Last active
June 12, 2023 10:05
-
-
Save fragolinux/75cfbc1171e8128daf4c32c075cffe95 to your computer and use it in GitHub Desktop.
pritunl-cli
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # prerequisiti: | |
| # avere una chiave gpg da usare per crittografare il proprio portachiavi gopass... | |
| # install gopass via asdf | |
| asdf plugin add gopass | |
| asdf install gopass 1.15.5 | |
| asdf global gopass 1.15.5 | |
| # creazione portachiavi gopass | |
| gopass setup | |
| # seguire il wizard per creare il proprio portachiavi | |
| # in alternativa è possibile usare "gopass init" | |
| # per dettagli su differenze o per usare keystore in posizioni diverse dal default | |
| # consultare la guida di gopass: https://github.com/gopasspw/gopass | |
| # aggiunta dei 2 token TOTP per le vpn: | |
| # dovete avere entrambe le url complete che iniziano con "otpauth://totp..." ed aggiungerle a gopass con: | |
| gopass insert ALL1 otpauth | |
| gopass insert ALL2 otpauth | |
| # in questo modo potrete ottenere i vostri TOTP con i comandi: | |
| gopass totp -o ALL1 | |
| gopass totp -o ALL2 | |
| # setup pritunl: | |
| # il client da console è in: /Applications/Pritunl.app/Contents/Resources/pritunl-client | |
| # ma se lo lanciate con "/Applications/Pritunl.app/Contents/Resources/pritunl-client list" NON rileverà i profili importati da gui... | |
| # soluzione? Rimuovere i profili dalla gui e reimportarli dalla console, in questo modo li avrete in entrambi correttamente | |
| # dovete avere i file "tar" originari (NON scompattateli), ed usare questa sintassi per importare entrambi quelli ricevuti: | |
| /Applications/Pritunl.app/Contents/Resources/pritunl-client add profilo.tar | |
| # di default i profili hanno impostato autostart, va disattivato su tutti, dato che va in conflitto con la gestione degli OTP | |
| for ID in $(/Applications/Pritunl.app/Contents/Resources/pritunl-client list -j | jq -r ".[] | .id"); do /Applications/Pritunl.app/Contents/Resources/pritunl-client disable "$ID"; done | |
| /Applications/Pritunl.app/Contents/Resources/pritunl-client list | |
| # il precedente comando dovrebbe ora riportare entrambi i profili con autostart disabled | |
| # lo stesso comando vi darà anche gli ID da usare per connettervi in vpn da cli | |
| # collegamento automatico vpn: | |
| #!/usr/bin/env bash | |
| if [ ! -x "$(command -v /Applications/Pritunl.app/Contents/Resources/pritunl-client)" ]; then | |
| echo "pritunl-client is not installed or not executable" | |
| exit 1 | |
| fi | |
| CONNECTED="false" | |
| for PROFILE in ALL1 ALL2; do | |
| [ "$CONNECTED" == "true" ] && break | |
| ID=$(/Applications/Pritunl.app/Contents/Resources/pritunl-client list -j | jq -r --arg PROFILE "$PROFILE" '.[] | select(.name | contains($PROFILE)) | .id') | |
| OTP=$(gopass totp -o "$PROFILE") | |
| /Applications/Pritunl.app/Contents/Resources/pritunl-client start "$ID" -p "$OTP" | |
| LOCAL_IP=$(/Applications/Pritunl.app/Contents/Resources/pritunl-client list -j | jq -r '.[] | select(.run_state=="Active") | .client_address') | |
| ATTEMPTS=5 | |
| ATTEMPT=0 | |
| while [ "$LOCAL_IP" == "" ] && [ $ATTEMPT -lt $ATTEMPTS ]; do | |
| ATTEMPT=$((ATTEMPT + 1)) | |
| echo "Trying to connect to profile: $PROFILE - attempt $ATTEMPT/$ATTEMPTS" | |
| LOCAL_IP=$(/Applications/Pritunl.app/Contents/Resources/pritunl-client list -j | jq -r '.[] | select(.run_state=="Active") | .client_address') | |
| sleep 1 | |
| done | |
| if [ "$LOCAL_IP" != "" ]; then | |
| echo "Connected to: \"$PROFILE\" profile, with ip: $LOCAL_IP" | |
| CONNECTED="true" | |
| else | |
| /Applications/Pritunl.app/Contents/Resources/pritunl-client stop "$ID" | |
| echo "Connection to \"$PROFILE\" profile failed" | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment