* Changed healthcheck to get and compare IP address * Change default healthcheck frequency and retries
This commit is contained in:
Quentin McGaw
@@ -89,7 +89,7 @@ ENV VPNSP=pia \
|
|||||||
SHADOWSOCKS_METHOD=chacha20-ietf-poly1305
|
SHADOWSOCKS_METHOD=chacha20-ietf-poly1305
|
||||||
ENTRYPOINT /entrypoint
|
ENTRYPOINT /entrypoint
|
||||||
EXPOSE 8000/tcp 8888/tcp 8388/tcp 8388/udp
|
EXPOSE 8000/tcp 8888/tcp 8388/tcp 8388/udp
|
||||||
HEALTHCHECK --interval=3m --timeout=3s --start-period=20s --retries=1 CMD /entrypoint healthcheck
|
HEALTHCHECK --interval=10m --timeout=10s --start-period=30s --retries=2 CMD /entrypoint healthcheck
|
||||||
RUN apk add -q --progress --no-cache --update openvpn ca-certificates iptables ip6tables unbound tinyproxy tzdata && \
|
RUN apk add -q --progress --no-cache --update openvpn ca-certificates iptables ip6tables unbound tinyproxy tzdata && \
|
||||||
echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \
|
echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories && \
|
||||||
apk add -q --progress --no-cache --update shadowsocks-libev && \
|
apk add -q --progress --no-cache --update shadowsocks-libev && \
|
||||||
|
|||||||
@@ -2,23 +2,52 @@ package cli
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"math/rand"
|
||||||
|
"net/http"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/qdm12/golibs/network/connectivity"
|
"github.com/qdm12/golibs/files"
|
||||||
|
"github.com/qdm12/golibs/network"
|
||||||
|
"github.com/qdm12/private-internet-access-docker/internal/params"
|
||||||
)
|
)
|
||||||
|
|
||||||
func HealthCheck() error {
|
func HealthCheck() error {
|
||||||
// DNS, HTTP and HTTPs check on github.com
|
paramsReader := params.NewReader(nil)
|
||||||
connectivity := connectivity.NewConnectivity(3 * time.Second)
|
ipStatusFilepath, err := paramsReader.GetIPStatusFilepath()
|
||||||
errs := connectivity.Checks("github.com")
|
if err != nil {
|
||||||
if len(errs) > 0 {
|
return err
|
||||||
var errsStr []string
|
|
||||||
for _, err := range errs {
|
|
||||||
errsStr = append(errsStr, err.Error())
|
|
||||||
}
|
}
|
||||||
return fmt.Errorf("Multiple errors: %s", strings.Join(errsStr, "; "))
|
// Get VPN ip address written to file
|
||||||
|
fileManager := files.NewFileManager()
|
||||||
|
b, err := fileManager.ReadFile(string(ipStatusFilepath))
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
vpnIP := string(b)
|
||||||
|
|
||||||
|
// Get public IP address from one of the following urls
|
||||||
|
urls := []string{
|
||||||
|
"http://ip1.dynupdate.no-ip.com:8245",
|
||||||
|
"http://ip1.dynupdate.no-ip.com",
|
||||||
|
"https://api.ipify.org",
|
||||||
|
"https://diagnostic.opendns.com/myip",
|
||||||
|
"https://domains.google.com/checkip",
|
||||||
|
"https://ifconfig.io/ip",
|
||||||
|
"https://ip4.ddnss.de/meineip.php",
|
||||||
|
"https://ipinfo.io/ip",
|
||||||
|
}
|
||||||
|
url := urls[rand.Intn(len(urls))]
|
||||||
|
client := network.NewClient(3 * time.Second)
|
||||||
|
content, status, err := client.GetContent(url, network.UseRandomUserAgent())
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
} else if status != http.StatusOK {
|
||||||
|
return fmt.Errorf("Received unexpected status code %d from %s", status, url)
|
||||||
|
}
|
||||||
|
publicIP := strings.ReplaceAll(string(content), "\n", "")
|
||||||
|
if publicIP != vpnIP {
|
||||||
|
return fmt.Errorf("Public IP address %s does not match VPN ip address %s on file", publicIP, vpnIP)
|
||||||
}
|
}
|
||||||
// TODO check IP address is in the right region
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user