mirror of
https://github.com/PurpleComputing/mdmscripts.git
synced 2026-06-10 20:20:32 +01:00
Tested Force Tailscale Auth Script
This commit is contained in:
Michael
@@ -1,5 +1,5 @@
|
||||
#!/bin/sh
|
||||
echo "*** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
echo "Start: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
###############################################################################################
|
||||
#
|
||||
# ******
|
||||
@@ -15,69 +15,127 @@ echo "*** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
###############################################################################################
|
||||
# NOTICE: MAC SPECIFIC SCRIPT, USING MOSYLE VARIABLES
|
||||
###############################################################################################
|
||||
#TAILSCALEAUTHKEY=
|
||||
#TSSERVERIP=
|
||||
|
||||
# VARIABLES IN USE FROM CONSOLE
|
||||
# TAILSCALEAUTHKEY
|
||||
# TSSERVERIP
|
||||
|
||||
# DEFAULT VARIABLES
|
||||
APPNA="Tailscale"
|
||||
DIR="/Applications/$APPNA.app"
|
||||
IP1=8.8.8.8
|
||||
IP2=$(echo "$TSSERVERIP")
|
||||
DT0=$(date)
|
||||
echo "Execution Record for $DT0"
|
||||
|
||||
# SOURCES USER INFO FOR RUNASUSER COMMAND BELOW
|
||||
currentUser=$( echo "show State:/Users/ConsoleUser" | scutil | awk '/Name :/ { print $3 }' )
|
||||
TSUSER=$(echo $currentUser)
|
||||
uid=$(id -u "$currentUser")
|
||||
|
||||
# SIMPLIFIES RUN AS USER COMMAND FOR STANDARD USER ACCOUNTS WITHOUT SUDO RIGHTS
|
||||
runAsUser() {
|
||||
if [ "$currentUser" != "loginwindow" ]; then
|
||||
launchctl asuser "$uid" sudo -u "$currentUser" "$@"
|
||||
else
|
||||
echo
|
||||
echo "no user logged in"
|
||||
echo
|
||||
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
# CHECKS TAILSCALE IS PRESENT ON THE DEVICE
|
||||
if [ -d "$DIR" ]; then
|
||||
### Take action if $DIR exists ###
|
||||
echo
|
||||
echo "$APPNA is installed."
|
||||
echo
|
||||
else
|
||||
### Control will jump here if $DIR does NOT exists ###
|
||||
echo
|
||||
echo "$APPNA is not installed."
|
||||
echo
|
||||
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
|
||||
sudo -u $(stat -f "%Su" /dev/console) osascript <<EOF
|
||||
tell application "Tailscale"
|
||||
activate
|
||||
end tell
|
||||
EOF
|
||||
# OPENS TAILSCALE BEFORE CHECKS
|
||||
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
|
||||
|
||||
#start first ping, remember its pid
|
||||
ping -W 1 -c 1 $IP1 >/dev/null&
|
||||
PID1=$!
|
||||
# GIVES TAILSCALE TIME TO OPEN AND CONNECT IF EMPLOYEE AUTHED
|
||||
sleep 10
|
||||
|
||||
# start second ping, remember its pid
|
||||
ping -W 1 -c 1 $IP2 >/dev/null&
|
||||
PID2=$!
|
||||
# PING GOOGLE FOR NEXT CHECK
|
||||
PING1=$(ping -c 1 "$IP1" | grep -c from)
|
||||
|
||||
# wait for pings to finish
|
||||
if wait $PID1
|
||||
then echo $IP1 is reachable, internet is working;
|
||||
else
|
||||
# PING TAILSCALE VPR FOR FIRST ATTEMPT
|
||||
PING2=$(ping -c 1 "$IP2" | grep -c from)
|
||||
|
||||
# INTERNET CHECK
|
||||
if [ "$PING1" -eq "1" ]; then
|
||||
echo
|
||||
echo Internet is working
|
||||
echo
|
||||
else
|
||||
echo
|
||||
echo NO INTERNET... Exit..
|
||||
echo
|
||||
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if wait $PID2
|
||||
then echo $IP2 is reachable, internet is working and user is authenticated;
|
||||
# TAILSCALE ALREADY AUTHED CHECK
|
||||
if [ "$PING2" -eq "1" ]; then
|
||||
echo
|
||||
echo Server $IP2 is reachable, internet is working
|
||||
echo and the user is already authenticated
|
||||
echo
|
||||
echo NO INTERVENTION WAS NEEDED
|
||||
echo
|
||||
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
echo
|
||||
exit 0
|
||||
else
|
||||
echo NO AUTH AUTHENTICATING
|
||||
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout && killall Tailscale
|
||||
sleep 10
|
||||
sudo -u $(stat -f "%Su" /dev/console) osascript <<EOF
|
||||
tell application "Tailscale"
|
||||
activate
|
||||
end tell
|
||||
EOF
|
||||
|
||||
else
|
||||
echo
|
||||
echo NO AUTH AUTHENTICATING...
|
||||
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
|
||||
killall Tailscale
|
||||
sleep 5
|
||||
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey $TAILSCALEAUTHKEY --reset
|
||||
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
|
||||
sleep 5
|
||||
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --reset
|
||||
echo
|
||||
fi
|
||||
|
||||
# PING TAILSCALE VPR AFTER FIRST ATTEMPT
|
||||
PING3=$(ping -c 1 "$IP2" | grep -c from)
|
||||
|
||||
# TAILSCALE FINAL AUTH CHECK
|
||||
if [ "$PING3" -eq "1" ]; then
|
||||
echo
|
||||
echo Server $IP2 is now reachable
|
||||
echo internet is working and user is authenticated
|
||||
echo
|
||||
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
echo
|
||||
exit 0
|
||||
else
|
||||
echo
|
||||
echo NO AUTH AUTHENTICATING...
|
||||
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale logout
|
||||
killall Tailscale
|
||||
sleep 5
|
||||
runAsUser osascript -e 'tell application "Tailscale"' -e 'activate' -e 'end tell'
|
||||
sleep 5
|
||||
runAsUser /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey "$TAILSCALEAUTHKEY" --reset
|
||||
echo
|
||||
fi
|
||||
|
||||
echo "End: *** PURPLE LAUNCH TAILSCALE FORCE AUTH SCRIPT ***"
|
||||
|
||||
exit 0
|
||||
|
||||
Reference in New Issue
Block a user