Commit 0899cb63 authored by David Seaward's avatar David Seaward
Browse files

Refactor credential prompt in

Signed-off-by: David Seaward's avatarDavid Seaward <>
parent 111a22aa
......@@ -4,17 +4,26 @@ from scripts.nautilus_files_setup import nautilus_files_setup
def cli():
def cli(ctx):
"""Liberty CLI is a command line tool for interacting with Librem
One and other Liberty Domain Hosts (LDHs)."""
def setup():
"""Configure or reconfigure services on an XDG desktop."""
def tunnel_setup():
"""Add tunnel config to NetworkManager"""
"""Download tunnel config and add to NetworkManager."""
def files_setup():
"""Create mountpoint for files."""
......@@ -3,7 +3,9 @@
# SPDX-License-Identifier: AGPL-3.0-or-later
import sh
from scripts.common import *
def nautilus_files_setup():
print(sh.echo("Work in progress"))
credentials = prompt_for_credentials()
print(sh.echo("Hello world!"))
......@@ -11,63 +11,57 @@ import sys
import os
import requests
import gi
import re
from tempfile import mkstemp
from getpass import getpass
from json.decoder import JSONDecodeError
gi.require_version('NM', '1.0')
from gi.repository import NM, GLib
gi.require_version("NM", "1.0")
from gi.repository import NM, GLib
from scripts.common import *
PROTO = 'https://'
PATH = '/api/v1/user/tunnel_account'
CERT_PATH = '/public/certificate.ovpn'
QQN = 'US1'
PROTO = "https://"
PATH = "/api/v1/user/tunnel_account"
CERT_PATH = "/public/certificate.ovpn"
QQN = "US1"
def nm_tunnel_setup():
"""This script will:
1. Ask for Librem One credentilas.
2. Retrieve tunnel account credentials from
3. Download .ovpn config file from
1. Prompt for LDH credentials.
2. Retrieve tunnel credentials from host.
3. Download .ovpn config file from host.
4. Setup new VPN connection in your NetworkManager.
# Get tunnel credentials
address = input('Enter your Librem One address: ')
regex = r'^[A-Za-z][A-Za-z0-9]*@[A-Za-z0-9]+(\.[A-Za-z0-9]+)+$'
if not re.match(regex, address):
print(address, 'is not a valid email address.')
(user, host) = address.split('@')
passwd = getpass('Enter your password: ')
credentials = prompt_for_credentials()
url = PROTO + host + PATH
url = PROTO + + PATH
r = requests.get(url, auth=(user, passwd))
r = requests.get(url, auth=(credentials.user, credentials.passphrase))
except requests.exceptions.ConnectionError as e:
if r.status_code == 200:
tunnel_user = r.json().get('tunnel_user')
tunnel_password = r.json().get('tunnel_password')
if tunnel_password is None or tunnel_password is None:
print('Your tunnel service is not active')
tunnel_user = r.json().get("tunnel_user")
tunnel_password = r.json().get("tunnel_password")
if tunnel_user is None or tunnel_password is None:
print("Your tunnel service is not active")
print('\nSomething went wrong when connecting to', url)
print("\nSomething went wrong when connecting to", url)
detail = r.json().get('detail', 'No detail available')
detail = r.json().get("detail", "No detail available")
except JSONDecodeError as e:
detail = r.reason
print('Problem details:', detail)
print("Problem details:", detail)
# Download certificate
cert_url = PROTO + host + CERT_PATH
(fd, fname) = mkstemp(suffix='.ovpn')
cert_url = PROTO + + CERT_PATH
(fd, fname) = mkstemp(suffix=".ovpn")
with requests.get(cert_url, stream=True) as r:
with open(fd, 'wb') as f:
with open(fd, "wb") as f:
for chunk in r.iter_content(chunk_size=1024):
if chunk:
......@@ -78,10 +72,10 @@ def nm_tunnel_setup():
# Configure NetworkManager
client =
plugin = NM.VpnEditorPlugin.load('/usr/lib/x86_64-linux-gnu/'
plugin = NM.VpnEditorPlugin.load(
new_con = plugin.import_(fname)
except Exception as e:
......@@ -91,24 +85,25 @@ def nm_tunnel_setup():
# Create the new secret
new_secrets = GLib.Variant('a{sa{sv}}',
{'password': tunnel_password})},
'ipv6': {}})
new_secrets = GLib.Variant(
"vpn": {"secrets": GLib.Variant("a{ss}", {"password": tunnel_password})},
"ipv6": {},
# Update the connection with the secret
new_con.update_secrets(NM.SETTING_VPN_SETTING_NAME, new_secrets)
# Add the username to the VPN settings
vpn_settings = new_con.get_setting_vpn()
vpn_settings.add_data_item('username', tunnel_user)
vpn_settings.add_data_item("username", tunnel_user)
# Set Connection Name
con_name = '{user}@{domain} {country_code}'.format(user=user,
con_name = "{address} {country_code}".format(
address=credentials.address, country_code=QQN
new_con_settings = new_con.get_setting_connection()
new_con_settings.set_property(NM.SETTING_CONNECTION_ID, con_name)
......@@ -132,5 +127,5 @@ def nm_tunnel_setup():
if __name__ == '__main__':
if __name__ == "__main__":
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment