Coder Social home page Coder Social logo

iq-scm / tunnelbear-helper Goto Github PK

View Code? Open in Web Editor NEW

This project forked from jennifermack/tunnelbear-helper

0.0 0.0 0.0 12 KB

A script and configuration files for ArchLinux for use with the TunnelBear VPN service.

License: MIT License

Shell 25.93% Ruby 74.07%

tunnelbear-helper's Introduction

TunnelBear-Helper

A script and configuration files for ArchLinux for use with the TunnelBear VPN service.

TunnelBear is a VPN service that recently started supporting Linux. They have provided the OpenVPN configuration files, and instructions for installation. The instructions are for systems running NetworkManager in a graphical environment. For headless servers that don’t run a window manager, it’s a bit more difficult.

The following instructions have been tested on a ArchLinux ARM system installed on a PogoPlug. This should work equally well on a Raspberry Pi running Arch. Overall, it should be compatible with any flavor of linux that uses systemd to manage services.

The basics steps are:

  • Rename the files to something sensible.
  • Install the config files.
  • Install the systemd unit file.
  • Install the helper script.

Requirements are:

  • An up-to-date ArchLinux installation.
  • A TunnelBear account at the Giant or Grizzly level.
  • The ruby language needs to be installed to use the optional tunnelbear script.

tb-downloader.sh

This is a shell script that automates the downloading and renaming process. It needs curl for the downloading, and either sudo or root privs for the final chown step.

If you've already downloaded the config files, comment out the line beginning with curl. Then run script from the same directory as the downloaded file.

Initial setup

Install openvpn if it’s not already installed.

sudo pacman -S openvpn

The TunnelBear OpenVPN config files need to be downloaded. They can be found at a link on the Linux support page. The file is named openvpn.zip. This name may change in the future. Adjust the following commands if that happens.

After downloading, upzip the file and rename the folder.

unzip openvpn.zip
mv openvpn tunnelbear.d

File renaming

The file names of the configuration files are not command line friendly. They are excessively long and contain spaces. Doing this step will save a lot of troubleshooting time.

The rename command is included in the default Arch installation. First, remove the TunnelBear  prefix.

rename -v 'TunnelBear ' '' tunnelbear.d/TunnelBear*

Then remove the spaces from two remaining files.

rename -v ' ' '' tunnelbear.d/*

Authorization file

TunnelBear uses user/password authentication on top of the provided key files. OpenVPN can load this information from a file when it’s started. The TunnelBear systemd unit file expects a key file, if you don’t want to use one, delete the --auth-user-pass /etc/openvpn/tunnelbear.d/tb-auth.key \ line from that file. But then the username and password will have to entered everytime a connection is started.

Create the auth file in the same folder as the config files.

touch tunnelbear.d/tb-auth.key
nano tunnelbear.d/tb-auth.key

The auth file is two lines only. This is the same information that is used to log into the TunnelBear website. email password

File permissions

The files need to be owned by the root account, and not otherwise readable. Change the permissions, and then the ownership.

chmod 600 tunnelbear.d/*
sudo chown root:root tunnelbear.d/*

Installation

Finally! First copy the the config folder into place.

sudo cp -r tunnelbear.d /etc/openvpn/

Copy the systemd unit file into place.

sudo cp tunnelbear\@.service /usr/lib/systemd/system/

Copy the tunnelbear script into place.

sudo cp tunnelbear /usr/local/bin/

Usage

To start the VPN manually, the systemd command is tunnelbear@ followed by the country name.

sudo systemctl start tunnelbear@Sweden

It functions as a regular systemd service, and the start, stop, restart, and status commands act as expected.

To start a connection on system startup, it must be enabled.

sudo systemctl enable tunnelbear@Sweden

Once enabled, it still must be started manually the first time. Then it will start up automatically.

This method creates a unique tunnelbear service using the OpenVPN program. The openvpn service is still available, and can be run independently. But only one OpenVPN session can be active at any give time. If TunnelBear is the only service that will connected, then only use the the tunnelbear service. The openvpn service won’t recognize the TunnelBear configuration files.

TunnelBear script

The tunnelbear script can start, stop, a connection. It can also query if a TunnelBear connection is active.

TunnelBear menu

The command by itself will provide a menu of exit points. Choosing the number next to a country name will create a connection to there.

$ tunnelbear

The menu:

1 Australia
2 Canada
3 France
4 Germany
5 Ireland
6 Japan
7 Spain
8 Sweden
9 Switzerland
10 UnitedKingdom
11 UnitedStates
==========
VPN choice? (1 to 11):

Choosing the number of a country starts the connection and asks for a confirmation.

VPN choice? (1 to 11): 4
Tunneling to TunnelBear Germany? [Y/n]: 
Connecting to Germany...

TunnelBear direct

Starting the script with the name of a country as an option will bypass the menu.

$ tunnelbear Japan
Tunneling to TunnelBear Japan...

TunnelBear query

The status option will query the system for a running process and return the connected country and process ID.

$ tunnelbear status
TunnelBear is roaring in Japan (pid: 20868).

TunnelBear stop

To stop a running connections, simple start the script with the stop option.

$ tunnelbear stop

Errors

If the script is not run as root, systemd will complain. If a number is entered that is not on the menu, ruby will complain.

DNS

Once the TunnelBear is roaring, make sure to check for Internet connectivity. Once the VPN is up and running, the name servers from the local ISP are not available. If this happens the resolv.conf file must be updated. With the default configuration of ArchLinux this file is a symlink that gets updated automatically. Overriding the defaults is easy, and will use OpenDNS whether the VPN is up or not.

Edit /etc/systemd/network/eth0.network to:

[Match]
Name=eth0

[Network]
DHCP=both
DNS=208.67.222.222
DNS=208.67.220.220

[DHCP]
UseDNS=false

Save the file, then restart the network daemon.

$ sudo systemctl restart systemd-networkd

Checking /etc/resolv.conf should now show only our OpenDNS servers.

If it dosent add them manualy by editing your resolv.conf file

sudo nano /etc/resolv.conf

add the following lines

nameserver 208.67.222.222
nameserver 208.67.220.220

tunnelbear-helper's People

Contributors

jennifermack avatar osandoval avatar tawanda avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.