this post was submitted on 10 Jul 2023
2 points (75.0% liked)

KDE & Plasma users

2762 readers
9 users here now

KDE is an international technology team creating user-friendly free and open source software for desktop and portable computing. KDE's software runs on GNU/Linux, BSD and other operating systems, including Windows.

founded 4 years ago
MODERATORS
[email protected]
[email protected]
2
VPN Notifier (lemmy.world)
submitted 1 year ago by [email protected] to c/[email protected]
4 comments fedilink hide all child comments
 

My workplace has a VPN that I need to connect occasionally, but normally do not. I want to set up a prominent, unignorable status notifier so when I am connected to it, I am highly aware and have to disconnect to make the status clear.

Originally I thought maybe I'd like to find a way to query the status of tun0 and turn my main panel #FF0000, but I am having a hard time finding information on how to change panel color programatically. My other idea was assigning a hotkey to open a terminal window with a profile that has a red background and executes a shell script to run the VPN connect script in the foreground, but that feel super hacky and I'd love something cleaner.

Any ideas?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 1 year ago (1 children)

Those are all options. I already use NoMachine to connect to a laptop that can use the VPN, but it occurs to me that literally the ONLY thing I use the laptop for that I couldn't just do on my host machine are those rare (like once a week or less) activities. It would be a lot more efficient workflow to just power off that laptop and connect to the VPN from the host, and turn it off when I'm done.

If I can't find a way to make it convenient, I think a little VM is probably the fastest / least intrusive option but kind of a sledgehammer for a finishing nail.

[–] [email protected] 2 points 1 year ago (1 children)

If you really want to get deep into it, network namespaces are pretty cool.

You can connect the VPN on the host and then move the tun device into a network namespace, and then you can run programs in that namespace and their only view of the network will be that single tun device. So no VPN outside, forced VPN inside. And you don't even need a container filesystem or anything, it's still entirely your host OS, only the network gets sandboxed. The only gotcha is some things like Chrome/Firefox that will end up just opening a new window of the existing instance, but that's easily fixed with a secondary profile or making sure to start the browser in the namespace first.

This can all be managed with the ip netns command.

That'd be my personal recommendation and I used that extensively while I was working for PIA. Once you figure it out it's really not that complicated.

[–] [email protected] 0 points 1 year ago

You are right, this is a cool idea. I'm digging into it. Might be more work than I want but the functionality is better.