From 1719b8a036356c08bac8c934997cac2d2716dbbd Mon Sep 17 00:00:00 2001 From: Arun Isaac Date: Fri, 6 Oct 2023 13:34:40 +0100 Subject: Provide G-expression script for UTHSC VPN. * topics/uthsc-vpn-with-free-software.gmi (Putting it all together using Guix G-expressions): New section. * topics/uthsc-vpn.scm: New file. * tissue.scm (#:web-files): Publish scm files. --- tissue.scm | 3 ++- topics/uthsc-vpn-with-free-software.gmi | 9 +++++++ topics/uthsc-vpn.scm | 44 +++++++++++++++++++++++++++++++++ 3 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 topics/uthsc-vpn.scm diff --git a/tissue.scm b/tissue.scm index 645a84b..bdeac24 100644 --- a/tissue.scm +++ b/tissue.scm @@ -62,7 +62,8 @@ #:engine %engine))) ((or (string-suffix? ".jpg" filename) (string-suffix? ".png" filename) - (string-suffix? ".svg" filename)) + (string-suffix? ".svg" filename) + (string-suffix? ".scm" filename)) (file filename (copier filename))) (else #f))) diff --git a/topics/uthsc-vpn-with-free-software.gmi b/topics/uthsc-vpn-with-free-software.gmi index 5288101..34c9901 100644 --- a/topics/uthsc-vpn-with-free-software.gmi +++ b/topics/uthsc-vpn-with-free-software.gmi @@ -44,6 +44,15 @@ export OPENSSL_CONF=/tmp/openssl.cnf ``` Then, run the openconnect-sso client as usual. +## Putting it all together using Guix G-expressions + +Remembering to do all these steps is a hassle. Writing a shell script to automate this is a good idea, but why write shell scripts when we have G-expressions! Here's a G-expression that I prepared earlier. +=> uthsc-vpn.scm +Download it, tweak the %hosts variable to specify the hosts you are interested in, and run it like so: +``` +$(guix build -f uthsc-vpn.scm) +``` + ## Acknowledgement Many thanks to Pjotr Prins and Erik Garrison without whose earlier work this guide would not be possible. diff --git a/topics/uthsc-vpn.scm b/topics/uthsc-vpn.scm new file mode 100644 index 0000000..c714731 --- /dev/null +++ b/topics/uthsc-vpn.scm @@ -0,0 +1,44 @@ +(use-modules ((gnu packages guile-xyz) #:select (guile-ini guile-lib guile-smc)) + ((gnu packages vpn) #:select (openconnect-sso vpn-slice)) + (guix gexp)) + +;; Put in the hosts you are interested in here. +(define %hosts + (list "octopus01" + "tux01.genenetwork.org")) + +(define (ini-file name scm) + "Return a file-like object representing INI file with @var{name} and +@var{scm} data." + (computed-file name + (with-extensions (list guile-ini guile-lib guile-smc) + #~(begin + (use-modules (srfi srfi-26) + (ini)) + + (call-with-output-file #$output + (cut scm->ini #$scm #:port <>)))))) + +(define uthsc-vpn + (with-imported-modules '((guix build utils)) + #~(begin + (use-modules (guix build utils)) + + (setenv "OPENSSL_CONF" + #$(ini-file "openssl.cnf" + #~'((#f + ("openssl_conf" . "openssl_init")) + ("openssl_init" + ("ssl_conf" . "ssl_sect")) + ("ssl_sect" + ("system_default" . "system_default_sect")) + ("system_default_sect" + ("Options" . "UnsafeLegacyRenegotiation"))))) + (invoke #$(file-append openconnect-sso "/bin/openconnect-sso") + "--server" "uthscvpn1.uthsc.edu" + "--authgroup" "UTHSC" + "--" + "--script" (string-join (cons #$(file-append vpn-slice "/bin/vpn-slice") + '#$%hosts)))))) + +(program-file "uthsc-vpn" uthsc-vpn) -- cgit v1.2.3