diff options
| -rw-r--r-- | dot_config/waybar/config.jsonc | 9 | ||||
| -rw-r--r-- | dot_config/waybar/executable_snx-vpn-status.sh | 20 | ||||
| -rw-r--r-- | dot_config/waybar/executable_snx-vpn-toggle.sh | 28 |
3 files changed, 57 insertions, 0 deletions
diff --git a/dot_config/waybar/config.jsonc b/dot_config/waybar/config.jsonc index e5ea09b..80eb560 100644 --- a/dot_config/waybar/config.jsonc +++ b/dot_config/waybar/config.jsonc @@ -10,6 +10,7 @@ "temperature", "custom/memory", "custom/vpn", + "custom/snx-vpn", "network#bond", "custom/dock", "battery", @@ -119,6 +120,14 @@ "on-click": "~/.config/waybar/vpn-toggle.sh", }, + "custom/snx-vpn": { + "exec": "~/.config/waybar/snx-vpn-status.sh", + "return-type": "json", + "interval": 5, + "signal": 9, + "on-click": "~/.config/waybar/snx-vpn-toggle.sh", + }, + "battery": { "format": "{icon} {capacity}%", "format-charging": " {capacity}%", diff --git a/dot_config/waybar/executable_snx-vpn-status.sh b/dot_config/waybar/executable_snx-vpn-status.sh new file mode 100644 index 0000000..9088630 --- /dev/null +++ b/dot_config/waybar/executable_snx-vpn-status.sh @@ -0,0 +1,20 @@ +#!/bin/sh +# Waybar custom/snx-vpn module: report the snx-rs (Check Point) tunnel +# state. `snxctl status` is fast (talks over a local UDS to the daemon) +# but might briefly stall during connect; cap it with `timeout`. + +# Bail out if the daemon socket isn't even there (snx-rs.service stopped). +out=$(timeout 2 snxctl status 2>/dev/null) || out= + +case "$out" in + '' | *"Disconnected"*) + printf '{"text":"<span color=\\"#928374\\"><s> SNX</s></span>","class":"down","tooltip":"snx-rs disconnected — click to connect"}\n' + ;; + *"Connecting"* | *"MFA pending"*) + printf '{"text":"<span color=\\"#fabd2f\\"> SNX…</span>","class":"connecting","tooltip":"%s"}\n' "$(echo "$out" | head -1)" + ;; + *) + tooltip=$(echo "$out" | sed 's/"/\\"/g' | awk 'BEGIN{ORS="\\n"}{print}') + printf '{"text":"<span color=\\"#b8bb26\\"> SNX</span>","class":"up","tooltip":"%s"}\n' "$tooltip" + ;; +esac diff --git a/dot_config/waybar/executable_snx-vpn-toggle.sh b/dot_config/waybar/executable_snx-vpn-toggle.sh new file mode 100644 index 0000000..f42690d --- /dev/null +++ b/dot_config/waybar/executable_snx-vpn-toggle.sh @@ -0,0 +1,28 @@ +#!/bin/sh +# Toggle the snx-rs (Check Point) tunnel. Connect goes through the +# snxctl-chromium wrapper so SAML lands in the flatpak ungoogled +# chromium (LibreWolf blocks the 127.0.0.1:7779 callback). +# +# Refresh the waybar custom/snx-vpn module immediately with SIGRTMIN+9. +set -eu + +state=$(timeout 2 snxctl status 2>/dev/null || echo Disconnected) + +case "$state" in + *"Disconnected"*) + # Detach so waybar doesn't block waiting for SAML. The inner script + # re-signals waybar when the connect attempt finishes so the badge + # flips immediately to its final state. + # shellcheck disable=SC2016 + setsid -f sh -c ' + "$HOME/.local/bin/snxctl-chromium" >/tmp/snxctl-chromium.log 2>&1 + pid=$(pidof waybar) && kill -SIGRTMIN+9 $pid 2>/dev/null || true + ' + ;; + *) + snxctl disconnect >/dev/null 2>&1 || true + ;; +esac + +pid=$(pidof waybar || true) +[ -n "$pid" ] && kill -SIGRTMIN+9 "$pid" 2>/dev/null || true |