184 lines
4.8 KiB
Bash
Executable File
184 lines
4.8 KiB
Bash
Executable File
#!/bin/sh
|
|
set -eu
|
|
|
|
INSTALL_BIN_DIR="${LEMANA_VPN_BIN_DIR:-$HOME/bin}"
|
|
CONFIG_DIR="${LEMANA_VPN_CONFIG_DIR:-$HOME/.config/lemana-vpn}"
|
|
OC_CONFIG_DIR="${OPENCONNECT_LITE_CONFIG_DIR:-$HOME/.config/openconnect-lite}"
|
|
OC_VENV="${LEMANA_VPN_OC_VENV:-$HOME/.local/pipx/venvs/openconnect-lite}"
|
|
DNS_CLEANUP="${LEMANA_VPN_DNS_CLEANUP:-/usr/local/sbin/lemana-vpn-dns-cleanup}"
|
|
USERNAME="${LEMANA_VPN_USERNAME:-60103293}"
|
|
APP_DIR="${LEMANA_VPN_APP_DIR:-$HOME/Applications/LemanaVPN.app}"
|
|
LAUNCH_AGENT="$HOME/Library/LaunchAgents/ru.dokops.LemanaVPN.plist"
|
|
DRY_RUN=0
|
|
KEEP_CONFIG=0
|
|
KEEP_APP=0
|
|
REMOVE_KEYCHAIN=0
|
|
REMOVE_TOUCHID_HELPER=0
|
|
REMOVE_OPENCONNECT_LITE=0
|
|
|
|
usage() {
|
|
cat <<'USAGE'
|
|
Usage:
|
|
sh uninstall.sh [options]
|
|
|
|
Options:
|
|
--keep-config Keep ~/.config/lemana-vpn
|
|
--keep-app Keep ~/Applications/LemanaVPN.app and LaunchAgent
|
|
--remove-keychain Remove VPN-related Keychain entries
|
|
--remove-touchid-helper Remove ~/bin/keychain-fingerprint
|
|
--remove-openconnect-lite Remove pipx openconnect-lite after patch rollback
|
|
--dry-run Print actions without changing files
|
|
-h, --help Show this help
|
|
|
|
Default uninstall restores openconnect-lite patch backup, removes Lemana VPN
|
|
scripts/config/sudoers/zsh aliases, and keeps shared package dependencies.
|
|
USAGE
|
|
}
|
|
|
|
while [ "$#" -gt 0 ]; do
|
|
case "$1" in
|
|
--keep-config) KEEP_CONFIG=1 ;;
|
|
--keep-app) KEEP_APP=1 ;;
|
|
--remove-keychain) REMOVE_KEYCHAIN=1 ;;
|
|
--remove-touchid-helper) REMOVE_TOUCHID_HELPER=1 ;;
|
|
--remove-openconnect-lite) REMOVE_OPENCONNECT_LITE=1 ;;
|
|
--dry-run) DRY_RUN=1 ;;
|
|
-h|--help)
|
|
usage
|
|
exit 0
|
|
;;
|
|
*)
|
|
echo "Unknown option: $1" >&2
|
|
usage >&2
|
|
exit 1
|
|
;;
|
|
esac
|
|
shift
|
|
done
|
|
|
|
log() {
|
|
printf '%s\n' "$*"
|
|
}
|
|
|
|
run() {
|
|
if [ "$DRY_RUN" -eq 1 ]; then
|
|
printf '+'
|
|
for arg in "$@"; do
|
|
printf ' %s' "$arg"
|
|
done
|
|
printf '\n'
|
|
return 0
|
|
fi
|
|
"$@"
|
|
}
|
|
|
|
find_webengine_process() {
|
|
if [ -n "${LEMANA_VPN_WEBENGINE_PROCESS:-}" ]; then
|
|
printf '%s\n' "$LEMANA_VPN_WEBENGINE_PROCESS"
|
|
return 0
|
|
fi
|
|
find "$OC_VENV/lib" -path '*/site-packages/openconnect_lite/browser/webengine_process.py' -print -quit 2>/dev/null || true
|
|
}
|
|
|
|
restore_openconnect_lite_patch() {
|
|
backup="$CONFIG_DIR/patch-backups/webengine_process.py.before-lemana-vpn"
|
|
wep="$(find_webengine_process)"
|
|
|
|
if [ ! -f "$backup" ]; then
|
|
log "No openconnect-lite patch backup found; patch rollback skipped."
|
|
return 0
|
|
fi
|
|
|
|
if [ -z "$wep" ] || [ ! -f "$wep" ]; then
|
|
log "openconnect-lite source not found; patch rollback skipped."
|
|
return 0
|
|
fi
|
|
|
|
log "Restoring openconnect-lite source from patch backup"
|
|
run cp "$backup" "$wep"
|
|
}
|
|
|
|
remove_zshrc_block() {
|
|
zshrc="$HOME/.zshrc"
|
|
[ -f "$zshrc" ] || return 0
|
|
|
|
tmp="$(mktemp)"
|
|
if [ "$DRY_RUN" -eq 1 ]; then
|
|
printf '+ update %s aliases\n' "$zshrc"
|
|
rm -f "$tmp"
|
|
return 0
|
|
fi
|
|
|
|
awk '
|
|
/^# >>> lemana-vpn$/ { skip=1; next }
|
|
/^# <<< lemana-vpn$/ { skip=0; next }
|
|
skip != 1 { print }
|
|
' "$zshrc" > "$tmp"
|
|
mv "$tmp" "$zshrc"
|
|
}
|
|
|
|
remove_keychain_entries() {
|
|
[ "$REMOVE_KEYCHAIN" -eq 1 ] || return 0
|
|
|
|
log "Removing VPN-related Keychain entries"
|
|
run security delete-generic-password -s openconnect-lite -a "$USERNAME" >/dev/null 2>&1 || true
|
|
run security delete-generic-password -s openconnect-lite -a "totp/$USERNAME" >/dev/null 2>&1 || true
|
|
run security delete-generic-password -s vpn-lemanapro -a bw-session >/dev/null 2>&1 || true
|
|
run security delete-generic-password -s vpn-lemanapro -a bw-master >/dev/null 2>&1 || true
|
|
}
|
|
|
|
main() {
|
|
[ "$(uname -s)" = "Darwin" ] || {
|
|
echo "This uninstaller supports macOS only" >&2
|
|
exit 1
|
|
}
|
|
|
|
restore_openconnect_lite_patch
|
|
|
|
log "Removing installed scripts"
|
|
run rm -f "$INSTALL_BIN_DIR/vpn-lemanapro.sh"
|
|
run rm -f "$INSTALL_BIN_DIR/uninstall-lemana-vpn.sh"
|
|
if [ "$REMOVE_TOUCHID_HELPER" -eq 1 ]; then
|
|
run rm -f "$INSTALL_BIN_DIR/keychain-fingerprint"
|
|
fi
|
|
|
|
log "Removing sudoers and DNS cleanup wrapper"
|
|
run sudo rm -f /etc/sudoers.d/lemana-vpn-openconnect /etc/sudoers.d/lemana-vpn-dns
|
|
run sudo rm -f "$DNS_CLEANUP"
|
|
|
|
if [ "$KEEP_APP" -eq 0 ]; then
|
|
log "Removing Menu Bar app"
|
|
if [ "$DRY_RUN" -eq 0 ]; then
|
|
launchctl unload "$LAUNCH_AGENT" >/dev/null 2>&1 || true
|
|
else
|
|
printf '+ launchctl unload %s\n' "$LAUNCH_AGENT"
|
|
fi
|
|
run rm -f "$LAUNCH_AGENT"
|
|
run rm -rf "$APP_DIR"
|
|
fi
|
|
|
|
log "Removing shell aliases"
|
|
remove_zshrc_block
|
|
|
|
log "Removing openconnect-lite config"
|
|
run rm -f "$OC_CONFIG_DIR/config.toml"
|
|
|
|
if [ "$KEEP_CONFIG" -eq 0 ]; then
|
|
log "Removing Lemana VPN config"
|
|
run rm -rf "$CONFIG_DIR"
|
|
fi
|
|
|
|
remove_keychain_entries
|
|
|
|
if [ "$REMOVE_OPENCONNECT_LITE" -eq 1 ]; then
|
|
if command -v pipx >/dev/null 2>&1; then
|
|
log "Removing openconnect-lite from pipx"
|
|
run pipx uninstall openconnect-lite
|
|
fi
|
|
fi
|
|
|
|
log "Done."
|
|
}
|
|
|
|
main "$@"
|