My workplace has a VPN that I need to connect occasionally, but normally do not. I want to set up a prominent, unignorable status notifier so when I am connected to it, I am highly aware and have to disconnect to make the status clear.

Originally I thought maybe I’d like to find a way to query the status of tun0 and turn my main panel #FF0000, but I am having a hard time finding information on how to change panel color programatically. My other idea was assigning a hotkey to open a terminal window with a profile that has a red background and executes a shell script to run the VPN connect script in the foreground, but that feel super hacky and I’d love something cleaner.

Any ideas?

  • Max-P@lemmy.max-p.me
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    You could use a separate user account and use that for the VPN, that way being logged into that account = work VPN is on.

    You could also make a small VM and run the VPN in the VM and do VPN activity in the VM without affecting work stuff.

    There’s also some options with containers as well.

    • DancingPickle@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Those are all options. I already use NoMachine to connect to a laptop that can use the VPN, but it occurs to me that literally the ONLY thing I use the laptop for that I couldn’t just do on my host machine are those rare (like once a week or less) activities. It would be a lot more efficient workflow to just power off that laptop and connect to the VPN from the host, and turn it off when I’m done.

      If I can’t find a way to make it convenient, I think a little VM is probably the fastest / least intrusive option but kind of a sledgehammer for a finishing nail.

      • Max-P@lemmy.max-p.me
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        If you really want to get deep into it, network namespaces are pretty cool.

        You can connect the VPN on the host and then move the tun device into a network namespace, and then you can run programs in that namespace and their only view of the network will be that single tun device. So no VPN outside, forced VPN inside. And you don’t even need a container filesystem or anything, it’s still entirely your host OS, only the network gets sandboxed. The only gotcha is some things like Chrome/Firefox that will end up just opening a new window of the existing instance, but that’s easily fixed with a secondary profile or making sure to start the browser in the namespace first.

        This can all be managed with the ip netns command.

        That’d be my personal recommendation and I used that extensively while I was working for PIA. Once you figure it out it’s really not that complicated.

        • DancingPickle@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          You are right, this is a cool idea. I’m digging into it. Might be more work than I want but the functionality is better.