This is a simple script that is able to instruct the NordVPN client to reconnect to the server it is currently connected to after a certain amount of time has passed on a recurring basis.
The problem this script is trying to solve is the unreliability of the NordVPN
Linux client wherein it will frequently hang after it has been connected without
interruptions for long periods of time. When the client enters this state, any
action fails, including attempting to disconnect or restart the nordvpn(d).service
.
In such a state, the only recourse is to reboot the machine. Which is less than ideal.
To install nordvpn-reconnect I suggest cloning the repository.
Follow these steps.
-
Open a terminal with (on many Linux distros this can be done using Ctrl+T)
-
If you do not have git installed, install it. (On Debian-based distros this is
sudo apt install git
). -
type
git clone https://github.com/mmnaseri/nordvpn-reconnect
. This will create a folder called "nordvpn-reconnect" in the current location. -
type
cd nordvpn-reconnect
inside the terminal to enter the folder -
For a simple installation type
sudo ./install.sh install
-
If you want to install the code, start it and enable a service that automatically starts type instead
sudo ./install.sh install enable start
You can either run the main nordvpn-reconnect.sh
script individually, or run it as
a daemon. A convenience script has been provided which installs the script as a symbolic
link under /usr/bin
and also adds a daemon unit to systemctl
, which you can then
enable and run.
The script consults the nordvpn
client for uptime, and if it has been more than a
preconfigured amount of time since it was connected to the current server (defaults
to 2 hours), it will reconnect to the same server, thus making sure that the connection
never stays open for more than that. The checking is done at intervals of one tenth of
the indicated maximum uptime, so, for two hours, that would be every 12 minutes.
The script takes a single, optional command line argument which is the maximum
runtime it should check for. This can be either a number given in seconds, or a
string with the format X days Y hours Z minutes T seconds
, such as 4 hours 10 minutes
.
There are three environment variables which the script will consult:
NORDVPN_MAX_UPTIME
; indicates the default max uptime if the CLI parameter is not specified; defaults to2 hours
.NORDVPN_RECONNECT_NOTIFY
; decides if the script should send a notification vianotify-send
every time it reconnects; defaults tofalse
.NORDVPN_KILLER_REQUEST_FILE
; tells the script which file the killer script is looking for to kill thenordvpnd
daemon for us if needed. The default is/tmp/nordvpnd-killer.ask
.
A sample run with notifications (works on Gnome) and 1 hour uptime is:
NORDVPN_RECONNECT_NOTIFY=true ./nordvpn-reconnect.sh "1 hour"
If reconnection requests fail, the script will attempt to kill NordVPNd. If that fails, it will need to
either be executed as root, or ask someone else who is to do the dirty work. That's why this script
comes with a sister: nordvpnd-killer.sh
.
If you drop a file at /tmp/nordvpnd-killer.ask
it will try to kill the service for you. The idea is that
you run the original script as your own user, and the other script as root, to have the least amount of
privilege handed to this script. The location of this file can be modified by setting the NORDVPN_KILLER_REQUEST_FILE
environment variable.
To use as a daemon, you just need to create a unit (see the provided example .service
file)
and place it within reach of systemctl
. The convenience install script
is tested to work on Arch Linux and on Ubuntu 20.04, but should work on other distros as well.
To use this as a daemon via the provided scripts, run:
sudo ./install.sh install
sudo ./install.sh enable
sudo ./install.sh start
Or more succinctly:
sudo ./install.sh install enable start
In the same vein, to remove the script and all its traces:
sudo ./install.sh stop disable uninstall
If you drop a file at /tmp/nordvpn-reconnect.lock
, the service will skip the current iteration.
If you keep that file in place, it is going to be the same as never executing this service at all.
Feel free to open pull requests. I'm open to widening support if there is enthusiasm.
I am using this on my personal machine. Use at your own risk.