-
-
Save rtgibbons/ae083457d0962bd3fe3f to your computer and use it in GitHub Desktop.
Openconnect init script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/bash | |
| ### BEGIN INIT INFO | |
| # Provides: openconnect | |
| # Required-Start: $local_fs $remote_fs $network | |
| # Required-Stop: $local_fs $remote_fs $network | |
| # Default-Start: 2 3 4 5 | |
| # Default-Stop: 0 1 6 | |
| # Short-Description: Basic script to connect to a SSL VPN using Openconnect | |
| ### END INIT INFO | |
| # Define PATH | |
| PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" | |
| # VPN Variables | |
| HOST="https://##VPNURL##" | |
| USER="##USERNAME##" | |
| #PASS="PASSWORD" | |
| #CERT="/my/cert.pem" | |
| #KEY="/my/key.pem" | |
| # Set pidfile | |
| PIDFILE="/var/run/openconnect.pid" | |
| function start() { | |
| # Check if process is running. Exit in this case. | |
| [ -f ${PIDFILE} ] && ps -p $(< ${PIDFILE}) &> /dev/null && \ | |
| echo "Openconnect is already running." && exit 0 | |
| # Must be root | |
| [ ${UID} -ne 0 ] && echo "You must be root to run this script." && exit 1 | |
| # Connect | |
| # For now if not on OSX ask for password on command prompt | |
| if [[ $(uname) == "Darwin" ]]; then | |
| VPN_PASS=$(osascript -e 'display dialog "RSA Password" default answer "" with title "OpenConnect VPN" with hidden answer' | awk -F'[:,]' '{print $4}') | |
| else | |
| stty -echo | |
| printf "key and RSA password:" | |
| read VPN_PASS | |
| stty echo | |
| printf "\n" | |
| fi | |
| openconnect -b --user=${USER} ${HOST} --pid-file=${PIDFILE} --syslog --passwd-on-stdin <<< ${VPN_PASS} | |
| [ $? -ne 0 ] && echo "Openconnect failed to start!" && \ | |
| rm -f ${PIDFILE} && exit 1 | |
| } | |
| function stop() { | |
| if [ -f ${PIDFILE} ] && ps -p $(< ${PIDFILE}) &> /dev/null; then | |
| # Pid exists, kill process and remove pidfile | |
| [ ${UID} -ne 0 ] && echo "You must be root to run this script." && exit 1 | |
| kill $(< ${PIDFILE}) && rm -f ${PIDFILE} | |
| else | |
| echo "Openconnect is not running!" | |
| fi | |
| } | |
| function status() { | |
| if [ -f ${PIDFILE} ] && ps -p $(< ${PIDFILE}) &> /dev/null; then | |
| echo "Openconnect is running." | |
| runningtime=$(ps -p $(< ${PIDFILE}) -o etime=) | |
| echo " IP: $(ifconfig | awk '/-->/{print $2}')" | |
| echo " $(ifconfig | awk -F': ' '/^utun/{print $1}'): ${runningtime}" | |
| else | |
| [ -f ${PIDFILE} ] && rm -f ${PIDFILE} | |
| echo "Openconnect is stopped." | |
| exit 3 | |
| fi | |
| } | |
| case "$1" in | |
| start) | |
| start | |
| ;; | |
| stop) | |
| stop | |
| ;; | |
| status) | |
| status | |
| ;; | |
| restart) | |
| stop && start | |
| ;; | |
| *) | |
| echo "Usage: ${0##*/} (start|stop|status|restart)" && exit 0 | |
| ;; | |
| esac |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for this life saver!
I made some slight macOS-only changes (to store and retrieve the password from the Keychain).