summaryrefslogtreecommitdiff
path: root/topics
diff options
context:
space:
mode:
authorArun Isaac2023-10-06 13:34:40 +0100
committerArun Isaac2023-10-06 13:43:54 +0100
commit1719b8a036356c08bac8c934997cac2d2716dbbd (patch)
treeee0bbe6d756dff5a7b01105e8a13b09c86e40dd5 /topics
parentb33144f166b489795de33074a247494fe7ff6c87 (diff)
downloadgn-gemtext-1719b8a036356c08bac8c934997cac2d2716dbbd.tar.gz
Provide G-expression script for UTHSC VPN.
* topics/uthsc-vpn-with-free-software.gmi (Putting it all together using Guix G-expressions): New section. * topics/uthsc-vpn.scm: New file. * tissue.scm (#:web-files): Publish scm files.
Diffstat (limited to 'topics')
-rw-r--r--topics/uthsc-vpn-with-free-software.gmi9
-rw-r--r--topics/uthsc-vpn.scm44
2 files changed, 53 insertions, 0 deletions
diff --git a/topics/uthsc-vpn-with-free-software.gmi b/topics/uthsc-vpn-with-free-software.gmi
index 5288101..34c9901 100644
--- a/topics/uthsc-vpn-with-free-software.gmi
+++ b/topics/uthsc-vpn-with-free-software.gmi
@@ -44,6 +44,15 @@ export OPENSSL_CONF=/tmp/openssl.cnf
```
Then, run the openconnect-sso client as usual.
+## Putting it all together using Guix G-expressions
+
+Remembering to do all these steps is a hassle. Writing a shell script to automate this is a good idea, but why write shell scripts when we have G-expressions! Here's a G-expression that I prepared earlier.
+=> uthsc-vpn.scm
+Download it, tweak the %hosts variable to specify the hosts you are interested in, and run it like so:
+```
+$(guix build -f uthsc-vpn.scm)
+```
+
## Acknowledgement
Many thanks to Pjotr Prins and Erik Garrison without whose earlier work this guide would not be possible.
diff --git a/topics/uthsc-vpn.scm b/topics/uthsc-vpn.scm
new file mode 100644
index 0000000..c714731
--- /dev/null
+++ b/topics/uthsc-vpn.scm
@@ -0,0 +1,44 @@
+(use-modules ((gnu packages guile-xyz) #:select (guile-ini guile-lib guile-smc))
+ ((gnu packages vpn) #:select (openconnect-sso vpn-slice))
+ (guix gexp))
+
+;; Put in the hosts you are interested in here.
+(define %hosts
+ (list "octopus01"
+ "tux01.genenetwork.org"))
+
+(define (ini-file name scm)
+ "Return a file-like object representing INI file with @var{name} and
+@var{scm} data."
+ (computed-file name
+ (with-extensions (list guile-ini guile-lib guile-smc)
+ #~(begin
+ (use-modules (srfi srfi-26)
+ (ini))
+
+ (call-with-output-file #$output
+ (cut scm->ini #$scm #:port <>))))))
+
+(define uthsc-vpn
+ (with-imported-modules '((guix build utils))
+ #~(begin
+ (use-modules (guix build utils))
+
+ (setenv "OPENSSL_CONF"
+ #$(ini-file "openssl.cnf"
+ #~'((#f
+ ("openssl_conf" . "openssl_init"))
+ ("openssl_init"
+ ("ssl_conf" . "ssl_sect"))
+ ("ssl_sect"
+ ("system_default" . "system_default_sect"))
+ ("system_default_sect"
+ ("Options" . "UnsafeLegacyRenegotiation")))))
+ (invoke #$(file-append openconnect-sso "/bin/openconnect-sso")
+ "--server" "uthscvpn1.uthsc.edu"
+ "--authgroup" "UTHSC"
+ "--"
+ "--script" (string-join (cons #$(file-append vpn-slice "/bin/vpn-slice")
+ '#$%hosts))))))
+
+(program-file "uthsc-vpn" uthsc-vpn)