diff --git a/Dockerfile b/Dockerfile index bd11a61..8e7f0ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,6 +12,7 @@ ENV OPENVPN_OPTS= ENV CONNECTION_TYPE=tcp ENV LAN_NETWORK= ENV CREATE_TUN_DEVICE= +ENV OVPN_CONFIGS= HEALTHCHECK --interval=60s --timeout=10s --start-period=30s CMD curl -L 'https://ipinfo.io' COPY startup.sh . RUN apk add --update --no-cache openvpn wget unzip coreutils curl && chmod +x ./startup.sh diff --git a/README.md b/README.md index c1ec87c..fa2c297 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ The container is configurable using 5 environment variables: |CONNECTION_TYPE|No|The connection type that you want to use: tcp, udp| |LAN_NETWORK|No|Lan network used to access the web ui of attached containers. Can be comma seperated for multiple subnets Comment out or leave blank: example 192.168.0.0/24| |CREATE_TUN_DEVICE|No|Creates the TUN device, useful for NAS users| +|OVPN_CONFIGS|No|Manually provide "Surfshark_Config.zip" file (contains surfshark OpenVPN configuration files) `SURFSHARK_USER` and `SURFSHARK_PASSWORD` are provided at this page: [https://my.surfshark.com/vpn/manual-setup/main](https://my.surfshark.com/vpn/manual-setup/main). @@ -103,6 +104,31 @@ If you want access to an attached container's web ui you will also need to expos If you face network connection problems, I suggest you to set a specific DNS server for each container. +## Provide OpenVPN Configs Manually + +Sometimes the startup.sh script fails to download OpenVPN configs file from https://my.surfshark.com/vpn/api/v1/server/configurations. Possibly this happens due to some form of DDoS protection on surfshark's website. The following helped me resolve the problem: + +1. Go to https://surfshark.com. +2. Click the "Log in" button. +3. This will display the "checking browser security" screen (typical DDoS protection middleware). +4. Once you're on https://my.surfshark.com/home/dashboard, paste https://my.surfshark.com/vpn/api/v1/server/configurations into your browser's URL bar, this will download the `Surfshark_Config.zip` file. Save the file somewhere. + + Typically, these DDoS protection middlewares will set some sort of cookie if the check is successful. This makes it possible to reach the target URL via the browser. +5. Create docker volume: `docker volume create surfshark-config`. +6. Find where it's located at: `docker volume inspect surfshark-config` ("Mountpoint" field). + + In my case it's: `/var/lib/docker/volumes/surfshark-config/_data` + +7. Copy `Surfshark_Config.zip` to it: + + `sudo cp Surfshark_Config.zip /var/lib/docker/volumes/surfshark-config/_data` + +8. Run the container with appropriate options: + + `-v surfshark-config:/ovpn-configs` (mount the volume) + + `-e OVPN_CONFIGS=/ovpn-configs/Surfshark_Config.zip` (specify environment variable) + ## Do you like my work?

diff --git a/startup.sh b/startup.sh index b748743..1d32ca9 100644 --- a/startup.sh +++ b/startup.sh @@ -1,7 +1,10 @@ #!/bin/sh rm -rf ovpn_configs* -wget -O ovpn_configs.zip https://my.surfshark.com/vpn/api/v1/server/configurations -unzip ovpn_configs.zip -d ovpn_configs +if [ -z "${OVPN_CONFIGS}" ]; then + wget -O ovpn_configs.zip https://my.surfshark.com/vpn/api/v1/server/configurations + OVPN_CONFIGS=ovpn_configs.zip +fi +unzip "${OVPN_CONFIGS}" -d ovpn_configs cd ovpn_configs VPN_FILE=$(ls "${SURFSHARK_COUNTRY}"* | grep "${SURFSHARK_CITY}" | grep "${CONNECTION_TYPE}" | shuf | head -n 1) echo Chose: ${VPN_FILE}