https://github.com/kir-antipov/outline-cli

🌐 The Free and Open Internet™ right in your terminal.
https://github.com/kir-antipov/outline-cli

cli linux outline outline-vpn shadowsocks

Last synced: about 22 hours ago
JSON representation

🌐 The Free and Open Internet™ right in your terminal.

• Host: GitHub
• URL: https://github.com/kir-antipov/outline-cli
• Owner: Kir-Antipov
• License: mit
• Created: 2024-04-08T15:47:08.000Z (6 months ago)
• Default Branch: master
• Last Pushed: 2024-07-13T12:24:25.000Z (3 months ago)
• Last Synced: 2024-09-27T07:41:12.540Z (about 22 hours ago)
• Topics: cli, linux, outline, outline-vpn, shadowsocks
• Language: Shell
• Homepage:
• Size: 93.8 KB
• Stars: 43
• Watchers: 3
• Forks: 1
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md
  • Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

        
# Outline CLI

[![GitHub CI Status](https://img.shields.io/github/actions/workflow/status/Kir-Antipov/outline-cli/ci.yml?logo=github)](https://github.com/Kir-Antipov/outline-cli/actions/workflows/ci.yml)

[![Version](https://img.shields.io/github/v/release/Kir-Antipov/outline-cli?sort=date&style=flat&label=version&cacheSeconds=3600)](https://github.com/Kir-Antipov/outline-cli/releases/latest)

[![License](https://img.shields.io/github/license/Kir-Antipov/outline-cli?style=flat&cacheSeconds=36000)](https://github.com/Kir-Antipov/outline-cli/blob/HEAD/LICENSE.md)



[Outline](https://getoutline.org/), developed by [Jigsaw](https://jigsaw.google.com/), is a great project aimed at simplifying the task of creating self-hosted VPN servers down to a matter of seconds. However, while the server deployment with Outline is commendable, its client-side experience falls short. Currently, the primary method of connecting to an [Outline server](https://github.com/Jigsaw-Code/outline-server/) is via the [Outline Client](https://github.com/Jigsaw-Code/outline-apps/) - an Electron *(or Cordova for mobile devices)* app - which unfortunately presents lots of issues across different platforms. It is somewhat buggy on Windows, notably unreliable on macOS, and entirely non-functional on Linux *(at least if Linux means more than just Ubuntu to you)*.

Fortunately, at least for Linux users, there's an alternative - a [CLI solution](https://github.com/Jigsaw-Code/outline-sdk/tree/main/x/examples/outline-cli/) hidden within the "experimental" section of the [outline-sdk](https://github.com/Jigsaw-Code/outline-sdk/) repo, which only supports Linux at the moment of writing. Despite its minimalistic design, the CLI performs its sole function - establishing a connection to a selected server and rerouting all traffic through it - quite efficiently and reliably. However, it may not be very user-friendly to manually launch/restart it, manage your access keys, and forcibly stop it when you wish to disconnect from the VPN server, and so on. This is where this project comes in.

This project, essentially a wrapper over the official [outline-cli](https://github.com/Jigsaw-Code/outline-sdk/tree/main/x/examples/outline-cli/) provided by [Jigsaw](https://github.com/Jigsaw-Code/), aims to make its usage easier. Comprised of just a few shell scripts, it enhances the default experience into a near-perfect one - unachievable by a buggy Electron app ;)

----

## Features

Obviously, the official CLI provides you with the ability to connect to servers deployed by the Outline Manager, or to any Shadowsocks server, for that matter. Here is what this project offers on top of that:

- Access key management

- [`ssconf://`](https://www.reddit.com/r/outlinevpn/wiki/index/dynamic_access_keys/) support

- Option to specify a custom DNS resolver instead of the hardcoded one

- Ability to connect to devices on your local network while the VPN is active

- Automatic reconnection to the VPN server upon reboot/network status change *(requires `NetworkManager`)*

- Easy integration with other tools, thanks to the highly scriptable nature of this project

----

## Installation

The installation process is quite straightforward: just clone this repo and run the `install` script.

```sh

git clone https://github.com/Kir-Antipov/outline-cli

cd outline-cli

sudo ./install -y

```

Alternatively, for `curl $URL | sudo bash` enjoyers, the same result can be achieved with the following one-liner:

```sh

curl -Ls https://github.com/Kir-Antipov/outline-cli/blob/master/install?raw=true | sudo bash -s -- -y

```

This will:

1) Install any missing dependencies: `git`, `tar`, `jq`, `curl` or `wget`, `gcc` or `clang`

2) Build and install the official [`outline-cli`](https://github.com/Jigsaw-Code/outline-sdk/tree/main/x/examples/outline-cli/)

   1) Clone [`Jigsaw-Code/outline-sdk`](https://github.com/Jigsaw-Code/outline-sdk/)

   2) Apply a patch that allows you to specify a custom DNS resolver instead of the hardcoded one

   3) Download the latest version of Go *(locally, not globally)*

   4) Build the app

   5) Copy the resulting binary to `/usr/local/bin/__vpn_connect`

   6) Clean up

3) Copy the `__vpn_manager` script to `/usr/local/bin/__vpn_manager`

4) Create a symlink for `__vpn_manager`, enabling you to call it using the shorthand `vpn`

5) Create a `polkit-1` policy, enabling you to call `__vpn_manager` from scripts

6) Copy the `vpn-manager-refresh` script to `/etc/NetworkManager/dispatcher.d/vpn-manager-refresh`, ensuring it executes each time your network connection status changes

7) Unbork the LAN by creating two new routing rules that prevent local traffic from being redirected to your VPN server

If you wish to configure the process described above, you can run the installation script without the `-y` flag, allowing you to guide it and adjust the results according to your preferences.

----

## Usage

```

Usage: vpn  [] []

Manage Shadowsocks server connections and related access keys.

Examples:

  sudo vpn add "ss://..." "Geneva"

  sudo vpn connect geneva

  sudo vpn disconnect

Commands:

  add  []        Add a new access key

  remove      Remove the designated access key

  list [-f ]        List all stored access keys

  connect []  Connect to a server

  disconnect [-s]           Disconnect from the current server

  toggle                    Toggle the current connection

  status                    Return the current connection status

Options:

  -h, --help                Display this help text and exit

  -v, --version             Display version information and exit

  -q, --quiet               Suppress all normal output

  -n, --notify              Display a notification

  -s, --suspend             Suspend the current connection;

                            It will be re-established later

  -f, --format      Print a key according to the ;

                            The formats are: %name%, %ip%, %index%

```

First and foremost, akin to the GUI app, you must add an access key. For example:

```sh

sudo vpn add "ss://YFhvLUKmUBJwEsSfL65ShwAOzuLDNN0HTBh9rCb2yhIJdrMXBhgP1DXBm4y7@42.42.42.42:52683/?outline=1" "Geneva"

```

You can list all stored access keys using the `sudo vpn list` command:

```

1  Geneva  42.42.42.42:52683

```

Once done, you're all set! Use:

```sh

sudo vpn connect "Geneva"

```

or one of these alternatives:

```sh

# The access key name is case-insensitive.

sudo vpn connect geneva

# You can also use the saved access key's ID

# (i.e., its ordinal number from the `list` output).

sudo vpn connect 1

# You can also omit the name/ID entirely.

# This will connect you to the last server you connected to.

sudo vpn connect

```

to connect to the desired VPN server.

Whenever you wish to disconnect from the current server, simply use:

```sh

sudo vpn disconnect

```

And that about covers the most essential functionalities you'll need.

----

## Keyboard Shortcuts

While this project doesn't provide a built-in solution for automatically creating keyboard shortcuts *(since everyone does it differently, and there's no point in even attempting to support every DE/WM/key remapping tool in existence)*, it is designed to be easily integrated with other tools and is highly scriptable.

Here’s a table with some common actions you might want to perform and the commands that achieve the desired results:

| Description                                             | Command                                             |

|:--------------------------------------------------------|:----------------------------------------------------|

| Toggle the current connection                           | `pkexec /usr/local/bin/__vpn_manager toggle -n`     |

| Disconnect from the current server                      | `pkexec /usr/local/bin/__vpn_manager disconnect -n` |

| Connect to the server you were last connected to        | `pkexec /usr/local/bin/__vpn_manager connect -n`    |

| Show the current connection status                      | `pkexec /usr/local/bin/__vpn_manager status -n`     |

| Connect to a server using the 1st access key | `pkexec /usr/local/bin/__vpn_manager connect 1 -n`  |

| Connect to a server using the 2nd access key | `pkexec /usr/local/bin/__vpn_manager connect 2 -n`  |

| Connect to a server using the 3rd access key | `pkexec /usr/local/bin/__vpn_manager connect 3 -n`  |

| Connect to a server using the 4th access key | `pkexec /usr/local/bin/__vpn_manager connect 4 -n`  |

| Connect to a server using the 5th access key | `pkexec /usr/local/bin/__vpn_manager connect 5 -n`  |

| Connect to a server using the 6th access key | `pkexec /usr/local/bin/__vpn_manager connect 6 -n`  |

| Connect to a server using the 7th access key | `pkexec /usr/local/bin/__vpn_manager connect 7 -n`  |

| Connect to a server using the 8th access key | `pkexec /usr/local/bin/__vpn_manager connect 8 -n`  |

| Connect to a server using the 9th access key | `pkexec /usr/local/bin/__vpn_manager connect 9 -n`  |

With this, you can easily configure keyboard shortcuts either directly via the keyboard settings provided by your DE/WM *(e.g., KDE, GNOME, etc.)*, or via a key remapping tool of your choice.

For example, I use [`keyd`](https://github.com/rvaiya/keyd/) - a very nice, modular, and efficient key remapping daemon. You can check my config, which implements all the shortcuts mentioned above, here: [`src/etc/keyd/vpn-manager.conf`](src/etc/keyd/vpn-manager.conf).

----

## Custom DNS Resolver

The Outline Client hardcodes its preferred DNS resolver. This has already caused many problems for numerous users in the past and will undoubtedly cause even more issues in the future.

While striving for the perfect solution is understandable, "perfect" can often be the enemy of "good." This is precisely what we see here, as after all these years, there is still no option to override these hardcoded values. Hence, this project proposes a simple eight-line patch that allows you to supply a DNS resolver of your choice to the Outline Client.

If you followed the standard installation script, you can specify the DNS resolver you prefer directly in your access key via the new `dns` URL parameter, as demonstrated below:

```diff

- ss://.../?outline=1

+ ss://.../?outline=1&dns=1.1.1.1

```

----

## Legal Notice

This project is an independent work and is not affiliated, endorsed, authorized, or sponsored by Jigsaw LLC or any of its subsidiaries or affiliates. Outline and the Outline logo are trademarks and/or registered trademarks of Jigsaw LLC in the U.S. and/or other countries. All rights reserved to their respective owners.

The purpose of this project is purely educational and non-commercial. The code and information found within this project are for educational use only and are not intended for any kind of commercial use.

Use this software at your own risk. The creators cannot be held responsible for any misuse or damages caused by this software.

This notice serves as a disclaimer. Any violations of Jigsaw's policies or trademarks are not intentional.

----

## License

Licensed under the terms of the [MIT License](LICENSE.md).