blob: 593c11855e9811704122dd4f089a81232a2fc65b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
#!/bin/bash
# Usage
# ...
# exit if any commands returns non-zero status
set -e
# ONLY ENABLE THIS TO DEBUG
# set -x
# Check if scipt is run in debug mode so we can hide secrets
if [[ "$-" =~ 'x' ]]
then
echo 'Running with xtrace enabled!'
xtrace=true
else
echo 'Running with xtrace disabled!'
xtrace=false
fi
PROVIDER='demo.bitmask.net'
INVITE_CODE=${BITMASK_INVITE_CODE:?"Need to set BITMASK_INVITE_CODE non-empty"}
BCTL='bitmaskctl'
LEAP_HOME="$HOME/.config/leap"
username="tmp_user_$(date +%Y%m%d%H%M%S)"
user="${username}@${PROVIDER}"
pw="$(head -c 10 < /dev/urandom | base64)"
# Stop any previously started bitmaskd
# and start a new instance
"$BCTL" stop
[ -d "$LEAP_HOME" ] && rm -rf "$LEAP_HOME"
# Register a new user
# Disable xtrace
set +x
"$BCTL" user create "$user" --pass "$pw" --invite "$INVITE_CODE"
# Enable xtrace again only if it was set at beginning of script
[[ $xtrace == true ]] && set -x
# Authenticate
"$BCTL" user auth "$user" --pass "$pw" > /dev/null
# Get VPN cert
"$BCTL" vpn get_cert "$user"
# Start VPN, wait a bit
"$BCTL" vpn start --json
sleep 5
"$BCTL" vpn status --json
# XXX gateway does not get added to resolv.conf
# If we are running as root, as in the CI, we can do this directly
# echo "nameserver 10.42.0.1" > /etc/resolv.conf
# cat /etc/resolv.conf
sleep 5
ip link show
cat ~/.config/leap/bitmaskd.log
# TEST that we're going through the provider's VPN
tests/e2e/check_ip vpn_on
"$BCTL" vpn stop
sleep 5
# XXX debug do this only if no other entry in resolv.conf
# echo "nameserver 77.109.148.136" > /etc/resolv.conf
# TEST that we're NOT going through the provider's VPN
tests/e2e/check_ip vpn_off
echo "Succeeded - the vpn routed you through the expected address"
|