PurpleComputing/Tailscale-scripts
2
0
Fork 0
mirror of https://github.com/PurpleComputing/Tailscale-scripts.git synced 2026-06-11 01:20:30 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update Repo

Browse Source
This commit is contained in:
Purple
2025-02-05 15:24:47 +00:00
parent 09c6ec87d1
commit 25f5e702c1
16 changed files with 4 additions and 1465 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.nova/Configuration.json Normal file
View File

@@ -0,0 +1,4 @@
{
"index.enabled" : true,
"index.symbolicate" : true
}

BIN
Mac/.DS_Store vendored Normal file
View File

Binary file not shown.

BIN
Mac/Archive.zip Normal file
View File

Binary file not shown.

145
Mac/force-auth-EEPv1.sh
View File

@@ -1,145 +0,0 @@
#!/bin/sh
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# VARIABLES IN USE FROM CONSOLE
# TAILSCALEAUTHKEY
# TSSERVERIP
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date)
echo "Execution Record for $DT0"
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
TSUSER=$(echo $currentUser | sed 's/_//g')
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo
echo "$APPNA is installed."
echo
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
runAsUser defaults write io.tailscale.ipn.macos TailscaleOnboardingSeen 1
runAsUser defaults write io.tailscale.ipn.macos TailscaleStartOnLogin 1
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
sleep 3
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 12
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
# PING TAILSCALE VPR FOR FIRST ATTEMPT
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo
echo Internet is working
echo
else
echo
echo NO INTERNET... Exit..
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
killall Tailscale
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
echo
fi
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo
echo Server $IP2 is now reachable
echo internet is working and user is authenticated
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
echo
fi
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
exit 0

147
Mac/force-auth-fl-exitnode.sh
View File

@@ -1,147 +0,0 @@
#!/bin/sh
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# VARIABLES IN USE FROM CONSOLE
# TAILSCALEAUTHKEY - Used to authenticate Tailscale
# TSSERVERIP - Used to check if already connected to Tailscale
# TSUNAME - Used to pass Mosyle Full Name
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date)
echo "Execution Record for $DT0"
MODEL_INFO=$(system_profiler SPHardwareDataType | grep "Model Name" | sed 's/^ *//')
PRETTY_MODEL=${MODEL_INFO/"Model Name: "/}
SERIAL_INFO=$(system_profiler SPHardwareDataType | grep "Serial Number (system)" | sed 's/^ *//')
PRETTY_SERIAL=${SERIAL_INFO/"Serial Number (system): "/}
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
if [[ -z "$TSUNAME" ]]; then
TSUSER=$(echo "$currentUser-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'a-z' 'A-Z' | sed 's/ /-/g')
else
TSUSER=$(echo "$TSUNAME-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'a-z' 'A-Z' | sed 's/ /-/g')
fi
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo
echo "$APPNA is installed."
echo
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 20
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
# PING TAILSCALE VPR FOR FIRST ATTEMPT
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo
echo Internet is working
echo
else
echo
echo NO INTERNET... Exit..
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 3
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --reset
echo
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --hostname "$TSUSER" --exit-node="secure-vpr" --exit-node-allow-lan-access
fi
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo
echo Server $IP2 is now reachable
echo internet is working and user is authenticated
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 3
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --reset
echo
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --hostname "$TSUSER" --exit-node="secure-vpr" --exit-node-allow-lan-access
fi
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
exit 0

155
Mac/force-auth-fl-subnetexit.sh
View File

@@ -1,155 +0,0 @@
#!/bin/sh
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# VARIABLES IN USE FROM CONSOLE
# TAILSCALEAUTHKEY - Used to authenticate Tailscale
# TSSERVERIP - Used to check if already connected to Tailscale
# TSUNAME - Used to pass Mosyle Full Name
# TSSUBNET - Used to pass subnet through for auto failover
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date)
echo "Execution Record for $DT0"
MODEL_INFO=$(system_profiler SPHardwareDataType | grep "Model Name" | sed 's/^ *//')
PRETTY_MODEL=${MODEL_INFO/"Model Name: "/}
SERIAL_INFO=$(system_profiler SPHardwareDataType | grep "Serial Number (system)" | sed 's/^ *//')
PRETTY_SERIAL=${SERIAL_INFO/"Serial Number (system): "/}
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
if [[ -z "$TSUNAME" ]]; then
TSUSER=$(echo "$currentUser-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'a-z' 'A-Z' | sed 's/ /-/g')
else
TSUSER=$(echo "$TSUNAME-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'a-z' 'A-Z' | sed 's/ /-/g')
fi
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo
echo "$APPNA is installed."
echo
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 20
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
# PING TAILSCALE VPR FOR FIRST ATTEMPT
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo
echo Internet is working
echo
else
echo
echo NO INTERNET... Exit..
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
killall Tailscale
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --advertise-routes=$TSSUBNET --reset
echo
fi
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo
echo Server $IP2 is now reachable
echo internet is working and user is authenticated
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --advertise-routes=$TSSUBNET --reset
echo
fi
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
exit 0

181
Mac/force-auth-fl.sh
View File

@@ -1,181 +0,0 @@
#!/bin/sh
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# VARIABLES IN USE FROM CONSOLE
# TAILSCALEAUTHKEY - Used to authenticate Tailscale
# TSSERVERIP - Used to check if already connected to Tailscale
# TSUNAME - Used to pass Mosyle Full Name
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date)
echo "Execution Record for $DT0"
MODEL_INFO=$(system_profiler SPHardwareDataType | grep "Model Name" | sed 's/^ *//')
PRETTY_MODEL=${MODEL_INFO/"Model Name: "/}
SERIAL_INFO=$(system_profiler SPHardwareDataType | grep "Serial Number (system)" | sed 's/^ *//')
PRETTY_SERIAL=${SERIAL_INFO/"Serial Number (system): "/}
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
if [[ -z "$TSUNAME" ]]; then
TSUSER=$(echo "$currentUser-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'a-z' 'A-Z' | sed 's/ /-/g')
else
TSUSER=$(echo "$TSUNAME-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'a-z' 'A-Z' | sed 's/ /-/g')
fi
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo
echo "$APPNA is installed."
echo
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
runAsUser defaults write io.tailscale.ipn.macos TailscaleOnboardingSeen 1
runAsUser defaults write io.tailscale.ipn.macos TailscaleStartOnLogin 1
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
sleep 3
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 20
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
# PING TAILSCALE VPR FOR FIRST ATTEMPT
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo
echo Internet is working
echo
else
echo
echo NO INTERNET... Exit..
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo CHECK 1 of 3 NO AUTH AUTHENTICATING...
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 3
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
echo
fi
sleep 25
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo CHECK 2 of 3 NO AUTH AUTHENTICATING...
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 3
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
echo
fi
sleep 25
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo
echo Server $IP2 is now reachable
echo internet is working and user is authenticated
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo CHECK 3 of 3 NO AUTH AUTHENTICATING WITH RESET...
sleep 2
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 3
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --reset
echo
fi
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
exit 0

146
Mac/force-auth-purpleinternal.sh
View File

@@ -1,146 +0,0 @@
#!/bin/sh
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# VARIABLES IN USE FROM CONSOLE
# TAILSCALEAUTHKEY
# TSSERVERIP
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date)
echo "Execution Record for $DT0"
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
TSUSER=$(echo $TSUNAME | sed 's/_//g' | sed 's/ //g')
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo
echo "$APPNA is installed."
echo
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
runAsUser defaults write io.tailscale.ipn.macos TailscaleOnboardingSeen 1
runAsUser defaults write io.tailscale.ipn.macos TailscaleStartOnLogin 1
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
sleep 3
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 12
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
echo Using "$IP2" as Tailscale connected check
# PING TAILSCALE VPR FOR FIRST ATTEMPT
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo
echo Internet is working
echo
else
echo
echo NO INTERNET... Exit..
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
killall Tailscale
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 7
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
echo
fi
sleep 25
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo
echo Server $IP2 is now reachable
echo internet is working and user is authenticated
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
echo
fi
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
exit 0

146
Mac/force-auth-test.sh
View File

@@ -1,146 +0,0 @@
#!/bin/sh
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# VARIABLES IN USE FROM CONSOLE
# TAILSCALEAUTHKEY
# TSSERVERIP
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date)
echo "Execution Record for $DT0"
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
TSUSER=$(echo $TSUNAME | sed 's/_//g' | sed 's/ //g')
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo
echo "$APPNA is installed."
echo
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
runAsUser defaults write io.tailscale.ipn.macos TailscaleOnboardingSeen 1
runAsUser defaults write io.tailscale.ipn.macos TailscaleStartOnLogin 1
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
sleep 3
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 12
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
echo Using "$IP2" as Tailscale connected check
# PING TAILSCALE VPR FOR FIRST ATTEMPT
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo
echo Internet is working
echo
else
echo
echo NO INTERNET... Exit..
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo ROUND"1:"NO AUTH AUTHENTICATING...
killall Tailscale
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 7
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
echo
fi
sleep 25
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo
echo Server $IP2 is now reachable
echo internet is working and user is authenticated
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo ROUND"2:" NO AUTH AUTHENTICATING WITH RESET...
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --reset
echo
fi
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
exit 0

142
Mac/force-auth.sh
View File

@@ -1,142 +0,0 @@
#!/bin/sh
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# VARIABLES IN USE FROM CONSOLE
# TAILSCALEAUTHKEY
# TSSERVERIP
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date)
echo "Execution Record for $DT0"
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
TSUSER=$(echo $currentUser)
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo
echo "$APPNA is installed."
echo
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 20
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
# PING TAILSCALE VPR FOR FIRST ATTEMPT
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo
echo Internet is working
echo
else
echo
echo NO INTERNET... Exit..
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
echo
echo Server $IP2 is reachable, internet is working
echo and the user is already authenticated
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
killall Tailscale
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --reset
echo
fi
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo
echo Server $IP2 is now reachable
echo internet is working and user is authenticated
echo
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
echo
exit 0
else
echo
echo NO AUTH AUTHENTICATING...
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
sleep 5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 20
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER" --reset
echo
fi
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
exit 0

39
Mac/force-securevpr-test.sh
View File

@@ -1,39 +0,0 @@
#!/bin/sh
echo "*** PURPLE LAUNCH TAILSCALE SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo "no user logged in"
exit 1
fi
}
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
TSUSER=$(echo $TSUNAME | sed 's/_//g' | sed 's/ //g')
sudo -u $(stat -f "%Su" /dev/console) osascript <<EOF
tell application "Tailscale"
activate
end tell
EOF
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --exit-node secure-vpr --hostname "$TSUSER"

38
Mac/launch-connect-officewin.sh
View File

@@ -1,38 +0,0 @@
#!/bin/sh
echo "*** PURPLE LAUNCH TAILSCALE SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo "no user logged in"
exit 1
fi
}
sudo -u $(stat -f "%Su" /dev/console) osascript <<EOF
tell application "Tailscale"
activate
end tell
EOF
sleep 3
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --exit-node office-win

37
Mac/launch-connect-vpr.sh
View File

@@ -1,37 +0,0 @@
#!/bin/sh
echo "*** PURPLE LAUNCH TAILSCALE SCRIPT ***"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo "no user logged in"
exit 1
fi
}
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
sudo -u $(stat -f "%Su" /dev/console) osascript <<EOF
tell application "Tailscale"
activate
end tell
EOF
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --exit-node secure-vpr

31
Mac/logout-all.sh
View File

@@ -1,31 +0,0 @@
#!/bin/bash
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
TSUSER=$(echo $currentUser)
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
exit 1
fi
}
# Your list variable
list=$(runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale switch --list)
# Loop over each line in the list
while read -r line; do
# Extract the ID using awk
id=$(echo "$line" | awk '{print $1}')
echo "$(date) Logging out of $id" >> /Library/Logs/Purple/TSLogout.log
# Echo the ID
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale switch $id
sleep 2
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
done <<< "$list"

26
Mac/logout.sh
View File

@@ -1,26 +0,0 @@
#!/bin/bash
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
TSUSER=$(echo $currentUser)
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "no user logged in"
echo
exit 1
fi
}
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
sleep 2
killall Tailscale
runAsUser rm -rf ~/Library/Containers/io.tailscale.ipn.macsys
runAsUser rm -rf ~/Library/Containers/io.tailscale.ipn.macsys.login-item-helper
runAsUser rm -rf ~/Library/Containers/io.tailscale.ipn.macsys.share-extension
sleep 3
sudo rm -rf /Library/Tailscale/

232
Mac/silent-auth.sh
View File

@@ -1,232 +0,0 @@
#!/bin/sh
echo "____________________________________________"
echo "Start: TAILSCALE SILENT AUTH SCRIPT"
###############################################################################################
#
# ******
# *...../ / ******
# ************** *****/ *****/*****/***/*************/ ****** /**********
# ******/..*****/ *****/ *****/********//******/ ,*****/******,***** ,*****/
# *****/ ***** *****/ *****/*****/ *****/ /**************************
# *******//*****/ *************/*****/ *********************/*******./*/* ())
# ************* ******/*****/*****/ *****/******/. ****** ********** (()))
# *****/ *****/ ())
# *****/ *****/
#
###############################################################################################
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
###############################################################################################
# DEFAULT VARIABLES
APPNA="Tailscale"
DIR="/Applications/$APPNA.app"
IP1=8.8.8.8
IP2=$(echo "$TSSERVERIP")
DT0=$(date "+%D %T")
echo "Execution Record for $DT0"
echo
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
uid=$(id -u "$currentUser")
MODEL_INFO=$(system_profiler SPHardwareDataType | grep "Model Name" | sed 's/^ *//')
PRETTY_MODEL=${MODEL_INFO/"Model Name: "/}
SERIAL_INFO=$(system_profiler SPHardwareDataType | grep "Serial Number (system)" | sed 's/^ *//')
PRETTY_SERIAL=${SERIAL_INFO/"Serial Number (system): "/}
if [ "$USEMODELANDSERIAL" == "Y" ]; then
echo "• Organisation includes Model and Serial in Hostname"
if [[ -z "$TSUNAME" ]]; then
TSUSER=$(echo "$currentUser-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'A-Z' 'a-z' | sed 's/ /-/g')
else
TSUSER=$(echo "$TSUNAME-$PRETTY_MODEL-$PRETTY_SERIAL" | tr 'A-Z' 'a-z' | sed 's/ /-/g')
OLDTSUSER=$(echo "$TSUNAME" | tr 'A-Z' 'a-z' | sed 's/ //g')
fi
else
echo "• Organisation uses only Username in Hostname"
if [[ -z "$TSUNAME" ]]; then
TSUSER=$(echo "$currentUser" | tr 'A-Z' 'a-z' | sed 's/ /-/g')
else
TSUSER=$(echo "$TSUNAME" | tr 'A-Z' 'a-z' | sed 's/ /-/g')
OLDTSUSER=$(echo "$TSUNAME" | tr 'A-Z' 'a-z' | sed 's/ //g')
fi
fi
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
runAsUser() {
if [ "$currentUser" != "loginwindow" ]; then
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
else
echo
echo "• No user is logged in"
echo
echo "End: TAILSCALE SILENT AUTH SCRIPT"
echo "____________________________________________"
echo
exit 1
fi
}
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
if [ -d "$DIR" ]; then
### Take action if $DIR exists ###
echo "$APPNA is installed."
else
### Control will jump here if $DIR does NOT exists ###
echo
echo "$APPNA is not installed."
echo
echo "End: TAILSCALE SILENT AUTH SCRIPT"
echo "____________________________________________"
echo
exit 1
fi
runAsUser defaults write io.tailscale.ipn.macos TailscaleOnboardingSeen 1
runAsUser defaults write io.tailscale.ipn.macos TailscaleStartOnLogin 1
defaults write io.tailscale.ipn.macos ManagedByOrganizationName "Purple Computing"
sleep 3
# OPENS TAILSCALE BEFORE CHECKS
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
sleep 6
# PING GOOGLE FOR NEXT CHECK
PING1=$(ping -c 1 "$IP1" | grep -c from)
sleep 2
# PING TAILSCALE VPR FOR FIRST ATTEMPT
echo "• "Tailscale Ping Address":" "$IP2"
PING2=$(ping -c 1 "$IP2" | grep -c from)
# INTERNET CHECK
if [ "$PING1" -eq "1" ]; then
echo "• Internet is working"
else
echo
echo "• NO INTERNET... Exit.."
echo
echo "End: TAILSCALE SILENT AUTH SCRIPT"
echo "____________________________________________"
echo
exit 1
fi
# TAILSCALE ALREADY AUTHED CHECK
if [ "$PING2" -eq "1" ]; then
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale set --hostname "$TSUSER"
echo "• Tailscale Ping Address: $IP2 is reachable"
echo "• Internet is working"
TSMNetName="$(runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale status | head -n 1 | awk '{print $3}' | awk -F'.' '{print $2}')"
TSMHostname="$(runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale status | head -n 1 | awk '{print $2}' | awk -F'.' '{print $1}')"
TSMIP="$(runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale status | head -n 1 | awk '{print $1}')"
echo "• User is Authenticated"
if [ "$TSEXITNODE" == "N" ]; then
echo "• Exit Node NOT Enforced"
else
if [[ -z "$TSEXITNODE" ]]; then
echo "• Exit Node NOT Enforced"
else
echo "• Exit Node Enforced"
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale set --exit-node=$TSEXITNODE
fi
fi
echo
echo NO INTERVENTION WAS NEEDED
echo
echo "Tailnet: $TSMNetName"
echo "Hostname: $TSMHostname"
echo "IP: $TSMIP"
echo
echo "End: TAILSCALE SILENT AUTH SCRIPT"
echo "____________________________________________"
echo
exit 0
else
echo
echo ATTEMPT"1:" NO AUTH AUTHENTICATING...
# killall Tailscale
sleep 3
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
sleep 6
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale switch "$TAILSCALENET"
sleep 1
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale set --hostname "$TSUSER"
echo
fi
sleep 7
# PING TAILSCALE VPR AFTER THE FIRST ATTEMPT
PING3=$(ping -c 1 "$IP2" | grep -c from)
# TAILSCALE FINAL AUTH CHECK
if [ "$PING3" -eq "1" ]; then
echo "• Tailscale Ping Address: $IP2 is reachable"
echo "• Internet is working"
TSMNetName="$(runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale status | head -n 1 | awk '{print $3}' | awk -F'.' '{print $2}')"
TSMHostname="$(runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale status | head -n 1 | awk '{print $2}' | awk -F'.' '{print $1}')"
TSMIP="$(runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale status | head -n 1 | awk '{print $1}')"
echo "• User is Authenticated"
if [ "$TSEXITNODE" == "N" ]; then
echo "• Exit Node NOT Enforced"
else
if [[ -z "$TSEXITNODE" ]]; then
echo "• Exit Node NOT Enforced"
else
echo "• Exit Node Enforced"
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale set --exit-node=$TSEXITNODE
fi
fi
echo
echo "ATTEMPT 1:" AUTHENTICATED SUCCESSFULLY
echo
echo "Tailnet: $TSMNetName"
echo "Hostname: $TSMHostname"
echo "IP: $TSMIP"
echo
echo "End: TAILSCALE SILENT AUTH SCRIPT"
echo "____________________________________________"
echo
exit 0
else
echo
echo ATTEMPT"2:" NO AUTH... AUTHING WITH RESET...
sleep 2.5
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
if [[ -z "$HOOKHELPER" ]]; then
echo "• No Webhooks to Fire. Continuing..."
else
echo "• Cleaning up Existing Node in TS Admin Portal"
curl -s --request POST "$HOOKHELPER" -H "Content-Type: application/json; charset=UTF-8" -d '{"tailnet": "'"$TAILSCALENET"'", "apikey": "'"$TAILSCALEAPIKEY"'", "targetname": "'"$TSUSER"'"}'
curl -s --request POST "$HOOKHELPER" -H "Content-Type: application/json; charset=UTF-8" -d '{"tailnet": "'"$TAILSCALENET"'", "apikey": "'"$TAILSCALEAPIKEY"'", "targetname": "'"$OLDTSUSER"'"}'
fi
sleep 2.5
curl -s https://raw.githubusercontent.com/PurpleComputing/Tailscale-scripts/main/Mac/logout-all.sh | bash
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
sleep 1.5
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale login --authkey "$TAILSCALEAUTHKEY" --hostname "$TSUSER"
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale set --hostname "$TSUSER"
echo
fi
if [ "$TSEXITNODE" == "N" ]; then
echo "• Exit Node NOT Enforced"
else
if [[ -z "$TSEXITNODE" ]]; then
echo "• Exit Node NOT Enforced"
else
echo "• Exit Node Enforced"
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale set --exit-node=$TSEXITNODE
fi
fi
echo "End: TAILSCALE SILENT AUTH SCRIPT"
echo "____________________________________________"
exit 0