install.fairie/home/dot_local/bin/post-installx/executable_post-tailscale.sh

86 lines
3.9 KiB
Bash
Raw Normal View History

2024-05-04 21:05:33 -07:00
#!/usr/bin/env bash
# @file Tailscale
# @brief Connects the Tailscale client with the Tailscale network
# @description
# This script ensures the `tailscaled` system daemon is installed on macOS. Then, on both macOS and Linux, it connects to the Tailscale
# network if the `TAILSCALE_AUTH_KEY` variable is provided.
2024-05-19 23:06:00 -07:00
#
# If CloudFlare WARP is also installed, this script will disconnect from it and then reconnect after Tailscale is connected.
# This is a quirk and Tailscale has no roadmap for fixing it for use alongside other VPNs. To setup Tailscale to work alongside
# CloudFlare WARP, you will have to set up a [split tunnel](https://www.youtube.com/watch?v=eDFs8hm3xWc) for
# [Tailscale IP addresses](https://tailscale.com/kb/1105/other-vpns).
2024-05-27 20:45:14 -07:00
set -Eeuo pipefail
2024-05-27 20:50:11 -07:00
trap "gum log -sl error 'Script encountered an error!'" ERR
2024-05-27 04:15:03 -07:00
2024-05-19 23:06:00 -07:00
### Disconnect from CloudFlare WARP (if connected)
if command -v warp-cli > /dev/null; then
2024-05-27 20:50:11 -07:00
warp-cli disconnect && gum log -sl info 'CloudFlare WARP temporarily disconnected while Tailscale connects'
2024-05-19 23:06:00 -07:00
fi
2024-05-04 21:05:33 -07:00
### Install the Tailscale system daemon
2024-05-19 23:06:00 -07:00
if [ -d /Applications ] && [ -d /System ]; then
2024-05-04 21:05:33 -07:00
### macOS
if command -v tailscaled > /dev/null; then
2024-05-27 20:50:11 -07:00
gum log -sl info 'Ensuring tailscaled system daemon is installed'
2024-05-04 21:05:33 -07:00
sudo tailscaled install-system-daemon
2024-05-27 20:50:11 -07:00
gum log -sl info 'tailscaled system daemon is now installed and will load on boot'
2024-05-04 21:05:33 -07:00
else
2024-05-27 20:50:11 -07:00
gum log -sl info 'tailscaled does not appear to be installed'
2024-05-04 21:05:33 -07:00
fi
2024-05-12 20:31:26 -07:00
### Open Tailscale.app
if [ -d /Applications/Tailscale.app ]; then
2024-05-27 20:50:11 -07:00
gum log -sl info 'Opening Tailscale.app menu bar widget' && open -a Tailscale
2024-05-12 20:31:26 -07:00
else
2024-05-27 20:50:11 -07:00
gum log -sl info '/Applications/Tailscale.app is missing from the system'
2024-05-12 20:31:26 -07:00
fi
2024-05-04 21:05:33 -07:00
fi
### Connect to Tailscale network
2024-05-27 04:15:03 -07:00
if get-secret --exists TAILSCALE_AUTH_KEY; then
2024-05-12 20:31:26 -07:00
if [ -f /Applications/Tailscale.app/Contents/MacOS/Tailscale ]; then
2024-05-27 20:50:11 -07:00
gum log -sl info 'Connecting to Tailscale with user-defined authentication key (TAILSCALE_AUTH_KEY)'
2024-05-27 04:15:03 -07:00
timeout 30 /Applications/Tailscale.app/Contents/MacOS/Tailscale up --authkey="$(get-secret TAILSCALE_AUTH_KEY)" --accept-routes || EXIT_CODE=$?
2024-05-27 20:45:14 -07:00
if [ -n "${EXIT_CODE:-}" ]; then
2024-05-27 20:50:11 -07:00
gum log -sl warn '/Applications/Tailscale.app/Contents/MacOS/Tailscale timed out'
2024-05-12 20:31:26 -07:00
fi
2024-05-27 20:50:11 -07:00
gum log -sl info 'Disabling update check'
2024-05-20 00:48:38 -07:00
/Applications/Tailscale.app/Contents/MacOS/Tailscale set --update-check=false
2024-05-27 04:15:03 -07:00
elif command -v tailscale > /dev/null; then
2024-05-27 20:50:11 -07:00
gum log -sl info 'Connecting to Tailscale with user-defined authentication key (TAILSCALE_AUTH_KEY)'
2024-05-27 04:15:03 -07:00
timeout 30 tailscale up --authkey="$(get-secret TAILSCALE_AUTH_KEY)" --accept-routes || EXIT_CODE=$?
2024-05-27 20:45:14 -07:00
if [ -n "${EXIT_CODE:-}" ]; then
2024-05-27 20:50:11 -07:00
gum log -sl warn 'tailscale up timed out'
2024-05-12 20:31:26 -07:00
else
logg success 'Connected to Tailscale network'
fi
2024-05-27 20:50:11 -07:00
gum log -sl info 'Disabling notifications about updates'
2024-05-20 00:48:38 -07:00
tailscale set --update-check=false
2024-05-27 20:50:11 -07:00
gum log -sl info 'Setting tailscale to auto-update'
2024-05-20 00:48:38 -07:00
tailscale set --auto-update
2024-05-04 21:05:33 -07:00
else
2024-05-27 20:50:11 -07:00
gum log -sl info 'tailscale does not appear to be installed'
2024-05-04 21:05:33 -07:00
fi
2024-05-12 20:31:26 -07:00
else
2024-05-27 20:50:11 -07:00
gum log -sl info 'TAILSCALE_AUTH_KEY is not defined so not logging into Tailscale network'
2024-05-12 20:31:26 -07:00
fi
2024-05-19 23:06:00 -07:00
### Re-connect CloudFlare WARP after Tailscale is connected
if command -v warp-cli > /dev/null; then
### Register CloudFlare WARP
if warp-cli --accept-tos status | grep 'Registration Missing' > /dev/null; then
2024-05-27 20:50:11 -07:00
gum log -sl info 'Registering CloudFlare WARP'
2024-05-19 23:06:00 -07:00
warp-cli --accept-tos registration new
else
2024-05-27 20:50:11 -07:00
gum log -sl info 'Either there is a misconfiguration or the device is already registered with CloudFlare WARP'
2024-05-19 23:06:00 -07:00
fi
### Connect CloudFlare WARP
if warp-cli --accept-tos status | grep 'Disconnected' > /dev/null; then
2024-05-27 20:50:11 -07:00
gum log -sl info 'Connecting to CloudFlare WARP'
2024-05-19 23:06:00 -07:00
warp-cli --accept-tos connect > /dev/null && logg success 'Connected to CloudFlare WARP'
else
2024-05-27 20:50:11 -07:00
gum log -sl info 'Either there is a misconfiguration or the device is already connected with CloudFlare WARP'
2024-05-19 23:06:00 -07:00
fi
fi