Dateien nach "scripts" hochladen

This commit is contained in:
2026-04-21 17:36:22 +02:00
parent fe26ce4cbb
commit 23d808e9b9
+44 -43
View File
@@ -237,9 +237,9 @@ write_vpn_config() {
local VPN_SERVER_LINE="" local VPN_SERVER_LINE=""
local VPN_CUSTOM_LINE="" local VPN_CUSTOM_LINE=""
if [[ -n "$VPN_HOSTNAME" ]]; then if [[ -n "$VPN_HOSTNAME" ]]; then
# Dedicated-IP: Custom Config direkt mit IP bypasses Gluetun Hostname-Validierung # Dedicated-IP: Custom Build hat den Hostname in der Binary → normaler nordvpn Provider
VPN_SERVER_LINE=" - VPN_SERVICE_PROVIDER=custom" VPN_SERVER_LINE=" - VPN_SERVICE_PROVIDER=nordvpn"
VPN_CUSTOM_LINE=" - OPENVPN_CUSTOM_CONFIG=/gluetun/nordvpn-custom.conf" VPN_CUSTOM_LINE=" - SERVER_HOSTNAMES=${VPN_HOSTNAME}"
else else
VPN_SERVER_LINE=" - VPN_SERVICE_PROVIDER=nordvpn" VPN_SERVER_LINE=" - VPN_SERVICE_PROVIDER=nordvpn"
VPN_CUSTOM_LINE=" - SERVER_COUNTRIES=${VPN_COUNTRY}" VPN_CUSTOM_LINE=" - SERVER_COUNTRIES=${VPN_COUNTRY}"
@@ -357,12 +357,23 @@ start_and_verify() {
if [[ -n "${VPN_HOSTNAME:-}" ]]; then if [[ -n "${VPN_HOSTNAME:-}" ]]; then
step "Gluetun Custom Build für ${VPN_HOSTNAME}" step "Gluetun Custom Build für ${VPN_HOSTNAME}"
# IP per DNS auflösen # IP ermitteln: zuerst per DNS, dann User bestätigen lassen
local server_ip="" local server_ip=""
server_ip=$(pct exec "$SEL_ID" -- bash -c "getent hosts ${VPN_HOSTNAME} 2>/dev/null | awk '{print \$1}' | head -1" 2>/dev/null || echo "") server_ip=$(pct exec "$SEL_ID" -- bash -c "getent hosts ${VPN_HOSTNAME} 2>/dev/null | awk '{print \$1}' | head -1" 2>/dev/null || echo "")
[[ -z "$server_ip" ]] && server_ip=$(pct exec "$SEL_ID" -- bash -c "nslookup ${VPN_HOSTNAME} 2>/dev/null | awk '/Address:/ && !/#/{print \$2}' | head -1" 2>/dev/null || echo "") [[ -z "$server_ip" ]] && server_ip=$(pct exec "$SEL_ID" -- bash -c "nslookup ${VPN_HOSTNAME} 2>/dev/null | awk '/Address:/ && !/#/{print \$2}' | head -1" 2>/dev/null || echo "")
[[ -z "$server_ip" ]] && error "IP für ${VPN_HOSTNAME} nicht auflösbar!"
info "DNS: ${VPN_HOSTNAME}${server_ip}" # IP anzeigen und Korrektur ermöglichen
# Bei Dedicated-IP weicht DNS oft von der echten NordVPN-IP ab
if [[ -n "$server_ip" ]]; then
echo -e " ${YELLOW}DNS hat aufgelöst: ${CYAN}${VPN_HOSTNAME}${server_ip}${NC}"
else
echo -e " ${YELLOW}DNS-Auflösung fehlgeschlagen.${NC}"
fi
echo -e " ${YELLOW}Die korrekte IP findest du in deinem NordVPN-Account unter Dedicated IP.${NC}"
ask "IP-Adresse für ${VPN_HOSTNAME}" "${server_ip}"
server_ip="$REPLY"
[[ -z "$server_ip" ]] && error "Keine IP angegeben!"
info "Verwende IP: ${VPN_HOSTNAME}${server_ip}"
# Prüfen ob Image bereits existiert (kein Rebuild nötig) # Prüfen ob Image bereits existiert (kein Rebuild nötig)
local img_exists local img_exists
@@ -458,67 +469,59 @@ PYEOF"
${CYAN}[INFO]${NC} ${proto^^} ${elapsed}s..." ${CYAN}[INFO]${NC} ${proto^^} ${elapsed}s..."
local log_snippet local log_snippet
log_snippet=$(pct exec "$SEL_ID" -- bash -c "docker logs gluetun 2>&1 | tail -60" 2>/dev/null || echo "") log_snippet=$(pct exec "$SEL_ID" -- bash -c "docker logs gluetun 2>&1 | tail -80" 2>/dev/null || echo "")
# Auth-Fehler → sofort abbrechen, kein Retry # Jeden 3. Zyklus (15s) relevante Log-Zeilen anzeigen
if echo "$log_snippet" | grep -qi "AUTH_FAILED\|auth.*fail\|wrong.*password\|incorrect.*password"; then if (( tries % 3 == 0 )); then
local recent_lines
recent_lines=$(echo "$log_snippet" | grep -E "INFO|WARN|ERROR|openvpn|vpn|connecting|connected|TLS|auth|SIGTERM" | tail -4)
if [[ -n "$recent_lines" ]]; then
echo
while IFS= read -r line; do
echo -e " ${YELLOW}${NC} $line"
done <<< "$recent_lines"
fi
fi
# Authentifizierungsfehler → sofort abbrechen
if echo "$log_snippet" | grep -qi "AUTH_FAILED\|auth.*fail\|wrong.*password\|incorrect.*password\|authentication failed"; then
echo echo
echo -e " echo -e "
${RED}✗ Authentifizierung fehlgeschlagen!${NC}" ${RED}✗ Authentifizierung fehlgeschlagen!${NC}"
echo -e " ${YELLOW}Service-Credentials prüfen:${NC}" echo -e " ${YELLOW}Falsche NordVPN Service-Credentials.${NC}"
echo -e " ${CYAN}https://my.nordaccount.com → NordVPN → Set up NordVPN manually${NC}" echo -e " ${CYAN}https://my.nordaccount.com → NordVPN → Set up NordVPN manually${NC}"
pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose down 2>/dev/null || true" pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose down 2>/dev/null || true"
if confirm "Neue Credentials eingeben?"; then if confirm "Neue Credentials eingeben?"; then
collect_vpn_config collect_vpn_config; write_vpn_config; start_and_verify; return
write_vpn_config
start_and_verify
return
else else
error "Abgebrochen." error "Abgebrochen."
fi fi
fi fi
# Hostname ungültig → gültige Server aus Log parsen und zur Auswahl anbieten # Hostname ungültig (nur bei normalem Gluetun, nicht bei custom build)
if echo "$log_snippet" | grep -qi "hostname.*not valid\|not one of the possible choices"; then if echo "$log_snippet" | grep -qi "hostname.*not valid\|not one of the possible choices"; then
echo echo
echo -e " ${RED}✗ Ungültiger Hostname: ${VPN_HOSTNAME}${NC}" echo -e " ${RED}✗ Ungültiger Hostname: ${VPN_HOSTNAME}${NC}"
echo -e " ${YELLOW}Nicht in Gluetuns Server-Datenbank. Bitte einen der folgenden wählen:${NC}
"
# Mehr Log holen die Server-Liste ist sehr lang
local full_log valid_servers local full_log valid_servers
full_log=$(pct exec "$SEL_ID" -- bash -c "docker logs gluetun 2>&1" 2>/dev/null || echo "") full_log=$(pct exec "$SEL_ID" -- bash -c "docker logs gluetun 2>&1" 2>/dev/null || echo "")
# Nur deutsche Server aus der Liste filtern (de*)
valid_servers=$(echo "$full_log" | grep -oP 'de[0-9]+\.nordvpn\.com' | sort -uV | head -20) valid_servers=$(echo "$full_log" | grep -oP 'de[0-9]+\.nordvpn\.com' | sort -uV | head -20)
# Falls keine deutschen → alle zeigen
[[ -z "$valid_servers" ]] && valid_servers=$(echo "$full_log" | grep -oP '[a-z]{2}[0-9]+\.nordvpn\.com' | sort -u | head -20) [[ -z "$valid_servers" ]] && valid_servers=$(echo "$full_log" | grep -oP '[a-z]{2}[0-9]+\.nordvpn\.com' | sort -u | head -20)
if [[ -n "$valid_servers" ]]; then if [[ -n "$valid_servers" ]]; then
local i=1 local i=1
while IFS= read -r srv; do while IFS= read -r srv; do
printf " ${CYAN}%2s)${NC} %s printf " ${CYAN}%2s)${NC} %s
" "$i" "$srv" " "$i" "$srv"; i=$((i+1))
i=$((i+1))
done <<< "$valid_servers" done <<< "$valid_servers"
echo echo
echo -ne "${YELLOW}${NC}Nummer wählen oder Hostname direkt eingeben: " echo -ne "${YELLOW}${NC}Nummer wählen oder Hostname eingeben: "
read -r sel read -r sel
if [[ "$sel" =~ ^[0-9]+$ ]]; then [[ "$sel" =~ ^[0-9]+$ ]] && VPN_HOSTNAME=$(echo "$valid_servers" | sed -n "${sel}p") || VPN_HOSTNAME="$sel"
VPN_HOSTNAME=$(echo "$valid_servers" | sed -n "${sel}p")
elif [[ -n "$sel" ]]; then
VPN_HOSTNAME="$sel"
fi
if [[ -n "$VPN_HOSTNAME" ]]; then if [[ -n "$VPN_HOSTNAME" ]]; then
info "Neuer Hostname: $VPN_HOSTNAME schreibe Config neu..."
pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose down 2>/dev/null || true" pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose down 2>/dev/null || true"
write_vpn_config write_vpn_config; tries=0; tls_error=false
tries=0; tls_error=false
pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose up -d 2>&1" || true pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose up -d 2>&1" || true
continue continue
fi fi
else
echo -e " ${YELLOW}Keine Server im Log gefunden. Modus 1 (Serverland) empfohlen.${NC}"
fi fi
pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose down 2>/dev/null || true" pct exec "$SEL_ID" -- bash -c "cd ${FT_DIR} && docker compose down 2>/dev/null || true"
error "Abgebrochen." error "Abgebrochen."
@@ -526,14 +529,12 @@ PYEOF"
# TLS-Fehler → nächstes Protokoll versuchen # TLS-Fehler → nächstes Protokoll versuchen
if echo "$log_snippet" | grep -q "TLS Error\|TLS key negotiation"; then if echo "$log_snippet" | grep -q "TLS Error\|TLS key negotiation"; then
tls_error=true tls_error=true; break
break
fi fi
# Verbunden? # Verbunden?
if pct exec "$SEL_ID" -- bash -c "docker exec gluetun wget -qO- https://ipinfo.io/ip 2>/dev/null" &>/dev/null; then if pct exec "$SEL_ID" -- bash -c "docker exec gluetun wget -qO- https://ipinfo.io/ip 2>/dev/null" &>/dev/null; then
vpn_ok=true vpn_ok=true; break
break
fi fi
done done
echo echo