Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature request: run a script on interface up/down #1785

Closed
Diaoul opened this issue Aug 5, 2023 · 8 comments
Closed

Feature request: run a script on interface up/down #1785

Diaoul opened this issue Aug 5, 2023 · 8 comments

Comments

@Diaoul
Copy link

Diaoul commented Aug 5, 2023

What's the feature 🧐

Run a shell script when interface is up (or down)

Extra information and references

It can be useful to set a dynamic ip in a whitelist somewhere (like here)

@Diaoul Diaoul changed the title Feature request: Feature request: run a script on interface up/down Aug 5, 2023
@joshhoughton
Copy link

Agreed, this would be extremely useful!

@sudopseudocode
Copy link

+1, would love to have this as an option.

Does anyone have a work around for this scenario?

@sudopseudocode
Copy link

sudopseudocode commented Feb 14, 2024

Looks like this is currently only possible with a custom openvpn configuration file, set via the OPENVPN_CUSTOM_CONFIG environment variable (which is only used when VPN_SERVICE_PROVIDER is set to "custom"). If we did have the ability to pass additional options to openvpn, it would be as simple as adding something like this:

script-security 2
up /gluetun/tun_up.sh

(And just to be super clear) an example docker-compose.yml would be expected to include the following:

environment:
    VPN_SERVICE_PROVIDER=custom
    OPENVPN_CUSTOM_CONFIG=/gluetun/custom.conf
volumes:
    - /path/to/tun_up.sh:/gluetun/tun_up.sh
    - /path/to/custom.conf:/gluetun/custom.conf

Since this only works with the custom provider set, I believe the specific feature request here would be to allow for supported (non-custom) providers to pass additional openvpn options. Perhaps this could be achieved via environment variables like VPN_OPTIONS in the binhex/arch-delugevpn image, just to provide an example.

I understand this probably adds a lot of complexity and many of these additional options may be overwritten or cause an otherwise invalid configuration. At the very least, it would be awesome to expose just the up/down options for openvpn.

Idea for a temporary, hacky workaround:

Maybe this is dumb, but I'm thinking a temporary workaround could be to mount a shell script (to our liking), and configure this to be run on a cron every hour (or whatever interval makes sense).

If we take the OP's linked example, that endpoint does a rolling window rate limit of 1 call per hour. The shell script can be a "polite" by only making calls when deemed necessary, by checking if the public IP address has since changed.

Example:

#!/bin/bash

# File to store the last known public IP address
ip_file="/tmp/public_ip.txt"

# Command to fetch the current public IP address
current_ip=$(curl -s ifconfig.me/ip)

# Check if the IP has changed
if [ ! -f "$ip_file" ] || [ "$(cat "$ip_file")" != "$current_ip" ]; then
    echo "$current_ip" > "$ip_file"
    # Run your curl command here
    curl -X POST https://example.com/update_ip --data "ip=$current_ip"
fi

@mtfurlan
Copy link

mtfurlan commented May 9, 2024

For wireguard, we just need to set PostUp/PostDown in the config.

Given that the both openvpn and wireguard have support for this, I think a reasonable interface would be something along the lines of

environment:
    POST_INTERFACE_UP_SCRIPT=/gluetun/tun_up.sh
volumes:
    - /path/to/tun_up.sh:/gluetun/tun_up.sh

@qdm12
Copy link
Owner

qdm12 commented Aug 9, 2024

Prioritizing this since it's kind of long overdued. Also it will be as a command to be cross-OS instead of a script path (but you could do /bin/sh -c "my shell commands" if you want.

This is also kind of needed to make sense of newly opened PR #2392 (more details why #2393 (reply in thread))

@qdm12
Copy link
Owner

qdm12 commented Nov 10, 2024

Up command is finally available: https://github.com/qdm12/gluetun-wiki/blob/main/setup/advanced/vpn-port-forwarding.md#custom-port-forwarding-updown-command
Working on the down command right now

@qdm12
Copy link
Owner

qdm12 commented Nov 10, 2024

Enjoy! 🎉

@qdm12 qdm12 closed this as completed Nov 10, 2024
Copy link
Contributor

Closed issues are NOT monitored, so commenting here is likely to be not seen.
If you think this is still unresolved and have more information to bring, please create another issue.

This is an automated comment setup because @qdm12 is the sole maintainer of this project
which became too popular to monitor issues closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants