Intro

Creates proxy servers for locations listed by a VPN provider, e.g. ExpressVPN, Surfshark, etc. Each (OpenVPN) location translates into a seperate docker container. The OpenVPN to Proxy conversion is provided by haugene/docker-transmission-openvpn.

Features

• Deletes transmission-ovpn containers which have status=created and are non functional
• Iterates over ports, until a free one is found to run a proxy container on in batch mode
• Supports many vpn providers, see the full list at vpn-configs-contrib.
• Configurable docker run --restart argument

Setup

• Copy spawn.sh from this repo to destination machine (linux)
• Retrieve the username & password, which are usually not the vpn login credentials, but special ones created by the provider, shown when choosing manual setup e.g.
  • ExpressVPN
  • Surfshark
• If only one location should be translated into a proxy server
  • Head over to vpn-configs-contrib
  • Find the folder of the vpn provider used
  • Copy the name of the server needed
  • Skip to the Usage part
• If many proxies need to be created at once, create a file called ovpn_list in the same directory as the script
  • Copy each needed location's name into the ovpn_list
• Ideally install dos2unix (makes sure windows newlines don't break anything)

  apt update && apt install dos2unix
  

Usage

Notes

• The .ovpn file to use is not provided as file, but as a name (string). The Transmission-service fetches the corresponding file and handles the rest
• The vpn providers supported are listed at vpn-configs-contrib
• The script parameters for spawn.sh below must be entered in the same order as listed
• When creating a proxy, the .ovpn can be added also, it will be removed by the script anyway
• Batch craeting with restart argument on-failure:5 is recommended, as non-functional vpn's won't constantly try to restart but stay stopped
• If the proxy container needs to be used by another container X:
  • Shell into container X with docker exec -it <container_name_or_id> /bin/sh
  • Get the gateway address with ifconfig, in my case 172.17.0.0
  • Add 172.17.0.0/24 to the network parameter of the shell script, e.g. sudo ./spawn.sh ... 172.17.0.0/24,192.168.0.0/24
  • Shell back into container X with docker exec -it <container_name_or_id> /bin/sh
  • Try to reach the docker host from within container X using ping -c 4 host.docker.internal
    • If it says ping: bad address 'host.docker.internal', add this to container X's run command: --add-host=host.docker.internal:host-gateway and resart it
    • If it (now) says e.g. PING host.docker.internal (172.17.0.1): 56 data bytes, the host and other containers can now be reached from inside of container X
    • Use host.docker.internal as the hostname and the proxy containers port to use the proxy

Script parameters

• vpn_location: The desired line chosen from the ovpn_list
• vpn_provider: The company of the service used (Internal or External), full list here
• starting_port: The port on which the proxy should serve in single mode, and where it should start iterating in batch mode (see Features)
• vpn_username: The expressvpn username which you kept handy (see setup above)
• vpn_password: The corresponding password
• container_restart: The docker run restart behaviour like always, unless-stopped, etc, see documentation
• network_cidr: The host network's range, e.g. 192.168.0.0/24 & optionally the docker gateway address, e.g. 172.17.0.0/24, see notes above

Single proxy creation

sudo ./spawn.sh \
    <vpn_location> \
    <vpn_provider> \
    <starting_port> \
    <vpn_username> \
    <vpn_password> \
    <container_restart> \
    <network_cidr>

Example:

Create a proxy server, which connects to "Hong Kong - 2" and be available on port 8900:

sudo ./spawn.sh \
    my_expressvpn_hong_kong_-_2_udp.ovpn \
    EXPRESSVPN \
    8900 \
    y7v1wwy6wg5vh8s9jfn2sj3c \
    ixay8f10fdljm31zks09x287 \
    always \
    192.168.0.0/24

Multi proxy creation (batch)

sudo ./spawn.sh \
    list \
    <vpn_provider> \
    <starting_port> \
    <vpn_username> \
    <vpn_password> \
    <container_restart> \
    <network_cidr>

Example:

If ovpn_list file contains

jp-tok-st014.prod.surfshark.com_udp.ovpn
ua-iev.prod.surfshark.com_udp.ovpn
us-nyc.prod.surfshark.com

Then the following would create 3 proxy servers, one for each location. First (Japan) would listen on port 8900, Second (Ukraine) on port 8901, etc.

sudo ./spawn.sh \
    list \
    SURFSHARK \
    8900 \
    someone@something.com \
    8x5o60nz22gll9o8qsf63to2 \
    on-failure:5 \
    192.168.0.0/24

• The network-cidr param would be 172.17.0.0/24,192.168.0.0/24, if the container needs to be used as a proxy by other containers, see notes section above
• If you get an auth error, make sure to copy the credentials from the vpn provider, e.g. surfshark shows an email but copies an alphanumeric string

Useful docker commands

Stop all openvpn containers

docker ps -a --format "{{.Names}}" | grep "openvpn" | xargs -r -I {} docker stop {}

Stop and remove all openvpn containers

docker ps -a --format "{{.Names}}" | grep "openvpn" | xargs -r -I {} docker rm -f {}

Remove only stopped openvpn containers

docker ps -a --filter "status=exited" --format "{{.ID}} {{.Names}}" | grep openvpn | cut -d ' ' -f1 | xargs docker rm -f

Shell into the container (if only one is running)

docker exec -it $(docker ps -a --format '{{.Names}}' | grep 'openvpn' | head -n 1) /bin/sh

Show logs of the container (in only one is running)

docker logs $(docker ps -a --format '{{.Names}}' | grep 'openvpn' | head -n 1)