Last active
February 25, 2024 22:55
-
-
Save stangri/2a891e34572f3d8d40479b15e080bdce to your computer and use it in GitHub Desktop.
Using PIA WG scripts on OpenWrt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
opkg update; opkg install git git-http; | |
pia_update() { | |
local i iface config | |
local host port fw_reload_flag | |
local fw_network="$(uci -q get firewall.@zone[1].network)" | |
if [ -z "$(opkg list-installed git)" ] || [ -z "$(opkg list-installed git-http)" ]; then | |
opkg update | |
opg install git git-http | |
fi | |
cd /root/ | |
git clone --depth 1 https://github.com/pia-foss/manual-connections.git pia-config | |
cd pia-config || return 1 | |
sed -i '/ncolors=/d;/check_tool wg-quick/d;/setDNS="no"/d' ./*.sh | |
export DISABLE_IPV6=y | |
export DIP_TOKEN=no | |
export AUTOCONNECT=false | |
export PIA_CONNECT=false | |
export PIA_DNS=true | |
export PIA_PF=false | |
export PIA_USER=XXXXXXXXXXXXX | |
export PIA_PASS=YYYYYYYYYYYYY | |
export VPN_PROTOCOL=wireguard | |
# find out names of WG servers you want to connect to and add them below | |
for i in 'piaus:us-streaming-1' 'piaus:us-streaming-2'; do | |
iface="${i%:*}" | |
config="${i##*:}" | |
[ -n "$1" ] && [ "${1//$iface}" = "$1" ] && continue | |
PREFERRED_REGION="${config}" PIA_CONF_PATH="/root/pia-config/${config}.conf" ./run_setup.sh | |
echo -en "Migrating pia-config ${config} to network interface ${iface}... " | |
source <(grep '=' "/root/pia-config/${config}.conf" | sed 's/ *= */=/g') | |
uci -q del "network.${iface}" | |
uci set "network.${iface}=interface" | |
uci set "network.${iface}.proto=wireguard" | |
uci set "network.${iface}.private_key=${PrivateKey}" | |
uci set "network.${iface}.peerdns=0" | |
uci add_list "network.${iface}.addresses=${Address}" | |
uci add_list "network.${iface}.dns=${DNS}" | |
host="${Endpoint%:*}" | |
port="${Endpoint##*:}" | |
while uci -q del "network.@wireguard_${iface}[-1]"; do :; done | |
uci add network "wireguard_${iface}" | |
uci set "network.@wireguard_${iface}[-1]=wireguard_${iface}" | |
uci set "network.@wireguard_${iface}[-1].public_key=${PublicKey}" | |
uci set "network.@wireguard_${iface}[-1].endpoint_host=${host}" | |
uci set "network.@wireguard_${iface}[-1].endpoint_port=${port}" | |
uci add_list "network.@wireguard_${iface}[-1].allowed_ips=0.0.0.0/0" | |
uci set "network.@wireguard_${iface}[-1].persistent_keepalive=25" | |
uci set "network.@wireguard_${iface}[-1].route_allowed_ips=0" | |
uci commit network | |
if [ "${fw_network//$iface}" = "$fw_network" ]; then | |
fw_reload_flag=1 | |
uci del_list "firewall.@zone[1].network=${iface}" | |
uci add_list "firewall.@zone[1].network=${iface}" | |
fi | |
echo "OK" | |
ifdown "$iface" | |
ifup "$iface" | |
done | |
[ -n "$fw_reload_flag" ] && uci commit firewall && service firewall reload | |
} | |
pia_update |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment