-
Notifications
You must be signed in to change notification settings - Fork 2
/
vpn-entrypoint.sh
101 lines (79 loc) · 2.31 KB
/
vpn-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/bin/bash
VPN_USER=${1}
VPN_PASSWORD=${2}
GW=${3}
MODE=${4}
OUTPUT=$(mktemp "/tmp/$(basename 0).XXXXXX")
if [ ! -f /dev/ppp ];then
echo "Creating special /dev/ppp device"
mknod /dev/ppp c 108 0
fi
echo "Please give me your token (exactly 6 digits):"
read -s -n 6 TOKEN
# redirect output (both) in order to evaluate them in loop later
exec > >(tee -ia $OUTPUT)
exec 2> >(tee -ia $OUTPUT)
echo $TOKEN | /usr/bin/openfortivpn ${GW} -u ${VPN_USER} -p ${VPN_PASSWORD} >&2 &
until grep -q -i 'Tunnel is up and running' $OUTPUT
do
# wait until VPN tunnel is created
sleep 1
done
shift 4 # shift away VPN_USER VPN_PASSWORD GW and MODE
REMOTE_SERVER=${1}
# get containers IP
CONTAINER_IP=$(ip a | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | grep 172.17 | grep -v 255.255)
if [[ "${MODE}" == "forward" ]];then
echo "Forward mode..."
shift # shift away REMOTE_SERVER
JUMP_USER=${1}
shift
JUMP_HOST=${1}
# getent hosts retrup always IP for both: host name or for IP
echo "Resolving ${REMOTE_SERVER} to IP"
REMOTE_SERVER_IP=$(getent hosts ${REMOTE_SERVER} | awk '{print $1}')
echo $REMOTE_SERVER_IP
echo "Resolving ${JUMP_HOST} to IP"
JUMP_HOST_IP=$(getent hosts ${JUMP_HOST} | awk '{print $1}')
echo $JUMP_HOST_IP
shift # get ports
forward_string=""
while (( "$#" )); do
forward_string+=" -L ${CONTAINER_IP}:${1}:${REMOTE_SERVER_IP}:${1}"
shift
done
COMMAND="ssh -N -v -o ServerAliveInterval=60 ${forward_string} ${JUMP_USER}@${JUMP_HOST_IP}"
echo "Using ssh port forward: ${COMMAND}"
${COMMAND}
fi
if [[ "${MODE}" == "direct" ]];then
echo "Direct mode..."
ssh -v -o ServerAliveInterval=60 ${REMOTE_SERVER}
fi
if [[ "${MODE}" == "rsync" ]];then
echo "rsync transfer mode..."
if [[ ${#} -eq 3 ]];then
OPTS=${1}
SOURCE=${2}
DST=${3}
else
SOURCE=${1}
DST=${2}
fi
if [[ "${SOURCE}" == *"@"* ]];then
# this is the download case user@host:/path/on/server --> /path/on/host
DST="/host_dst/"
else
# this is the upload case /path/on/host --> user@host:/path/on/server
FILE=${SOURCE##*/}
if [[ -f "/host_dst/${FILE}" ]];then
# is regular file
SOURCE="/host_dst/${FILE}"
else
SOURCE="/host_dst/"
fi
fi
COMMAND="rsync ${OPTS} -e ssh ${SOURCE} ${DST}"
echo "Executing command: ${COMMAND}"
$COMMAND
fi