-
Notifications
You must be signed in to change notification settings - Fork 0
/
run-proxy.sh
executable file
·108 lines (86 loc) · 4.54 KB
/
run-proxy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
#!/bin/bash -e
export COMMON_LIB_PATH="$(dirname ${BASH_SOURCE[0]})/common.sh"
#echo "COMMON_LIB_PATH=${COMMON_LIB_PATH}"
source "${COMMON_LIB_PATH}"
# Prerequisite - upsert script has been run to add user / pass to osx keychain
# Creates a web proxy and secure proxy, in the Location, host, port, bypass domains, etc... mentioned in the config file
# nb: Uses proxy username and password from the keychain.
create_proxy() {
declare CONFIG_FILE_PATH=${1}
# nb: See below, json properties with a - in their name need to be quoted during filtering (see jq manual)
declare PROXY_SERVICE_NAME_IN_KEYCHAIN=$(get_config_key "${CONFIG_FILE_PATH}" '.keychain."proxy-service-name-in-keychain"')
declare PROXY_HOST=$(get_config_key "${CONFIG_FILE_PATH}" '.proxy.host')
declare PROXY_PORT=$(get_config_key "${CONFIG_FILE_PATH}" '.proxy.port')
declare PROXY_BYPASS_DOMAINS=$(get_config_key "${CONFIG_FILE_PATH}" '.proxy."bypass-domains"')
declare PROXY_USERNAME_REGEX=$(get_config_key "${CONFIG_FILE_PATH}" '.proxy."proxy-username-regex"')
declare PROXY_USER="$(get_proxy_user_from_keychain "${PROXY_SERVICE_NAME_IN_KEYCHAIN}" "${PROXY_USERNAME_REGEX}")"
declare PROXY_PASSWORD="$(get_proxy_password_from_keychain "${PROXY_SERVICE_NAME_IN_KEYCHAIN}")"
declare NETWORK_SERVICE_NAME="Wi-Fi"
declare AUTH="on"
declare PROXY_OWNER=$(get_config_key "${CONFIG_FILE_PATH}" '.proxy.owner')
declare USE_LOCAL_PROXY=$(get_config_key "${CONFIG_FILE_PATH}" '.localproxy.enabled')
if [[ "${USE_LOCAL_PROXY}" == "true" ]]; then
PROXY_USER=""
PROXY_PASSWORD=""
AUTH=""
PROXY_HOST=$(get_config_key "${CONFIG_FILE_PATH}" '.localproxy.host')
PROXY_PORT=$(get_config_key "${CONFIG_FILE_PATH}" '.localproxy.port')
fi
#TODO - testing only
# echo "CONFIG_FILE_PATH=${CONFIG_FILE_PATH}"
# echo "PROXY_USER=${PROXY_USER}"
# echo "PROXY_HOST=${PROXY_HOST}"
# echo "PROXY_PORT=${PROXY_PORT}"
# echo "PROXY_BYPASS_DOMAINS=${PROXY_BYPASS_DOMAINS}"
echo "Creating proxy config for [${PROXY_OWNER}]"
#e.g. networksetup -setwebproxy <networkservice> <domain> <port number> <authenticated> <username> <password>
# ignore any errors written to stderr, as the return code appears to always be 0 :(
echo "setup web proxy"
echo "${NETWORK_SERVICE_NAME}"
echo "${PROXY_HOST}"
echo "${PROXY_PORT}"
echo "${NETWORK_SERVICE_NAME}"
if [[ "${USE_LOCAL_PROXY}" == "true" ]]; then
sudo -p "${SUDO_PROMPT}" networksetup -setwebproxy "${NETWORK_SERVICE_NAME}" "${PROXY_HOST}" "${PROXY_PORT}" 2>/dev/null
else
sudo -p "${SUDO_PROMPT}" networksetup -setwebproxy "${NETWORK_SERVICE_NAME}" "${PROXY_HOST}" "${PROXY_PORT}" "${AUTH}" "${PROXY_USER}" "${PROXY_PASSWORD}" 2>/dev/null
fi
declare RET=$?
if [ ${RET} -ne 0 ]; then
printf "\n$(date '+%Y-%m-%d %H:%M:%S') - ERROR - Command failed with return code [${RET}]"
exit ${RET}
fi
if [[ "${USE_LOCAL_PROXY}" == "true" ]]; then
sudo -p "${SUDO_PROMPT}" networksetup -setsecurewebproxy "${NETWORK_SERVICE_NAME}" "${PROXY_HOST}" "${PROXY_PORT}" 2>/dev/null
else
sudo -p "${SUDO_PROMPT}" networksetup -setsecurewebproxy "${NETWORK_SERVICE_NAME}" "${PROXY_HOST}" "${PROXY_PORT}" "${AUTH}" "${PROXY_USER}" "${PROXY_PASSWORD}" 2>/dev/null
fi
declare SECURE_RET=$?
if [ ${SECURE_RET} -ne 0 ]; then
printf "\n$(date '+%Y-%m-%d %H:%M:%S') - ERROR - Command failed with return code [${SECURE_RET}]"
exit ${SECURE_RET}
fi
sudo -p "${SUDO_PROMPT}" networksetup -setproxybypassdomains "${NETWORK_SERVICE_NAME}" "${PROXY_BYPASS_DOMAINS}"
dump_details_for_service "${NETWORK_SERVICE_NAME}"
}
#
# Should only create the proxies against the network Location from the config file
#
validate_location() {
declare CONFIG_LOCATION_NAME=$(get_config_key "${CONFIG_FILE_PATH}" '.location.name')
declare CURRENT_LOCATION="$(networksetup -getcurrentlocation)"
if [[ "${CURRENT_LOCATION}" == "${CONFIG_LOCATION_NAME}" ]]; then
echo "Using correct Location, [${CURRENT_LOCATION}]"
else
echo "Current location is [${CURRENT_LOCATION}], Switch to Location [${CONFIG_LOCATION_NAME}], before setting up proxy config"
echo "e.g. run-location.sh proxy-config.json my-vpn "
exit 1
fi
}
# jq is a pre-requisite, for retrieving config from the json file
has_jq
declare CONFIG_FILE_PATH="${1}"
validate_config_file "${CONFIG_FILE_PATH}"
validate_location
#sudo -p "${SUDO_PROMPT}" create_proxy "${CONFIG_FILE_PATH}"
create_proxy "${CONFIG_FILE_PATH}"