Automatic openconnect VPN connection

vpn_dns_update.sh

#!/bin/bash
# needs to run as root
# THIS SAMPLE CODE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL PAGERDUTY OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) SUSTAINED BY YOU OR A THIRD PARTY, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT ARISING IN ANY WAY OUT OF THE USE OF THIS SAMPLE CODE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

# Configurations

VPN_USER=
VPN_PWD=
VPN_SERVER=
HOSTNAME=
UPDATE_INTERVAL=3
PID_FILE=
DNS_USER=
DNS_PWD=

function get_vpn_ip()
{
    pgrep openconnect >/dev/null && ip -4 addr | grep tun0 -A 4 | grep -oP '(?<=inet\s)\d+(\.\d+){3}'
}

function try_vpn_connection()
{
    get_vpn_ip >/dev/null && echo 'already connected' && return 1
    echo "$VPN_PWD" | openconnect -u "$VPN_USER" "$VPN_SERVER" --passwd-on-stdin >/dev/null 2>&1 &

    for run in {1..10}
    do
        get_vpn_ip >/dev/null && echo 'connection successful' && return 1
        sleep 1
    done

    echo 'could not connect to VPN server'
    return 0
}

function stop_vpn_connection()
{
    pkill -SIGINT openconnect
    sleep 1
    ! pgrep openconnect && echo "VPN disconnected" && return 0
    echo "Could not disconnect VPN" && return 1
}

function update_ip_address()
{
    ip_addr=$1

    if [[ $ip_addr ]]; then
        echo "Updating DNS record $HOSTNAME to $ip_addr"
        result=$(curl -s -u $DNS_USER:$DNS_PWD "https://now-dns.com/update?hostname=$HOSTNAME&myip=$ip_addr")
        echo $result
    else
        echo "VPN not connected, cancelling update"
    fi
}

function vpn_daemon()
{
    try_vpn_connection
    old_ip=$(get_vpn_ip)
    update_ip_address $old_ip

    while [ -e $PID_FILE ]; do

        curr_ip=$(get_vpn_ip)

        if [[ $curr_ip && $curr_ip != $old_ip ]]; then
            echo "VPN address changed to: $curr_ip, updating..."
            old_ip=$curr_ip
            update_ip_address $curr_ip
        elif [[ ! $curr_ip ]]; then
            echo "VPN disconnected. Reconnecting..."
            try_vpn_connection
        fi

        sleep $UPDATE_INTERVAL

    done

    echo "Received signal, daemon exiting.."
}

if [[ $USER != "root" ]]; then
    echo "Please run as root, $USER"
fi

# Parsing arguments:

case $1 in
    update)
    try_vpn_connection
    update_ip_address $(get_vpn_ip)
    ;;

    stop)
    stop_vpn_connection
    ;;

    restart)
    stop_vpn_connection
    try_vpn_connection
    update_ip_address $(get_vpn_ip)
    ;;

    daemon)
    vpn_daemon &
    echo $! > $PID_FILE
    ;;

    daemon-kill)
    rm -rf $PID_FILE
    stop_vpn_connection
    ;;

    *)
    printf "Missing argument\n\nAvailable commands: $0 [update|stop|restart|daemon|daemon-kill]\n"
    printf "\nupdate: connect to VPN and update DNS record"
    printf "\nstop: stop background openconnect process"
    printf "\nrestart: dis- and reconnect to VPN server"
    printf "\ndaemon[-kill]: start / stop background VPN process (for systemctl)\n"
    ;;
esac