diff --git a/qbittorrent/rootfs/usr/local/sbin/vpn b/qbittorrent/rootfs/usr/local/sbin/vpn index b3ac0f7fd..a4ff5dc84 100644 --- a/qbittorrent/rootfs/usr/local/sbin/vpn +++ b/qbittorrent/rootfs/usr/local/sbin/vpn @@ -5,12 +5,11 @@ declare -A config config["MySelf"]="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/$(basename "${BASH_SOURCE[0]}")" -IFS=',' read -ra dns_servers <<< $(bashio::config 'DNS_server' | tr -d ' ') -config["DnsServers"]="${dns_servers[*]}" _parse_config() { local -n config_ref="$1" local config_file="$2" + local line while IFS= read -r line || [[ -n "$line" ]]; do # Skip comments and empty lines @@ -18,13 +17,32 @@ _parse_config() { # Extract key and value using regex (trim spaces) #if [[ "$line" =~ ^[[:space:]]*([^ =]+)[[:space:]]*=[[:space:]]*(.*)[[:space:]]* ]]; then if [[ "$line" =~ ^[[:space:]]*([^=[:space:]]+)[=[:space:]]+(.*)[[:space:]]* ]]; then - key="${BASH_REMATCH[1]}" - value="${BASH_REMATCH[2]}" + local key="${BASH_REMATCH[1]}" + local value="${BASH_REMATCH[2]}" config_ref["$key"]="$value" fi done < "$config_file" } +_parse_dns() { + local -a dns_servers=() + local dns_ip + + while IFS=',' read -r dns_ip; do + if _is_ip_address "${dns_ip}"; then + bashio::log.warning "Ignoring invalid DNS server address: ${dns_ip}" + continue + fi + dns_servers+=("${dns_ip}") + done <<< $(bashio::config 'DNS_server' | tr -d ' ') + + if [ ${#dns_servers[@]} -eq 0 ]; then + bashio::log.warning "No valid DNS servers configured. Using addon defaults." + dns_servers=("8.8.8.8" "1.1.1.1") + fi + config["DnsServers"]="${dns_servers[*]}" +} + _cmd() { cmd="$1" bashio::log.info "Executing command: ${cmd}" @@ -58,20 +76,30 @@ _resolvconf() { if ! bashio::fs.file_exists "${resolv_backup}"; then cp "${resolv_conf}" "${resolv_backup}" 2>/dev/null || true fi + bashio::log.warn "Overriding ${resolv_conf} with DNS servers: ${config["DnsServers"]}" + local valid_dns="false" { local dns_ip - echo "# Generated by addon VPN script" for dns_ip in ${config["DnsServers"]}; do _is_ip_address "${dns_ip}" local is_ip=$? - if [ "${is_ip}" -eq 0 ]; then + if [ "${is_ip}" -eq 1 ] && [ ${config["IPv4Enabled"]} = "true" ]; then + echo "nameserver ${dns_ip}" + valid_dns="true" + elif [ "${is_ip}" -eq 2 ] && [ "${config["IPv6Enabled"]}" = "true" ]; then + echo "nameserver ${dns_ip}" + valid_dns="true" + else bashio::log.warning "Ignoring invalid DNS server address: ${dns_ip}" continue - else - echo "nameserver ${dns_ip}" fi done } > "${resolv_conf}" + if [ "${valid_dns}" = "false" ]; then + bashio::exit.nok "No valid DNS servers could be written to ${resolv_conf}." + fi + else + bashio::exit.nok "Invalid resolvconf mode specified. Use 'update' or 'reset'." fi } @@ -101,15 +129,16 @@ _resolve_hostname() { _routing_add() { local local_ipv4=$(ip addr show ${config["Interface"]} | grep 'inet ' | awk '{print $2}' | cut -d'/' -f1) local local_ipv6=$(ip addr show ${config["Interface"]} | grep 'inet6 ' | awk '{print $2}' | cut -d'/' -f1) + local ipv4, ipv6 for ipv4 in ${local_ipv4}; do config["IPv4Enabled"]="true" _cmd "ip -4 route add default dev ${config["Interface"]} table ${config["Table"]}" || return 1 - _cmd "ip -4 rule add priority 1 from ${local_ip} table ${config["Table"]}" || return 1 + _cmd "ip -4 rule add priority 1 from ${ipv4} table ${config["Table"]}" || return 1 done for ipv6 in ${local_ipv6}; do config["IPv6Enabled"]="true" _cmd "ip -6 route add default dev ${config["Interface"]} table ${config["Table"]}" || return 1 - _cmd "ip -6 rule add priority 1 from ${local_ip} table ${config["Table"]}" || return 1 + _cmd "ip -6 rule add priority 1 from ${ipv6} table ${config["Table"]}" || return 1 done local dns_ip @@ -353,6 +382,7 @@ if [ $# -ne 2 ]; then bashio::log.error "Invalid number of arguments. Usage: vpn.sh " bashio::exit.nok 'VPN start failed.' fi +_parse_dns if [[ "$1" == "wireguard" ]]; then wireguard "$2" elif [[ "$1" == "openvpn" ]]; then