janhouse/always-on-openconnect-vpn
1
0
Fork 0
Code Issues Pull Requests Activity

Adjusted for use with SwiftBar

Browse Source
This commit is contained in:
Jānis
2023-06-16 03:35:15 +03:00
parent a66a28da08
commit 614aa609f8
3 changed files with 84 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
bitbar-openconnect.6s.sh
View File

@@ -14,7 +14,14 @@
# <xbar.desc>Displays status of a VPN interface with option to connect/disconnect.</xbar.desc> # <xbar.desc>Displays status of a VPN interface with option to connect/disconnect.</xbar.desc>
# <xbar.image>http://i.imgur.com/RkmptwO.png</xbar.image> # <xbar.image>http://i.imgur.com/RkmptwO.png</xbar.image>
VPN_CONNECTED="ifconfig | grep -E -A1 tun | grep inet" VPN_CONNECTED=""
if [[ "$OSTYPE" == "darwin"* ]]; then
VPN_CONNECTED="ifconfig | egrep -A1 utun3 | grep inet"
fi
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
VPN_CONNECTED="ifconfig | grep -E -A1 tun | grep inet"
fi
function notify(){ function notify(){
if [[ "$OSTYPE" == "darwin"* ]]; then if [[ "$OSTYPE" == "darwin"* ]]; then
@@ -33,11 +40,16 @@ case "$1" in
connect) connect)
notify "Connecting..." notify "Connecting..."
# For Linux desktop use DBUS to use keychain
export DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS
cd $SCRIPT_LOCATION cd $SCRIPT_LOCATION
sudo --preserve-env $SCRIPT_LOCATION/run-vpn.sh &>> $LOG_FILE &
if [[ "$OSTYPE" == "darwin"* ]]; then
sudo $SCRIPT_LOCATION/run-vpn.sh &> $LOG_FILE &
fi
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
# For Linux desktop use DBUS to use keychain
export DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS
sudo --preserve-env $SCRIPT_LOCATION/run-vpn.sh &> $LOG_FILE &
fi
until eval "$VPN_CONNECTED"; do sleep 1; done until eval "$VPN_CONNECTED"; do sleep 1; done
notify "Connected!" notify "Connected!"

44
run-vpn.sh
View File

@@ -51,6 +51,8 @@ function ctrl_c() {
SCRIPT_INCLUDE="" SCRIPT_INCLUDE=""
LOGIN="" LOGIN=""
COMMON_PARAMS="--pid-file=PIDFILE --no-external-auth "
echo "Connecting to VPN" echo "Connecting to VPN"
if test -f "$ROUTE_FILE"; then if test -f "$ROUTE_FILE"; then
@@ -69,30 +71,30 @@ if [[ -z "$OC_YUBIKEY" ]]; then
LOGIN='find /run/oc-secret/login -exec cat {} \; -exec rm {} \; -exec umount /run/oc-secret \;' LOGIN='find /run/oc-secret/login -exec cat {} \; -exec rm {} \; -exec umount /run/oc-secret \;'
else else
TOTP=$(oathtool --totp=sha1 -b "$SEED") TOTP=$(oathtool --totp=sha1 -b "$SEED")
LOGIN='echo -e "$PASSWORD\n$TOTP' LOGIN='echo -e "$PASSWORD\n$TOTP"'
fi fi
fi fi
else else
YUBIKEY_TOTP="--token-mode=yubioath --token-secret=$OC_YUBIKEY" YUBIKEY_TOTP="--token-mode=yubioath --token-secret=$OC_YUBIKEY"
fi fi
if [ -z "$SEED" ] && [ -z "$OC_YUBIKEY" ]; then if [ -z "$SEED" ] && [ -z "$OC_YUBIKEY" ]; then
openconnect \ sudo openconnect \
--pid-file=PIDFILE \ $COMMON_PARAMS \
--csd-wrapper hostscan-bypass.sh \ --csd-wrapper hostscan-bypass.sh \
--os=mac-intel \ --os=mac-intel \
--no-external-auth \ $SCRIPT_INCLUDE \
$SCRIPT_INCLUDE \ -u $USERNAME \
-u $USERNAME \ $SERVER
$SERVER
else else
eval $LOGIN | openconnect \
--pid-file=PIDFILE \ eval $LOGIN | sudo openconnect \
--csd-wrapper hostscan-bypass.sh \ $COMMON_PARAMS \
--os=mac-intel \ --csd-wrapper hostscan-bypass.sh \
--no-external-auth \ --os=mac-intel \
$YUBIKEY_TOTP \ $YUBIKEY_TOTP \
$SCRIPT_INCLUDE \ $SCRIPT_INCLUDE \
-u $USERNAME \ -u $USERNAME \
$SERVER $SERVER
fi fi

44
swiftbar-vpn-plugin.sh Executable file
View File

@@ -0,0 +1,44 @@
#!/bin/bash
# Get current status of a VPN connection with options to connect/disconnect.
# Working with OpenConnect, but can work with any executable VPN. Commands
# that require admin permissions should be whitelisted with 'visudo', e.g.:
#
#joesmith ALL=(ALL) NOPASSWD: /path/to/always-on-openconnect-vpn/run-vpn.sh
#joesmith ALL=(ALL) NOPASSWD: /usr/bin/killall -2 openconnect
# <xbar.title>VPN Status</xbar.title>
# <xbar.version>v1.0</xbar.version>
# <xbar.author>Jesse Jarzynka</xbar.author>
# <xbar.author.github>jessejoe</xbar.author.github>
# <xbar.desc>Displays status of a VPN interface with option to connect/disconnect.</xbar.desc>
# <xbar.image>http://i.imgur.com/RkmptwO.png</xbar.image>
VPN_CONNECTED="ifconfig | egrep -A1 utun3 | grep inet"
case "$1" in
connect)
terminal-notifier -title "VPN" -message "Connecting..." -sender "SwiftBar"
cd /path/to/always-on-openconnect-vpn/
sudo /path/to/always-on-openconnect-vpn/run-vpn.sh &> /tmp/vpn.log &
until eval "$VPN_CONNECTED"; do sleep 1; done
terminal-notifier -title "VPN" -message "Connected!" -sender "SwiftBar"
;;
disconnect)
eval "sudo killall -2 openconnect"
until [ -z "$(eval "$VPN_CONNECTED")" ]; do sleep 1; done
terminal-notifier -title "VPN" -message "Disconnected" -sender "SwiftBar"
;;
esac
if [ -n "$(eval "$VPN_CONNECTED")" ]; then
echo "VPN ✔"
echo '---'
echo "Disconnect VPN | bash='$0' param1=disconnect terminal=false refresh=true"
exit
else
echo "VPN ✘"
echo '---'
echo "Connect VPN | bash='$0' param1=connect terminal=false refresh=true"
exit
fi