make btrbk failures higher priority
[distro-setup] / vpn-static-ip
1 #!/bin/bash
2 if ! test "$BASH_VERSION"; then echo "error: shell is not bash" >&2; exit 1; fi
3 shopt -s inherit_errexit 2>/dev/null ||: # ignore fail in bash < 4.4
4 set -eE -o pipefail
5 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?. PIPESTATUS: ${PIPESTATUS[*]}" >&2' ERR
6
7 [[ $EUID == 0 ]] || exec sudo -E "${BASH_SOURCE[0]}" "$@"
8
9 conf=$1
10
11 # We block dns lookups from going outside the vpn network namespace,
12 # there might be some other workaround, but just resolving to static ips
13 # is a simple fix.
14
15 main() {
16 while read -r host port; do
17 while read -r ip; do
18 echo $ip | egrep '[0-9]*\.[0-9]*\.[0-9]*\.[0-9]*' &>/dev/null || continue
19 printf "remote %s %s\n" "$ip" "$port" >>$conf
20 ret=0
21 done < <(timeout -s 9 1 dig +short $host ||:)
22 done < <(sed -rn 's/^ *# *remote //p' $conf)
23
24 }
25
26
27 sed --follow-symlinks -i '/^ *remote /d' $conf
28 ret=1
29 main
30 # give it one retry if it failed initially
31 if (( ret )); then
32 sleep 2
33 main
34 fi
35
36 if ((ret)); then
37 echo "vpn-static-ip: error: failed to set any ips" >&2
38 exit 1
39 fi