Feature request : autostart at boot & killswitch

[tomaximum]

Hi, It would be very nice to be able to set autostart and a killswitch with a simple option. Thanks

[Rafficer]

autostart could be easily done with adding the command to /etc/rc.local or similar and I think even cron can do it. But I would advise against it until the --status command is implemented.

And there is a PR (#49) for a killswitch already, @mazen160 also commented on there that he will build that feature based on @ohdearaugustin's work. So I would say both is coming :)

[mazen160]

Yeah! :)

Both will be added soon. The killswitch and -status command are sooner. Then autoboot would take some time to have at generic as possible.

I would use /etc/rc.local for auto-boot for now, but it should be done in another way in the future.

[cwmke]

For anyone with systemd, I've setup a bare bones systemd unit file which autostarts ProtonVPN at boot with the fastest connection. You run pvpn --init as root before starting it but after that it works well.

[Unit]
Description=ProtonVPN
After=syslog.target network-online.target
Wants=network-online.target

[Service]
Type=forking
ExecStart=/usr/bin/pvpn -f
ExecStop=/usr/bin/pvpn -d
ExecReload=/usr/bin/pvpn -f

[Install]
WantedBy=multi-user.target

[mazen160]

This is another point we should have in mind when implementing the killswitch feature

https://github.com/ProtonVPN/protonvpn-cli/issues/68

[markfaine]

Yes, I'm going to need to use the regular NetworkManager VPN configuration for now. This is nice but it is missing crucial features as you've addressed. It needs to auto-reconnect on disconnect with killswitch, and there needs to be some way to see at a glance that your VPN is still connected as I can when I'm using NetworkManager.

[sojusnik]

The killswitch beta was released recently!

[gettoknowu2]

I'm running ProtonVPN-cli on Debian Stretch. Since rc.local is not available as default I managed to let cron do the job. Can anyone review this code?

I wrote these view lines and saved them as pvpn.sh.

#!/usr/bin/env bash

# First check status. Report status in log file (please define log file location). 
sudo /usr/local/bin/protonvpn-cli --status >> [FILE LOCATION]/[FILE NAME].log 2>&1

# Now connect to fastest server available and report status.
sudo /usr/local/bin/protonvpn-cli -f >> [FILE LOCATION]/[FILE NAME].log 2>&1

# Recheck status and report. 
sudo /usr/local/bin/protonvpn-cli --status >> [FILE LOCATION]/[FILE NAME].log 2>&1

Then I added a command line to crontab using:

sudo crontab -e

Line of code pasted at the end of the document:

@reboot [EXACT FILE LOCATION]/pvpn.sh

Works lovely!

[jgsch]

I add @reboot sudo pvpn -f to crontab using sudo crontab -e

But after the startup, I have (with sudo pvpn -status):

[OpenVPN Status]: Not Running
[ProtonVPN Status]: Running
[Internet Status]: Online

and if I check with ipleak, I'm not protect. A idea of what to do?

[alexandre1985]

I add @reboot sudo pvpn -f to crontab using sudo crontab -e

But after the startup, I have (with sudo pvpn -status):

[OpenVPN Status]: Not Running
[ProtonVPN Status]: Running
[Internet Status]: Online

and if I check with ipleak, I'm not protect. A idea of what to do?

@jGsch you have to do sudo crontab -e and put this text in the begining of the file:

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

Then, you can't run sudo inside a crontab file if your sudo is asking for a password. So, since you configured the root cron, you can simply put @reboot pvpn -f (without the sudo) on the crontab.

[xilopaint]

@mazen160, any news on autoboot and killswitch features?

[mazen160]

Hi @xilopaint The killswitch is assigned to another team. I will be following up regarding it.

The autoboot picture is not fully clear on the roadmap, but I will definitely keep you posted regarding updates

[jgsch]

@jGsch you have to do sudo crontab -e and put this text in the begining of the file:

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

Then, you can't run sudo inside a crontab file if your sudo is asking for a password. So, since you configured the root cron, you can simply put @reboot pvpn -f (without the sudo) on the crontab.

Thanks for the response!! But it still doesn't working...

I'm adding this line (with your corrections) to see what's going on: @reboot pvpn -f >> /home/ooo/protonmail_autostart.out

the output is: [!] Error: There is an internet connection issue.

Ok, it is maybe because internet wasn't launched at this moment. So I add: @reboot sleep 10 && pvpn -f >> /home/ooo/protonmail_autostart.out

and the output is:

Fetching ProtonVPN servers...
Connecting...
[!] Error connecting to VPN.

Some ideas?

[alexandre1985]

Yes, I'll help. Do you want protonvpn to autostart on all of your users, or just in one or some of the users?

Enviado via ProtonMail móvel

-------- Mensagem Original -------- Ativo 12/11/2018, 05:48, jGsch escreveu:

I add @reboot sudo pvpn -f to crontab using sudo crontab -e But after the startup, I have (with sudo pvpn -status):

[OpenVPN Status]: Not Running

and if I check with ipleak, I'm not protect. A idea of what to do?

@jGsch you have to do sudo crontab -e and put this text in the begining of the file:

SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

Then, you can't run sudo inside a crontab file if your sudo is asking for a password. So, since you configured the root cron, you can simply put @reboot pvpn -f (without the sudo) on the crontab.

Thanks for the response !! But it still doesn't working...

I'm adding this line to see what's going on: @reboot pvpn -f >> /home/ooo/protonmail_autostart.out

the output is: [!] Error: There is an internet connection issue.

Ok, it is maybe because internet wasn't launched at this moment. So I add: @reboot sleep 10 && pvpn -f >> /home/ooo/protonmail_autostart.out

and the output is:

Fetching ProtonVPN servers... Connecting... [!] Error connecting to VPN.

Some ideas ?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

[alexandre1985]

And question number 2, can you start pvpn successfully on the command line?

[jgsch]

Yes, I'll help. Do you want protonvpn to autostart on all of your users, or just in one or some of the users?

For all users, it's perfect!

And question number 2, can you start pvpn successfully on the command line?

Yes, after the startup, I run sudo pvpn -f on the terminal and it's work perfectly.

Again, thanks for your help!

[alexandre1985]

Do this and put this file in your systemd service folder named as protonvpn.service. Then you just have to systemctl enable protonvpn to make the service run at boot. To run the service now you have to do systemctl start protonvpn

[jgsch]

Do this and put this file in your systemd service folder named as protonvpn.service. Then you just have to systemctl enable protonvpn to make the service run at boot. To run the service now you have to do systemctl start protonvpn

Decidedly...

What I have done:

sudo pvpn --init

sudo systemctl edit --force --full protonvpn.service

systemctl enable protonvpn

systemctl start protonvpn

And this give me: Job for protonvpn.service failed because the control "process" exited with error code. See "systemctl status protonvpn.service" and "journalctl -xe" for details.

And systemctl status protonvpn.service give me:

● protonvpn.service - ProtonVPN
   Loaded: loaded (/etc/systemd/system/protonvpn.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Mon 2018-11-12 14:04:08 PST; 19s ago
  Process: 1274 ExecStart=/usr/bin/pvpn -f (code=exited, status=1/FAILURE)

nov. 12 14:03:43 xx pvpn[1274]: Traceback (most recent call last):
nov. 12 14:03:43 xx pvpn[1274]:   File "<stdin>", line 9645, in <module>
nov. 12 14:03:43 xx pvpn[1274]:   File "/usr/lib/python2.7/random.py", line 277, in choice
nov. 12 14:03:43 xx pvpn[1274]:     return seq[int(self.random() * len(seq))]  # raises IndexError if seq is empty
nov. 12 14:03:43 xx pvpn[1274]: IndexError: list index out of range
nov. 12 14:03:45 xx pvpn[1274]: Connecting...
nov. 12 14:04:07 xx pvpn[1274]: [!] Error connecting to VPN.
nov. 12 14:04:08 xx systemd[1]: protonvpn.service: Control process exited, code=exited status=1
nov. 12 14:04:08 xx systemd[1]: protonvpn.service: Failed with result 'exit-code'.
nov. 12 14:04:08 xx systemd[1]: Failed to start ProtonVPN.

I have tried to update protonvpn but no changes.

[alexandre1985]

I have no idea what your problem is. In my system it works

-------- Mensagem Original -------- Ativo 12/11/2018, 22:13, jGsch escreveu:

Do this and put this file in your systemd service folder named as protonvpn.service. Then you just have to systemctl enable protonvpn to make the service run at boot. To run the service now you have to do systemctl start protonvpn

Decidedly...

What I have done:

sudo pvpn --init

sudo systemctl edit --force --full protonvpn.service

systemctl enable protonvpn

systemctl start protonvpn

And this give me: Job for protonvpn.service failed because the control "process" exited with error code. See "systemctl status protonvpn.service" and "journalctl -xe" for details.

And systemctl status protonvpn.service give me:

● protonvpn.service - ProtonVPN Loaded: loaded (/etc/systemd/system/protonvpn.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Mon 2018-11-12 14:04:08 PST; 19s ago Process: 1274 ExecStart=/usr/bin/pvpn -f (code=exited, status=1/FAILURE)

nov. 12 14:03:43 xx pvpn[1274]: Traceback (most recent call last): nov. 12 14:03:43 xx pvpn[1274]: File "", line 9645, in nov. 12 14:03:43 xx pvpn[1274]: File "/usr/lib/python2.7/random.py", line 277, in choice nov. 12 14:03:43 xx pvpn[1274]: return seq[int(self.random() * len(seq))] # raises IndexError if seq is empty nov. 12 14:03:43 xx pvpn[1274]: IndexError: list index out of range nov. 12 14:03:45 xx pvpn[1274]: Connecting... nov. 12 14:04:07 xx pvpn[1274]: [!] Error connecting to VPN. nov. 12 14:04:08 xx systemd[1]: protonvpn.service: Control process exited, code=exited status=1 nov. 12 14:04:08 xx systemd[1]: protonvpn.service: Failed with result 'exit-code'. nov. 12 14:04:08 xx systemd[1]: Failed to start ProtonVPN.

I have tried to update protonvpn but no changes.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

[Hofer-Julian]

For anyone with systemd, I've setup a bare bones systemd unit file which autostarts ProtonVPN at boot with the fastest connection. You run pvpn --init as root before starting it but after that it works well.

[Unit]
Description=ProtonVPN
After=syslog.target network-online.target
Wants=network-online.target

[Service]
Type=forking
ExecStart=/usr/bin/pvpn -f
ExecStop=/usr/bin/pvpn -d
ExecReload=/usr/bin/pvpn -f

[Install]
WantedBy=multi-user.target

My problem with this solution was that pvpn --init initializes in my home directory, but when executed by root it searches in root's home directory. I simply copied "~/.protonvpn-cli" in root's home directory.

Does anyone has a smarter solution?

[Tamaranch]

@Hofer-Julian You have to appear as root in $SUDO_USER, so sudo sudo pvpn --init should work, if you can't or don't want to open a root shell to execute pvpn --init.

[Hofer-Julian]

@Tamaranch Thank you, this worked perfectly!

My procedure was (after installing "protonvpn-cli" according to the official guide):

sudo sudo pvpn --init

sudo systemctl edit --force --full protonvpn.service

insert:

[Unit]
Description=ProtonVPN
After=syslog.target network-online.target
Wants=network-online.target

[Service]
Type=forking
ExecStart=/usr/bin/pvpn -f
ExecStop=/usr/bin/pvpn -d
ExecReload=/usr/bin/pvpn -f

[Install]
WantedBy=multi-user.target

sudo systemctl enable protonvpn

sudo systemctl start protonvpn

[asim-vax]

If it disconnects for whatever reason, would the systemd service fail? if so, would adding: Restart=on-failure RestartSec=5s to the systemd script be worth while?

I'm new to this, so any advice is welcome!

[derbengale]

As @jGsch I always get the same error. Whatever I tried the Output is always the same:

[OpenVPN Status]: Not Running

I put SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin (I changed that to the output of echo $PATH when im root) into the beginning of my root Crontab (what shows up when I do sudo crontab -e) then added @reboot protonvpn-cli -f that didnt work

then put the same thing into a .sh file, made it executable

when I run it using sudo sh /xx/pvpn.sh then it works as soon as I put sh /xx/pvpn.sh in /etc/rc.local it doesnt work anymore and again it is being started but openvpn doesnt start

I really tried everything. Any Ideas?

[sojusnik]

Can somebody confirm if there is an official Ubuntu guide for a reliable killswitch and autostart on Ubuntu?

[xilopaint]

Can somebody confirm if there is an official Ubuntu guide for a reliable killswitch and autostart on Ubuntu?

There's no official killswitch and autostart features for the CLI at the moment. A killswitch came to be developed but disabled later due to bugs.

[asiudoisjdfo]

Hi, what is the status of the killswitch functionality? :-)

[xilopaint]

i, what is the status of the killswitch functionality? :-)

The same of my last comment.

[cbdejavu]

i, what is the status of the killswitch functionality? :-)

The same of my last comment.

So basically it looks like on May 11th was the last time there was a commit to that branch of code so what it the hold up for it being added to the main branch? Can it be tested as is at this point?

[m0nk3h]

Just registered here to let you know that https://gitlab.com/butmonkeh/pvpnmon is a very basic GUI Monitor program for protonvpn-cli which has an experimental kill-switch. I'm a hobby-coder, so it's nothing fancy. The ProtonVPN team are aware of it, and have done some testing, it's beta, so there may well be bugs.