUBLIC_IP=$(curl -f -m 5 -sS --retry 5 --retry-connrefused $CURL_IP_VERSION_FLAG https://api.ipify.org 2>/dev/null) - fi - - # If there is no public ip yet, we'll try to solve it using: ns1.google.com - if [[ -z $PUBLIC_IP ]]; then - PUBLIC_IP=$(dig $DIG_IP_VERSION_FLAG TXT +short o-o.myaddr.l.google.com @ns1.google.com | tr -d '"') - fi - + ENDPOINT=$(resolvePublicIP) fi - - ENDPOINT=${ENDPOINT:-$PUBLIC_IP} fi # Run setup questions first, and set other variables if auto-install