Merge branch 'add-dnsmasq' into 'master'

Add dsnmasq in the container See merge request ix.ai/openvpn!20
ix-ai · Sep 8, 2020 · 482236e · 482236e
2 parents f27a365 + 256dacd
commit 482236e
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 15 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -8,6 +8,7 @@ LABEL maintainer="[email protected]" \
 RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \
     apk --no-cache upgrade && \
     apk add --no-cache --update openvpn \
+                                dnsmasq \
                                 iptables \
                                 bash \
                                 easy-rsa \

diff --git a/bin/ovpn_genconfig b/bin/ovpn_genconfig
@@ -14,20 +14,20 @@ set -eu
 _showed_traceback=f
 
 traceback() {
-	# Hide the traceback() call.
-	local -i start=$(( ${1:-0} + 1 ))
-	local -i end=${#BASH_SOURCE[@]}
-	local -i i=0
-	local -i j=0
-
-	echo "Traceback (last called is first):" 1>&2
-	for ((i=${start}; i < ${end}; i++)); do
-		j=$(( $i - 1 ))
-		local function="${FUNCNAME[$i]}"
-		local file="${BASH_SOURCE[$i]}"
-		local line="${BASH_LINENO[$j]}"
-		echo "     ${function}() in ${file}:${line}" 1>&2
-	done
+  # Hide the traceback() call.
+  local -i start=$(( ${1:-0} + 1 ))
+  local -i end=${#BASH_SOURCE[@]}
+  local -i i=0
+  local -i j=0
+
+  echo "Traceback (last called is first):" 1>&2
+  for ((i=${start}; i < ${end}; i++)); do
+    j=$(( $i - 1 ))
+    local function="${FUNCNAME[$i]}"
+    local file="${BASH_SOURCE[$i]}"
+    local line="${BASH_LINENO[$j]}"
+    echo "     ${function}() in ${file}:${line}" 1>&2
+  done
 }
 
 on_error() {
@@ -101,6 +101,7 @@ usage() {
     echo " -k    Set keepalive. Default: '10 60'"
     echo " -m    Set client MTU"
     echo " -N    Configure NAT to access external server network"
+    echo " -Q    Enable DNSMASQ server"
     echo " -t    Use TAP device (instead of TUN device)"
     echo " -T    Encrypt packets with the given cipher algorithm instead of the default one (tls-cipher)."
     echo " -z    Enable comp-lzo compression."
@@ -160,6 +161,7 @@ OVPN_DEVICEN=0
 OVPN_DISABLE_PUSH_BLOCK_DNS=0
 OVPN_DNS=1
 OVPN_DNS_SERVERS=()
+OVPN_DNSMASQ=0
 OVPN_ENV=${OPENVPN}/ovpn_env.sh
 OVPN_EXTRA_CLIENT_CONFIG=()
 OVPN_EXTRA_SERVER_CONFIG=()
@@ -179,7 +181,7 @@ OVPN_TLS_CIPHER=''
 [ -r "$OVPN_ENV" ] && source "$OVPN_ENV"
 
 # Parse arguments
-while getopts ":a:e:E:C:T:r:s:du:bcp:n:k:DNm:f:tz2" opt; do
+while getopts ":a:e:E:C:T:r:s:du:bcp:n:k:DNm:f:tQz2" opt; do
     case $opt in
         a)
             OVPN_AUTH="$OPTARG"
@@ -251,6 +253,9 @@ while getopts ":a:e:E:C:T:r:s:du:bcp:n:k:DNm:f:tz2" opt; do
         t)
             OVPN_DEVICE="tap"
             ;;
+        Q)
+            OVPN_DNSMASQ=1
+            ;;
         z)
             OVPN_COMP_LZO=1
             ;;

diff --git a/bin/ovpn_run b/bin/ovpn_run
@@ -61,6 +61,18 @@ function setupIptablesAndRoutingPerDevice {
     done
 }
 
+# starts dnsmasq
+function startDnsmasq() {
+  dnsmasq \
+    --no-hosts \
+    --localise-queries \
+    --no-poll \
+    --cache-size=0 \
+    --no-negcache \
+    --log-facility /dnsmasq.log
+  tail -F /dnsmasq.log &
+}
+
 addArg "--config" "$OPENVPN/openvpn.conf"
 
 source "$OPENVPN/ovpn_env.sh"
@@ -107,5 +119,9 @@ if [ $? = 0 ]; then
     sysctl -w net.ipv6.conf.all.forwarding=1 || echo "Failed to enable IPv6 Forwarding"
 fi
 
+if [ "${OVPN_DNSMASQ}" == "1" ]; then
+  startDnsmasq
+fi
+
 echo "Running 'openvpn ${ARGS[@]} ${USER_ARGS[@]}'"
 exec openvpn ${ARGS[@]} ${USER_ARGS[@]}