From 08a77cb93675d683d427da30db2b7ada3737d78d Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 12:09:37 +0100 Subject: [PATCH 01/19] Added post script test --- .github/workflows/test-action.yml | 28 +++++------ action.yml | 83 ++++++++++++++++++++----------- 2 files changed, 68 insertions(+), 43 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index 43703d5..a9272b8 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -35,17 +35,17 @@ jobs: - name: Test DNS run: dig dreikom.local - - name: Publish VPN log - if: always() - run: sudo chmod 777 vpn.log - - - name: Upload VPN logs - uses: actions/upload-artifact@v3 - if: always() - with: - name: VPN logs - path: vpn.log - - - name: Kill VPN connection - if: always() - run: sudo killall openvpn \ No newline at end of file +# - name: Kill VPN connection +# if: always() +# run: sudo killall openvpn + +# - name: Publish VPN log +# if: always() +# run: sudo chmod 777 vpn.log +# +# - name: Upload VPN logs +# uses: actions/upload-artifact@v3 +# if: always() +# with: +# name: VPN logs +# path: vpn.log \ No newline at end of file diff --git a/action.yml b/action.yml index a169292..5d68858 100644 --- a/action.yml +++ b/action.yml @@ -56,33 +56,33 @@ runs: timezoneLinux: ${{ inputs.otp-timezone }} if: inputs.otp-timezone != null - - name: Install OpenVPN - run: | - sudo apt update - sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf - shell: bash - - - name: Setup VPN config - run: | - echo "${{ inputs.ca }}" > ca.crt - echo "${{ inputs.cert }}" > cert.crt - echo "${{ inputs.cert-key }}" > cert.key - echo "${{ inputs.username }}" > secret.txt - echo "${{ inputs.password }}" >> secret.txt - sed -i 's/AUTO_REPLACED_HOST/'"${{ inputs.host }}"'/g' ${{ inputs.ovpn-config }} - sed -i 's/AUTO_REPLACED_PORT/'"${{ inputs.port }}"'/g' ${{ inputs.ovpn-config }} - shell: bash +# - name: Install OpenVPN +# run: | +# sudo apt update +# sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf +# shell: bash +# +# - name: Setup VPN config +# run: | +# echo "${{ inputs.ca }}" > ca.crt +# echo "${{ inputs.cert }}" > cert.crt +# echo "${{ inputs.cert-key }}" > cert.key +# echo "${{ inputs.username }}" > secret.txt +# echo "${{ inputs.password }}" >> secret.txt +# sed -i 's/AUTO_REPLACED_HOST/'"${{ inputs.host }}"'/g' ${{ inputs.ovpn-config }} +# sed -i 's/AUTO_REPLACED_PORT/'"${{ inputs.port }}"'/g' ${{ inputs.ovpn-config }} +# shell: bash +# +# - name: Add VPN TOTP +# if: inputs.otp-hex != null +# run: | +# OTP=$(oathtool --totp ${{ inputs.otp-hex }}) +# sed -i '$ s/$/'"$OTP"'/' secret.txt +# shell: bash - - name: Add VPN TOTP - if: inputs.otp-hex != null - run: | - OTP=$(oathtool --totp ${{ inputs.otp-hex }}) - sed -i '$ s/$/'"$OTP"'/' secret.txt - shell: bash - - - name: Connect VPN - run: sudo openvpn --config ${{ inputs.ovpn-config }} --auth-user-pass secret.txt --log "vpn.log" --daemon - shell: bash +# - name: Connect VPN +# run: sudo openvpn --config ${{ inputs.ovpn-config }} --auth-user-pass secret.txt --log "vpn.log" --daemon +# shell: bash - name: Update resolvconf run: | @@ -91,6 +91,31 @@ runs: sudo resolvconf -u shell: bash - - name: Wait for a VPN connection - run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 - shell: bash \ No newline at end of file +# - name: Wait for a VPN connection +# run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 +# shell: bash + + - name: Show VPN log + uses: webiny/action-post-run@3.0.0 + with: + if: always() + run: sudo cat vpn.log + + - name: Show VPN log + uses: webiny/action-post-run@3.0.0 + with: + if: always() + run: echo "post run test" + +# - name: Publish VPN log +# uses: webiny/action-post-run@3.0.0 +# with: +# if: always() +# run: sudo chmod 777 vpn.log + +# - name: Upload VPN logs +# uses: actions/upload-artifact@v3 +# if: always() +# with: +# name: VPN logs +# path: vpn.log \ No newline at end of file From 34d5a2a6fce234cee3c9a1fea4c1c0ca37e0a43b Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 12:18:58 +0100 Subject: [PATCH 02/19] Added new post script test --- action.yml | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/action.yml b/action.yml index 5d68858..8a79107 100644 --- a/action.yml +++ b/action.yml @@ -82,15 +82,19 @@ runs: # - name: Connect VPN # run: sudo openvpn --config ${{ inputs.ovpn-config }} --auth-user-pass secret.txt --log "vpn.log" --daemon -# shell: bash +# shell: bash# - - name: Update resolvconf - run: | - sudo chmod 777 /etc/resolvconf/resolv.conf.d/head - sudo echo "nameserver ${{ inputs.dns-server }}" >> /etc/resolvconf/resolv.conf.d/head - sudo resolvconf -u + - name: Test Connect VPN + run: echo "test vpn log content" > vpn.log shell: bash +# - name: Update resolvconf +# run: | +# sudo chmod 777 /etc/resolvconf/resolv.conf.d/head +# sudo echo "nameserver ${{ inputs.dns-server }}" >> /etc/resolvconf/resolv.conf.d/head +# sudo resolvconf -u +# shell: bash + # - name: Wait for a VPN connection # run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 # shell: bash @@ -98,15 +102,8 @@ runs: - name: Show VPN log uses: webiny/action-post-run@3.0.0 with: - if: always() run: sudo cat vpn.log - - name: Show VPN log - uses: webiny/action-post-run@3.0.0 - with: - if: always() - run: echo "post run test" - # - name: Publish VPN log # uses: webiny/action-post-run@3.0.0 # with: From c6c4c6101172c57aad71240c12c7fb3d67282b32 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 12:26:01 +0100 Subject: [PATCH 03/19] Added function to post action --- .github/workflows/test-action.yml | 17 +----- action.yml | 86 +++++++++++++------------------ 2 files changed, 38 insertions(+), 65 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index a9272b8..a778cf1 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -33,19 +33,4 @@ jobs: run: ping ${{ env.VPN_DNS_HOST }} -c5 - name: Test DNS - run: dig dreikom.local - -# - name: Kill VPN connection -# if: always() -# run: sudo killall openvpn - -# - name: Publish VPN log -# if: always() -# run: sudo chmod 777 vpn.log -# -# - name: Upload VPN logs -# uses: actions/upload-artifact@v3 -# if: always() -# with: -# name: VPN logs -# path: vpn.log \ No newline at end of file + run: dig dreikom.local \ No newline at end of file diff --git a/action.yml b/action.yml index 8a79107..156c295 100644 --- a/action.yml +++ b/action.yml @@ -56,63 +56,51 @@ runs: timezoneLinux: ${{ inputs.otp-timezone }} if: inputs.otp-timezone != null -# - name: Install OpenVPN -# run: | -# sudo apt update -# sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf -# shell: bash -# -# - name: Setup VPN config -# run: | -# echo "${{ inputs.ca }}" > ca.crt -# echo "${{ inputs.cert }}" > cert.crt -# echo "${{ inputs.cert-key }}" > cert.key -# echo "${{ inputs.username }}" > secret.txt -# echo "${{ inputs.password }}" >> secret.txt -# sed -i 's/AUTO_REPLACED_HOST/'"${{ inputs.host }}"'/g' ${{ inputs.ovpn-config }} -# sed -i 's/AUTO_REPLACED_PORT/'"${{ inputs.port }}"'/g' ${{ inputs.ovpn-config }} -# shell: bash -# -# - name: Add VPN TOTP -# if: inputs.otp-hex != null -# run: | -# OTP=$(oathtool --totp ${{ inputs.otp-hex }}) -# sed -i '$ s/$/'"$OTP"'/' secret.txt -# shell: bash + - name: Install OpenVPN + run: | + sudo apt update + sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf + shell: bash -# - name: Connect VPN -# run: sudo openvpn --config ${{ inputs.ovpn-config }} --auth-user-pass secret.txt --log "vpn.log" --daemon -# shell: bash# + - name: Setup VPN config + run: | + echo "${{ inputs.ca }}" > ca.crt + echo "${{ inputs.cert }}" > cert.crt + echo "${{ inputs.cert-key }}" > cert.key + echo "${{ inputs.username }}" > secret.txt + echo "${{ inputs.password }}" >> secret.txt + sed -i 's/AUTO_REPLACED_HOST/'"${{ inputs.host }}"'/g' ${{ inputs.ovpn-config }} + sed -i 's/AUTO_REPLACED_PORT/'"${{ inputs.port }}"'/g' ${{ inputs.ovpn-config }} + shell: bash - - name: Test Connect VPN - run: echo "test vpn log content" > vpn.log + - name: Add VPN TOTP + if: inputs.otp-hex != null + run: | + OTP=$(oathtool --totp ${{ inputs.otp-hex }}) + sed -i '$ s/$/'"$OTP"'/' secret.txt shell: bash -# - name: Update resolvconf -# run: | -# sudo chmod 777 /etc/resolvconf/resolv.conf.d/head -# sudo echo "nameserver ${{ inputs.dns-server }}" >> /etc/resolvconf/resolv.conf.d/head -# sudo resolvconf -u -# shell: bash + - name: Connect VPN + run: sudo openvpn --config ${{ inputs.ovpn-config }} --auth-user-pass secret.txt --log "vpn.log" --daemon + shell: bash# + + - name: Update DNS server + run: | + sudo chmod 777 /etc/resolvconf/resolv.conf.d/head + sudo echo "nameserver ${{ inputs.dns-server }}" >> /etc/resolvconf/resolv.conf.d/head + sudo resolvconf -u + shell: bash -# - name: Wait for a VPN connection -# run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 -# shell: bash + - name: Wait for a VPN connection + run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 + shell: bash - name: Show VPN log uses: webiny/action-post-run@3.0.0 with: run: sudo cat vpn.log -# - name: Publish VPN log -# uses: webiny/action-post-run@3.0.0 -# with: -# if: always() -# run: sudo chmod 777 vpn.log - -# - name: Upload VPN logs -# uses: actions/upload-artifact@v3 -# if: always() -# with: -# name: VPN logs -# path: vpn.log \ No newline at end of file + - name: Kill VPN connection + uses: webiny/action-post-run@3.0.0 + with: + run: sudo killall openvpn \ No newline at end of file From b01e4869a49d8f227cddbf4ea7f1b3131434009e Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 13:45:09 +0100 Subject: [PATCH 04/19] Added function to disconnect vpn --- action.yml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/action.yml b/action.yml index 156c295..f6df5d3 100644 --- a/action.yml +++ b/action.yml @@ -2,9 +2,6 @@ name: 'Connect OpenVPN' description: 'A GitHub Action for connecting to an OpenVPN SSL server ' author: 'Raphael Büchi aka swissbuechi' inputs: - dns-server: - description: 'DNS server to use over the VPN' - required: true host: description: 'DNS or IP of OpenVPN server' required: true @@ -14,13 +11,16 @@ inputs: password: description: 'VPN password' required: true + dns-server: + description: 'DNS server to use over the VPN' + required: false ovpn-config: description: 'Path to .ovpn config' require: false default: '.github/vpn/config.ovpn' - # test-ping-ip-host: - # description: 'Host IP to ping for VPN connection test, DNS names not supported, use test-dns-host instead' - # required: false + test-ping-ip-host: + description: 'Host IP to ping for VPN connection test, DNS names not supported, use test-dns-host instead' + required: false # test-dns-host: # description: 'Internal hostname to resolve for VPN connection test' # required: false @@ -85,16 +85,23 @@ runs: shell: bash# - name: Update DNS server + if: (inputs.dns-server != null) run: | sudo chmod 777 /etc/resolvconf/resolv.conf.d/head sudo echo "nameserver ${{ inputs.dns-server }}" >> /etc/resolvconf/resolv.conf.d/head sudo resolvconf -u shell: bash - - name: Wait for a VPN connection + - name: Wait for a VPN connection with default DNS test + if: (inputs.dns-server != null) && (inputs.test-ping-ip-host == null) run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 shell: bash + - name: Wait for a VPN connection with default test ping ip host + if: inputs.test-ping-ip-host != null + run: timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done; do sleep 2; done || exit 1 + shell: bash + - name: Show VPN log uses: webiny/action-post-run@3.0.0 with: From ac79d566bb593aafdc7a0e542f6e36dfb2dba7a7 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 13:45:20 +0100 Subject: [PATCH 05/19] Added tests --- .github/vpn/config.ovpn | 46 +++++++++++++++++++++++++++++++ .github/workflows/test-action.yml | 11 ++++---- 2 files changed, 52 insertions(+), 5 deletions(-) create mode 100644 .github/vpn/config.ovpn diff --git a/.github/vpn/config.ovpn b/.github/vpn/config.ovpn new file mode 100644 index 0000000..2bc9c41 --- /dev/null +++ b/.github/vpn/config.ovpn @@ -0,0 +1,46 @@ +dev tun +tls-client + +remote AUTO_REPLACED_HOST AUTO_REPLACED_PORT + +# The "float" tells OpenVPN to accept authenticated packets from any address, +# not only the address which was specified in the --remote option. +# This is useful when you are connecting to a peer which holds a dynamic address +# such as a dial-in user or DHCP client. +# (Please refer to the manual of OpenVPN for more information.) + +#float + +# If redirect-gateway is enabled, the client will redirect it's +# default network gateway through the VPN. +# It means the VPN connection will firstly connect to the VPN Server +# and then to the internet. +# (Please refer to the manual of OpenVPN for more information.) + +#redirect-gateway def1 + +# dhcp-option DNS: To set primary domain name server address. +# Repeat this option to set secondary DNS server addresses. + +#dhcp-option DNS DNS_IP_ADDRESS + +pull + +# If you want to connect by Server's IPv6 address, you should use +# "proto udp6" in UDP mode or "proto tcp6-client" in TCP mode +proto tcp-client + +script-security 2 + + +comp-lzo + +reneg-sec 0 + +cipher AES-256-CBC + +auth SHA512 + +auth-user-pass + +ca ca.crt \ No newline at end of file diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index a778cf1..a4c58f4 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: env: - VPN_DNS_SERVER: 10.33.33.1 + VPN_DNS_SERVER: 192.168.1.1 jobs: test: @@ -22,12 +22,13 @@ jobs: host: ${{ secrets.VPN_HOST }} username: ${{ secrets.VPN_USERNAME }} password: ${{ secrets.VPN_PASSWORD }} - otp-hex: ${{ secrets.VPN_OTP }} - otp-timezone: 'Europe/Zurich' +# otp-hex: ${{ secrets.VPN_OTP }} +# otp-timezone: 'Europe/Zurich' dns-server: ${{ env.VPN_DNS_SERVER }} ca: ${{ secrets.VPN_CA_CRT }} - cert: ${{ secrets.VPN_CERT_CRT }} - cert-key: ${{ secrets.VPN_CERT_KEY }} +# cert: ${{ secrets.VPN_CERT_CRT }} +# cert-key: ${{ secrets.VPN_CERT_KEY }} + test-ping-ip-host: ${{ env.VPN_DNS_SERVER }} - name: Test Ping run: ping ${{ env.VPN_DNS_HOST }} -c5 From 7b12c6cde2581d6a8629727c9766fc8789a6e5ed Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 13:51:57 +0100 Subject: [PATCH 06/19] removed typo --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index f6df5d3..cf0d473 100644 --- a/action.yml +++ b/action.yml @@ -82,7 +82,7 @@ runs: - name: Connect VPN run: sudo openvpn --config ${{ inputs.ovpn-config }} --auth-user-pass secret.txt --log "vpn.log" --daemon - shell: bash# + shell: bash - name: Update DNS server if: (inputs.dns-server != null) From 27ac6e9220423eea5581376bf6fc3ecbfdfa65e6 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 13:52:13 +0100 Subject: [PATCH 07/19] removed typo --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index cf0d473..7b4e4ed 100644 --- a/action.yml +++ b/action.yml @@ -16,7 +16,7 @@ inputs: required: false ovpn-config: description: 'Path to .ovpn config' - require: false + required: false default: '.github/vpn/config.ovpn' test-ping-ip-host: description: 'Host IP to ping for VPN connection test, DNS names not supported, use test-dns-host instead' From 66087337c1b67ecafc39c1b8825004ad0f178a1d Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 13:55:17 +0100 Subject: [PATCH 08/19] Fixed connection test --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 7b4e4ed..a2021a5 100644 --- a/action.yml +++ b/action.yml @@ -99,7 +99,7 @@ runs: - name: Wait for a VPN connection with default test ping ip host if: inputs.test-ping-ip-host != null - run: timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done; do sleep 2; done || exit 1 + run: timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done || exit 1 shell: bash - name: Show VPN log From 6cbda285f9e130ce5961d01fd741b629857fe422 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 13:59:23 +0100 Subject: [PATCH 09/19] Fixed connection test multiline --- action.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index a2021a5..bc8698b 100644 --- a/action.yml +++ b/action.yml @@ -99,7 +99,10 @@ runs: - name: Wait for a VPN connection with default test ping ip host if: inputs.test-ping-ip-host != null - run: timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done || exit 1 + run: | + timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do + sleep 2 + done || exit 1 shell: bash - name: Show VPN log From 134805e5866d4e4ec5a9ca3a4e06a56b0775e5d6 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 14:01:58 +0100 Subject: [PATCH 10/19] Fixed connection test timeout --- action.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/action.yml b/action.yml index bc8698b..5674c99 100644 --- a/action.yml +++ b/action.yml @@ -59,7 +59,7 @@ runs: - name: Install OpenVPN run: | sudo apt update - sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf + sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf timeout shell: bash - name: Setup VPN config @@ -99,10 +99,7 @@ runs: - name: Wait for a VPN connection with default test ping ip host if: inputs.test-ping-ip-host != null - run: | - timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do - sleep 2 - done || exit 1 + run: timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done || exit 1 shell: bash - name: Show VPN log From 381ef9cae027caff33c0618b6a5a088bfb3c91c2 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 14:04:28 +0100 Subject: [PATCH 11/19] Fixed connection test timeout --- action.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 5674c99..5079a28 100644 --- a/action.yml +++ b/action.yml @@ -59,7 +59,7 @@ runs: - name: Install OpenVPN run: | sudo apt update - sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf timeout + sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf coreutils shell: bash - name: Setup VPN config @@ -104,10 +104,12 @@ runs: - name: Show VPN log uses: webiny/action-post-run@3.0.0 + if: always() with: run: sudo cat vpn.log - name: Kill VPN connection uses: webiny/action-post-run@3.0.0 + if: always() with: run: sudo killall openvpn \ No newline at end of file From 1b697f5231aa81ba44781e5cd1b47e8e1741ac2d Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 14:26:34 +0100 Subject: [PATCH 12/19] Fixed connection test timeout --- action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 5079a28..2b8a6d8 100644 --- a/action.yml +++ b/action.yml @@ -99,7 +99,7 @@ runs: - name: Wait for a VPN connection with default test ping ip host if: inputs.test-ping-ip-host != null - run: timeout 60 until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done || exit 1 + run: until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done || exit 1 shell: bash - name: Show VPN log From 8d1cd87d65a1ca34c1ed80d274d7a222b938e1a4 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 14:41:34 +0100 Subject: [PATCH 13/19] Fixed connection test --- action.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/action.yml b/action.yml index 2b8a6d8..31106a6 100644 --- a/action.yml +++ b/action.yml @@ -21,9 +21,9 @@ inputs: test-ping-ip-host: description: 'Host IP to ping for VPN connection test, DNS names not supported, use test-dns-host instead' required: false - # test-dns-host: - # description: 'Internal hostname to resolve for VPN connection test' - # required: false + test-dns-host: + description: 'Hostname to resolve via VPN DNS server for VPN connection test' + required: false port: description: 'Port of OpenVPN server' required: false @@ -97,6 +97,11 @@ runs: run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 shell: bash + - name: Wait for a VPN connection with custom DNS test + if: (inputs.dns-server != null) && (inputs.test-dns-host != null) && (inputs.test-ping-ip-host == null) + run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.test-dns-host }} A +time=1; do sleep 2; done || exit 1 + shell: bash + - name: Wait for a VPN connection with default test ping ip host if: inputs.test-ping-ip-host != null run: until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done || exit 1 From 0555c9839e7b96fdb4e77a168dd14a8d233ca88e Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 14:42:13 +0100 Subject: [PATCH 14/19] Fixed connection test --- .github/workflows/test-action.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index a4c58f4..ad71e15 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -28,10 +28,11 @@ jobs: ca: ${{ secrets.VPN_CA_CRT }} # cert: ${{ secrets.VPN_CERT_CRT }} # cert-key: ${{ secrets.VPN_CERT_KEY }} - test-ping-ip-host: ${{ env.VPN_DNS_SERVER }} +# test-ping-ip-host: ${{ env.VPN_DNS_SERVER }} + test-dns-host: google.ch - name: Test Ping - run: ping ${{ env.VPN_DNS_HOST }} -c5 + run: ping ${{ env.VPN_DNS_SERVER }} -c5 - name: Test DNS - run: dig dreikom.local \ No newline at end of file + run: dig google.ch \ No newline at end of file From 35335318e29786134be9966d7811d4a9d0cbf509 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 14:51:59 +0100 Subject: [PATCH 15/19] Removed action timeout --- action.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index 31106a6..4575feb 100644 --- a/action.yml +++ b/action.yml @@ -59,7 +59,7 @@ runs: - name: Install OpenVPN run: | sudo apt update - sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf coreutils + sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf shell: bash - name: Setup VPN config @@ -93,13 +93,13 @@ runs: shell: bash - name: Wait for a VPN connection with default DNS test - if: (inputs.dns-server != null) && (inputs.test-ping-ip-host == null) - run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 + if: (inputs.dns-server != null) && (inputs.test-ping-ip-host == null) && (inputs.test-dns-host == null) + run: until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 shell: bash - name: Wait for a VPN connection with custom DNS test if: (inputs.dns-server != null) && (inputs.test-dns-host != null) && (inputs.test-ping-ip-host == null) - run: timeout 60 until dig @${{ inputs.dns-server }} ${{ inputs.test-dns-host }} A +time=1; do sleep 2; done || exit 1 + run: until dig @${{ inputs.dns-server }} ${{ inputs.test-dns-host }} A +time=1; do sleep 2; done || exit 1 shell: bash - name: Wait for a VPN connection with default test ping ip host From ee7fbb1138374719c6307e7c88e899aeb82b54cd Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 15:46:06 +0100 Subject: [PATCH 16/19] Added scripts to test vpn --- action.yml | 8 ++++---- test-dns.sh | 21 +++++++++++++++++++++ test-ping.sh | 20 ++++++++++++++++++++ 3 files changed, 45 insertions(+), 4 deletions(-) create mode 100644 test-dns.sh create mode 100644 test-ping.sh diff --git a/action.yml b/action.yml index 4575feb..7d2ac1d 100644 --- a/action.yml +++ b/action.yml @@ -94,17 +94,17 @@ runs: - name: Wait for a VPN connection with default DNS test if: (inputs.dns-server != null) && (inputs.test-ping-ip-host == null) && (inputs.test-dns-host == null) - run: until dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; do sleep 2; done || exit 1 + run: ./test-dns.sh ${{ inputs.dns-server }} ${{ inputs.dns-server }} shell: bash - name: Wait for a VPN connection with custom DNS test - if: (inputs.dns-server != null) && (inputs.test-dns-host != null) && (inputs.test-ping-ip-host == null) - run: until dig @${{ inputs.dns-server }} ${{ inputs.test-dns-host }} A +time=1; do sleep 2; done || exit 1 + if: (inputs.dns-server != null) && (inputs.test-dns-host != null) + run: ./test-dns.sh ${{ inputs.test-dns-host }} ${{ inputs.dns-server }} shell: bash - name: Wait for a VPN connection with default test ping ip host if: inputs.test-ping-ip-host != null - run: until ping -c1 ${{ inputs.test-ping-ip-host }}; do sleep 2; done || exit 1 + run: ./test-ping.sh ${{ inputs.test-ping-ip-host }} shell: bash - name: Show VPN log diff --git a/test-dns.sh b/test-dns.sh new file mode 100644 index 0000000..f224247 --- /dev/null +++ b/test-dns.sh @@ -0,0 +1,21 @@ +#!/bin/bash +DOMAIN_NAME=$1 +DNS_SERVER=$2 +MAX=10 +INTERVAL=1 +COUNTER=0 +while [ $COUNTER -lt $MAX ]; do + # shellcheck disable=SC2034 + output=$(dig @"$DNS_SERVER" +short "$DOMAIN_NAME") + # shellcheck disable=SC2181 + if [ $? -eq 0 ]; then + echo "DNS resolution was successful." + exit 0 + else + echo "DNS resolution failed." + COUNTER=$((COUNTER+INTERVAL)) + sleep $INTERVAL + fi +done +echo "DNS resolution timed out" +exit 1 \ No newline at end of file diff --git a/test-ping.sh b/test-ping.sh new file mode 100644 index 0000000..5b5d374 --- /dev/null +++ b/test-ping.sh @@ -0,0 +1,20 @@ +#!/bin/bash +IP_ADDRESS=$1 +MAX=10 +INTERVAL=1 +COUNTER=0 +while [ $COUNTER -lt $MAX ]; do + # shellcheck disable=SC2034 + output=$(ping -c 1 -W 1 "$IP_ADDRESS") + # shellcheck disable=SC2181 + if [ $? -eq 0 ]; then + echo "Ping was successful." + exit 0 + else + echo "Ping to $IP_ADDRESS failed." + COUNTER=$((COUNTER+INTERVAL)) + sleep $INTERVAL + fi +done +echo "Ping timed out" +exit 1 \ No newline at end of file From 16ffec38de57a5c41bd4444d8605c169d902148d Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 15:49:30 +0100 Subject: [PATCH 17/19] Added scripts to test vpn --- test-dns.sh | 2 -- test-ping.sh | 2 -- 2 files changed, 4 deletions(-) diff --git a/test-dns.sh b/test-dns.sh index f224247..3cd3f90 100644 --- a/test-dns.sh +++ b/test-dns.sh @@ -5,9 +5,7 @@ MAX=10 INTERVAL=1 COUNTER=0 while [ $COUNTER -lt $MAX ]; do - # shellcheck disable=SC2034 output=$(dig @"$DNS_SERVER" +short "$DOMAIN_NAME") - # shellcheck disable=SC2181 if [ $? -eq 0 ]; then echo "DNS resolution was successful." exit 0 diff --git a/test-ping.sh b/test-ping.sh index 5b5d374..2fdfe94 100644 --- a/test-ping.sh +++ b/test-ping.sh @@ -4,9 +4,7 @@ MAX=10 INTERVAL=1 COUNTER=0 while [ $COUNTER -lt $MAX ]; do - # shellcheck disable=SC2034 output=$(ping -c 1 -W 1 "$IP_ADDRESS") - # shellcheck disable=SC2181 if [ $? -eq 0 ]; then echo "Ping was successful." exit 0 From 2c2d840e9b820b981db27c601afb63373a60ce9e Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 15:53:34 +0100 Subject: [PATCH 18/19] Added scripts to test vpn --- test-dns.sh | 2 ++ test-ping.sh | 2 ++ 2 files changed, 4 insertions(+) mode change 100644 => 100755 test-dns.sh mode change 100644 => 100755 test-ping.sh diff --git a/test-dns.sh b/test-dns.sh old mode 100644 new mode 100755 index 3cd3f90..f224247 --- a/test-dns.sh +++ b/test-dns.sh @@ -5,7 +5,9 @@ MAX=10 INTERVAL=1 COUNTER=0 while [ $COUNTER -lt $MAX ]; do + # shellcheck disable=SC2034 output=$(dig @"$DNS_SERVER" +short "$DOMAIN_NAME") + # shellcheck disable=SC2181 if [ $? -eq 0 ]; then echo "DNS resolution was successful." exit 0 diff --git a/test-ping.sh b/test-ping.sh old mode 100644 new mode 100755 index 2fdfe94..5b5d374 --- a/test-ping.sh +++ b/test-ping.sh @@ -4,7 +4,9 @@ MAX=10 INTERVAL=1 COUNTER=0 while [ $COUNTER -lt $MAX ]; do + # shellcheck disable=SC2034 output=$(ping -c 1 -W 1 "$IP_ADDRESS") + # shellcheck disable=SC2181 if [ $? -eq 0 ]; then echo "Ping was successful." exit 0 From 9f45c2a264b19c48e10e61bb294f82f3b89d2a52 Mon Sep 17 00:00:00 2001 From: swissbuechi Date: Sat, 24 Dec 2022 15:56:39 +0100 Subject: [PATCH 19/19] Test ping host vpn --- .github/workflows/test-action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml index ad71e15..ec4d96f 100644 --- a/.github/workflows/test-action.yml +++ b/.github/workflows/test-action.yml @@ -28,8 +28,8 @@ jobs: ca: ${{ secrets.VPN_CA_CRT }} # cert: ${{ secrets.VPN_CERT_CRT }} # cert-key: ${{ secrets.VPN_CERT_KEY }} -# test-ping-ip-host: ${{ env.VPN_DNS_SERVER }} - test-dns-host: google.ch + test-ping-ip-host: ${{ env.VPN_DNS_SERVER }} +# test-dns-host: google.ch - name: Test Ping run: ping ${{ env.VPN_DNS_SERVER }} -c5