orb.yml

version: 2.1
description: OpenVPN client Orb

executors:
  default:
    description: |
      "Tested only on the CircleCI machine executor, but should work
      on most debian/ubuntu based images as well"
    machine: true

commands:
  install:
    description: "Install OpenVPN client"
    steps:
      - run:
          name: Install OpenVPN
          command: |
            # There seems to be a bug with the openvpn aptrepo sources
            sudo apt-get update # for apt-get to recognise openvpn
            sudo apt-get remove openvpn # remove ubuntu aptrepo source
            sudo apt-get update
            sudo apt-get install openvpn -y
  connect:
    description: "Connect to OpenVPN"
    parameters:
      config:
        description: |
          "ENV var name containing OpenVPN client .ovpn config file content base64 encoded"
        type: env_var_name
        default: VPN_CONFIG
      login:
        description: |
          "ENV var name containing OpenVPN newline separated username and password base64 encoded"
        type: env_var_name
        default: VPN_LOGIN
    steps:
      - run:
          name: Init VPN
          command: |
            echo ${<<parameters.config>>:?} | base64 --decode >> config.ovpn
            echo ${<<parameters.login>>:?} | base64 --decode >> vpn.login
      - run:
          name: Connect to VPN
          command: |
            wget -qO- http://checkip.amazonaws.com | tee initial.ip
            sudo openvpn --config config.ovpn --auth-user-pass vpn.login > openvpn.log 2>&1 &
            while [ -n "$(ip addr show tun0 2>&1 > /dev/null)" ]; do
              sleep 0.1;
            done
            cat openvpn.log
            wget -qO- http://checkip.amazonaws.com | tee final.ip
            if [ "$(cat initial.ip)" == "$(cat final.ip)" ]
            then
              echo "This computer's apparent public IP address was not different after connecting"
              echo "This may mean that your VPN is not configured correctly."
              exit 1
            fi
  disconnect:
    description: "Disconnect from OpenVPN"
    steps:
      - run:
          name: Disconnect from VPN
          command: sudo killall openvpn || true
      - run:
          name: remove OpenVPN config
          command: sudo rm config.ovpn

example:
  secure-ping:
    description: "Establish VPN connection and execute a command within it"
    usage:
      version: 2.1
      orbs:
        vpn: titel-media/openvpn@0.0.1
      jobs:
        ping:
          executor: vpn/default
          steps:
            - vpn/install
            - vpn/connect
            - run: ping -c 5 192.0.2.1
            - vpn/disconnect