generated from actions/container-action
-
Notifications
You must be signed in to change notification settings - Fork 2
/
action.yml
127 lines (117 loc) · 4.16 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: 'Connect OpenVPN'
description: 'A GitHub Action for connecting to an OpenVPN SSL server '
author: 'Raphael Büchi aka swissbuechi'
branding:
icon: lock
color: orange
inputs:
host:
description: 'DNS or IP of OpenVPN server'
required: true
username:
description: 'VPN username'
required: true
password:
description: 'VPN password'
required: true
logs:
description: 'Show VPN logs in console'
required: false
default: 'false'
dns-server:
description: 'DNS server to use over the VPN'
required: false
ovpn-config:
description: 'Path to .ovpn config'
required: false
default: '.github/vpn/config.ovpn'
test-ping-ip-host:
description: 'Host IP to ping for VPN connection test, DNS names not supported, use test-dns-host instead'
required: false
test-dns-host:
description: 'Hostname to resolve via VPN DNS server for VPN connection test'
required: false
port:
description: 'Port of OpenVPN server'
required: false
default: '443'
otp-hex:
description: 'OTP hex string'
required: false
otp-timezone:
description: 'Timezone for OTP'
required: false
ca:
description: 'VPN config CA'
required: false
cert:
description: 'VPN config Cert'
required: false
cert-key:
description: 'VPN config Cert Key'
required: false
outputs:
random-number:
description: "Random number"
value: ${{ steps.random-number-generator.outputs.random-number }}
runs:
using: "composite"
steps:
- name: Set Timezone
uses: szenius/[email protected]
with:
timezoneLinux: ${{ inputs.otp-timezone }}
if: inputs.otp-timezone != null
- name: Install OpenVPN
run: |
sudo apt update
sudo apt --assume-yes --no-install-recommends install openvpn oathtool resolvconf
shell: bash
- name: Setup VPN config
run: |
echo "${{ inputs.ca }}" > ca.crt
echo "${{ inputs.cert }}" > cert.crt
echo "${{ inputs.cert-key }}" > cert.key
echo "${{ inputs.username }}" > secret.txt
echo "${{ inputs.password }}" >> secret.txt
sed -i 's/AUTO_REPLACED_HOST/'"${{ inputs.host }}"'/g' ${{ inputs.ovpn-config }}
sed -i 's/AUTO_REPLACED_PORT/'"${{ inputs.port }}"'/g' ${{ inputs.ovpn-config }}
shell: bash
- name: Add VPN TOTP
if: inputs.otp-hex != null
run: |
OTP=$(oathtool --totp ${{ inputs.otp-hex }})
sed -i '$ s/$/'"$OTP"'/' secret.txt
shell: bash
- name: Connect VPN
run: sudo openvpn --config ${{ inputs.ovpn-config }} --auth-user-pass secret.txt --log "vpn.log" --daemon
shell: bash
- name: Update DNS server
if: (inputs.dns-server != null)
run: |
sudo chmod 777 /etc/resolvconf/resolv.conf.d/head
sudo echo "nameserver ${{ inputs.dns-server }}" >> /etc/resolvconf/resolv.conf.d/head
sudo resolvconf -u
shell: bash
- name: Wait for a VPN connection with default DNS test
if: (inputs.dns-server != null) && (inputs.test-ping-ip-host == null) && (inputs.test-dns-host == null)
run: counter=0; until [ $counter -ge 10 ]; do if dig @${{ inputs.dns-server }} ${{ inputs.dns-server }} A +time=1; then exit 0; fi; counter=$((counter+1)); sleep 2; done; exit 1
shell: bash
- name: Wait for a VPN connection with custom DNS test
if: (inputs.dns-server != null) && (inputs.test-dns-host != null)
run: counter=0; until [ $counter -ge 10 ]; do if dig @${{ inputs.dns-server }} ${{ inputs.test-dns-host }} A +time=1; then exit 0; fi; counter=$((counter+1)); sleep 2; done; exit 1
shell: bash
- name: Wait for a VPN connection with default test ping ip host
if: inputs.test-ping-ip-host != null
run: counter=0; until [ $counter -ge 10 ]; do if ping -c1 ${{ inputs.test-ping-ip-host }}; then exit 0; fi; counter=$((counter+1)); sleep 2; done; exit 1
shell: bash
- name: Show VPN log
uses: webiny/[email protected]
if: always() && (inputs.logs == true)
with:
run: sudo cat vpn.log
- name: Kill VPN connection
uses: webiny/[email protected]
if: always()
with:
run: sudo killall openvpn