#!/bin/sh set -eu BASE="https://install.cyber-vpn.cc" LOGIN_SERVER="" AUTH_KEY="" while [ $# -gt 0 ]; do case "$1" in --login-server=*) LOGIN_SERVER="${1#*=}" ;; --login-server) shift; LOGIN_SERVER="${1:-}" ;; --auth-key=*) AUTH_KEY="${1#*=}" ;; --auth-key) shift; AUTH_KEY="${1:-}" ;; *) echo "unknown arg: $1" >&2; exit 2 ;; esac shift done [ -n "$LOGIN_SERVER" ] || { echo "missing --login-server" >&2; exit 2; } [ -n "$AUTH_KEY" ] || { echo "missing --auth-key" >&2; exit 2; } if [ "$(id -u)" -ne 0 ]; then echo "cybervpn installer needs root; re-running with sudo..." exec sudo sh -c "curl -fsSL $BASE | sh -s -- --login-server=$LOGIN_SERVER --auth-key=$AUTH_KEY" fi OS="$(uname -s)" case "$(uname -m)" in x86_64|amd64) ARCH=amd64 ;; aarch64|arm64) ARCH=arm64 ;; *) echo "unsupported arch $(uname -m)" >&2; exit 1 ;; esac dl() { OSDIR="$1" echo "downloading cybervpn ($OSDIR/$ARCH)..." curl -fsSL "$BASE/dl/$OSDIR/$ARCH/cybervpn" -o /usr/local/bin/cybervpn curl -fsSL "$BASE/dl/$OSDIR/$ARCH/cybervpnd" -o /usr/local/bin/cybervpnd chmod +x /usr/local/bin/cybervpn /usr/local/bin/cybervpnd } case "$OS" in Linux) dl linux cat > /etc/systemd/system/cybervpnd.service < /Library/LaunchDaemons/net.cybervpn.daemon.plist < Labelnet.cybervpn.daemon ProgramArguments /usr/local/bin/cybervpnd --state/Library/Application Support/cybervpn/cybervpnd.state --tunuserspace-networking RunAtLoad KeepAlive StandardErrorPath/var/log/cybervpnd.log StandardOutPath/var/log/cybervpnd.log PLIST # Force-remove any prior (possibly crash-looping) daemon before loading the new plist: # 'launchctl load' on an already-loaded label is a no-op, so a stale daemon would persist. launchctl bootout system/net.cybervpn.daemon 2>/dev/null || true launchctl unload /Library/LaunchDaemons/net.cybervpn.daemon.plist 2>/dev/null || true pkill -x cybervpnd 2>/dev/null || true rm -f /var/run/cybervpnd.socket launchctl bootstrap system /Library/LaunchDaemons/net.cybervpn.daemon.plist 2>/dev/null || launchctl load -w /Library/LaunchDaemons/net.cybervpn.daemon.plist SOCK=/var/run/cybervpnd.socket ;; *) echo "unsupported OS $OS (Linux/macOS only)" >&2; exit 1 ;; esac # Wait for the daemon's localapi socket (cold start + launchd KeepAlive can take a while). i=0; while [ ! -S "$SOCK" ] && [ $i -lt 60 ]; do i=$((i+1)); sleep 1; done # Register, retrying a few times while the daemon settles. ok=0 for try in 1 2 3 4 5; do if /usr/local/bin/cybervpn --socket "$SOCK" up --reset --login-server="$LOGIN_SERVER" --auth-key="$AUTH_KEY"; then ok=1; break; fi sleep 3 done [ "$ok" = 1 ] || { echo "registration failed; see daemon log: /var/log/cybervpnd.log" >&2; exit 1; } # Let the invoking (non-root) user drive the CLI without sudo. [ -n "${SUDO_USER:-}" ] && /usr/local/bin/cybervpn --socket "$SOCK" set --operator="$SUDO_USER" 2>/dev/null || true echo "CyberVPN connected. Status:" /usr/local/bin/cybervpn --socket "$SOCK" status || true