From 7190f2c42bdbd8233e734221f9676dfdcbd03fa8 Mon Sep 17 00:00:00 2001 From: SqrtMinusOne Date: Fri, 8 Apr 2022 23:17:37 +0300 Subject: [PATCH] feat(guix): Yota modem & VPN --- Guix.org | 34 +++++++++++++++++++++++++----- bin/scripts/vpn-resolvconf-wrapper | 3 --- bin/scripts/vpn-start | 10 +++++---- 3 files changed, 35 insertions(+), 12 deletions(-) delete mode 100755 bin/scripts/vpn-resolvconf-wrapper diff --git a/Guix.org b/Guix.org index 7f420c9..ecccc3b 100644 --- a/Guix.org +++ b/Guix.org @@ -563,7 +563,10 @@ I'm using CyberGhost VPN. =~/.vpn= folder stores its OpenVPN config (=openvpn.ov login password #+end_src -- run [[https://github.com/alfredopalhares/openvpn-update-resolv-conf][openvpn-update-resolv-conf]] script to fix DNS. =openvpn-update-resolve-conf= originates in my [[https://github.com/SqrtMinusOne/channel-q][channel-q]]. +- Run [[https://github.com/alfredopalhares/openvpn-update-resolv-conf][openvpn-update-resolv-conf]] script to fix DNS. =openvpn-update-resolve-conf= originates in my [[https://github.com/SqrtMinusOne/channel-q][channel-q]]. + + Edit <2022-04-07 Thu>: Looks like this doesn't work on some connections. See the next option in that case + #+begin_src conf-space :tangle no setenv PATH /home/pavel/.guix-extra-profiles/system/system/bin:/home/pavel/.guix-extra-profiles/system/system/sbin:/home/pavel/.guix-extra-profiles/console/console/bin:/run/current-system/profile/bin:/run/current-system/profile/sbin @@ -572,6 +575,23 @@ I'm using CyberGhost VPN. =~/.vpn= folder stores its OpenVPN config (=openvpn.ov #+end_src =setenv PATH= is necessary because both =resolvconf= (openresolve) and =update-resolv-conf.sh= are shell scripts which need GNU coreutils and stuff, and OpenVPN clears PATH by default. +- Fix =etc/resolv.conf= + #+begin_src sh :tangle ~/bin/scripts/fix-resolve-conf + cp /etc/resolv.conf /etc/resolv.conf-bak + echo "nameserver 8.8.8.8" > /etc/resolv.conf + #+end_src + + Restore =resolv.conf= + #+begin_src sh :tangle ~/bin/scripts/restore-resolve-conf + cp /etc/resolv.conf-bak /etc/resolv.conf + rm /etc/resolv.conf-bak + #+end_src + + #+begin_src conf-space :tangle no + up /home/pavel/bin/scripts/fix-resolve-conf + down /home/pavel/bin/scripts/restore-resolve-conf + #+end_src + - run a script to fix Docker routes #+begin_src conf-space :tangle no route-up /home/pavel/bin/scripts/vpn-fix-routes @@ -593,6 +613,8 @@ I'm using CyberGhost VPN. =~/.vpn= folder stores its OpenVPN config (=openvpn.ov $IP route del 128.0.0.0/1 via $route_vpn_gateway #+end_src + #+RESULTS: + *** vpn-start As of now, CyberGhost doesn't provide ipv6, so we have to disable it. @@ -606,11 +628,13 @@ if [ -z "$CONN" ]; then exit fi -echo "Connection: $CONN" -notify-send "VPN" "Initializing for connection: $CONN" +if [[ "$CONN" != *"Wired"* ]]; then + echo "Connection: $CONN" + notify-send "VPN" "Initializing for connection: $CONN" -pkexec nmcli con modify "$CONN" ipv6.method ignore -nmcli connection up "$CONN" + pkexec nmcli con modify "$CONN" ipv6.method ignore + nmcli connection up "$CONN" +fi pkexec openvpn --config ~/.vpn/openvpn.ovpn #+end_src diff --git a/bin/scripts/vpn-resolvconf-wrapper b/bin/scripts/vpn-resolvconf-wrapper deleted file mode 100755 index f9b018e..0000000 --- a/bin/scripts/vpn-resolvconf-wrapper +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -GUIX_PROFILE=.guix-extra-profiles/system/system ; . "$GUIX_PROFILE"/etc/profile -update-resolv-conf.sh "$@" diff --git a/bin/scripts/vpn-start b/bin/scripts/vpn-start index a88cc5a..88f3a10 100755 --- a/bin/scripts/vpn-start +++ b/bin/scripts/vpn-start @@ -9,10 +9,12 @@ if [ -z "$CONN" ]; then exit fi -echo "Connection: $CONN" -notify-send "VPN" "Initializing for connection: $CONN" +if [[ "$CONN" != *"Wired"* ]]; then + echo "Connection: $CONN" + notify-send "VPN" "Initializing for connection: $CONN" -pkexec nmcli con modify "$CONN" ipv6.method ignore -nmcli connection up "$CONN" + pkexec nmcli con modify "$CONN" ipv6.method ignore + nmcli connection up "$CONN" +fi pkexec openvpn --config ~/.vpn/openvpn.ovpn # vpn-start:1 ends here