mattyjones · October 30, 2016 21:28
diff --git a/linux_vpn.sh b/linux_vpn.sh
 #! /bin/bash

 # Manage our vpn connections from the commandline in an IAC way. This script 
 # should just be alias'd in your shell rc file for ease of use.

 # TODO:
 #
 # validate consul datacenters
 # ensure only one vpn connection is up
 # provide vpn details if requested
 # in verbose down, output the resolv.conf
 # need to look for the dns entry via regex to ensure I grab the right one
 # create alias in rc file

 readonly NC='\033[0m'
 readonly RED='\033[0;31m'
 readonly BLUE='\033[0;34m'
 readonly GREEN='\033[0;32m'
 readonly ARGS="$@"

 verbose() {
  echo -e "$BLUE Action:      $NC $ACTION"
  echo -e "$BLUE VPN Network: $NC $NETWORK"
  echo -e "$BLUE VPN Environment: $NC $ENVIRONMENT"
  echo $ip_info
  echo $dns_info
  echo $cleanup_info
 }

 # confirm that the consul dns is resolving correctly
 confirm_dns() {
 #  local dc="us-east-1-z"
  sleep 5
  dns_info="$(fping core-consul-0.node.$NETWORK.consul)"
  if [ ! $? ]; then
     echo -e "$RED \nDNS resolution failed $NC"
     echo -e "$RED $out $NC"
     exit 1
  fi
 }

 # This will fix the annoying dns issue of the servers being in the wrong order. 
 # At some point I will go back and fix this within strongswan.
 fix_dns() { 
  sed -n '3p' /etc/resolv.conf > /tmp/dns.conf
  cat /etc/resolv.conf >> /tmp/dns.conf
  sed -i".bak" '4d' /tmp/dns.conf
  cp /tmp/dns.conf /etc/resolv.conf
  confirm_dns
 }

 # remove tmp files created
 cleanup() {
  cleanup_info="$(rm /tmp/dns*)"
 }

 # need to make sure only one vpn connection is running and if not then ask are you sure.
 check_vpn() {
 echo "need to implement"
 return true
 }

 # usage details
 usage() {
  echo "do shit"
 }

 main() {

  # parse the arguements
  for i in $ARGS
 do
 case $i in
    -n=*|--network=*)
    readonly NETWORK="${i#*=}"
    shift
    ;;
    -v=*|--verbose=*)
    readonly VERBOSE="${i#*=}"
    shift
    ;;
    -e=*|--environment=*)
    readonly ENVIRONMENT="${i#*=}"
    shift
    ;;
    -a=*|--action=*)
    readonly ACTION="${i#*=}"
    shift
    ;;
    -h=*|--help=*)
    readonly HELP="${i#*=}"
    shift
    ;;
    *)
    ;;
 esac
 done

  if [ $HELP ]; then
    usage
    exit 0
  fi

  if [ check_vpn ]; then
    if [ $ACTION == "up" ]; then
      echo "starting vpn"
      ip_info="$(ipsec $ACTION $NETWORK-$ENVIRONMENT)"
      fix_dns
    elif [ $ACTION == "down" ]; then
      echo "stoppping vpn"
      ip_info="$(ipsec $ACTION $NETWORK-$ENVIRONMENT)"
      cleanup_info="$(cleanup)"
    fi
  fi

  if [ $VERBOSE ]; then
    verbose
  fi
 }

 # do work
 main
	#! /bin/bash

	# Manage our vpn connections from the commandline in an IAC way. This script
	# should just be alias'd in your shell rc file for ease of use.

	# TODO:
	#
	# validate consul datacenters
	# ensure only one vpn connection is up
	# provide vpn details if requested
	# in verbose down, output the resolv.conf
	# need to look for the dns entry via regex to ensure I grab the right one
	# create alias in rc file

	readonly NC='\033[0m'
	readonly RED='\033[0;31m'
	readonly BLUE='\033[0;34m'
	readonly GREEN='\033[0;32m'
	readonly ARGS="$@"

	verbose() {
	echo -e "$BLUE Action: $NC $ACTION"
	echo -e "$BLUE VPN Network: $NC $NETWORK"
	echo -e "$BLUE VPN Environment: $NC $ENVIRONMENT"
	echo $ip_info
	echo $dns_info
	echo $cleanup_info
	}

	# confirm that the consul dns is resolving correctly
	confirm_dns() {
	# local dc="us-east-1-z"
	sleep 5
	dns_info="$(fping core-consul-0.node.$NETWORK.consul)"
	if [ ! $? ]; then
	echo -e "$RED \nDNS resolution failed $NC"
	echo -e "$RED $out $NC"
	exit 1
	fi
	}

	# This will fix the annoying dns issue of the servers being in the wrong order.
	# At some point I will go back and fix this within strongswan.
	fix_dns() {
	sed -n '3p' /etc/resolv.conf > /tmp/dns.conf
	cat /etc/resolv.conf >> /tmp/dns.conf
	sed -i".bak" '4d' /tmp/dns.conf
	cp /tmp/dns.conf /etc/resolv.conf
	confirm_dns
	}

	# remove tmp files created
	cleanup() {
	cleanup_info="$(rm /tmp/dns*)"
	}

	# need to make sure only one vpn connection is running and if not then ask are you sure.
	check_vpn() {
	echo "need to implement"
	return true
	}

	# usage details
	usage() {
	echo "do shit"
	}

	main() {

	# parse the arguements
	for i in $ARGS
	do
	case $i in
	-n=\|--network=)
	readonly NETWORK="${i#*=}"
	shift
	;;
	-v=\|--verbose=)
	readonly VERBOSE="${i#*=}"
	shift
	;;
	-e=\|--environment=)
	readonly ENVIRONMENT="${i#*=}"
	shift
	;;
	-a=\|--action=)
	readonly ACTION="${i#*=}"
	shift
	;;
	-h=\|--help=)
	readonly HELP="${i#*=}"
	shift
	;;
	*)
	;;
	esac
	done

	if [ $HELP ]; then
	usage
	exit 0
	fi

	if [ check_vpn ]; then
	if [ $ACTION == "up" ]; then
	echo "starting vpn"
	ip_info="$(ipsec $ACTION $NETWORK-$ENVIRONMENT)"
	fix_dns
	elif [ $ACTION == "down" ]; then
	echo "stoppping vpn"
	ip_info="$(ipsec $ACTION $NETWORK-$ENVIRONMENT)"
	cleanup_info="$(cleanup)"
	fi
	fi

	if [ $VERBOSE ]; then
	verbose
	fi
	}

	# do work
	main