Commit 01a3c515 authored by Birin Sanchez's avatar Birin Sanchez
Browse files

Initial commit of Network-Manager tunnel setup script.


Signed-off-by: Birin Sanchez's avatarBirin Sanchez <birin.sanchez@puri.sm>
parent 081a1f2b
.idea
*.egg-info
*~
\ No newline at end of file
......@@ -35,6 +35,7 @@ If you'd prefer to run from source...
3. Install with pipenv:
apt-get install libcairo2-dev libgirepository1.0-dev
cd ldh_client
pipenv install --dev -e .
......
import click
@click.command()
def cli():
"""Example script."""
click.echo('Hello World!')
import click
from scripts.nm_tunnel_setup import nm_tunnel_setup
@click.group()
def cli():
pass
@cli.command()
def hello():
"""Example script."""
click.echo('Hello World!')
@cli.command()
def tunnel_setup():
"""Add tunnel config to NetworkManager"""
nm_tunnel_setup()
#!/usr/bin/env python3
import sys
import os
import requests
import gi
from tempfile import mkstemp
from getpass import getpass
gi.require_version('NM', '1.0')
from gi.repository import NM, GLib
PROTO = 'https://'
HOST = 'librem.one'
PATH = '/tunnel/api/v1/get_user_creds'
CERT_PATH = '/public/certificate.ovpn'
DOMAIN = 'librem.one'
QQN = 'US1'
def nm_tunnel_setup():
"""This script will:
1. Ask for Librem One credentilas.
2. Retrieve tunnel account credentials from librem.one.
3. Download .ovpn config file from librem.one.
4. Setup new VPN connection in your NetworkManager.
"""
# Get tunnel credentials
user = input('Enter your Librem One username: ')
passwd = getpass('Enter your password: ')
url = PROTO + HOST + PATH
r = requests.get(url, auth=(user, passwd))
if r.status_code == 200:
tunnel_user = r.json().get('tunnel_user')
tunnel_password = r.json().get('tunnel_password')
if tunnel_password is None or tunnel_password is None:
print('Your tunnel service is not active')
sys.exit(1)
else:
print('\nSomething went wrong when connecting to', url)
detail = r.json().get('detail', 'No detail available')
print('Problem details:', detail)
sys.exit(1)
# Download certificate
cert_url = PROTO + HOST + CERT_PATH
(fd, fname) = mkstemp(suffix='.ovpn')
with requests.get(cert_url, stream=True) as r:
with open(fd, 'wb') as f:
for chunk in r.iter_content(chunk_size=1024):
if chunk:
f.write(chunk)
# Configure NetworkManager
client = NM.Client.new(None)
plugin = NM.VpnEditorPlugin.load('/usr/lib/x86_64-linux-gnu/'
'NetworkManager/'
'libnm-vpn-plugin-openvpn.so',
'org.freedesktop.NetworkManager.openvpn')
try:
new_con = plugin.import_(fname)
except Exception as e:
print(e)
sys.exit(1)
os.remove(fname)
new_con.normalize()
# Create the new secret
new_secrets = GLib.Variant('a{sa{sv}}',
{'vpn':
{'secrets':
GLib.Variant('a{ss}',
{'password': tunnel_password})},
'ipv6': {}})
# Update the connection with the secret
new_con.update_secrets(NM.SETTING_VPN_SETTING_NAME, new_secrets)
# Add the username to the VPN settings
vpn_settings = new_con.get_setting_vpn()
vpn_settings.add_data_item('username', tunnel_user)
# Set Connection Name
con_name = '{user}@{domain} {country_code}'.format(user=user,
domain=DOMAIN,
country_code=QQN)
new_con_settings = new_con.get_setting_connection()
new_con_settings.set_property(NM.SETTING_CONNECTION_ID, con_name)
# See what we have
# new_con.dump()
# Store the connection in NetworkManager
main_loop = GLib.MainLoop()
def added_cb(client, result, data):
try:
client.add_connection_finish(result)
print("Librem One Tunnel successfully added to NetworkManager.")
except Exception as e:
print("ERROR: failed to add connection: %s\n" % e)
main_loop.quit()
client.add_connection_async(new_con, True, None, added_cb, None)
main_loop.run()
if __name__ == '__main__':
nm_tunnel_setup()
from setuptools import setup
from setuptools import setup, find_packages
setup(
name='ldh_client',
version='0.0.1',
py_modules=['ldh_client'],
packages=find_packages(),
include_package_data=True,
install_requires=[
'Click',
'requests',
'PyGObject',
],
entry_points='''
[console_scripts]
liberty=liberty:cli
liberty=scripts.liberty:cli
''',
)
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment