diff --git a/Dockerfile b/Dockerfile index 8ca8feeb..a8034216 100644 --- a/Dockerfile +++ b/Dockerfile @@ -89,7 +89,7 @@ ENV VPNSP=pia \ SHADOWSOCKS_METHOD=chacha20-ietf-poly1305 ENTRYPOINT /entrypoint EXPOSE 8000/tcp 8888/tcp 8388/tcp 8388/udp -HEALTHCHECK --interval=3m --timeout=3s --start-period=20s --retries=1 CMD /entrypoint healthcheck +HEALTHCHECK --interval=10m --timeout=10s --start-period=30s --retries=2 CMD /entrypoint healthcheck RUN apk add -q --progress --no-cache --update openvpn ca-certificates iptables ip6tables unbound tinyproxy tzdata && \ echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \ apk add -q --progress --no-cache --update shadowsocks-libev && \ diff --git a/internal/cli/cli.go b/internal/cli/cli.go index e6260fde..8469e627 100644 --- a/internal/cli/cli.go +++ b/internal/cli/cli.go @@ -2,23 +2,52 @@ package cli import ( "fmt" + "math/rand" + "net/http" "strings" "time" - "github.com/qdm12/golibs/network/connectivity" + "github.com/qdm12/golibs/files" + "github.com/qdm12/golibs/network" + "github.com/qdm12/private-internet-access-docker/internal/params" ) func HealthCheck() error { - // DNS, HTTP and HTTPs check on github.com - connectivity := connectivity.NewConnectivity(3 * time.Second) - errs := connectivity.Checks("github.com") - if len(errs) > 0 { - var errsStr []string - for _, err := range errs { - errsStr = append(errsStr, err.Error()) - } - return fmt.Errorf("Multiple errors: %s", strings.Join(errsStr, "; ")) + paramsReader := params.NewReader(nil) + ipStatusFilepath, err := paramsReader.GetIPStatusFilepath() + if err != nil { + return err + } + // Get VPN ip address written to file + fileManager := files.NewFileManager() + b, err := fileManager.ReadFile(string(ipStatusFilepath)) + if err != nil { + return err + } + vpnIP := string(b) + + // Get public IP address from one of the following urls + urls := []string{ + "http://ip1.dynupdate.no-ip.com:8245", + "http://ip1.dynupdate.no-ip.com", + "https://api.ipify.org", + "https://diagnostic.opendns.com/myip", + "https://domains.google.com/checkip", + "https://ifconfig.io/ip", + "https://ip4.ddnss.de/meineip.php", + "https://ipinfo.io/ip", + } + url := urls[rand.Intn(len(urls))] + client := network.NewClient(3 * time.Second) + content, status, err := client.GetContent(url, network.UseRandomUserAgent()) + if err != nil { + return err + } else if status != http.StatusOK { + return fmt.Errorf("Received unexpected status code %d from %s", status, url) + } + publicIP := strings.ReplaceAll(string(content), "\n", "") + if publicIP != vpnIP { + return fmt.Errorf("Public IP address %s does not match VPN ip address %s on file", publicIP, vpnIP) } - // TODO check IP address is in the right region return nil }