jshiell/anyconnect.sh

## anyconnect.sh
#!/usr/bin/env bash

set -euo pipefail
IFS=$'\n\t'

readonly _CISCO_VPN="/opt/cisco/anyconnect/bin/vpn"
readonly _GREEN='\033[0;32m'
readonly _RED='\033[0;31m'
readonly _NC='\033[0m'

export PASSWORD_STORE_DIR="$HOME/.pass-anyconnect"

vpn_up() {
    local VPN_PROFILE="$1"
    local VPN_USERNAME="$2"
    local VPN_PASSWORD="$3"

    "$_CISCO_VPN" -s connect "$VPN_PROFILE" <<EOF
2
$VPN_USERNAME
$VPN_PASSWORD
y
exit
EOF
}

vpn_down() {
    "$_CISCO_VPN" disconnect
}

vpn_verify() {
    local VPN_PROFILE="$1"
    local VPN_USERNAME="$2"

    echo -n "Checking profile $VPN_PROFILE exists..."
    if [[ ! -f "/opt/cisco/anyconnect/profile/$VPN_PROFILE.xml" ]]; then
        echo -e "${_RED}FAILED${_NC}"
        echo "Profile $VPN_PROFILE was not found - please connect once via '$_CISCO_VPN -s connect vpn.springernature.com' to download this"
        RESULT=1
    else
        echo -e "${_GREEN}OK${_NC}"
    fi

    return $RESULT
}

verify_prerequisites() {
    if [[ ! -f "$_CISCO_VPN" ]]; then
        echo "Cannot find AnyConnect at $_CISCO_VPN - please ensure you've installed it."
        echo "You can download binaries from https://anyconnect.springernature.com"
        return 1
    fi

    if ! gpg --version >/dev/null 2>&1; then
        echo "Cannot find gpg; please install, e.g. sudo apt install gnupg"
        return 2
    fi

    if ! pass --version >/dev/null 2>&1; then
        echo "Cannot find pass; please install, e.g. sudo apt install pass"
        return 2
    fi

    local PASS_EMAIL=anyconnect@example.com
    if ! gpg --list-keys | grep anyconnect@example.com >/dev/null 2>&1; then
        gpg --full-gen-key --batch <<EOF
%no-protection
Key-Type: DSA
Key-Length: 1024
Subkey-Type: ELG-E
Subkey-Length: 1024
Name-Real: AnyConnect VPN details storage
Name-Comment: Used by anyconnect script to store username/password
Name-Email: $PASS_EMAIL
Expire-Date: 0
%commit
EOF
    fi

    if [[ ! -d "$PASSWORD_STORE_DIR" ]]; then
        mkdir -p "$PASSWORD_STORE_DIR"
        pass init "$PASS_EMAIL"
    fi
}

main() {
    local ACTION="${1:-}"

    verify_prerequisites

    local VPN_USERNAME=$(pass show vpn-username 2>/dev/null)
    local VPN_PASSWORD=$(pass show vpn-password 2>/dev/null)

    if [[ -z "$VPN_USERNAME" || -z "$VPN_PASSWORD" ]]; then
        echo "Error: you must add your VPN username & password to the pass repo, e.g."
        echo " PASSWORD_STORE_DIR=$PASSWORD_STORE_DIR pass insert vpn-username"
        echo " PASSWORD_STORE_DIR=$PASSWORD_STORE_DIR pass insert vpn-username"
        exit 5
    fi

    local VPN_PROFILE="SpringerNature-Int"

    case "$ACTION" in
    up)
        vpn_up "$VPN_PROFILE" "$VPN_USERNAME" "$VPN_PASSWORD"
        ;;
    down)
        vpn_down
        ;;
    verify)
        vpn_verify "$VPN_PROFILE" "$VPN_USERNAME"
        ;;
    *)
        echo "Usage: $0 <up|down|verify>"
        exit 1
        ;;
    esac
}

main "$@"
	#!/usr/bin/env bash

	set -euo pipefail
	IFS=$'\n\t'

	readonly _CISCO_VPN="/opt/cisco/anyconnect/bin/vpn"
	readonly _GREEN='\033[0;32m'
	readonly _RED='\033[0;31m'
	readonly _NC='\033[0m'

	export PASSWORD_STORE_DIR="$HOME/.pass-anyconnect"

	vpn_up() {
	local VPN_PROFILE="$1"
	local VPN_USERNAME="$2"
	local VPN_PASSWORD="$3"

	"$_CISCO_VPN" -s connect "$VPN_PROFILE" <<EOF
	2
	$VPN_USERNAME
	$VPN_PASSWORD
	y
	exit
	EOF
	}

	vpn_down() {
	"$_CISCO_VPN" disconnect
	}

	vpn_verify() {
	local VPN_PROFILE="$1"
	local VPN_USERNAME="$2"

	echo -n "Checking profile $VPN_PROFILE exists..."
	if [[ ! -f "/opt/cisco/anyconnect/profile/$VPN_PROFILE.xml" ]]; then
	echo -e "${_RED}FAILED${_NC}"
	echo "Profile $VPN_PROFILE was not found - please connect once via '$_CISCO_VPN -s connect vpn.springernature.com' to download this"
	RESULT=1
	else
	echo -e "${_GREEN}OK${_NC}"
	fi

	return $RESULT
	}

	verify_prerequisites() {
	if [[ ! -f "$_CISCO_VPN" ]]; then
	echo "Cannot find AnyConnect at $_CISCO_VPN - please ensure you've installed it."
	echo "You can download binaries from https://anyconnect.springernature.com"
	return 1
	fi

	if ! gpg --version >/dev/null 2>&1; then
	echo "Cannot find gpg; please install, e.g. sudo apt install gnupg"
	return 2
	fi

	if ! pass --version >/dev/null 2>&1; then
	echo "Cannot find pass; please install, e.g. sudo apt install pass"
	return 2
	fi

	local PASS_EMAIL=anyconnect@example.com
	if ! gpg --list-keys \| grep anyconnect@example.com >/dev/null 2>&1; then
	gpg --full-gen-key --batch <<EOF
	%no-protection
	Key-Type: DSA
	Key-Length: 1024
	Subkey-Type: ELG-E
	Subkey-Length: 1024
	Name-Real: AnyConnect VPN details storage
	Name-Comment: Used by anyconnect script to store username/password
	Name-Email: $PASS_EMAIL
	Expire-Date: 0
	%commit
	EOF
	fi

	if [[ ! -d "$PASSWORD_STORE_DIR" ]]; then
	mkdir -p "$PASSWORD_STORE_DIR"
	pass init "$PASS_EMAIL"
	fi
	}

	main() {
	local ACTION="${1:-}"

	verify_prerequisites

	local VPN_USERNAME=$(pass show vpn-username 2>/dev/null)
	local VPN_PASSWORD=$(pass show vpn-password 2>/dev/null)

	if [[ -z "$VPN_USERNAME" \|\| -z "$VPN_PASSWORD" ]]; then
	echo "Error: you must add your VPN username & password to the pass repo, e.g."
	echo " PASSWORD_STORE_DIR=$PASSWORD_STORE_DIR pass insert vpn-username"
	echo " PASSWORD_STORE_DIR=$PASSWORD_STORE_DIR pass insert vpn-username"
	exit 5
	fi

	local VPN_PROFILE="SpringerNature-Int"

	case "$ACTION" in
	up)
	vpn_up "$VPN_PROFILE" "$VPN_USERNAME" "$VPN_PASSWORD"
	;;
	down)
	vpn_down
	;;
	verify)
	vpn_verify "$VPN_PROFILE" "$VPN_USERNAME"
	;;
	*)
	echo "Usage: $0 <up\|down\|verify>"
	exit 1
	;;
	esac
	}

	main "$@"