diff --git a/Dockerfile b/Dockerfile index 54f1b168..0d19f790 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,8 +6,8 @@ LABEL maintainer="quentin.mcgaw@gmail.com" \ ram="11.89MB" \ cpu_usage="Low to medium" \ github="https://github.com/qdm12/private-internet-access-docker" -RUN apk add -q --progress --no-cache --update openvpn unbound && \ - apk add -q --progress --no-cache --update --virtual=build-dependencies ca-certificates wget unzip && \ +RUN apk add -q --progress --no-cache --update openvpn unbound ca-certificates wget && \ + apk add -q --progress --no-cache --update --virtual=build-dependencies unzip && \ mkdir /openvpn-udp-normal /openvpn-udp-strong /openvpn-tcp-normal /openvpn-tcp-strong && \ wget -q https://www.privateinternetaccess.com/openvpn/openvpn.zip \ https://www.privateinternetaccess.com/openvpn/openvpn-strong.zip \ @@ -20,6 +20,7 @@ RUN apk add -q --progress --no-cache --update openvpn unbound && \ apk del -q --progress --purge build-dependencies && \ rm -rf /*.zip /etc/unbound/unbound.conf /var/cache/apk/* COPY unbound.conf /etc/unbound/unbound.conf +HEALTHCHECK --interval=10m --timeout=3s --start-period=5s --retries=1 CMD [ $(wget -qO- -T 2 https://api.ipify.org) != "$INITIALIP" ] || exit 1 ENV ENCRYPTION=strong \ PROTOCOL=tcp \ REGION=Switzerland diff --git a/README.md b/README.md index 5f95147a..1a89142e 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,7 @@ It is based on: - [Alpine 3.7](https://alpinelinux.org) - [OpenVPN 2.4.5-r1](https://pkgs.alpinelinux.org/package/edge/main/ppc64le/openvpn) - [Unbound 1.7.0-r2](https://pkgs.alpinelinux.org/package/edge/main/aarch64/unbound) +- wget and ca-certificates for the healthcheck It requires: - A Private Internet Access **username** and **password** - [Sign up](https://www.privateinternetaccess.com/pages/buy-vpn/) @@ -107,6 +108,11 @@ Cloudflare **DNS 1.1.1.1 over TLS** is used to connect to any PIA server for mul ## Testing +1. Note that you can simply use the HEALTCHECK provided. The container will stop by itself +if the VPN IP is the same as your initial public IP address. + +Otherwise you can follow these instructions: + 1. Check your host IP address with: ```bash diff --git a/entrypoint.sh b/entrypoint.sh index c496b7b7..9e86e5df 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,6 +1,8 @@ #!/bin/sh -printf "Changing DNS to localhost..." +printf "\nDetecting current public IP address..." +export INITIALIP=$(wget -qO- -T 2 https://api.ipify.org) +printf "$INITIALIP\nChanging DNS to localhost..." echo "nameserver 127.0.0.1" > /etc/resolv.conf echo "options ndots:0" >> /etc/resolv.conf printf "DONE\nStarting Unbound to connect to Cloudflare DNS 1.1.1.1 at its TLS endpoint TCP 853..."