Skip to content

Check existing Dante install before reconfiguring #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
d3vw wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Check existing Dante install before reconfiguring #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,11 @@ sudo ./setup_dante.sh -a 203.0.113.5 -a 198.51.100.0/24 -p 1090

The script will:

1. Install the `dante-server` package via `apt` if it is not already installed.
1. Verify whether the `dante-server` package is already present and only install it when required.
2. Detect the default network interface used for outbound traffic.
3. Back up any existing `/etc/danted.conf` file with a timestamp suffix.
4. Write a new configuration that only allows the specified client networks and uses a passwordless SOCKS policy for those
clients.
5. Enable and restart the `danted` systemd service.

After the script completes successfully, the Dante server will be listening on the requested port and only the IPs/CIDR blocks that remain after applying any `-a` and `-r` options will be permitted.
After the script completes successfully, the Dante server will be listening on the requested port and only the IPs/CIDR blocks that remain after applying any `-a` and `-r` options will be permitted. Re-running the script will preserve the existing allow-list entries and append any new IPs you provide with `-a`.
34 changes: 30 additions & 4 deletions setup_dante.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,6 +189,31 @@ restart_service() {
systemctl restart danted
}

is_package_installed() {
local package=$1

if dpkg-query -W -f='${Status}' "$package" 2>/dev/null | grep -q "install ok installed"; then
return 0
fi

return 1
}

ensure_dante_installed() {
local package="dante-server"

echo "[INFO] Checking for $package package..."
if is_package_installed "$package"; then
echo "[INFO] $package is already installed. Skipping installation."
return
fi

echo "[INFO] Installing Dante server package..."
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y "$package"
}

main() {
require_root

Expand Down Expand Up @@ -233,6 +258,10 @@ main() {

read_existing_allow_list "$config_path"

if [[ ${#ALLOW_LIST[@]} -gt 0 ]]; then
echo "[INFO] Detected existing allowed clients: ${ALLOW_LIST[*]}"
fi

if [[ ${#ALLOW_LIST[@]} -eq 0 && ${#ADD_LIST[@]} -eq 0 ]]; then
echo "[ERROR] No existing allow-list entries found. Use -a to specify at least one client IP/CIDR." >&2
usage
Expand Down Expand Up @@ -260,10 +289,7 @@ main() {
exit 1
fi

echo "[INFO] Installing Dante server package..."
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y dante-server
ensure_dante_installed

local iface
iface=$(get_default_interface)
Expand Down