#!/bin/bash

# Get current status of a VPN connection with options to connect/disconnect.
# Working with OpenConnect, but can work with any executable VPN. Commands
# that require admin permissions should be whitelisted with 'visudo', e.g.:
#
#joesmith ALL=(ALL) NOPASSWD: /path/to/always-on-openconnect-vpn/run-vpn.sh
#joesmith ALL=(ALL) NOPASSWD: /usr/bin/killall -2 openconnect

# <xbar.title>VPN Status</xbar.title>
# <xbar.version>v1.0</xbar.version>
# <xbar.author>Jesse Jarzynka</xbar.author>
# <xbar.author.github>jessejoe</xbar.author.github>
# <xbar.desc>Displays status of a VPN interface with option to connect/disconnect.</xbar.desc>
# <xbar.image>http://i.imgur.com/RkmptwO.png</xbar.image>
# <swiftbar.hideAbout>true</swiftbar.hideAbout>
# <swiftbar.hideRunInTerminal>true</swiftbar.hideRunInTerminal>
# <swiftbar.hideLastUpdated>true</swiftbar.hideLastUpdated>
# <swiftbar.hideDisablePlugin>true</swiftbar.hideDisablePlugin>
# <swiftbar.hideSwiftBar>false</swiftbar.hideSwiftBar>

VPN_CONNECTED=""

if [[ "$OSTYPE" == "darwin"* ]]; then
    VPN_CONNECTED="ifconfig | egrep -A1 utun | grep 'inet 10.140.'"
fi
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
    VPN_CONNECTED="ifconfig | grep -E  -A1 tun | grep inet"
fi

function notify(){
    if [[ "$OSTYPE" == "darwin"* ]]; then
        terminal-notifier -title "VPN" -message "${1}" -sender "SwiftBar"
    fi
    if [[ "$OSTYPE" == "linux-gnu"* ]]; then
        notify-send "VPN" "${1}"
    fi
}

# Get location to this script from symlink
SCRIPT_LOCATION=$(dirname $([ -L $0 ] && readlink -f $0 || echo $0))
SCRIPT_NAME="$(basename "$(test -L "$0" && readlink "$0" || echo "$0")")"
LOG_FILE=/tmp/vpn.log

case "$1" in
    connect)
        notify "Connecting..."

        cd $SCRIPT_LOCATION

        if [[ "$OSTYPE" == "darwin"* ]]; then
            sudo $SCRIPT_LOCATION/run-vpn.sh &> $LOG_FILE &
        fi
        if [[ "$OSTYPE" == "linux-gnu"* ]]; then
            # For Linux desktop use DBUS to use keychain
            export DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS
            sudo --preserve-env $SCRIPT_LOCATION/run-vpn.sh &> $LOG_FILE &
        fi

        until eval "$VPN_CONNECTED"; do sleep 1; done
        notify "Connected!"
        ;;
    disconnect)
        eval "sudo killall -2 openconnect"
        until [ -z "$(eval "$VPN_CONNECTED")" ]; do sleep 1; done
        notify "Disconnected"
        ;;

    logs)
        tail -n 200 -f $LOG_FILE
        exit
        ;;

esac

if [ -n "$(eval "$VPN_CONNECTED")" ]; then
    echo "VPN ✔"
    echo '---'
    echo "Disconnect VPN | bash='$0' param1=disconnect terminal=false refresh=true"
else
    echo "VPN ✘"
    echo '---'
    echo "Connect VPN | bash='$0' param1=connect terminal=false refresh=true"
fi

echo '---'
echo "Edit routes | iconName=folder-symbolic href='file://$SCRIPT_LOCATION/routes.txt' refresh=false"
echo "Edit domains | iconName=accessories-dictionary-symbolic href='file://$SCRIPT_LOCATION/domains.txt' refresh=false"

LOG_CMD="$SCRIPT_LOCATION/$SCRIPT_NAME"
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
    LOG_CMD="$LOG_CMD logs"
fi
echo "Tail VPN log file | bash='$LOG_CMD' params='logs' terminal=true refresh=false"

exit