Shell script to get a configuration file from a vpn:// URL.
Marek Küthe 5e3bde2772 Add more AmneziaFree bots | 2 meses atrás | |
---|---|---|
.woodpecker | 3 meses atrás | |
LICENSE | 3 meses atrás | |
README.md | 2 meses atrás | |
get_amnezia_free.sh | 3 meses atrás |
Shell script to get a configuration file from a vpn:// URL.
Telegram Bots to get Amnezia Free:
$./get_amnezia_free.sh vpn://...
Config version: 1.0
VPN name: AmneziaFree RU
VPN description: AmneziaFree for Russia
VPN protocol: awg
API endpoint: ???
API key: ???
Generate WireGuard keys...
WireGuard private key: [REDACTED]
WireGuard public key: ???
Register new client with the API server...
Create temporary file...
Temporary file: ???
Delete temporary file...
DNS 1: 1.0.0.1
DNS 2: 1.1.1.1
Hostname: ???d
Default container: amnezia-awg
Containers:
Container type: amnezia-awg
Configuration #1 saved in amneziafree-ru.conf.
In the directory in which the script was executed, you will now receive a file with the name of received VPN name and the file extension .conf
. If there are several awg containers, a numbering -2
, -3
, ... is added before the file extension.
The protocol for requesting the configuration data consists of several steps. First, however, a private and a corresponding public WireGuard key are generated locally - the Amnezia Free Server therefore does not know my secret key at any time.
To extract the data such as API endpoint and API key, first the beginning vpn://
is cut off and the result is base64-decoded. Then you get JSON data with the corresponding information.
Next, you can send a POST request to the API endpoint. The content type application/json
and the authentication in the form of Authorization: Api-Key $api_key
are passed as additional HTTP headers. JSON data is specified as the payload. This consists of a single key-value mapping. The only key used is public_key
. The corresponding value is the WireGuard public key previously generated locally. JSON data is returned as the response.
The only value in this is a vpn://
-URI. Here again vpn://
is truncated and the whole thing is base64-decoded. However, this time you do not get JSON data, but binary data. These are compressed with zlib-deflate. To decompress the data, the first four bytes are cut off (these serve as QT6 compression headers, but are unnecessary in our case) and the remaining data is recompressed. The result is JSON data again. This contains all the information required to create a configuration file.
"Fan Facts":