Skip to content

Instantly share code, notes, and snippets.

@serinko
Last active March 8, 2024 21:33
Show Gist options
  • Save serinko/d65450653d6bbafacbcee71c9cb8fb31 to your computer and use it in GitHub Desktop.
Save serinko/d65450653d6bbafacbcee71c9cb8fb31 to your computer and use it in GitHub Desktop.
Donwload, verify and run NymVPN CLI alpha binary
#!/bin/bash
# this is a copy of a script by @tommy1987 with a few edited vars to work on Linux distros
# link to the original script https://gist.github.com/tommyv1987/87267ded27e1eb7651aa9cc745ddf4af
echo "welcome to the nym-cli installation"
echo
release_url="https://api.github.com/repos/nymtech/nym-vpn-client/releases"
current_file_version=$(curl -s $release_url | jq -r '.[].tag_name' | grep '^nym-vpn-cli-v' | sort -Vr | head -n 1 | awk -F'-v' '{print $NF}')
linux_cli="nym-vpn-cli_${current_file_version}_ubuntu-22.04_x86_64.tar.gz"
mac_cli="nym-vpn-cli_${current_file_version}_macos_universal.tar.gz"
download_page="https://github.com/nymtech/nym-vpn-client/releases/tag/nym-vpn-cli-v${current_file_version}"
sandbox_env_url="https://raw.githubusercontent.com/nymtech/nym/develop/envs/sandbox.env"
nym_vpn_cli_dir="$HOME/nym-vpn-cli-dir"
endpoint="https://sandbox-nym-api1.nymtech.net/api/v1/gateways/described"
machine=$(uname -s)
download="https://github.com/nymtech/nym-vpn-client/releases/tag/nym-vpn-cli-v${current_file_version}"
html_content=$(curl -sL "$download_page")
# this will query github if the html content returns a 404, guess what there's no download page :)
if [[ $html_content == *'<img alt="404 &ldquo;This is not the web page you are looking for&rdquo;"'* ]]; then
echo "🚨 404 🚨 error page - 🚨 whooops 🚨 . the version may not exist or the page is unavailable."
exit 1
else
echo "the download page is accessible. proceeding with the installation βœ… "
fi
case "$machine" in
Darwin*)
download="https://github.com/nymtech/nym-vpn-client/releases/download/nym-vpn-cli-v${current_file_version}/${mac_cli}"
file=$mac_cli
;;
Linux*)
download="https://github.com/nymtech/nym-vpn-client/releases/download/nym-vpn-cli-v${current_file_version}/${linux_cli}"
file=$linux_cli
;;
*)
echo "invalid platform. This script supports Mac and Linux only."
exit 1
;;
esac
json_array=()
echo "πŸš€ 🏎 - please be patient, fetching entry points... πŸš€ 🏎 "
data=$(curl -s "$endpoint" | jq -c '.[] | {host: .bond.gateway.host, hostname: .self_described.host_information.hostname, identity_key: .bond.gateway.identity_key, exitGateway: .self_described.ip_packet_router.address}')
while IFS= read -r entry; do
host=$(echo "$entry" | jq -r '.host')
hostname=$(echo "$entry" | jq -r '.hostname')
identity_key=$(echo "$entry" | jq -r '.identity_key')
exit_gateway_address=$(echo "$entry" | jq -r '.exitGateway // empty')
valid_ip=$(echo "$host")
if [ -n "$exit_gateway_address" ]; then
exit_gateway="{\"address\": \"$exit_gateway_address\"}"
else
exit_gateway="{}"
fi
if [[ $valid_ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
country_info=$(curl -s "http://ipinfo.io/${valid_ip}/country" | tr -d '\n')
country_info_escaped=$(echo "$country_info" | tr -d '\n' | jq -aRs . | tr -d '"')
else
country_info_escaped=""
fi
json_object="{\"hostname\": \"$hostname\", \"identityKey\": \"$identity_key\", \"exitGateway\": $exit_gateway, \"location\": \"$country_info_escaped\"}"
json_array+=("$json_object")
done < <(echo "$data")
if [ $? -ne 0 ]; then
echo "error fetching data from endpoint."
exit 1
fi
if [ -d $nym_vpn_cli_dir ]; then
echo "removing and creating new $nym_vpn_cli_dir directory..."
rm -rf $nym_vpn_cli_dir
mkdir -p "$nym_vpn_cli_dir"
else
echo "creating new $nym_vpn_cli_dir directory..."
mkdir -p "$nym_vpn_cli_dir"
fi
cd "$nym_vpn_cli_dir" || {
echo "failed to change directory. please check permissions."
exit 1
}
echo "downloading: $download"
echo "downloading CLI..."
curl -LO "$download"
echo "untarring CLI..."
echo "$file"
tar -xvf "$file"
# get the tar file directory
cli_directory=$(echo $file | sed 's/.tar.gz$//')
mv ${cli_directory}/nym-vpn-cli .
echo "changing perms on cli to be executable"
chmod u+x nym-vpn-cli
read -p "do you want to verify the checksum? [y/N]: " verify_checksum
if [[ $verify_checksum == [yY] ]]; then
echo "please enter the full text for example: '2e0b33c1468a7453745f9a3325989399ba216972689b6a76348a1c6759a5e7e6' for your zip ${file_name}"
read -p "what is the checksum presented on the downloads page for the zip file: ${download_page}? " checksum
if command -v sha256sum &>/dev/null; then
calculated_checksum=$(sha256sum "$file" | awk '{print $1}')
elif command -v shasum &>/dev/null; then
calculated_checksum=$(shasum -a 256 "$file" | awk '{print $1}')
else
echo "checksum tool not found. unable to verify the checksum. πŸ€” "
exit 1
fi
if [ "$calculated_checksum" == "$checksum" ]; then
echo "checksum verified. download is valid."
else
echo "checksum does not match. the binary may be corrupted or tampered with - contact a nym member"
fi
else
echo "skipping checksum verification..."
fi
echo "removing tar file"
rm -f "$file"
rm -rf "$cli_directory"
echo "downloading .env file..."
curl -L "$sandbox_env_url" -o .env || {
echo "failed to download .env file. please check your internet connection."
exit 1
}
echo "script completed. the CLI and configuration files are in $nym_vpn_cli_dir."
echo "let's launch the CLI."
printf "%s\n" "${json_array[@]}" | jq -s .
read -p "enter a gateway identity key: " identity_key
read -p "enter an exit address: " exit_address
read -p "do you want five hop or two hop? (five || two): " response
case $response in
two)
echo "launching 2 hop mixnet βœ… "
read -p "do you want to run WireGuard? (yes | no): " enable_wireguard
enable_wireguard=$(echo "$enable_wireguard" | tr '[:upper:]' '[:lower:]')
if [ "$enable_wireguard" == "yes" ]; then
read -p "enter WireGuard private key: " priv_key
read -p "enter WireGuard IP address: " wg_ip
sudo ./nym-vpn-cli -c .env --entry-gateway-id "$identity_key" --exit-router-address "$exit_address" --enable-wireguard --private-key "$priv_key" --wg-ip "$wg_ip"
else
sudo ./nym-vpn-cli -c .env --entry-gateway-id "$identity_key" --exit-router-address "$exit_address"
fi
;;
five)
echo "launching 5 hop mixnet βœ… "
read -p "do you want to run WireGuard? (yes | no): " enable_wireguard
enable_wireguard=$(echo "$enable_wireguard" | tr '[:upper:]' '[:lower:]')
if [ "$enable_wireguard" == "yes" ]; then
read -p "enter WireGuard private key: " priv_key
read -p "enter WireGuard IP address: " wg_ip
sudo ./nym-vpn-cli -c .env --entry-gateway-id "$identity_key" --exit-router-address "$exit_address" --enable-wireguard --private-key "$priv_key" --wg-ip "$wg_ip"
else
sudo ./nym-vpn-cli -c .env --entry-gateway-id "$identity_key" --exit-router-address "$exit_address"
fi
;;
*) ;;
esac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment