ClawHub

Astrill Watchdog

v2.0.0

Monitor and auto-reconnect Astrill VPN on Ubuntu Linux (deb GUI package). Detects dropped connections via tun interface + ping, then reconnects using Astrill...

0· 389·1 current·1 all-time
by@littlejakub
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description match the files and instructions: the code checks tun0, pings a host, pkill/pgrep the Astrill binary path, and relaunches it. It requires the Astrill binary and a systemd user session — both expected for this functionality.
Instruction Scope
SKILL.md and the scripts confine actions to user-level paths (~/.config, ~/.local/state) and the systemd user unit. The runtime behavior (killing/restarting Astrill, writing logs, using DISPLAY/DBUS/WAYLAND) matches the stated goal. There are no instructions to read unrelated system files, exfiltrate data, contact external endpoints, or access secrets.
Install Mechanism
No remote downloads or package installs; setup.sh is included and copies scripts into user config and writes a systemd user unit. Installation is local, no sudo required, and uses standard user config/state paths.
Credentials
The skill requests no environment variables or credentials. It forwards desktop-related env vars (DISPLAY, DBUS_SESSION_BUS_ADDRESS, WAYLAND_DISPLAY) to relaunch Astrill, which is proportional to restarting a GUI/Wayland app from a service context.
Persistence & Privilege
The skill enables a systemd user service (starts on login) and writes only to user config/state; it does not require always:true, does not modify system-wide configuration, and does not request elevated privileges.
Assessment
This skill appears to do exactly what it advertises: it installs a systemd user unit and a watchdog script that will periodically check tun0 and ping and, if needed, kill and relaunch the Astrill GUI binary at /usr/local/Astrill/astrill. Before installing: (1) verify you trust the Astrill binary at /usr/local/Astrill/astrill (the watchdog will automatically relaunch whatever executable lives at that path); (2) confirm you want a service enabled on login that can kill and restart Astrill processes; (3) review the included scripts locally (they are small and readable) and back up any important config; (4) ensure you have a systemd user session and prefer user-level services. If any of these are concerns (e.g., you do not want automatic relaunch or you do not trust the installed Astrill binary), do not enable the service.

Like a lobster shell, security has layers — review code before you run it.

latestvk97c7n4g510kewa82znvsnqcs182e9vb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

astrill-watchdog

Monitors Astrill VPN on Ubuntu (deb GUI package) and automatically restarts it when the StealthVPN tunnel drops.

What it does

Watches tun0 + ping every 30 seconds. On failure, performs a full Astrill restart:

  • pkill astrill kills the process tree (root-owned children asproxy/asovpnc die with the parent — no sudo needed)
  • setsid /autostart relaunches Astrill with the full desktop environment (DISPLAY, DBUS, WAYLAND_DISPLAY) so it can initialize its GUI/Wayland stack from a systemd service context
  • Astrill auto-connects to the last used server

On restart failure: logs a CRITICAL block, resumes checking next cycle. Never exits.

Requirements

  • Ubuntu Linux, Astrill deb GUI package (/usr/local/Astrill/astrill)
  • ping, ip, pgrep, pkill, setsid (Ubuntu defaults)
  • Active desktop session (DISPLAY/DBUS/WAYLAND) — required for Astrill relaunch

Installation

bash setup.sh

No sudo. Installs the watchdog, creates a systemd user unit, and starts the service. Enabled on login automatically.

Usage

astrill-watchdog.sh start    # start watchdog (also done by systemd on login)
astrill-watchdog.sh stop     # stop watchdog
astrill-watchdog.sh status   # health summary + last 20 log lines
astrill-watchdog.sh once     # single health check + restart if needed, then exit

Files

PathPurpose
~/.config/astrill-watchdog/astrill-watchdog.shWatchdog script
~/.config/systemd/user/astrill-watchdog.serviceSystemd user unit
~/.local/state/astrill-watchdog/watchdog.logLog file (rotates at 5000 lines)
~/.local/state/astrill-watchdog/watchdog.pidPID file

Configuration

Edit the config block at the top of astrill-watchdog.sh:

CHECK_INTERVAL=30      # seconds between health checks
RECONNECT_WAIT=60      # seconds to wait after restart before health check
PING_HOST="8.8.8.8"
PING_COUNT=3
PING_TIMEOUT=3
LOG_MAX_LINES=5000

After editing, restart: systemctl --user restart astrill-watchdog.service

Diagnostics

# Live log tail
tail -f ~/.local/state/astrill-watchdog/watchdog.log

# Systemd journal
journalctl --user -u astrill-watchdog.service -n 30

# Full status summary
astrill-watchdog.sh status

Files

5 total
Select a file
Select a file to preview.

Comments

Loading comments…